What is Security?
The term IT security also called cybersecurity is applied to technology and computer systems. describes techniques that secure information processing systems. It focuses on protecting computers, networks, programs and data from unauthorised access or damage. against attack scenarios, to avoid economic damage and to minimize risks.
Three basic security concepts important to information on the internet are confidentiality, integrity, and availability.
Concepts relating to the people who use that information are authentication, authorization, and nonrepudiation.
IT Security Products
Log management, auditing, and IT compliance management for SIEM
If you want to know what’s happening in your network to gain insights into potential threats and stop them before they turn into an attack, then you need to investigate your logs.
Log-generating aspects of an enterprise’s network
- Perimeter devices such as routers, switches, firewalls, and IDS/IPS.
- Servers.
Applications that your business runs, such as databases and web servers and more.
All these components generate an immense volume of log data. Manually sifting through logs from all these sources to find security events of interest, such as user accesses, unusual activities, user behaviour anomalies, policy violations, internal threats, external attacks, data theft, and more, is futile.
EventLog Analyzer Available In 3 Editions
Password Manager Pro is a secure vault for storing and managing shared sensitive information such as passwords, documents, and digital identities of enterprises.
Password Manager Pro Benefits
- Eliminating password fatigue and security lapses by deploying a secure, centralized vault for password storage and access
Improving IT productivity many times by automating frequent password changes required in critical systems
Providing preventive & detective security controls through approval workflows & real-time alerts on password access
Meeting security audits and regulatory compliance such as SOX, HIPAA and PCI
What Problems Does Password Manager Pro Solve?
- Are you drowning in a pile of privileged passwords?
- Do you store administrative passwords in spreadsheets & flat files?
- Do you find it difficult to track who has access to which accounts?
- Do you laboriously logon to each application separately to periodically change passwords?
Administrative/Privileged passwords are literally aplenty in enterprises. Servers, databases, switches, routers, firewalls and any other hardware or software, could have equally large number of administrative passwords. These passwords are insecurely stored in spreadsheets, text files and even as printouts and are shared by a group of administrators.
This traditional practice brings with it a host of issues such as:
- Insecure storage of passwords inviting security threats
- Uncontrolled super-user privileges
- No role-based access control; internal controls become fragile
- Lack of accountability for actions
- No provision for enforcing standard password practices/policies
- No centralized control
Password Management Features Matrix
Standard Edition
• Centralized password vault
• Manual resource addition
• Import resources from CSV files
• Import resources from KeePass
• Import resources from active directory
• Password policies
• Password sharing and management
• Audit and instant notifications
• User / User group management
• Local authentication
• RADIUS authentication
• AD / Azure AD / LDAP integration
• Export passwords for offline access
• Password reset listener
• Backup and recovery provisions
• Remote RDP, SSH, and Telnet sessions
• Two-factor authentication – OTP sent via email
• Rebranding
• Mobile access (Android, iOS, Windows)
• Browser extensions (Chrome, Firefox, IE)
• VNC support for collaboration
• Transfer approver privileges
• IIS AppPool password reset
• IIS Web.Config discovery
• Password protected exports
• Backup file encryption
• IP restrictions- Web access
• Managing unidentified email addresses
• Emergency measures
