Assets, Groups & Networks

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Assets, Groups & Networks"

Transcription

1 Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved.

2 AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat Exchange, AlienVault OTX Reputation Monitor, AlienVault OTX Reputation Monitor Alert, AlienVault OSSIM and OSSIM are trademarks or service marks of AlienVault.

3 CONTENTS 1. INTRODUCTION ASSETS MANAGEMENT Assets Asset Discovery GROUPS AND NETWORKS MANAGEMENT Groups Networks Network Groups DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 3 of 75

4 1. INTRODUCTION This document covers all functionality related to asset management, including that which is restricted to administrative users. Asset Discovery is one of the five essential security capabilities offered by AlienVault USM platform. This capability allows users to discover and inventory all the assets in a network and to correlate asset info with threat and vulnerability data. An asset is a thing of value that a company owns such as any data, device, or other component of the environment that supports information-related activities. Assets generally include hardware (e.g. Servers and switches), software (e.g. Mission critical applications and support systems) and confidential information. A proper asset management is necessary in order to make the most of the whole AlienVault USM functionality. 2. ASSETS MANAGEMENT 2.1. ASSETS Navigate to Environment > Assets : DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 4 of 75

5 Figure 1. Detail of Assets Screen The search is evaluated with a logical AND when the filter criteria are different;; and a logical OR when the filter criteria are the same. The system will only show assets meeting all search filters. Search Filters: Alarms. It enables the search for assets with associated alarms. Events. It enables the search for assets with associated events. Vulnerabilities. It enables the search for assets with vulnerabilities. The values are Info, Low, Medium, High, and Critical. Asset Value. It enables the search for assets within a value range. Values can be from 1 to 5 being 1 the lowest value and 5 the highest one. Show Assets Added. It enables the search on the date the asset was added. Last Updated. It enables the search on the date the asset was last updated. MORE FILTERS allows the user to add more filters: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 5 of 75

6 Figure 2. Assets: see the more filters screen (Device Type tab) This screen includes several tabs: Network;; Software;; Sensor;; Device Type;; Ports/Services and Locations. Each tab shows its specific data that can be selected for filter a search. There is a search field located at the top left. This is useful when there are many items in a tab. It allows executing a search between all of them. The icon ( ) is used to delete the written terms. It is possible to navigate between all items through the links located at the bottom of the screen. Use the buttons PREVIOUS and NEXT to go to the previous or to the next page, respectively. Use the button numbers to go to an exact page. Click on APPLY to start the search. Click on CANCEL or on the icon ( addition of filters. ) located at the top right side of the window to finish the DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 6 of 75

7 The current search conditions are shown inside the white rectangle: Use the button Clear All Filters to start a new filter. Or click on the cross icon of each filter if you want to remove only that filter. The number of assets that meet the selected criteria is shown in the Results square: The button ADD ASSETS is explained in Section The button is used to export assets to CSV. If there is no filter, all assets will be exported. If there is a filter, the assets that meet the filter criteria will be exported. See Section for further information. The button is used to delete assets that are being displayed at that moment. When this button is clicked, the following message appears: The button SAVE GROUP is used to save the current set of assets as an asset group. This button is active when at least a filter has been selected and there are results that meet that filter. See Section for further information. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 7 of 75

8 The right side of the assets main window shows a table of all assets that are part of the system: Figure 3. Main window of assets: right side (table) There is an option in the first line of the table that allows the user to configure the number of entries to view between 10, 20 and 50 entries. The fields that appear in the table are the following: Hostname. It is a label that identifies the asset. IP. It refers to the IP assigned to that asset. FQDN/Alias. It is a domain name that specifies its exact location in the tree hierarchy of the Domain Name System (DNS). Alarms. It indicates if that hostname has associated alarms ( ) or not (dash). Vulnerabilities. It indicates if an asset is vulnerable ( ) or not (dash). Events. It indicates if that hostname has associated events ( ) or not (dash). Details. This button is used to open the specific information of that hostname, see Section VIEW DETAILS OF AN ASSET Click on an asset to expand the details of that asset: Networks. It indicates the associated networks to that asset. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 8 of 75

9 Device Type. It specifies the type of device associated with that host. Description. In this field may appear a short text for describing that asset. This field is not mandatory so it is possible that it does not appear any information. Operating System. It indicates the Operating System that runs in that asset. Asset Value. This is a value assigned to that host. Values can be from 1 to 5 being 1 the lowest value and 5 the highest one. Details. This is a button that opens the specific information of that hostname. Figure 4. Expanded details of an asset Do one of the following to view the specific information of an asset: Click on its Details button ( ). Double click on the line of that asset. Click on Details button ( ). DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 9 of 75

10 Figure 5. Assets : details of an asset This screen displays the following information: Assets link. This button goes back to the assets main window (see Figure 1). If there were filters previously configured, they will remain. Delete button ( ). This button is used to delete that asset. More Details. This option allows the user to expand the assets details. Figure 6. Assets : more details of an asset The EDIT button is used to modify the data of that asset, see Section for further information. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 10 of 75

