Introduction; Sentinel Overview - Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010 Installation Manual

Hide thumbs Also See for SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010:

Reference manual (232 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

Table of Contents

Introduction

Section 1.1, "Sentinel Overview," on page 11



Section 1.2, "Sentinel User Interfaces," on page 12



Section 1.3, "Sentinel Server Components," on page 13



Section 1.4, "Sentinel Plugins," on page 15



Section 1.5, "Language Support," on page 16



The following sections will walk you through the product basics. The rest of the Sentinel User

Guide has more detailed architecture, operation and administrative procedures.

These sections assumes that you are familiar with Network Security, Database Administration,

Windows* and UNIX* operating systems.

1.1 Sentinel Overview

Sentinel

is a security information and event management solution that receives information from

many sources throughout an enterprise, standardizes it, prioritizes it and presents it to you to make

threat, risk, and policy-related decisions.

Sentinel automates log collection, analysis, and reporting processes to ensure that IT controls are

effective supporting threat detection and audit requirements. Sentinel replaces these labor-intensive

manual processes with automated, continuous monitoring of security and compliance events and IT

controls.

Sentinel gathers and correlates security and non-security information from across an organization's

networked infrastructure, as well as third-party systems, devices, and applications. Sentinel presents

the collected data in a more sensible GUI, identifies security or compliance issues, and tracks

remediation activities, to streamline previously error-prone processes and build a more rigorous and

secure management program.

Automated incident response management enables you to document and formalize the process of

tracking, escalating, and responding to incidents and policy violations, and provides two-way

integration with trouble-ticketing systems. Sentinel enables you to react promptly and resolve

incidents efficiently.

Solution Packs are a simple way to distribute and import Sentinel correlation rules, dynamic lists,

maps, reports, and iTRAC workflows into controls. These controls may be designed to meet specific

regulatory requirements, such as the Payment Card Industry Data Security Standard, or they may be

related to a specific data source, such as user authentication events for an Oracle database.

With Sentinel, you get:

Integrated, automated real-time security management and compliance monitoring across all



systems and networks

A framework that enables business policies to drive IT policy and action



Automatic documenting and reporting of security, systems, and access events across the



enterprise

Introduction

Table of Contents

This manual is also suitable for:

Sentinel 6.1 sp2

Introduction; Sentinel Overview - Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010 Installation Manual

Introduction

1.1 Sentinel Overview

Related Manuals for Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010

Related Content for Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010

This manual is also suitable for:

Table of Contents