Overview

GFI EventsManager is an easy to use events management solution that monitors, archives, processes and reports on events collected from various log types including Windows events, W3C and Syslog. It boasts the most advanced event processing and filtering rules in the industry and includes vast reporting capabilities which will decipher the complex activity logs from servers, routers, firewalls, active directory and more, presenting you with exactly the right information you need to effectively monitor and manage your entire network.

You benefit from:

• Acts as a host-based intrusion detection system.
• Can proactively monitor your mission critical servers.
• Wizard assisted configuration simplifies end-user operation and maintenance.
• Network-wide event log management.
• Centralizes Syslog, W3C and Windows events generated by firewalls, servers, routers, switches, phone systems, PCs and more.
• Unrivaled event scanning performance scalable to over 6 million events per hour.
• Network-wide security event analysis.
• Preconfigured event processing rules for effective out-of-the-box event classification and management.
• Automated 24/7 event activity monitoring and alerting.
• Powerful reporting for effective network activity monitoring and immediate ROI.

Features

GFI EventsManager is an easy to use events management solution that monitors, archives, processes and reports on events collected from any network-based devices around the world such as firewalls, servers, routers, switches, phone systems, PCs and more. GFI EventsManager provides the following features:

• Network-wide analysis of event logs made easy.
• "Translates" cryptic windows events.
• Centralized event logging.
• High performance scanning engine.
• Real-time alerts.
• Remove “noise” or trivial events that make up a large ratio of all security events.
• Real-time 24 x 7 x 365 day monitoring and alerting.
• Graphically monitor the status of GFI EventsManager and your network through the built-in status monitor.
• Extended event log support.
• Collect events data distributed over a WAN into one central database.
• Rule-based event log management.
• Advanced event filtering features.
• Event log scanning profiles.
• Report scheduling and automated distribution via email.
• View reports on key security information happening on your network.
• Helps to comply with PCI DSS and other regulations.

Benefits

GFI EventsManager allows your organisation to enjoy from many benefits such as:

• Provides additional benefits in information protection and security, forensic analysis and compliance with other regulations and provides you with the functionality you need to help you become PCI DSS compliant.
• Detects intruders and breaches without the need for IDS.
• Aids to meet the log retention and log reviewing requirements for regulatory bodies and acts including: Basel II, PCI Data, Security Standard, Sarbanes-Oxley Act, Graam-Leach-Billey Act, HIPPA, FISMA, USA Patriot Act, Turnbull Guidance, UK Data Protection Act, EU DPD.
• Complete log management solution that automates event collection, generates alerts on key issues and provides comprehensive reports for forensic analysis.
  Allows you to completely control your IT infrastructure by letting you know what is really going on in your network.
  

Compliance

GFI EventsManager can help meet the requirements of many standards and guidelines in relation to information security.

• PCI
  The Payment Card Industry (PCI) Data Security Requirements were established in December 2004, and apply to all Members, merchants, and service providers that store, process or transmit cardholder data. As well as a requirement to comply with this standard, there is a requirement to independently prove verification.

• ISACA
  ISACA was established in 1967 and has become a pace-setting global organisation for information governance, control, security and audit professionals. Its IS Auditing and IS Control standards are followed by practitioners worldwide and its research pinpoints professional issues challenging its constituents. CISA, the Certified Information Systems Auditor is ISACA's cornerstone certification. Since 1978, the CISA exam has measured excellence in the area of IS auditing, control and security and has grown to be globally recognized and adopted worldwide as a symbol of achievement.

• CHECK
  The CESG IT Health Check scheme was instigated to ensure that sensitive government networks and those constituting the GSI (Government Secure Intranet) and CNI (Critical National Infrastructure) were secured and tested to a consistent high level. The methodology aims to identify known vulnerabilities in IT systems and networks which may compromise the confidentiality, integrity or availability of information held on that IT system. In the absence of other standards, CHECK has become the de-facto standard for penetration testing in the UK. This is mainly on account of its rigorous certification process. Whilst good it only concentrates on infrastructure testing and not application. However, open source methodologies such as the following are providing viable and comprehensive alternatives, without UK Government association. It must also be noted that CHECK consultants are only required when the assessment is for HMG or related parties, and meets the requirements above. If you want a CHECK test you will need to surrender your penetration testing results to CESG.