11 Snapshot side. It displays some of the information that appears at the bottom side of the screen. They actually are buttons used to go to its specific information in the table area. Figure 7. Assets : details of an asset- snapshot Environment Status. At the right side there are 3 links: HIDS. This button refers to the intrusion detection system that monitors and analyzes the internals of a computing system as well as (in some cases) the network packets on its network interfaces. The circle that is next to this field can appear in 3 different colors: Red. It means that none of the IPs associated with the asset are configured in the HIDS. Green. It means that all IPs associated with the asset are configured in the HIDS. Yellow. It means that some IPs associated with the asset are configured in the HIDS. Automatic Asset Discovery. This button indicates if there are or there are not any pending scans for that host. The circle that is next to this field can appear in 3 different colors: Red, meaning that none of IPs associated with that asset are scheduled to be scanned. Green, meaning that all IPs associated with that asset are scheduled to be scanned. Yellow, meaning that some IPs associated with that asset are scheduled to be scanned, but not all of them. Availability Monitoring. This button indicates if the Availability Monitoring box is selected or not (see Section ). The circle that is next to this field can appear in 2 different colors: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 11 of 75

12 Red, meaning that it is not enabled. Green, meaning that it is enabled. Suggestions. This part shows suggestions related to that asset. They can be: Warning messages when an asset, which has sent logs does not send an event in 24 hours. Info messages when an asset is not sending logs to the system. Info messages when an asset is sending logs, but there is no plugin enable parsing the logs. There is a document whose title is System Errors, Warnings and Suggestions that explains what a suggestion is and how a suggestion works inside AlienVault USM TABLE AREA The table area appears at the bottom side of the screen (see Figure 5). This menu includes the following options: GENERAL 1. Software. It indicates if the asset has some software installed. Use the vertical scroll bar if it is necessary to see all rows. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 12 of 75

13 Figure 8. Assets : Table Area (General > Software) The table displays several fields: IP Address, Port, Name, Vulnerable and Available. By clicking on a line it is possible to view more information: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 13 of 75

14 Figure 9. Assets : Table Area (General > Software). Details of software installed on an asset It is possible to toggle the availability monitoring by clicking on the EDIT AVAILABILITY MONITORING button: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 14 of 75

15 Figure 10. Assets : Table Area (General > Services). Edit Availability Monitoring Select a service and then click on the TOGGLE AVAILABILITY MONITORING button to configure the services to be monitored. This option must be enabled in order to configure availability scans. Click on Check All to select all services at the same time; or click on the square next to each service to select that specific service. Click on the icon ( ) located at the top right side of the window to close it. Now, the selected services will have Yes(Ok) in the column Available. 2. Users. This option is not related to the configured users in the system. This field refers to one of the asset properties. To add users related to a specific asset, click on General > Properties (see Figure 13), then click on. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 15 of 75

16 Figure 11. Add users related to a specific asset Figure 12. Assets : Table Area (General > Users) DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 16 of 75

17 Click on Users logged and write the user name in the field Value at the bottom side of the screen. It is possible to specify the domain of a user by writing The field Property is locked is used to avoid that user can be modified (Yes) or not modified (No). Click on SAVE to update changes. Click on the icon ( ) located at the top right side of the window to close it. Now, the added users will appear in the table. 3. Properties. It displays a table that relates a property (operating system, username, department, etc.) to its values and date when that property was updated and source are included. Properties are always the same: Figure 13. Assets : Table Area (General > Properties) Click on to modify or add value to properties. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 17 of 75

18 Figure 14. Assets : Edit Properties Click or select the property and write the value in the square blank at the bottom in order to modify it or add it. Click on the SAVE button to update changes. 4. Plugins. It displays a table that relates the vendor, model, version, plugin and sensor. It indicates also if that plugin is receiving data: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 18 of 75

19 Figure 15. Assets : Table Area (General > Plugins) Click on the icon ( ) located at the top right side of the window to close it. Now, the changes will be displayed in the column Value ACTIVITY 1. Alarms. This is a table where there is information about the date, alarm status, Intent & Strategy, Method, Risk, Source and Destination. At the upper right-hand corner there is a Search field to facilitate searches. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 19 of 75

20 Figure 16. Assets : Table Area (Activity > Alarms) 2. Events. It displays a table which includes information about events related to that asset. The table includes the following fields: Signature;; Data Source;; Date;; Incoming/Outgoing;; SRC/DST (Source;; Destination);; Sensor;; and Risk. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 20 of 75

21 Figure 17. Assets : Table Area (Activity > Events) 3. Netflow. It displays a table which includes information about netflows related to that asset. This table includes the following fields: Date Flow Start;; Duration;; Protocol;; SRC IP:Port;; DST IP:Port;; and Flags. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 21 of 75

22 Figure 18. Assets : Table Area (Activity > Netflow) LOCATION It is possible to set the geographic location of an asset. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 22 of 75

23 Figure 19. Assets : Table Area (Location) Click on EDIT LOCATION. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 23 of 75

24 Figure 20. Assets : Table Area (Edit Location) Write the location of the asset. The written location appears on the map. It is also possible to write a latitude and longitude to locate a place. Click on SAVE to update changes or CANCEL to exit and close this window without updating changes NOTES This option allows the user to add notes to the host. There is a text box where it is allowed to write text. Once the text has been written, click on the Save button. Added notes can be modified and deleted. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 24 of 75