• Personalization of user interface(Night-mode theme)
• Notification Email IDs
Premium Edition
• All Features of Standard Edition
• AD / Azure AD Sync – User groups & OUs
• Auto Logon Helper
• Password access control workflow
• Admin dashboard (Live feeds, reports and graphs)
• Password action notifications (Resource group-specific)
• Remote Password Reset (On-demand, Scheduled, and Action-based) – List of supported platforms
• Agent-based password reset
• Canned reports
• Two-factor authentication – PhoneFactor, RSA SecurID, Google Authenticator, Duo security, YubiKey, Microsoft Authenticator,Okta Verify
• High availability
• Privileged session recording
• AD / Azure AD Sync – User groups & OUs
• Password management API (XML RPC, SSH CLI)
• Privacy settings
• Password reset plugin
• User Sessions
• Trash Users
• IP Restrictions – API access and Agent Access
• Disable Password Resets for Privileged Accounts
• Password Reset using SSH Command Sets
Enterprise Edition
• All features of Premium edition
• Data Encryption and Protection with SafeNet HSM
• MS SQL server as backend database
• Privileged accounts discovery
• Active directory sync – resources
• LDAP Sync – User and User Groups
• SAML 2.0 support
• Remote SQL sessions with auto logon
• Role customization
• Ticketing system integration-ServiceDesk Plus On-Demand, ServiceDesk Plus MSP, ServiceDesk Plus, ServiceNow, JIRA Service Desk
• Custom password reset listeners
• Scheduled export of encrypted HTML files
• SIEM integration – SNMP traps & Syslog messages generation
• Email templates for notification configuration
• Landing Server Configuration
• Federated Identity Management
• Smart Card / PKI / Certificate Authentication
• Two-factor Authentication – RADIUS
• Custom Reports
• Out-of-the-box compliance reports (PCI DSS, NERC-CIP, ISO/IEC 27001, GDPR)
• SQL query reports
• Privileged session shadowing and termination
• SQL server failover clustering
• RESTful API
• Encryption key rotation
• EAR support while using MS SQL as backend database
• Purging selective session recordings
• File transfers over remote desktop sessions
• Secure cloud storage options
• CI/CD Platform Integration – Jenkins, Ansible, Chef, Puppet
“Log analytics and configuration management software for network security devices”
Gaining network activity insights and keeping abreast about firewall log is a challenging task as the security tool generates a huge quantity of traffic logs.
Introducing Firewall Analyzer, an agent less log analytics and configuration management software that helps network administrators to understand how bandwidth is being used in their network. Firewall Analyzer is vendor-agnostic and supports almost all open source and commercial network firewalls such as Check Point, Cisco, Juniper, Fortinet, Palo Alto and more.
Firewall Analyzer Benefits
Unlock the real value of your security devices:
• Supports an extensive array of perimeter security device logs which include firewalls, VPNs, IDS/IPS and proxy servers
• Provides a wide range of reports for external threat monitoring, change management and regulatory complianceAttractive TCO and rapid ROI:
• No additional hardware required, minimal entry cost and maintenance inclusive subscription model ensures a low TCO
• Competitively priced. Quick deployment, instant results, reduced IT overhead ensures rapid ROI- Meet dynamic business needs quickly:
• Rapidly transforms perimeter security device logs into actionable information
• Generates reports in user friendly formats like PDF and CSV formats - Productivity improvement for IT / MSSP:
• From product deployment to report generation in minutes!
• Real-time alerts to security events enable IT to respond instantaneously to security threats
What Problems Does Firewall Analyzer Solve?
- Are you drowning in a pile of privileged passwords?
- Do you store administrative passwords in spreadsheets & flat files?
- Do you find it difficult to track who has access to which accounts?
- Do you laboriously logon to each application separately to periodically change passwords?
