Download - OwnYIT CSAT + SIEM
1
OwnYIT CSAT + SIEM
Take control of your IT Infra-structure.OwnyIT is an easy to deploy and use IT Infrastructure Management
system for:
Cyber Security Audit,
Desktops Monitoring,
Policy enforcement ,
IT Inventory,
Security Incident and Event Management,
Remote Access and Management
2
ABOUT OWNYIT CSAT
A simple system to address your complete IT infrastructure needs.
Central Console for…
Monitoring
Reporting
Remote Access
Manage applications
Hardware & Software Inventory
Monitoring system logs like event log and syslog
3
Benefits to your organization
4
Asset & Change Management Cyber Security Audit
Desired Configuration Management Data leak Protection and Audit
Software License Monitoring Policy Enforcement
Application Management Network Access Control (NAC)
System User Management Security Incident and Event Management (SIEM)
System Log/Syslog Monitoring Secure Remote Audit and Management
Rule based Monitoring and Controlling Service Level Agreement (SLA) Management
Print Management Reports
Asset and Change Management
Real time view of hardware and software assets .
Allows you to know where the hardware assets are deployed and what these
are being used for.
Microsoft software with its license key information.
Checks the actual software licenses installed against purchased.
Identify assets which are not available or operational, due to:
o Theft
o Failure
o Obsolescence
5
Assets Inventory
6
Change Management
Detect the changes in Hardware Assets due to theft, failure or non availability,
immediately.
Detect the Changes in software (install/uninstall) immediately.
Repository of the change available for the future.
Typical Benefits:
o Reduce the response time and hence the affect of the changes is
reduced.
o Immediate notification on authorized Hardware/Software
installation/removal.
7
Change Management
8
Desired Configuration Management
Define desired hardware/software configuration of Desktops/ Servers
Allows authorized Hardware/ Software configured/installed on the machine.
If unauthorized software/hardware found:
o Make the machine to non-comply,
o The machine will not communicate with other machines in the network.
9
Desired Configuration Management
10
Software License Monitoring
Get exact information of where the licensed software is deployed
and which systems are not registered.
Licensing information (Product Key + CD Key) for the
Microsoft’s softwares installed in the network.
Typical Benefits:
o Checks the actual software licenses installed in the network
against purchased.
o Reduce the cost through efficient software license usage and
monitoring.
11
Software License Monitoring
12
Application Monitoring
Monitor and Manage application usage on a single or a number
of systems/servers.
Provides location of installed applications.
Identify and stop non-essential processes.
Identify malicious processes.
Typical Benefits:
o Action can be taken based on the violation of the policy.
13
Application Monitoring
14
Data Leakage Protection Notification/Alert on the data communication happening with external storage
devices/media.
Get information about files (Not content) transferred to/from machine to/from
external media.
Blocking of USB Ports, external storage devices, CD Drives, Printer, Wi-Fi,
Bluetooth devices, USB Modem/Data Card and etc to protect the data.
On demand file enumeration report to get media files, photographs, Word/Excel/
PowerPoint files and other files exists in the machine.
Typical Benefits:o Protect the data from spreading outside the organization.o Closely monitor data communication happening across organization.
15
Data Leakage Protection
16
Data Leakage Protection
17
USB Media usage Report
Policy Enforcement
Enabling and disabling of external devices for protecting data like:o USB Ports/ Storage Devices/ Printer, o Dialup Modem, o Printer, o Floppy Drive,o CD/DVD Drive, o Bluetooth, o Wi-Fi,o Other external devices
Policy for monitoring/managing authorized software installed on the machine.
Restrict user from changing IP Address of the machine.
18
Policy Enforcement
19
Security
Hardware blocking and set access permissions:
o Blocking of USB modem for connecting to Internet.
o Blocking of USB, CD and other external Media.
Report of add/remove of media like USB, CD drive.
Communication from/to Removal Media.
Immediate alarm and report on usage of removable media.
Facility to prohibit every removable media and set selective permission.
Report of removable media used in machine including the file
transferred with size, type, and etc without vision in to contents.
20
Security (Contd …)
Anti Virus:
o Status of Anti Virus upgrade like successful /failure.
o Virus found with name of virus and other details.
OS Patches information.
Unauthorized access/attempt to OS utilities to be monitored and
reported (e.g. Control Panel, System32 Folder, Registry access and etc)
System Firewall Status (On/Off)
21
Security
22
Security
23
User Management
Report on all Guest/ Normal /Administrator user accounts configured on
each machine:
o List of Users, which has administrative privileges.