25 EDIT DETAILS OF AN ASSET: VIEW AND MODIFY It is possible to view and modify the details of an asset by clicking on the Edit button (see Figure 6: Figure 21. Assets : edit details This screen includes the following parts: Name. It is a label that identifies the asset. IP Address. This field is used to relate the asset to an IP Address. FQDN/Aliases. It is a domain name that specifies its exact location in the tree hierarchy of the Domain Name System (DNS). DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 25 of 75

26 Asset value. This is a value assigned to that asset. Values can be from 1 to 5 being 1 the lowest value and 5 the highest one. External Asset. It indicates if this asset is external (publicly facing) (Yes) or internal (No). Sensors. AlienVault sensors monitoring the asset. Description. This field is not mandatory so it is possible that it does not have any information. This field may have a short text. Thresholds C. It refers to the compromise threshold level. It is an integer value. Thresholds A. It refers to the attack threshold level. It is an integer value. Scan options. It allows the user to select or not the Availability Monitoring. Icon. It is possible to associate an image with the asset. The allowed size is 16x16 and must be in png format. Location. Write the location of this asset. The written location appears on the map. It is also possible to write a latitude and longitude to locate a place. Device Types. Select a device type and click on ADD. The SAVE button is used to update changes. The CANCEL button is used to exit this window without saving changes. After clicking on the SAVE button a confirmatory message will appear, indicating the save was successful. You will then have to dismiss the dialog using the X in the upper right corner. Values that are marked with an asterisk (*) are mandatory ADD AN ASSET 1. Navigate to Environment > Assets. 2. Click on ADD ASSETS and, then, on ADD HOST. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 26 of 75

27 Figure 22. Assets : create a new asset 3. Fill out the fields. There is an explanation of each field in Section Click on SAVE to create the new asset IMPORT CSV AlienVault USM allows the user to import assets from a csv file. 1. Go to assets main window (see Figure 1) and click on ADD ASSETS and then, on IMPORT CSV. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 27 of 75

28 Figure 23. Assets : import hosts from a csv file 2. Click on Choose File button and select a csv file. 3. Click on the square next to Ignore invalid characters if you want to ignore them. Have in mind the explanation about allowing formats, examples and notes that appear on this screen. 4. Click on IMPORT. The results of importation are displayed: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 28 of 75

29 Figure 24. Assets : results of importing hosts from a csv file This table shows, firstly, the number of hosts imported and the number of errors and warning that have been occurring during the importation. Next, there is the summary of the import. Show n entries allows the user to configure the number of items to view between 10, 25, 50 and100 flows. The table includes 3 fields: Line, Status and Details. The Status column can be ordered, ascending or descending, by clicking on it. The icon can be displayed on Details column when the status is Warning or Error. Click on this icon to expand more information about that warning or error. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 29 of 75

30 Figure 25. Assets : results of importing host from a csv file with errors The importing host appears now in the assets main window, see Figure Click on NEW IMPORTATION to go to the import hosts from a csv file window (see Figure 23) or close this window by clicking on the icon located at the upper-right side ( ) IMPORT FROM SIEM AlienVault USM allows the user to import hosts from SIEM. 1. Go to assets main window (see Figure 1) and click on ADD ASSETS and then, on IMPORT FROM SIEM. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 30 of 75

31 Figure 26. Assets : import hosts from SIEM events 2. Click on VIEW LOG if you want to display the log file. 3. Click on the IMPORT button to transfer the found hosts. Or click on CANCEL to exit this window without saving changes EXPORT ASSETS AlienVault USM allows the user to export hosts to a csv file. If there is no filter, all assets will be exported. If there is a filter, the assets that meet the filter criteria will be exported. Go to assets main window (see Figure 1) to export assets and click on the icon ( ADD ASSETS button. ) next to A file is created in the download folder location configured in the settings of your web browser. The created file has always the same name structure: All_hosts yyyy-mm-dd.csv Where yyyy refers to the year, mm refers to the month and dd refers to the day CREATING AN ASSET GROUP It is possible to create an asset group by saving the results of a search by following the instructions below: 1. Go to assets main window, see Figure Select the filters to be included in that search. 3. Click on SAVE GROUP button: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 31 of 75

32 Figure 27. Assets : Save an Asset Group 4. Include a name and a description. 5. Click on SAVE button. 6. The saved group appears in the asset groups screen (see Figure 32) ASSET DISCOVERY This option allows the user to scan networks and hosts. The scan is made for adding assets into the AlienVault USM database and that assets are monitored by the system. The asset discovery application provides hosts, host groups, networks and network groups to scan. Navigate to Environment > Assets > Asset Discovery : DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 32 of 75

33 Figure 28. Main window of Asset Discovery 1. Select the asset or assets you want to scan. It is possible to select it through the All Assets tree or to write a specific asset. The selected asset appears in the left blank square. 2. Select a sensor between automatic, local or by selecting a specific sensor. 3. Set the advanced options: Scan type. There are the following possibilities: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 33 of 75