This traditional practice brings with it a host of issues such as:
- Insecure storage of passwords inviting security threats
- Uncontrolled super-user privileges
- No role-based access control; internal controls become fragile
- Lack of accountability for actions
- No provision for enforcing standard password practices/policies
- No centralized control
Firewall Analyzer Features Matrix
Standard Edition
Supports up to 60 Devices
Network Traffic Analysis
• Bandwidth Reports
• Inbound / Outbound Traffic
• Internet / Intranet Reports
• VPN Usage & Trend
• Protocol Usage
• Firewall Rules Report
• Sites Accessed by Users
• Firewall Device Audit Report
Network Security Reporting
• Attack / Virus Reports
• Spam Reports
• Failed LogOn Events
• Denied Events & Websites
• Insider Threat Reports
Dashboard
• Custom Dashboards
• User Specific Dashboards
Alert Management
• Criteria based Real-time Alert
• Network Behavioural Anomaly Alert
• Interface Bandwidth Utilization Alert
Forensic Analysis
• Incident Analysis with Raw data
• In-depth auditing with aggregated database entries
User Management
• Local Authentication
General
• Failover/High availability (as addon)
• Network Troubleshooting Tools
Professional Edition
Supports up to 60 Devices
Firewall Rule Analysis
• Policy Overview
• Policy Optimization (Anomaly Detection)
• Rule Cleanup
• Rule Reorder & Recommendation
• New Rule Impact Analysis
Firewall Configuration Analysis
• Real-time Change Notification
• Historical Configuration Change Tracking
• Regulatory Compliance (ISO, PCI-DSS, NERC-CIP, SANS, NIST)
• Security Audit Report
• On-demand Configuration Backup
Dashboard
• NOC/SOC View
• Embed Widget
User Management
• AD Based Authentication
• Radius Authentication
• Pass Through Authentication
• REST API Access
General
• Failover/High availability (as addon)
• Rebranding
• Diagnose Connections
• Multi-Language Support
+ All the features of Standard Edition
Enterprise Edition
Supports up to 1200 Devices
• Scalable architecture
• Monitors multi-geographical locations
• Distributed central-collector architecture
• Site specific reports
• Web-client Rebranding
• Client & user specific views
• Failover/High availability (Default addon)
+ All the features of Professional Edition
Privilege misuse is a top cybersecurity threat today that often results in expensive losses and can even cripple businesses.
It’s also one of the most popular attack vectors among hackers, because when successfully carried out, it provides free access to an enterprise’s underbelly, often without raising any alarms until the damage is done.
“Minimize security risks. Maximize business value.”
ManageEngine PAM360 empowers enterprises looking to stay ahead of this growing risk with a robust privileged access management (PAM) program that ensures no privileged access pathway to mission-critical assets is left unmanaged, unknown, or unmonitored.
PAM360 is a comprehensive solution for businesses looking to incorporate PAM into their overall security operations. With PAM360’s contextual integration capabilities, you can build a central console where different parts of your IT management system interconnect for deeper correlation of privileged access data and overall network data, facilitating meaningful inferences and quicker remedies.
PAM360 Benefits
- Enterprise credential vault: Scan networks and discover critical assets to automatically onboard privileged accounts into a secure vault that offers centralized management, AES-256 encryption, and role-based access permissions.
- Secure remote access: Allow privileged users to launch direct, one-click connections to remote hosts without endpoint agents, browser plug-ins, or helper programs. Tunnel connections through encrypted, password-less gateways for ultimate protection.
- Just-in-time privilege elevation: Assign just-in-time controls for your domain accounts, and provision them with higher privileges only when required by your users. Automatically revoke account permissions after a set period and reset passwords for tighter security.
- Privileged session monitoring: Supervise privileged user activity with session shadowing capabilities and achieve dual control on privileged access. Capture sessions and archive them as video files to support investigative audits.
- Privileged user behavior analytics: Leverage AI and ML-driven anomaly detection capabilities to spot unusual privileged activity at a glance. Closely monitor your privileged users for potentially harmful activity that might affect business
- Context-aware event correlation: Consolidate privileged access data with endpoint event logs for increased visibility and situational awareness. Eliminate blind spots in security incidents and make intelligent decisions with corroborating evidence.
- Audit and compliance: Extensively capture all events around privileged account operations as context-rich logs, and forward them to your SNMP servers. Stay ever-ready for compliance audits with built-in reports for essential guideline
- Comprehensive reporting: Make informed business decisions based on a range of intuitive, schedulable reports on user access and activity data. Generate reports of your choice by combining specific detail sets from audit trails to meet security mandates.
- DevOps protection: Integrate password security into your DevOps pipeline, and protect your continuous integration and delivery platforms against credential-based attacks without compromising on engineering efficiency.
- Ticketing system integration: Bolster your access approval workflows for privileged accounts by incorporating ticket ID validation. Authorize credential retrieval for service requests requiring privileged access only upon ticket status verification.
- SSH key management: Discover SSH devices in your network and enumerate keys. Create and deploy new SSH key pairs to associated endpoints with a single click. Enforce strict policies for automated periodic key rotation.