• BS7799
  BS 7799 Part 1 was a standard originally published as BS 7799 by the British Standards Institute (BSI) in 1995. It was written by the United Kingdom Government's Department of Trade and Industry (DTI), and after several revisions, was eventually adopted by ISO as ISO/IEC 17799. ISO/IEC 17799 was most recently revised in June 2005 and was renamed to ISO/IEC 27002 in July 2007. The BS 7799-2 focused on how to implement an Information security management system (ISMS), referring to the information security management structure and controls identified in BS 7799-2, which later became ISO/IEC 27001. The 2002 version of BS 7799-2 introduced the Plan-Do-Check-Act (PDCA) (Deming quality assurance model), aligning it with quality standards such as ISO 9000. BS 7799 Part 2 was adopted by ISO as ISO/IEC 27001 in November 2005. BS7799 Part 3 was published in 2005, covering risk analysis and management. It aligns with ISO/IEC 27001.
  

• HIPPA
  The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. Administrative Simplification (AS) provisions of HIPPA, require the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers. The AS provisions also address the security and privacy of health data. The standards are meant to improve the efficiency and effectiveness of the nation's health care system by encouraging the widespread use of electronic data interchange in the US health care system.

Awards

GFI EndPoint Security has been used and reviewed by many corporations. Below are some of the awards held by GFI EndPoint Security.

• Windows IT Pro
  Editor’s Choice – In a comparative review in of log management products in WindowsIT Pro, the magazine gives GFI EventsManager 4.5 marks out of 5 for both its ease of implementation and ease of use. The reviewer recommends GFI EventsManager for anyone “whose log management needs are limited to Windows Events logs, syslog output and W3C log file information”.- Windows IT Pro, July 2007

• Redmond Magazine
  GFI EventsManager wins Redmond Magazine’s 2007 Readers' Choice Award – GFI EventsManager has been recognized for excellence and awarded the 2007 Readers’ Choice Award in the Best Security Auditing Product category by Redmond Magazine. The 2007 Winner and Preferred Product awards are presented to vendors in 45 different product categories, ranging from anti-virus and network management to firewalls and backup utilities. - Redmond Magazine, April 2007

• Firewall.cx
  An excellent tool – In a review on firewall.cx, Alan Drury describes GFI EventsManager 7 as an excellent tool that will “make your life easier and help keep both you and your systems out of trouble” and rates it 9 of out 10. He said the product enables you to collect and archive event logs across an organisation, but “there’s so much more to it than that”. He highlights GFI EventsManager’s ability to run external scripts and adds that “customisation is one of the real keys to this product”. Although GFI EventsManager 7 may be a little on the slow side at startup, “this is a testimony to the fact that the product is doing a lot of work on your behalf and, to get the best from it, you really should give it a decent system to run on. The benefits you’ll gain will more than make up for the investment. Overall, this is an excellent tool that will.”- Firewall.cx, March 2007

• ITpro.co.uk
  Nice package with clear business benefits – GFI EventsManager “is a very nice package with clear business benefits” according to a review in ITpro.co.uk by Ian Murphy. Giving the product four stars out of a maximum six, the author highlights the product’s relative easy to install, well-written documentation and other features that help the administrator during the installation and configuration process. - ITpro.co.uk, January 2007