34 Figure 29. Asset Discovery : scan type Ping. This option launches a ping to each above to select asset. Normal. This option scans the most common 1000 ports. Fast Scan. This option scans the most common 100 ports. Full Scan. This option scans all ports, this can be slow. Custom. This option allows the user to define the ports to scan. Timing template. This option refers to the timing policies for conveniently expressing priorities to NMAP. Figure 30. Asset Discovery : timing template Paranoid. This mode scans very slowly. It serializes all scans (no parallel scanning) and generally waits at least 5 minutes between sending packets. Sneaky is similar to paranoid mode, except it only waits 15 seconds between sending packets. Polite is meant to ease the load on the network and reduce the chances of crashing machines. It serializes the probes and waits at least 0.4 seconds between them. Normal is the default NMAP behavior, which tries to run as quickly as possible without overloading the network or missing hosts/ports. Aggressive mode adds a 5-minute timeout per host and it never waits more than 1.25 seconds for probe responses. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 34 of 75

35 Insane is only suitable for very fast networks or where you do not mind losing some information. It times out hosts in 75 seconds and only waits 0.3 seconds for individual probes. It does allow for very quick network sweeps, though. Auto Detect services and Operating System. Mark this option to detect services and operating system versions. Enable reverse DNS Resolution. This option does reverse DNS resolution on the target IP addresses. Normally reverse DNS is only performed against responsive (online) hosts. 4. Click on START SCAN. After a few seconds, depending on the selected assets this time could be longer, the results will be displayed just below, in a table: Figure 31. Asset Discovery : scan results 3. GROUPS AND NETWORKS MANAGEMENT 3.1. GROUPS It is possible to gather assets to a group. This option is available through the Primary Menu Environment > Groups & Networks : DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 35 of 75

36 Figure 32. Main window of Asset Groups The rectangle located at the top left side is a Search field. It is useful when there are many items and it allows executing a search by owner or group name between all items. Partial searches are allowed. Enter a term to find asset groups that match with that term. The first line of the table allows the user to configure the number of entries to view between 10, 20 and 50 entries. The fields that appear in the table are the following: Group Name. It is a label that identifies the group. Click on the column name to order the data: ascending or descending. Owner(s). This field identifies the owner of that group. Hosts. It indicates the number of assets that are part of that group. Alarms. It indicates if that hostname has associated alarms ( ) or not (dash). Vulnerabilities. It indicates if an asset is vulnerable ( ) or not (dash). Events. It indicates if that hostname has associated events ( ) or not (dash). Detail. This button is used to open the specific information about that group, see Section VIEW DETAILS OF A GROUP Click on a group to expand the details of that group: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 36 of 75

37 Owner. In this field may appear a short text to indicate the owner of that group. This field is not mandatory so it is possible that it does not appear any information. Description. In this field may appear a short text for describing that group. This field is not mandatory so it is possible that it does not appear any information. Details. This is a button that opens the specific information about that group. Figure 33. Expanded details of a group Do one of the following to view the specific information of a group: Click on its Details button ( ). Double click on the line of that group. Click on Details button ( ). DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 37 of 75

38 Figure 34. Groups : details of a group This screen displays the following information: Groups link. This button goes back to the asset groups main window (see Figure 32). Delete button ( ). This button is used to delete that group. Export button ( ). This button is used to export a group. See Section for further information. More Details. This option allows the user to expand the group details. Figure 35. Groups : more details of a group The EDIT button is used to modify the data of that group, see Section for further information. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 38 of 75

39 Snapshot side. It displays some of the information that appears at the bottom side of the screen. They actually are buttons used to go to its specific information in the table area. Figure 36. Groups : details of a group - snapshot Environment Status. At the right side there are 3 links: HIDS. This button refers to the intrusion detection system that monitors and analyzes the internals of a computing system as well as (in some cases) the network packets on its network interfaces. The circle that is next to this field can appear in 3 different colors: Red. It means that none of the IPs associated with the group are configured in the HIDS. Green. It means that all IPs associated with the group are configured in the HIDS. Yellow. It means that some IPs associated with the group are configured in the HIDS. Automatic Asset Discovery. This button indicates if there are or there are not any pending scans for that group. The circle that is next to this field can appear in 3 different colors: Red, meaning that none of IPs associated with that group are scheduled to be scanned. Green, meaning that all IPs associated with that group are scheduled to be scanned. Yellow, meaning that some IPs associated with that group are scheduled to be scanned, but not all of them. Availability Monitoring. This button indicates if the Availability Monitoring box is selected or not (see Section ). The circle that is next to this field can appear in 2 different colors: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 39 of 75

40 Red, meaning that it is not enabled. Green, meaning that it is enabled. Suggestions. This part shows suggestions related to that asset. They can be: Warning messages when an asset, which has sent logs does not send an event in 24 hours. Info messages when an asset is not sending logs to the system. Info messages when an asset is sending logs, but there is no plugin enable parsing the logs. There is a document whose title is System Errors, Warnings and Suggestions that explains what a suggestion is and how a suggestion works inside AlienVault USM TABLE AREA The table area appears at the bottom side of the screen (see Figure 34). This menu includes the following options: GENERAL 1. Software. It indicates if the group has some software installed. Use the vertical scroll bar if it is necessary to see all rows. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 40 of 75

41 Figure 37. Groups : Table Area (General > Software) The table displays several fields: Host, Port, Name, Vulnerable and Available. By clicking on a line it is possible to view more information: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 41 of 75

42 Figure 38. Groups : Table Area (General > Software). Details of software installed on a group of assets 2. Users. This option is not related to the configured users in the system. This field refers to one of the asset properties. To add users related to a specific asset, click on General > Properties of an asset (see Figure 13) then click on. 3. Properties. It displays a table that relates a property (operating system, username, department, etc.) to its values and date when that property was updated and source are included. Properties are always the same: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 42 of 75