- Application credential security: Sanitize your application-to-application communications with secure APIs that eliminate the need for credential hard-coding. Shut down backdoors to your critical servers and keep attackers at bay.
- SSL certificate management: Safeguard your online brand reputation with complete protection of your SSL certificates and digital identities. Integrate with popular certificate authorities like Digicert, GoDaddy, and Let’s Encrypt out of the box.
M365 Security Plus
“Secure and protect Microsoft 365With M365 Security Plus”
Manage engine Security for M365 is powered by Microsoft’s Enterprise Mobility + Security (EMS).
Microsoft EMS provides your organization with a platform to protect against advanced threats, personal data loss and unauthorized access into the environment as employees become more mobile.
“An exclusive solution to fortify Microsoft 365 environments”
M365 Security Plus Solutions Offered
- Microsoft 365 Auditing
- Microsoft 365 Content Search
- Microsoft 365 Monitoring
- Microsoft 365 Alerting
- Help Desk Delegation
M365 Security Plus Services Supported
- Exchange Online
- Microsoft Teams
- Azure Active Directory
- SharePoint for Business
- OneDrive for Business
- Microsoft Stream
- Skype for Business
- Yammer, Sway, and more.
How does M365 Security Plus stand out from the rest?
- Granular auditing: Gain access to detailed reports on critical changes and activities like failed logon attempts, file access, role changes, license modifications, and more. Create your own audit profiles to generate specific reports periodically, and to be notified via email.
- Real-time alerting: Configure alert profiles to receive instant alerts for critical events, such as changes in password, malware filters, security settings, role assignments, and more. The alerts provide detailed information, such as the severity of the event, alert trigger, time of occurrence, etc.
- 24×7 monitoring: Stay one step ahead of service failures with around-the-clock monitoring of health and performance of Microsoft 365 features and endpoints. Receive timely alerts on service outages and get detailed information about the event.
- Advanced content search: Perform condition-based and pattern-based searches to identify emails with personal information, such as social security number, login credentials, etc. Identify a potential spear-phishing attack by configuring alerts to notify when an email is sent from an unknown user or unidentified server.
- Help desk delegation: Ease IT admin workloads by creating custom roles, and delegating tasks such as auditing, reporting, and monitoring to non-administrative users. Leverage advanced delegation features like cross-tenant, domain-based, attribute-level delegation, and more. Also, track admin or technician activities with the help of audit logs.
“Securely manage and store your logs on our cloud platform”
Log360 Cloud is a cloud-based log management solution for managing and storing logs from your IT infrastructure.
This solution allows security teams to manage their logs from the cloud, helping them achieve their IT security and compliance objectives.
How does it work?
Your network logs help you detect, investigate, and mitigate security incidents. Securely manage and store your logs with ManageEngine’s Log360 Cloud. Don’t let security incidents go unnoticed.
“Secure log management from the cloud”
Why should you consider Log360 Cloud?
Instant and simple: Log360 Cloud can help you get started with log management in minutes. All it takes to get started is a quick sign up, followed by configuring an agent that can discover and add devices in your network for auditing.
- Store and search: Aggregate logs from your critical devices and securely store them on our cloud platform to save costs on IT storage spending. With its intuitive, robust search engine, Log360 Cloud facilitates speedy forensic and root cause analysis.
Audit and report: Log360 Cloud comes with a wide range of out-of-the-box reports that help you discover who did what, when, and from where. You can generate security audit reports in a jiffy to visualize and review security activities and furnish the required details for IT compliance audits.
Receive alerts: Get alerted about suspicious changes across your network that allows your security teams to detect and mitigate security threats at an early stage.
Comply with regulatory mandates: Meet regulatory compliance requirements for various regulatory mandates such as PCI DSS, FISMA, GLBA, SOX, HIPAA, ISO 27001, and more by using audit-ready report templates.