• EventID.Net
  5 stars awarded to GFI EventsManager – In a detailed review for EventID.net, Adrian Brigorof has awarded GFI EventsManager five stars, being the top score. He praised the product for being “easy to install and configure” and for “giving no false positives even with the default monitoring rules”. The reviewer noted that “SQL is used as a backend database and allows further customization of the reports and building of web-based reporting interface”. Another useful feature is the integration with www.eventid.net – which provides administrators a quick way of understanding the meaning of a particular event. Given the versatility of this product, he concluded that the “prices are just right”.- EventID.Net, December 2006

• Processor
  Demystifying event log management – GFI EventsManager is one of three products analyzed by Will Kelly in an article on event logs on Processor.com. The article looks into the approach taken by GFI Software and two other companies with regard to event logs management. Andre Muscat, Director, Network Security Products, explains how companies must first determine their requirements before choosing an appropriate event logs monitoring solution. He also encourages end users to download trial versions of the tools and evaluate them against their own environment and requirements.- Processor, December 2006

• Redmond Magazine
  GFI LANguard S.E.L.M. selected as the winner – GFI LANguard S.E.L.M. (now GFI EventsManager) took top honors in the closely contested “Best Security Auditing” category in the annual 2006 Redmond magazine Readers’ Choice Awards.- Redmond magazine, May 2006

• Redmond Magazine
  Redmond magazine readers choose GFI LANguard S.E.L.M. – Readers of Redmond magazine have named GFI LANguard S.E.L.M. (now GFI EventsManager) as the "Best Security Auditing Product" in the publication's annual Redmond Reader Survey Awards, published in the "Best of the Best" issue. All products chosen are "solid, innovative, and essential", according to editor-in-chief, Doug Barney: "All of our winners are truly outstanding." Over 2,000 readers voted for the products that they use to help them get their jobs done.- Redmond magazine, January 2005

• EventID.Net
  A smart and inexpensive tool – In his article “Event Log Management”, Adrian Grigorof presents a list of the GFI LANguard S.E.L.M. (now GFI EventsManager) features that he likes, and there are many! The reviewer finds GFI LANguard S.E.L.M to be “highly specialised” because it offers “right-to-the-point information about what you are interested in” and “no-nonsense statistics and reports”. Furthermore, he writes that GFI EventsManager is “easy to install”, it integrates with Microsoft tools and the design does not require the network administrator “to learn yet another type of configuration interface”. The reviewer describes GFI EventsManager as being cost-effective and views it to be ideal for the small or medium company which “should get tools that are smart and inexpensive”. Grigorof also mentions the product's “properly organised support web page” and the highly responsive and knowledgeable support staff. - EventID.Net, July 2004

• NetworkWorldFusion
  CIRT management: Rapid alerts – In a column for Network World Fusion, M.E. Kabay, reviews three important aspects of early warnings in CIRT (computer incident response team) management: notification of vulnerabilities, notification of threats and notification of incidents. When speaking of incidents, the reviewer stresses that “intrusion detection systems should be configured to alert network management personnel at once when there are successful intrusions, disturbances of network performance, equipment malfunctions and other incidents". The reviewer describes GFI LANguard S.E.L.M. (now GFI EventsManager) as a solution to the above - "an available system to coordinate output from network and security systems for rapid notification". - NetworkWorldFusion, July 2004

• Certification Magazine
  An ounce of prevention is worth a pound of cure – In a detailed article in Certification Magazine, Douglas Schweitzer stressed on the importance of network intrusion detection and prevention systems - "software programs designed to detect unauthorized attacks on a computer network system". He describes GFI LANguard S.E.L.M. (now GFI EventsManager) as a product that helps "make intrusion detection systems more efficient". The reviewer also states that GFI LANguard S.E.L.M. is a "valuable" tool in enterprise networks.- Certification Magazine, June 2004

• FileTransit.com
  5-star score – Top software distribution site, File Transit Inc., has given GFI LANguard S.E.L.M. 5 (now GFI EventsManager) a five-star rating for being a high quality network-wide event log management solution.- FileTransit.com, March 2004