43 Figure 39. Groups : Table Area (General > Properties) ACTIVITY 1. Alarms. This is a table where there is information about the date, alarm status, Intent & Strategy, Method, Risk, Source and Destination. At the upper right-hand corner there is a Search field to facilitate searches. On the bottom side, there is an indication about the number of alarms in the list. This is indicated as Showing n to n of n alarms and it displays the same information that was explained further up. There also is a navigation bar on the right. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 43 of 75

44 Figure 40. Groups : Table Area (Activity > Alarms) 2. Events. It displays a table which includes information about events related to that group. The table includes the following fields: Signature;; Data Source;; Date;; Incoming/Outgoing;; SRC/DST (Source;; Destination);; Sensor;; and Risk. Search and Showing events from n display the same information that was explained further up. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 44 of 75

45 Figure 41. Groups : Table Area (Activity > Events) 3. Netflow. It displays a table which includes information about netflows related to that group. This table includes the following fields: Date Flow Start;; Duration;; Protocol;; SRC IP:Port;; DST IP:Port;; and Flags. Display n flows, it allows the user to configure the number of items to view between 10, 50, 100 and all flows. Showing n to n of n entries displays the same information that was explained further up. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 45 of 75

46 Figure 42. Groups : Table Area (Activity > Netflow) ASSETS This option allows the user to add assets to the group. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 46 of 75

47 Figure 43. Groups : Table Area (Assets) The table displays several fields: Host Name, IP, FQDN, Device Type and Description. The Host Name column can be ordered, ascending or descending, by clicking on it. The icon is used to delete assets of the group. Search and Showing n to n of n hosts display the same information that was explained further up. There also is a navigation bar on the right. 1. Click on ADD ASSETS button to increase the number of hosts: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 47 of 75

48 Figure 44. Groups : Table Area (Add Assets) 2. Click on the assets you want to add and click on the ADD button. 3. Click on CANCEL button to exit this window HISTORY This option allows the user to view the record of last changes carried out in that group. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 48 of 75

49 Figure 45. Groups : Table Area (History) The table displays several fields: Date, User and Activity. The Date column can be ordered, ascending or descending, by clicking on it. Search and Showing n to n of n history events display the same information that was explained further up. There also is a navigation bar on the right NOTES This option allows the user to add notes to the group. There is a text box where it is allowed to write text. Once the text has been written, click on the SAVE button. Added notes can be modified and deleted EDIT DETAILS OF A GROUP: VIEW AND MODIFY It is possible to view and modify the details of a group by clicking on the EDIT button (see Figure 35: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 49 of 75

50 Figure 46. Groups : edit details This screen includes the following parts: Name. It is a label that identifies the group. Owner. It is a label that identifies the owner of the group. Description. This field is not mandatory so it is possible that it does not appear any information. In this field may appear a short text. Threshold C. It refers to the compromise threshold level. It is an integer value. Threshold A. It refers to the attack threshold level. It is an integer value. The SAVE button is used to update changes. The CANCEL button is used to exit this window without saving changes. Values that are marked with an asterisk (*) are mandatory ADD A GROUP To add an asset, the instructions below must be followed: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 50 of 75

51 1. Go to assets groups main window, see Figure Click on ADD GROUP. 3. The assets window appears. The explanation about this window can be found in Sections 2.1 and EXPORT GROUPS OF ASSETS AlienVault USM allows the user to export groups of assets to a csv file. Go into the details of a group main window (see Figure 34) and click on the icon ( ) to access this option. A file is created in the download folder location configured in the settings of your web browser. The name of the created file has always the same structure: Hosts_from_group_groupID_yyyy-mm-dd.csv Where groupid refers to the ID that identifies that group;; yyyy refers to the year;; mm refers to the month; and dd refers to the day NETWORKS Choose on the Primary Menu Environment > Groups & Networks and then, Networks on the Secondary Menu to manage networks: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 51 of 75

52 Figure 47. Main window of Networks The rectangle located at the top left side is a Search field. It is useful when there are many items and it allows executing a search by owner or network name between all items. Enter a term to find networks that match with that term. The first line of the table allows the user to configure the number of entries to view between 10, 20 and 50 entries. The fields that appear in the table are the following: Network Name. It is a label that identifies the network. The data in this column can be ordered in ascending or descending order by clicking on the column name. Owner(s). This field identifies the owner of that network. CIDR. This is a method for allocating IP addresses and routing Internet Protocol packets. It is a range of IP addresses that define the network. Sensors. It indicates the sensor related to that network. Alarms. It indicates if that network has associated alarms ( ) or not (dash). Vulnerabilities. It indicates if a network has vulnerabilities ( ) or not (dash). Events. It indicates if a network has associated events ( ) or not (dash). Detail. This button is used to open the specific information of that network, see Section DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 52 of 75

53 On the bottom side, there is an indication about the number of networks in the list. This is indicated as Showing n to n of n and it displays the same information that was explained further up. There also is a navigation bar on the right VIEW DETAILS OF A NETWORK Click on a network to expand the details of that network: Owner to identify the owner of that network. CIDR. It indicates the range of IP addresses, which defines the network. Sensors. It indicates the sensor related to that network. Description. In this field may appear a short text for describing that network. This field is not mandatory so it is possible that it does not appear any information. Details. This is a button that opens the specific information of that network. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 53 of 75