Policy for disabling/deleting users from the central console.
Report of:
o User wise Login-Logout details,
o System Start-up shutdown details,
o User Activities while network is off or machines goes out off
network.
24
User Management (Contd …)
Password Management:
Provides report on weak password set by the user
Provides information about Screen Saver password
Report of unsuccessful login attempts by the user
25
User Management
26
Network Security
Real time report on if a machine has accessed internet using modem, dial up connection, data card and etc.
Generates notification/alert when a machine has
connected/accessed unauthorized IP Address/machine.
Block access of unauthorized IP Address and network port.
History of all network operations like which application
used/opened network ports and etc..Reporting of offline violations immediately on connection.
27
Network Security
28
Network Access Control (NAC)
Define network policy for only Group of PCs or selected PCs should
communicate with each other.
Newly added/discovered device/PC should not communicate with any other
PC in the network, untill Admistrator authorized it.
Facilities block/deny access of selected devices/PCs in the network.
29
Network Access Control (NAC)
30
System Events/Logs Monitoring
Monitors various system events/logs like:
o Application Events,
o Security Events,
o System Events
Check whether any security incident/event is generated
Incorporate the system logs, events and alerts into a single data store, so
consolidated data analysis can be done later.
31
System Log/Event Monitoring
32
Security Incident/Event Monitoring (SIEM)
System should take one or multiple security incidents or events from the
multiple sources/devices.
To generate a single Security Incident Event based on single/ multiple
security incidents or events.
The Security Incident Event will categories based on the categories/sub-
categories defined in the organization.
Automatically generates notification/service requests/ tickets when any
security event/incident occurred.
33
Security Incident/Event Monitoring (SIEM)
34
Service Level Agreement Management (SLA)
Define time period needed for Security Request/Tickets to be handled or
closed by the engineer.
If the Security Request/Ticket is not closed, then:
o It will be automatically escalated to the next level of expert/engineer,
o Suitable emails/SMS will be send to the Admin and the higher
authorities (as defined by the Security incident handling policy).
35
Service Level Agreement Management (SLA)
36
Software/Patch Management
Deploy software and software patches from central
console.
Any MSI based Software/Patch deployment, which does not required user
interaction.
Command line supported any EXE based software/patch deployment.
Command line based Registry update/Script file execution.
Typical Benefits:
o Reduce the time of deploying software at scattered
locations.
37
Software/Patch Management
38
Secure Power Management
Apply network, group or PC wise following policies for those machines,
which have been idle for specific time:
o Turn OFF,
o Hibernate,
o Standby
Single console for achieving the Green Computing needs of IT infrastructure.
39
Secure Power Management
40
Secure Remote Audit & Management
Single console for comprehensive remote management.
Secure remote access of Desktop/Servers for trouble-shooting, provisioning
and management.
Typical Benefits:
o Faster problem identification and resolution,
o Facility to record actions taken by the engineer,
o Clear responsibility allocation and track of action taken by IT support
staff. Resulting in less blame-game involving the IT Support Team,
o Lower training time and cost for new IT Support Team members
41
Secure Remote Audit & Management
42
Secure Remote Audit & Management
43
Print Management
Tracking of all files with name, size, path and etc being
printed by the user.
44
Reports
Inventory Reports like:o Desktop Assets like …
Hard disk ID,
BIOS information,
Motherboard,
no. of HDD ,
RAM slot
o Create and maintain Inventory of storage media, Laptops, Desktop and etc.
o Report of hardware and software changes are made.
o Detects and stores the make, model, serial number etc. of hardware assets.
Reports of product keys of installed Microsoft’s software.
45
Reports (Contd …)
Provides report:
o Agent installation,
o Shared Resources,
o Printing information,
o Processes and services running on the machine,
o Activities performed by the User.
All reports are provided on a single console.
Reporting to address your complete IT Infrastructure reporting needs.
Export to Excel/ PDF format for further analysis and sharing.46
Reports
47
Reports
48
Conclusion
Simple to Implement and easy to use.
Get control of your IT Infrastructure spread across different departments
and locations.
Enforce IT policy
Made in India for Indian IT Environment.
49
Our valued Customers
50
THANK YOU
51
23,N.S.ROADKOLKATA- 700001
Cont.Dets.: Manoj SinghCont.No: 09331230629/03366336500/24
E-mail: [email protected] / [email protected]