Log360 Features
Log Management
• Log Management for Network Security
• Event Log Management
• Syslog Management
• Event Log Auditing
• Unix Auditing and Reporting
• Linux Auditing and Reporting
• Windows Device Auditing
IT Compliance Reports
• Compliance Audits
• PCI Compliance Reports
• ISO 27001 Compliance Reports
• FISMA Compliance Reports
• HIPAA Compliance Reports
• SOX Compliance Reports
• GLBA Compliance Reports
• Reports for New Regulatory Compliance
• Customizing Compliance Reports
• GDPR Compliance Handbook
DataSecurity Plus is a data visibility and security solution that offers data discovery, file storage analysis, and real-time Windows file server auditing, alerting & reporting.
Furthermore, it monitors file integrity; streamlines compliance requirements; generates instant, user-defined email alerts; finds sensitive personal data (PII/ePHI) stored in files, folders, or shares; and automatically executes predefined responses when security threats such as ransomware attacks occur.
DataSecurity Plus caters to any organization that’s looking to enhance data visibility, strengthen its security, and streamline compliance for file servers.
ManageEngine DataSecurity Plus Features
- Access Control
Access Controls/Permissions
Alerts/Notifications
Anomaly/Malware Detection
Audit Management
Audit Trail
Compliance Management
Compliance Tracking
Contextual Search
Continuous Monitoring
Dashboard
Data Dictionary Management
Data Mapping
Document Classification
Document Storage
DataSecurity Plus is Available in 3 Editions
Patch Manager Plus, our all-around patching solution, offers automated patch deployment for Windows, macOS, and Linux endpoints, along with patching support for 900+ third-party updates across 500+ third party applications. It’s available both on-premises and on the cloud.
Features of Patch Manager
- Blazing speed: Automate patch management to get more endpoints patched in less time.
- Flexibility: Ability to customize deployment policies to meet your enterprise’s patching needs.
Reliability: Secures networks by applying timely patches to OS and applications.
Compliance: Patch management tool that helps achieve 100% patch compliance status across all systems.
Visibility: Use powerful audits and reporting to better analyse and fix vulnerabilities faster.
One-stop solution for multi-OS patch management
- Windows
Mac
Linux
Patch Manager Available In 3 Editions
ADAudit Plus transforms raw and noisy event log data into real-time reports and alerts, enabling you to get granular visibility into Windows server activities with just a few clicks.
Monitors your Active Directory (AD), Azure AD, Windows file servers, member servers, and workstations, and help you adhere to regulations such as HIPAA, GDPR, SOX, CCPA, GLBA, and more
What does ADAudit Plus do?
- The inner workings of a Windows network are buried in event logs and using native tools to analyse this data demands expertise and time.
- ADAudit Plus simplifies this analysis by providing instant ready-to-consume information on activities across Active Directory (AD), Azure AD, Windows servers, and workstations.
Available In 2 Editions
Vulnerability Manager Plus is a multi-OS vulnerability management and compliance solution that offers built-in remediation. It is an end-to-end vulnerability management tool delivering comprehensive coverage, continual visibility, rigorous assessment, and integral remediation of threats and vulnerabilities, from a single console.
Whether your endpoints are on your local network, in a DMZ (demilitarized zone) network, at a remote location, or on the move, Vulnerability Manager Plus is the go-to solution to empower your distributed workforce with safe working conditions
Vulnerability Manager Plus Features
Vulnerability assessment – Identify real risks from a plethora of vulnerabilities.
Assess and prioritize vulnerabilities based on exploitability, severity, age, affected system count, as well as the availability of the fix.Compliance – Meet security and audit objectives
Audit and maintain your systems in line with 75+ CIS benchmarks, instantly identify violations, view detailed remediation insights.Patch management – Customize, orchestrate, and automate your entire patching process.
Download, test, and deploy patches automatically to Windows, Mac, Linux, and over 500 third-party applications with an integral patching module—at no additional cost.- Security configuration management – Optimize your system’s security.
Make sure your network systems are enforced with complex passwords, least privileges, and memory protection, and ensure they’re compliant with CIS and STIG security guidelines. - Web server hardening – Don’t miss out on your internet-facing devices.