54 Figure 48. Expanded details of a network Do one of the following to view the specific information of a network: Click on Details button ( ). Double click on the line of that network. Click on Details button ( ). DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 54 of 75

55 Figure 49. Networks : details of a network This screen displays the following information: Networks link. This button goes back to the networks main window (see Figure 47). Delete button ( ). This button is used to delete that network. Export button ( ). This button is used to export networks. See Section for further information. More Details. This option allows the user to expand the network details. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 55 of 75

56 Figure 50. Networks : more details of a network The EDIT button is used to modify the data of that network, see Section for further information. Snapshot side. It displays some of the information that appears at the bottom side of the screen. They actually are buttons used to go to its specific information in the table area. Figure 51. Networks : details of a network - snapshot Environment Status. At the right side there are 3 links: HIDS. This button refers to the intrusion detection system that monitors and analyzes the internals of a computing system as well as (in some cases) the network packets on its network interfaces. The circle that is next to this field can appear in 3 different colors: Red. It means that none of the IPs associated with the network are configured in the HIDS. Green. It means that all IPs associated with the network are configured in the HIDS. Yellow. It means that some IPs associated with the network are configured in the HIDS. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 56 of 75

57 Automatic Asset Discovery. This button indicates if there are or there are no pending scans for that network. The circle that is next to this field can appear in 3 different colors: Red, meaning that none of IPs associated with that network are scheduled to be scanned. Green, meaning that all IPs associated with that network are scheduled to be scanned. Green, meaning that all IPs of that CIDR are in the inventory. Yellow, meaning that some IPs associated with that network are scheduled to be scanned, but not all of them. Availability Monitoring. This button indicates if the Availability Monitoring box is selected or not (see Section ). The circle that is next to this field can appear in 2 different colors: Red, meaning that it is not enabled. Green, meaning that it is enabled. Suggestions. This part shows suggestions related to that asset. They can be: Warning messages when an asset, which has sent logs does not send an event in 24 hours. Info messages when an asset is not sending logs to the system. Info messages when an asset is sending logs, but there is no plugin enable parsing the logs. There is a document whose title is System Errors, Warnings and Suggestions that explains what a suggestion is and how a suggestion works inside AlienVault USM TABLE AREA The table area appears at the bottom side of the screen (see Figure 49). This menu includes the following options: GENERAL 1. Software. It indicates if the group has some software installed. Use the vertical scroll bar if it is necessary to see all rows. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 57 of 75

58 Figure 52. Networks : Table Area (General > Software) The table displays several fields: Host, Port, Name, Vulnerable and Available. By clicking on a line it is possible to view more information: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 58 of 75

59 Figure 53. Networks : Table Area (General > Software). Details of software installed on a network 2. Users. This option is not related to the configured users in the system. This field refers to one of the asset properties. To add users related to a specific asset, click on General > Properties of an asset (see Figure 13) then click on. 3. Properties. It displays a table that relates a property (operating system, username, department, etc.) to its values and date when that property was updated and source are included. Properties are always the same: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 59 of 75

60 Figure 54. Networks : Table Area (General > Properties) ACTIVITY 1. Alarms. This is a table where there is information about the date, alarm status, Intent & Strategy, Method, Risk, Source and Destination. At the upper right-hand corner there is a Search field to facilitate searches. On the bottom side, there is an indication about the number of alarms in the list. This is indicated as Showing n to n of n alarms and it displays the same information that was explained further up. There also is a navigation bar on the right. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 60 of 75

61 Figure 55. Networks : Table Area (Activity > Alarms) 2. Events. It displays a table which includes information about events related to that network. The table includes the following fields: Signature;; Data Source;; Date;; Incoming/Outgoing;; Source;; Destination;; Sensor;; and Risk. Search and Showing events from n display the same information that was explained further up. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 61 of 75

62 Figure 56. Networks : Table Area (Activity > Events) 3. Netflow. It displays a table which includes information about netflows related to that network. This table includes the following fields: Date Flow Start;; Duration;; Protocol;; Src IP:Port;; Dst IP:Port;; and Flags. Display n flows, it allows the user to configure the number of items to view between 10, 50, 100 and all flows. Showing n to n of n flows displays the same information that was explained further up. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 62 of 75

63 Figure 57. Networks : Table Area (Activity > Netflow) ASSETS This option displays a table that includes several fields: Host Name, IP, FQDN, Device Type and Description. The Host Name column can be ordered, ascending or descending, by clicking on it. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 63 of 75

64 Figure 58. Networks : Table Area (Assets) NOTES This option allows the user to add notes to the network. There is a text box where it is allowed to write text. Once the text has been written, click on the SAVE button. Added notes can be modified and deleted EDIT DETAILS OF A NETWORK: VIEW AND MODIFY It is possible to view and modify the details of a group by clicking on the EDIT button (see Figure 50: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 64 of 75