• All-Internet-Security.com
  High score for GFI LANguard S.E.L.M. – All-Internet-Security.com, one of the most comprehensive and trusted sources of information on the web for Internet security, has awarded GFI LANguard S.E.L.M. (now GFI EventsManager) 4 points out of 5. GFI LANguard S.E.L.M. also placed among the top 5 in the site's top 10 intrusion detection systems for 2004. The ability to alert administrators to security issues in real time earned the product a top spot.- All-Internet-Security.com, February 2004

• CRN
  GFI LANguard S.E.L.M identifies and prevents network intrusions – CRN technology editor Frank J. Ohlhorst was impressed with GFI EventsManager, referring to it as "a comprehensive security package" that can help administrators detect and respond immediately to internal and external attacks. Describing the product's key benefits, the reviewer highlighted the tool's straightforward installation process and said that GFI LANguard S.E.L.M. (now GFI EventsManager) is a security must-have for any company. The product scored 4 out of 5 for technical merit as well as for GFI's channel program and was awarded the CRN Test Center Recommended logo. - CRN, January 2004

• Microsoft Certified Professional Magazine
  MCP Magazine readers choose GFI LANguard S.E.L.M. – Readers of Microsoft Certified Professional Magazine have named GFI LANguard S.E.L.M. (now GFI EventsManager)r as the best product for "Determining Who's Accessing What" category in the publication's "Products You Love" Awards. MCP Magazine reported that "GFI LANguard S.E.L.M. beat out software from the multi-billion dollar behemoth Computer Associates to win the security auditing category": Readers were impressed by GFI LANguard S.E.L.M.'s real time reporting capabilities and the fact that it "protects networks from creeps inside...the firewall - you know, the hacker-wanna-be in the mailroom or the disgruntled IT employee who'll stop at nothing to get revenge".- Microsoft Certified Professional Magazine, December 2003

• Softforall.com
  5 stars awarded to GFI LANguard S.E.L.M. – Softforall.com, a site providing high quality shareware and freeware, awarded GFI LANguard S.E.L.M. (now GFI EventsManager) the highest possible rating of five stars.- Softforall.com, October 2003

• Shareup.com
  GFI LANguard S.E.L.M. awarded – GFI LANguard S.E.L.M. (now GFI EventsManager) was awarded the top five-star rating by Shareup.com, a resource center for top rated shareware and freeware.- Shareup.com, August 2003

• FileHungry.com
  Top rating for GFI LANguard S.E.L.M. – GFI LANguard S.E.L.M. (now GFI EventsManager) was awarded the top five star rating by FileHungry.com, the resource center for top rated shareware and freeware.- FileHungry.com, June 2003

• WebAttack.com
  5 stars for GFI LANguard S.E.L.M.r – WebAttack.com, the popular site for Internet and system tools, has awarded GFI LANguard S.E.L.M. (now GFI EventsManager) five stars, the highest rating possible.- WebAttack.com, May 2003

• MonitorTools.com
  GFI LANguard S.E.L.M. named Editor's Pick – MonitorTools.com, a network-related site for IT professionals, awarded GFI LANguard S.E.L.M. (now GFI EventsManager) five stars and named it Editor's Pick. A review on the site says: "GFI LANguard S.E.L.M.'s intelligent analysis means you do not need to be an 'Event Guru' to be able to monitor users attempting to access secured shares and confidential files" and "monitor critical servers and create alerts for specific events and conditions occurring on your network."- MonitorTools.com, May 2003

• Enterprise Server Magazine
  GFI LANguard S.E.L.M. "sounds the alarm" – In a review of GFI LANguard S.E.L.M. (now GFI EventsManager), Enterprise Server Magazine (ESM) focused on the product's capacity to "give you visual and audio alerts at the first hint of critical event", whereby "a single email can warn you of problems anywhere on the network". In the article, ESM consultant editor Kay Ewbank described GFI LANguard S.E.L.M.'s ability to "perform event-log-based intrusion detection and network-wide event log management" and noted: "GFI LANguard S.E.L.M. analyses the NT, XP and Windows 2000 event logs of all machines on your network in real time and alerts you to security issues, attacks and other critical events". (PDF format) - Enterprise Server Magazine, March 2003

