Riverbed SteelHead

Version: Riverbed SteelHead CX Series

Riverbed SteelHead CX solution accelerates the performance of all applications including on-premise, cloud, and software-as-a-service (SaaS) across the hybrid WAN for organizations.

Netsurion's Open XDR platform seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine Analytics and so forth.

Netsurion Data Source Integration for Riverbed SteelHead allows you to monitor the following components:-

  • Security - Authentication failure, Blacklist and Suspicious IP activity details.
  • Operation - Command executed, Traffic allow and Traffic deny details.
  • Compliance - User login details and CPU load details.

Once Riverbed SteelHead is configured to deliver events to Netsurion's Open XDR platform; alerts, dashboards and reports can be configured into Netsurion's Open XDR platform.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security Riverbed SteelHead - Blacklist IP Activity This alert will generate when an IP address added to the blacklist.
Security Riverbed SteelHead - Authentication Failure This alert will generate when the user request fails authentication.
Compliance Riverbed SteelHead - CPU Load High This alert will generate when the CPU usage of a process is constantly high.
Compliance Riverbed SteelHead - Login Activity Detected This alert will generate when a user logged on to the Riverbed SteelHead device through CLI or web.

Reports

Type Name Description
Security Riverbed SteelHead - Authentication Failure This report gives information about user’s authentication failure.
Security Riverbed SteelHead - Blacklist IP Activity This report gives information about IP addresses which were added to Black List.
Security Riverbed SteelHead - Suspicious IP Activity This report gives information about IP addresses which were added or removed from white list, gray list.
Operations Riverbed SteelHead - Traffic Allow Details This report gives information about allowed traffic.
Operations Riverbed SteelHead - Traffic Deny Details This report gives information about denied traffic.
Operations Riverbed SteelHead - Command Executed This report gives information about commands executed by users.
Compliance Riverbed SteelHead - Login Activities This report gives information about allowed traffic.

Documentation

The configuration details in this guide are consistent with Netsurion version 8.x and later, and Riverbed SteelHead CX series.

Download Integration Guide for more information.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept