Clavister

Version: Clavister cOS Core 10.20.00 or higher.

Clavister Security Gateway is the base software engine that drives and controls the range of Clavister Security Gateway hardware products. cOS Core can also be deployed on the administrators preferred choice of server hardware as a software only product.

Netsurion Open XDR is an enterprise-class platform that seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine Analytics and so forth. It is designed to address an ever-changing landscape of threats and challenges, with a full suite of high-performance tools for security, compliance, and operations. Netsurion Open XDR delivers comprehensive, useful and actionable insight into what is really going on in and around an enterprise IT environment.

Netsurion Open XDR records all relevant Clavister cOS core events using syslog, some of them are listed below:-

  • Antivirus events.
  • Application Controls events.
  • Application Layer Gateways events.
  • User Authentication events.
  • System events.
  • Intrusion Detection and Prevention events.
  • Virtual Private Networks events.

Once events are successfully received by Netsurion Open XDR alerts and reports can be configured based on your requirements.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

Type Name Description
Security Clavister Virus found This alert is generated when a virus detected by antivirus.
Security Clavister Intrusion detected This alert is generated when intrusion detected.
Security Clavister Admin login failed This alert is generated when admin user failed to login to the unit.
Security Clavister Placed in reduced functionality This alert is generated when unit place in reduced functionality mode.
Security Clavister Blacklisted URL blocked This alert is generated when Blacklisted URL blocked.
Security Clavister Maximum download size reached This alert is generated when maximum allowed download file size exceed.
Security Clavister Suspicious data received This alert is generated when suspicious data received.

Reports

Type Name Description
Security Clavister Application content denied This category based report provides information related to application content denied control policy.
Security Clavister Virus found This category based report provides information about viruses which are detected by Clavister firewall antivirus.
Security Clavister Temperature alarm This category based report provides information related to the temperature of unit.
Security Clavister Intrusion detected This category based report provides information related to the intrusion attack detection.
Security Clavister Placed in reduced functionality This category based report provides information when Security Gateway has been placed in reduced functionality mode.
Security Clavister Admin login failed This category based report provides information when an administrative user failed to log in to configuration system.
Security Clavister Blacklisted url blocked This category based report provides information when a connection to blacklisted URL closed.

Documentation

The configuration details are consistent with Netsurion Open XDR 7.x and later, and Clavister.

Download Integration Guide for configuration instructions and more information.