July 14, 2008
Columbia, MD – Prism Microsystems today announced the availability of EventTracker v6.2, the latest version of its complete SIEM (Security Information and Event Management) solution that integrates real-time Log Management, Correlation and Change Management. Available immediately, a key feature of the new release delivers enhanced protection from insider theft by monitoring not only the insertion and removal of USB storage devices but also by tracking any data that is modified, copied onto or deleted from such devices.
Data theft stemming from intentional or unintentional employee abuse is often the most damaging, costly and difficult to deal with. To be successful, companies have to entrust their internal users with access to critical resources and sensitive data. Ensuring the correct use of such access however, becomes difficult when employees can easily steal information from corporate networks and databases using ultra-portable USB devices.
Disabling USB ports across the enterprise hurts productivity at a time when businesses are increasingly dependant on storage devices for efficient file sharing. Some SIEM solutions have taken one step in the right direction by providing capabilities that monitor the insertion of USB devices; however this does not detect if a user has copied any data nor does it help with forensic analysis in tracking an internal breach to a specific user, system or time-period.
“EventTracker 6.2 brings data protection and advanced forensic analysis to the Windows workstation. While monitoring servers to improve IT security remains essential, is not enough – there are many points of potential data leak in the enterprise. With the prevalence of shared drives, theft can occur without any physical access to the datacenter. With insider abuse on the rise, companies need to be able to monitor workstations for theft in a way that is non-intrusive for employees. With the latest version of EventTracker, companies can not only monitor the use of USB devices, but also track files written to/deleted from such devices. When unauthorized activity is detected, automated remedial action can be launched to alert administrators and immediately disable the device,” said A. N. Ananth, CEO of Prism Microsystems Inc.
Other new features in 6.2 include:
- Virtual Collection Point – Virtualization of the collection/processing/archival stack for maximizing the use of existing hardware, faster report processing and greater scalability.
- Remedial Action – Launch action locally on a Windows workstation or on the server side in response to any event.
- Support for Windows Server 2008
- Support for application log files in XML and CSV format – In addition to support for IIS, W3C, EVT/EVTX, Text, NCSA, URLSCAN, HTTPERR
- Advanced log data analysis with Trend Analytics
- New Reports for Cisco PIX, MS Exchange ActiveSync (mobile devices), NetAPP data ONTAP, Snort, NetScreen Firewall and Sophos AntiVirus.
About Prism Microsystems
Prism Microsystems, Inc. delivers business-critical solutions to consolidate, correlate and detect changes that impact the performance, availability and security of your IT infrastructure. EventTracker, Prism’s market leading enterprise log management solution combines Security Information and Event Management (SIEM) with Change Management to defend critical IT assets from emerging and traditional cyber attacks and ensure compliance with regulatory standards. Recently featured by Gartner on its ‘Magic Quadrant for Security Information and Event Management, 1Q08’ report, Prism’s solutions are designed specifically for the needs of midsize enterprises and are easy to use, feature rich and highly scalable. With over 650 customers in 50 plus countries, EventTracker is deployed in multiple sectors including government, financial, retail and healthcare.