Managed Threat Protection
Back
Managed Threat Protection
EventTracker

Powerful threat prediction, prevention, detection, and response along with compliance in a scalable, simple managed solution.
- Solution Overview Managed Threat Protection
- Platform Details Threat Protection Platform
Key Capabilities
- Security Operations Center
- SIEM
- Endpoint Security
- Threat Detection & Response
- Intrusion Detection
- Vulnerability Management
- Threat Hunting
- Ransomware Protection
- Microsoft 365 Security
- Regulatory Compliance
Business Applications
- Private Equity
- Banking & Financial Services
- Healthcare & Pharmaceutical
- Retail & Hospitality
Secure Edge Networking
Back
Secure Edge Networking
BranchSDO

All-in-one networking solution that combines network connectivity, agility, security, and compliance in an affordable managed solution.
- Solution Overview Managed Secure Edge Networking
- Platform Details Edge Networking Platform
Key Capabilities
- Network Operations Center
- Secure SD-WAN
- Next-Gen Firewall
- Network Threat Response
- Network Segmentation
- Cellular Failover
- Wi-Fi Management
- PCI DSS Compliance
Business Applications
- Point-of-Sale Security
- Restaurant & Hospitality
- Retail & C-Store
- Branch Offices
Partners
Back
Partners
Partner Program Overview

Accelerate business growth through our award-winning partner program.
- Partner Program Overview
- Managed Service Provider Program
Insights
Back
Insights
Insights
Company
Back
Company
About Us

myNetsurion
BranchSDO Support
EventTracker Support

Knowledge Packs

Documentation
- Latest Version Docs
- Product Guides
Knowledge Packs
Software Updates
Supported Devices
Knowledgebase
Online Training
Online Help
- EventTracker 9.x
FAQs
- Product FAQs
- EventTracker Events

HomeKnowledge Packs Cloudflare

Cloudflare

OverviewResources

Applies to: Cloudflare – Cloud Platform

Overview

Cloudflare is a next-generation Content Delivery Network (CDN) that provides content-delivery-network, DDoS mitigation, Internet security and distributed domain-name-server services. Cloudflare's services connects website's visitor and Cloudflare user's hosting provider, acting as a reverse proxy for the websites.

Cloudflare integrates with EventTracker SIEM application to provide security analytics with deep data context, organizations can be confident in their data security strategy. Benefits include scheduled reports, Integrated Cloudflare dashboards and alerts for streamlined investigation.

Reports are the best way to view the historical data (depending on the timeline defined). Some of the EventTracker reports provided for Cloudflare are summary of audit activities such as API key view, login and logout, summary of firewall/ WAF related activities occurring in different Cloudflare zones, such as dropping or discarding an incoming traffic.

Dashboards are graphical representations of activities occurring in Cloudflare zones/UI. These dashboards can be a pie chart, a bar diagram, or a map. This allows user to view the key highlights of Cloudflare events. Some of the dashboards include audit events timeline, UI login activities, dropped traffic by country code, etc.

Alerts such as traffic dropped by firewall or WAF are present in the knowledge packs. These alerts can be configured to forward emails to users/admin of Cloudflare if any suspicious events are detected.

After configuring Cloudflare to deliver events to EventTracker Manager; alerts, dashboards and reports can be configured into EventTracker.

Security

Alerts

Cloudflare: A web traffic has been dropped by WAF – When Cloudflare firewall/WAF drops or discards an incoming traffic, customers are alerted about such event occurrence.

Reports

Cloudflare: Firewall activities - This report contains a detailed overview of firewall activities occurring in Cloudflare zones such as drop incoming traffic, challenge incoming traffic to discard any bot activities. The information includes log datetime, action type, client ASN (autonomous system number), client IP address, user agent, etc.

Operations

Reports

Cloudflare: Audit activities – This report contains a detailed overview of audit activities occurring in Cloudflare UI such as API key, join organization, etc. The information includes, log datetime, source email address, source IP address (IPv4 or IPv6), log type, etc.
Cloudflare: Login and Logout activities - This report contains a detailed overview of login and logout activities occurring in Cloudflare UI. The information includes log datetime, source email address, source IP address (IPv4 or IPv6), log type, etc.

Scope

The configuration details are consistent with EventTracker version 9.2 and later and Cloudflare (Cloud platform).

Documentation:

To configure CloudFlare to send logs to EventTracker, refer to the How-to Guide.

For more information please refer to the Integration guide.

NEW

April 2022

Microsoft Defender
Azure App Service
Azure Kubernetes Service
Azure Storage
SQL Server on Azure

February 2022

Cisco Email and Web Security
TrapX DeceptionGrid

December 2021

Symantec Endpoint Protection Cloud
Bitwarden Password Manager
Amazon ECR

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept

Contact Us

(713) 929-0200
BranchSDO Support
EventTracker Support
partners@netsurion.com
sales@netsurion.com

Partners

Partner Program Overview
Managed Service Provider Program
Partner Portal Login
Find a Partner

Quick Links

Why Netsurion?
Blog
Careers
Managed Threat Protection
Secure Edge Networking

Follow Us:

Stay in the Loop

Terms of Use
|
Privacy Policy
|
Soc 2 Type 2 Compliant
|
Descriptions of Services
|
Contact Us
|
Sitemap
|

Copyright © 2022 Netsurion. All rights reserved.