65 Figure 59. Networks : edit details This screen includes the following parts: Name. It is a label that identifies the network. CIDRs. This is a method for allocating IP addresses and routing Internet Protocol packets. It is a range of IP addresses that define the network. Owner. It is a label that identifies the owner of the network. Sensors. AlienVault sensors monitoring the networks associated with that sensor. Click to select a sensor. Multiple selections are allowed. Asset value. This is a value assigned to that network. Values can be from 1 to 5 being 1 the lowest value and 5 the highest one. External Asset. It indicates if this network is external (Yes) or internal (No). Icon. It is possible to associate an image with the network. The allowed size is 16x16 and must be in png format. Description. This field is not mandatory so it is possible that it does not appear any information. In this field may appear a short text. Thresholds C. It refers to the compromise threshold level. It is an integer value. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 65 of 75

66 Thresholds A. It refers to the attack threshold level. It is an integer value. Scan options. It allows the user to select or not the Availability Monitoring. The SAVE button is used to update changes. The CANCEL button is used to exit this window without saving changes. Values that are marked with an asterisk (*) are mandatory ADD A NETWORK To create a network, the instructions below must be followed: 1. Go to the main window of Networks (see Figure 47) and click on Add Network and then, on Add Network. Figure 60. Networks : create a new network 2. Fill out the fields. There is an explanation of each field in Section DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 66 of 75

67 3. Click on SAVE to create that new network IMPORT CSV AlienVault USM allows the user to import assets from a csv file. 1. Go to the main window of Networks (see Figure 47) and click on Add Network and then, on Import CSV. Figure 61. Networks : import CSV 2. Click on Choose File button and choose the csv file. 3. Click on the square next to Ignore invalid characters if you want to ignore them. Have in mind the explanation the notes that appear on the screen. 4. Click on IMPORT. The results of importation are displayed: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 67 of 75

68 Figure 62. Networks : results of importing networks from a csv file This table shows, firstly, the number of networks imported and the number of errors and warning that have been occurring during the importation. Next, there is the summary of the import. Show n entries allows the user to configure the number of items to view between 10, 25, 50 and100 flows. The table includes 3 fields: Line, Status and Details. The Status column can be ordered, ascending or descending, by clicking on it. The icon can be displayed on Details column when the status is Warning or Error. Click on this icon to expand more information about that warning or error. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 68 of 75

69 Figure 63. Networks : results of importing host from a csv file with errors The importing networks appear now in the networks main window (see Figure 47). 5. Click on NEW IMPORTATION to go to the import networks window (see Figure 61) or close this window by clicking on the icon located at the upper-right side ( ) EXPORT NETWORKS AlienVault USM allows the user to export networks to a csv file. To do that, go into details of a network main window (see Figure 47) and click on the icon ( ). A file is created in the download folder location configured in the settings of your web browser. The created file has always the same name structure: All_nets_yyyy-mm-dd.csv Where yyyy refers to the year, mm refers to the month and dd refers to the day. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 69 of 75

70 3.3. NETWORK GROUPS This option is used to manage an asset that groups Networks having the same role or being in the same corporation, for instance. Choose Environment > Groups & Networks the Primary Menu and then, Network Groups on the Secondary Menu: Figure 64. Main window of Network Groups This screen shows a table of all network groups that are part of the system. The first line of the table allows the user to configure the number of entries to view between 10, 15, 20, 25, 35 and 50 entries. It is possible to navigate between all items through the links located at the bottom of the screen. The buttons PREVIOUS and NEXT will be activated in case of having several pages and are used to go to the previous or to the next page, respectively. It is possible to hide and show columns by clicking on the right part of the first column: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 70 of 75

71 Figure 65. Network Groups : hide/show columns The fields that can appear are the following: Name. It is a label that identifies the network group. The data in this column can be ordered in ascending or descending order by clicking on the column name. Networks. It displays the networks, which are part of that network group. Thr_C. It refers to the compromise threshold level. It is an integer value. Thr_A. It refers to the attack threshold level. It is an integer value. Description. This field is not mandatory so it is possible that it does not appear any information. In this field may appear a short text for describing the Network Group, for instance. Knowledge DB. This field shows if that network includes a link to a document or to several documents that are part of the knowledge base of solutions to incidents. The number of associated documents appears between brackets next to the Knowledge DB icon. For instance, means that the network has linked KDB documents. Notes. This column indicates if that network group includes notes. Notes are useful to explain facts about that network group. The number of notes appears between brackets next to the notes icon. For instance, means that a network group includes 4 notes CREATE A NETWORK GROUP To create a network group, the instructions below should be followed: DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 71 of 75

72 1. Go to the main window of Network Groups, see Figure Click on NEW. Or click on a line, then click on the secondary mouse button (right button) and, finally, select New Network Group option. Figure 66. Network Groups : create a new network group This screen displays the following information: Name. Name to identify that Network Group. Networks. Select the network to be part of the group. The selected networks appear in the lower part. Filter. This field is used to search a specific network. It is useful when there are a lot of networks. DC Edition 03 Copyright 2014 AlienVault. All rights reserved. Page 72 of 75

Asset Management Guide

Asset Management Guide Complete. Simple. Affordable AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat Exchange, AlienVault OTX Reputation Monitor,

More information

Unified Security Management (USM) 5.1-5.2 Asset Management Guide

Unified Security Management (USM) 5.1-5.2 Asset Management Guide AlienVault Unified Security Management (USM) 5.1-5.2 Asset Management Guide USM 5.1-5.2 Asset Management Guide, rev. 2 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