• Secure Computing Magazine
  GFI LANguard S.E.L.M. named "Best of 2002" – GFI LANguard S.E.L.M. (now GFI EventsManager) has won SC Magazine's Best of 2002 award. (PDF format)- Secure Computing Magazine, December 2002

• SoftLandmark
  GFI LANguard S.E.L.M. named Editor's Choice – SoftLandmark, one of India's top download sites, has awarded GFI LANguard S.E.L.M. (now GFI EventsManager) five stars and named it Editor's Pick.- SoftLandmark, December 2002

• Swynk.com
  GFI LANguard S.E.L.M. "a practical and cost-effective solution" – Swynk.com described GFI LANguard S.E.L.M. (now GFI EventsManager) as being "a practical and cost-effective solution" for companies aiming to ensure a cohesive security strategy. "If you're serious about monitoring security on your network, you should take a look at GFI LANguard S.E.L.M.," writes trainer Dan DiNicolo in his review of GFI LANguard S.E.L.M. for Swynk. "Not only will the product reduce the amount of administrative effort required to manage and monitor event security, it will also give you the peace of mind of knowing that you'll be able to respond to critical incidents in a timely fashion."- Swynk.com, March 2002

• Secure Computing Magazine
  GFI LANguard S.E.L.M. awarded 5 stars – SC Magazine awarded GFI LANguard S.E.L.M. (now GFI EventsManager) the topmost score of 5 stars and described it as "a powerful tool". Read the complete review (PDF format).- Secure Computing Magazine, March 2002

• Windows 2000 Magazine
  Real-time monitoring of all Windows NT/2000 systems in your network – An extensive lab report by Windows 2000 Magazine (Benelux) discusses how GFI LANguard S.E.L.M. (now GFI EventsManager) "can relieve administrators of a great deal of work" as it helps keep a security watch of their network. Reviewer Henk Boot finds GFI EventsManager to be "extremely useful" as it "systematically and thoroughly monitors a large computer base in it entirety". Read the complete review! (PDF format 265Kb)- Windows 2000 Magazine (Benelux), December 2001

• Networkingfiles.com
  GFI LANguard S.E.L.M. is a great security application – Networkingfiles.com has named GFI LANguard S.E.L.M. (now GFI EventsManager) the Monitoring Title of the Month, after reviewing, testing and fully researching the product. Networkingfiles.com found GFI LANguard S.E.L.M. is "extremely easy to configure" and described it as " a powerful monitoring tool that an admin can just leave running in the background". The review said: "GFI LANguard has network-monitoring setup to whatever time increment you prefer and will email you with an immediate problem once it is detected. Overall a great application that an admin accessing one place can find information on security logs."- Networkingfiles.com, December 2001

• The NSS Group
  GFI LANguard S.E.L.M. awarded NSS Approved logo – The NSS Group has reviewed GFI LANguard S.E.L.M. (now GFI EventsManager) and awarded it the NSS Approved logo that is granted only to products that the group is happy to recommend. In a detailed review, the NSS Group found that GFI LANguard S.E.L.M. enables administrators to perform detailed analysis of Windows security event logs, providing them with real-time security alerts. Read the complete review! (PDF format 675Kb)- The NSS Group, October 2001

• Channel Business
  GFI LANguard S.E.L.M. cuts admin time – A product review on Channel Business reported that GFI LANguard S.E.L.M. (now GFI EventsManager) can "detect intrusion and problems like full disk drives directly from the managed computer's own log files without deploying an extensive network management infrastructure..." The review recommended using GFI LANguard S.E.L.M. "to cut administrative time, while allowing the luxury of instant notification of events that could quickly bring down parts or all of a network". Read the complete review! (PDF format 242Kb)- Channel Business, October 2001