EventsManager

GFI EventsManager
Activity monitoring and security applications


Price configurator Register as a Partner

What is GFI EventsManager

Manage event log data for reliability, security, availability and compliance.

  • Analyze log data for SIEM purposes
  • Monitor and manage your entire IT infrastructure
  • Consolidate log data for compliance purposes
eventManager

The advantages

to analyze

Analyze the log data

for SIEM purposes

to monitor

Monitor and manage

your entire IT infrastructure

check

Consolidate log data

for compliance purposes

productivity

Increased productivity

reduce IT department costs

Discover1onclick

Analysis of log data for cybersecurity and event management purposes (SIEM))

Good protection strategies should include real-time monitoring of event logs to identify critical security incidents and periodically analyze security-related logs.
This way you can quickly identify and respond to suspicious activity. Monitor in real time policies, mechanisms (e.g., authentication, authorization, etc.), activities (e.g., activities of authorized users, and applications (e.g., IDS, IPS, firewall, etc.) related to safety.

Comprehensive IT infrastructure monitoring and management

Unplanned system downtime ranges from a minor inconvenience to a major catastrophe. Monitor the availability, functionality, performance and utilization of your computing resources – from network devices, workstations and servers to applications, business, infrastructure services and network protocols.

Discover2onclick
Discover3onclick

Consolidating log data for compliance purposes

Most data security standards and regulations require that all relevant log data be managed, collected, consolidated and stored securely, so that companies can prove who is responsible for actions that take place in their workplace.
GFI EventsManager offers three-tier log data consolidation, accessible through two-factor authentication, forensic investigation capabilities and compliance reporting.

Wide support for log sources

As a network administrator, you will no doubt have come across voluminous and cryptic log data, the analysis of which has daunted you. GFI EventsManager handles this by decoding it and presenting it in an easy-to-read format.
This log data processing solution provides network-level control and management of Windows event logs (generated by Windows servers, workstations, and Microsoft® applications); of W3C registries (generated by IIS, ISA, MS Exchange and others); SQL Server and Oracle audit logs; Syslog records (generated by Unix®/Linux® computers) and network devices (such as firewalls, routers, switches or other equipment); trap SNMP (simple network management protocol) (language used by low-level devices such as routers, sensors, firewalls, etc.); and last but not least, generic text files – allowing the collection of log data of any application or service.

wide_support_for_log_sources
compliance reporting

Compliance reports

There is often confusion among users about which event log reports are required to meet various compliance laws. GFI EventsManager contains specific reports for many major compliance laws, as well as other reports focusing on account usage and management, policy changes, object access, application management, print server usage and many others. Reports are flexible and extremely customizable; the layout, and column and row filters are all editable.
By enabling multi-level log data collection, normalization and consolidation, GFI EventsManager plays an important role in meeting the log data retention and review requirements of various regulatory bodies and related laws, including. Basel II, PCI Data Protection Standards, Sarbanes-Oxley Act, Gramm-Leach-Billey Act, HIPAA, FISMA, USA Patriot Act, Turnbull Guidance 1999, UK Data Protection Act and EU Data Protection Directive.

Simple antivirus interface

The network can be the source of considerable log data. Unless you can interpret the data, it will not provide the information you need to manage your network effectively. GFI EventsManager has an integrated tool panel containing graphs managed by filters, which represent a single point of contact with all the data you need to work effectively.
The event log monitoring graphs include the critical and highest importance rules triggered during a certain period of time: the first 10 users who failed to connect or who connected during and outside working hours, the status of service across the network and the number of log records stored in the database based on the log type. There is also a comprehensive graph, based on Windows events, showing network connections at the application and user level (available only for newer Vista™ and Windows operating systems).
It also has a section containing monitoring statistics, powered by data from the active controls-based monitoring engine. The tool panel is highly customizable. Separate windows containing various important real-time data from logs can be automatically arranged on the desktop.

simple_interface

Granular control of log data

GFI EventsManager provides in-depth, granular, rules-based log data control, instantly supporting classification of security information and popular operating systems, applications and network devices.
It also helps you classify log data from a wide range of systems and devices through centralized logging and analysis of different types of logs, including Windows events, Syslog, W3C and SNMP traps, generated by network resources.
Administrators can use predefined classification rules or create custom rules at a deep and granular level to identify and classify certain information considered important for specific environments. Depending on the category, administrators can configure active alert profiles that inform or perform actions (for example, a script or executable).

granular_control_of_log_data

Secure storage of log data

Most industry standards, security best practices, or network data management regulations require secure log retention to ensure accuracy and integrity. At the same time, access to log data must be controlled to avoid disclosure of sensitive information or attempts at tampering.
GFI EventsManager offers three levels of log data consolidation: log data store encryption using a powerful AES algorithm; Hashing log entries to prevent and identify attempts to tamper with binary level log data and controlled access to log data using the GFI EventsManager console. Access to registry data is granted based on two-factor authentication: the first involves the use of Windows credentials that must have administrative privileges and the second is based on the built-in user role system. All access is granted on a need-to-know basis. GFI EventsManager users can only work with data from the assets they manage and all actions taken are recorded for review at a later time.

