More help for interpreting log results

In an attempt to differentiate its security products from others, Cyberoam has added a user activity-based risk rating capability to its Next-Generation Firewall and UTM appliances.

The company, a division of anti-malware maker Sophos Inc., said this week its User Threat Quotient ranks everyone authorized on a network and assigns a threat score based on examining log and event data from their Web activity.

Separately, SolarWinds said it has enhanced its Log & Event Manager, a security information and event management (SIEM) application, with new configuration and rules wizards for faster deployment and simplified setup of correlation rules.

The new Cyberoam capability has been added to the 10.6.2 version of the hardware operating system and is viewable by administrators through the firewall or UTM dashboard. “Unlike other vendors you don’t need to set up a monitoring server,” Anurag Singh, Cyberoam’s North American head of presales, said in an interview.

Singh wouldn’t detail exactly what UTQ examines, except to say it includes Web sites a user goes to and applications used.

Enterprise networks generate lots of data with clues into user-triggered events, the company said, but the information remains difficult to read. In addition, it argues, correlating data from various logs and reports takes time and special skills. UTM, it says, helps admins by profiling suspicious Web behaviour.
The ranking can be found in the dashboard’s Logging and Reporting tab. The riskiest user can be spotted as the largest red circle. Administrators can take the results and have a talk with the staffer.

Riskiest users are shown with red circles

Results can be exported in PDF, Excel. Reports can be sent automatically by email to an administrator to be looked at either daily, weekly or monthly.

At SolarWinds, the company the new wizards were created because most IT Pros don’t have the time to manually configure security monitoring or become experts in specific systems before implementation.

The Configuration Wizard provides simple steps that ensure correct configuration, allowing administrators to quickly address their security, the company said.

It provides guidance on basic settings including email configuration and access to Active Directory. It also integrates with Add Node Wizard, which simplifies adding devices and collecting data by walking IT Pros through all the necessary steps to collect log and event data from systems, applications and devices.

The Rules Wizard offers admins an out-of-the-box list of categories and subcategories of rules that can be enabled en masse, including security, compliance, change management, operations, endpoint monitoring and more. It also provides best practice information to ensure IT Pros can immediately identify and remediate threats based on an organization’s needs, the company said.

SolarWinds Log & Event Manager pricing starts at $4,495 USD.


Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now