Introduction; Sentinel Rapid Deployment Overview - Novell SENTINEL RAPID DEPLOYMENT 6.1 - INSTALLATION GUIDE 12-2009 Installation Manual

Introduction

1
Sentinel is a security information and event management solution that receives information from
TM
many sources throughout an enterprise, standardizes it, prioritizes it, and presents it to you so you
can make threat, risk, and policy-related decisions.
The following sections describe the installation and configuration of Novell
Deployment. The Sentinel 6.1 Rapid Deployment User Guide
operation, and administrative procedures.
 Section 1.1, "Sentinel Rapid Deployment Overview," on page 11
 Section 1.2, "Sentinel Rapid Deployment User Interfaces," on page 12
 Section 1.3, "Sentinel Server Components," on page 14
 Section 1.4, "Sentinel Plug-Ins," on page 16
 Section 1.5, "Language Support," on page 17

1.1 Sentinel Rapid Deployment Overview

Sentinel automates log collection, analysis, and reporting processes to ensure that IT controls are
effective in supporting threat detection and audit requirements. Sentinel replaces labor-intensive
manual processes with automated, continuous monitoring of security and compliance events and IT
controls.
Sentinel gathers and correlates security and non-security information from across the networked
infrastructure of an organization, as well as the third-party systems, devices, and applications.
Sentinel presents the collected data in a GUI, identifies security or compliance issues, and tracks
remedial activities to streamline the error-prone processes and build a more rigorous and secure
management program.
Automated incident response management enables you to document and formalize the process of
tracking, escalating, and responding to incidents and policy violations, and provides two-way
integration with trouble-ticketing systems. Sentinel enables you to react promptly and resolve
incidents efficiently.
Solution Packs are a simple way to distribute and import Sentinel correlation rules, dynamic lists,
maps, reports, and iTRAC
specific regulatory requirements, such as the Payment Card Industry Data Security Standard, or they
can be related to a specific data source, such as user authentication events for a database.
With Sentinel Rapid Deployment, you get:
 Integrated, automated real-time security management and compliance monitoring across all
systems and networks
A framework that enables business policies to drive IT policy and action

Automatic documenting and reporting of security, systems, and access events across the

enterprise
workflows into controls. These controls can be designed to meet
TM
®
Sentinel
TM
has more detailed architecture,
1
6.1 Rapid
Introduction 11