safe_storage_of_log_data

Reactivity and correction functions

An important phase of IT management is incident correction. GFI EventsManager reacts to security or IT issues by running code or scripts on remote computers. You can stop services or processes, uninstall applications, restart computers, disable user accounts, close network connections, perform cache flush, notify, activate third-party tools, or automatically customize codes in real time.
GFI EventsManager integrates with GFI LanGuard®, giving you the ability to trigger vulnerability scanning or patching operations when a threat is detected, and then bring the results of those actions together in your reporting structure.

reactivity_and_remediation_capabilities

Log processing rules and scan profiles

GFI EventsManager incorporates a pre-configured set of log processing rules, which allows you to filter and classify log records that meet certain conditions. Templates allow you to choose columns for reporting and perform column mappings. In addition, the templates provided are fully customizable.
Scan profiles allow you to configure the set of event log monitoring rules to apply to a particular computer or group of computers.
Profiles are a centralized tool for optimizing event log processing rules. For example, you can set a set of rules to apply only to workstations in a specific department. Or create separate complementary profiles, which provide additional, more specialized event log rules, for each computer, giving you greater control over your data.

log_processing_rules_and_scanning_profiles

It works in highly distributed environments

Sometimes workstations and servers aren’t in one central location. Your company may have locations across the country or across the globe. So, how can you collect data and monitor decentralized workstations? GFI EventsManager has the answer.
GFI EventsManager collects event log data from installations across the network and across multiple locations and compiles it into a single central database using the Database Operations feature. So you can easily monitor thousands of workstations and servers across your network, without impacting bandwidth or memory usage. Collected and processed log records are integrated and centralized, allowing you to back up and restore log records on demand. With database operations, you can manage the size of the database (without having to intervene manually), not only by centralizing, but also by exporting log records and backing them up as needed.

works_in_highly_distributed_environments

Unique combination of active controls and debug log collection

Incident investigation is an important part of the IT management process. It generally involves analyzing various data to identify the cause of problems encountered during the incident detection phase so that they can be resolved as part of the incident remediation phase.
As well as enabling active issue detection via real-time checks, GFI EventsManager gathers relevant debugging information in a single console. You will no longer need to check the debug logs on each computer; the work can be performed from the same console from which the alarm comes. With minimal effort, you will gain a deep understanding of the cause of the problem.

unique_combination_of_active_checks_and_debug_logs_collection

New License


GFI EventsManager is available in three editions.

  • Plus Edition: 10 Complete Monitoring Nodes and 150 Active Monitoring Nodes.
  • Pro Edition: 50 Nodes Complete Monitoring and 300 Nodes Active Monitoring. It also includes 300 Endpoint Protection licenses.
  • Premium Edition: 150 Complete Monitoring Nodes and 500 Active Monitoring Nodes. Also includes 500 Endpoint Protection licenses.

Software Maintenance is valid starting from the order management date and its duration must be signed for at least 1 year but it is also possible to choose 2 or 3 years.

Renewals


As with new licenses, the renewal can also be signed for 1, 2 or 3 years.
When Software Maintenance expires, the product does not cease to function but you lose the right to receive support or download updates.
If the renewal of the license is managed within the expiration or within the grace period of 40 days, then the new expiration date will not change but will simply be carried forward by 1 year or as many as were requested during the purchase.
If the license renewal takes place beyond the 40 day grace period, the new support available for 1, 2 or 3 years will be valid from the order date.
BEWARE: If the license has already expired, please contact our Sales department to have the price rechecked.

Upgrade


If the maximum threshold of a specific edition is reached, it is possible at any time to upgrade to a higher edition. The upgrade is always aligned to the expiration date of the license already in use and in the case of a multi-year subscription, it will also be necessary to adapt the new edition to it.


Screenshot



Who uses Kerio and GFI

Below, divided by sector, are some of the famous companies that use the solution

Club Financial
Dundee Group
Cove Rick
progressiveFinancial
Seneca
Uticon

VLSI

Halcyon
Columbus Oncology
FitMed loading=
Hiawantha Valley
Zinsser
Abena
Onondaga

Lovetts
Andre Butter Morriss
Longo
as a Partner
John Bonica
Larocca

Advizor Solutions
Alfatech
CMMS
Discovery Consulting
ControlConcepts
Halma IT
French Broad
Quadrox
Infor
LTech
QCTV
Turboseparator
Kellner Telekom

Awenzler
MHP
Containerships
Cuppen
dicar
MD Helicopter
HDS
Transgì Freight
TTT Lines
Jac Hanse

Tas
Gateway
Classic Jewels
Gray
IRT
Ako
Bortex
brandle
Murray
NC
Shurco
Dewco
Falcon
Cockburns
Hopkins Homes
Ferriot
Equitech
Wurth
Fosters
EBMC
Hyman
KPA Promotions
LS Loading Systems
Latexfalt
Lochrane
MarineElectric
FrutyKing
Mattssons
modelManagement
NCB
O'Halloran
Okey Models
Parking Fabrics
PSI
Shoes
Senomyx
Smith Pump
South Shore
Susaeta
Project Angel Food
Timber
Zircotec
Zenner
Vacation At Sea
Timzo
Martin Roofing
Algemene Rekenkamer
Axiplan
Makosoft
DK
Dombreacht
Drewo
Duijndam
Henstek
Lubberink
Montemare
Plok
Rahn
Tauber Solar
Stadt Eberalde
Pirlet
Van Overloop
sitour
Vlaco
Treuorga
Vanree
Vog
Wortmann