Obtain details on the cause, impact, and remedies of web server security flaws. This information helps establish and maintain servers that are secure from many attack variants. - High-risk software audit – Get rid of unauthorized and unsupported software.
Identify software such as remote desktop sharing, end-of-life, and peer-to-peer software that are deemed unsafe and uninstall them from your endpoints in no time. - Zero-day vulnerability mitigation – Stop waiting around for patches.
Deploy pre-built, tested scripts without waiting for a patch to secure your network from zero-day vulnerabilities.
Vulnerability Manager Plus Available In 3 Editions
ManageEngine Device Control Plus
With any removable device such as USB, data theft is a one-step process: plug it in.
ManageEngine Device Control Plus is a comprehensive device control and file access management solution that allows you to control, block and monitor USB and peripheral devices from having unauthorized access to your sensitive data.
ManageEngine Device Control Plus Features
- Device & port control: Control all ports and connected removable devices, block unauthorized access to your data and monitor all device & file actions effectively.
- File access control: Prevent data loss with strict role-based access control policies – set read only permission, block copying of data from devices and do more.
- File Transfer Control: Curb unprecedented data transfers – limit file transfers by setting the maximum file size and type of file that can be transferred from your computer.
- Trusted Device List: Create exclusive access for devices to access your computer by adding them to the trusted device list.
- Temporary access: Create secure and temporary access for devices to access your computers when they want to access what they want to access
- Reports and Audits: Maintain records of devices, users and computers that are managed. View all device actions and data usage activities.
- File Shadowing: Effectively secure files involved in data transfer operations by creating and storing mirror copies in password-protected shares.
- File Tracing: Monitor file actions in real time, record salient details such as file names and locations along with the computers, devices and users involved.
Vulnerability Manager Plus Available In 3 Editions
M365 Manager Plus is an extensive Microsoft 365 tool used for reporting, managing, monitoring, auditing, and creating alerts for critical activities.
With its user-friendly interface, you can easily manage Exchange Online, Azure Active Directory, Skype for Business, OneDrive for Business, Microsoft Teams, and other Microsoft 365 services all from one place.
M365 Manager Plus provides exhaustive preconfigured reports on Microsoft 365 and helps you perform complex tasks including bulk user management, bulk mailbox management, secure delegation, and more. Monitor Microsoft 365 services around the clock and receive instant email notifications about service outages. M365 Manager Plus eases compliance management with built-in compliance reports and offers advanced auditing and alerting features to keep your Microsoft 365 setup secure.
M365 Manager Plus Features
Microsoft 365 Reporting: M365 Manager Plus provides over 700 preconfigured reports on Exchange Online, Azure Active Directory, Skype for Business, OneDrive for Business, and other Microsoft 365 services. The reports can be scheduled and exported to PDF, CSV, XLS, or HTML format.
Microsoft 365 Auditing & Alerting: With built-in audit reports track every event happening in your Microsoft 365 environment to take preemptive actions and avoid dire consequences. Create custom alerts to get real-time email notification about critical activities happening in your Microsoft 365 environment.
Microsoft 365 Management: M365 Manager Plus makes Microsoft 365 management effortless with its sophisticated features. It allows to manage users, mailboxes, licenses, and contacts in bulk, substantially reducing the amount of time spent on management tasks.
Microsoft 365 Monitoring: Monitor the health of Exchange Online, Azure Active Directory, OneDrive for Business, Skype for Business, and other major Microsoft 365 services around the clock from one, central location.
Microsoft 365 Help Desk Delegation: In M365 Manager Plus, you’re not limited to default roles as in Microsoft 365. Select any combination of reporting, management, auditing, and alerting tasks to create your own customized roles. Cross-tenant, and domain-based delegation is also possible.
M365 Manager Plus Available In 3 Editions
Enterprise
• Supports 25 to unlimited number of users/mailboxes.
• Annual or perpetual subscription.
• Supported features:
• 500+ reports on Microsoft 365 services.
• Microsoft 365 auditing and alerting.
• Microsoft 365 health monitoring.
• Microsoft 365 management
• Password expiry notification
• Help desk delegation.
Starts at $595