AlienVault. Unified Security Management (USM) 5.1 Running the Getting Started Wizard

AlienVault. Unified Security Management (USM) 5.1 Running the Getting Started Wizard AlienVault Unified Security Management (USM) 5.1 Running the Getting Started Wizard USM v5.1 Running the Getting Started Wizard, rev. 2 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault

More information

User Management Guide

User Management Guide AlienVault Unified Security Management (USM) 4.x-5.x User Management Guide USM v4.x-5.x User Management Guide, rev 1 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

Unified Security Management (USM) 5.2 Vulnerability Assessment Guide

Unified Security Management (USM) 5.2 Vulnerability Assessment Guide AlienVault Unified Security Management (USM) 5.2 Vulnerability Assessment Guide USM 5.2 Vulnerability Assessment Guide, rev 1 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

How to send emails triggered by events

How to send emails triggered by events Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

AlienVault. Unified Security Management 5.x Configuration Backup and Restore

AlienVault. Unified Security Management 5.x Configuration Backup and Restore AlienVault Unified Security Management 5.x Configuration Backup and Restore USM 5.x Configuration Backup and Restore Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

AlienVault Unified Security Management for Government v4.12 & RT Logic CyberC4:Alert v4.12 User Management Guide

AlienVault Unified Security Management for Government v4.12 & RT Logic CyberC4:Alert v4.12 User Management Guide & RT Logic CyberC4:Alert v4.12 Copyright 2016 AlienVault. All rights reserved. DOCUMENT HISTORY AND VERSION CONTROL Edition Date of Issue Description of Change(s) 01 08/01/15 Initial Version AlienVault,

More information

AlienVault. Unified Security Management (USM) 5.x Policy Management Fundamentals

AlienVault. Unified Security Management (USM) 5.x Policy Management Fundamentals AlienVault Unified Security Management (USM) 5.x Policy Management Fundamentals USM 5.x Policy Management Fundamentals Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

Deploying HIDS Client to Windows Hosts

Deploying HIDS Client to Windows Hosts Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

Legal Notes. Regarding Trademarks. 2012 KYOCERA Document Solutions Inc.

Legal Notes. Regarding Trademarks. 2012 KYOCERA Document Solutions Inc. Legal Notes Unauthorized reproduction of all or part of this guide is prohibited. The information in this guide is subject to change without notice. We cannot be held liable for any problems arising from

More information

Monitoring VMware ESX Virtual Switches

Monitoring VMware ESX Virtual Switches Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

NETWORK PRINT MONITOR User Guide

NETWORK PRINT MONITOR User Guide NETWORK PRINT MONITOR User Guide Legal Notes Unauthorized reproduction of all or part of this guide is prohibited. The information in this guide is subject to change without notice. We cannot be held liable

More information

The SIEM Evaluator s Guide

The SIEM Evaluator s Guide Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,

More information

Juniper Networks Management Pack Documentation

Juniper Networks Management Pack Documentation Juniper Networks Management Pack Documentation Juniper Networks Data Center Switching Management Pack for VMware vrealize Operations (vrops) Release 2.5 Modified: 2015-10-12 Juniper Networks, Inc. 1133

More information

Configuration Manager

Configuration Manager After you have installed Unified Intelligent Contact Management (Unified ICM) and have it running, use the to view and update the configuration information in the Unified ICM database. The configuration

More information

Device Integration: Checkpoint Firewall-1

Device Integration: Checkpoint Firewall-1 Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

AlienVault Unified Security Management Solution Complete. Simple. Affordable Life Cycle of a log

AlienVault Unified Security Management Solution Complete. Simple. Affordable Life Cycle of a log Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

S&C IntelliTeam CNMS Communication Network Management System Table of Contents Overview Topology

S&C IntelliTeam CNMS Communication Network Management System Table of Contents Overview Topology S&C IntelliTeam CNMS Communication Network Management System Operation Topology Table of Contents Section Page Section Page Overview.... 2 Topology Discovery... 4 Viewing the Network.... 4 Add Entire Network

More information

Strategic Asset Tracking System User Guide

Strategic Asset Tracking System User Guide Strategic Asset Tracking System User Guide Contents 1 Overview 2 Web Application 2.1 Logging In 2.2 Navigation 2.3 Assets 2.3.1 Favorites 2.3.3 Purchasing 2.3.4 User Fields 2.3.5 History 2.3.6 Import Data

More information

EMC Smarts Network Configuration Manager

EMC Smarts Network Configuration Manager EMC Smarts Network Configuration Manager Version 9.4.1 Advisors User Guide P/N 302-002-279 REV 01 Copyright 2013-2015 EMC Corporation. All rights reserved. Published in the USA. Published October, 2015

More information

Intrusion Detection in AlienVault

Intrusion Detection in AlienVault Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

AlienVault Unified Security Management (USM) 4.x-5.x. Deploying HIDS Agents to Linux Hosts

AlienVault Unified Security Management (USM) 4.x-5.x. Deploying HIDS Agents to Linux Hosts AlienVault Unified Security Management (USM) 4.x-5.x Deploying HIDS Agents to Linux Hosts USM 4.x-5.x Deploying HIDS Agents to Linux Hosts, rev. 2 Copyright 2015 AlienVault, Inc. All rights reserved. AlienVault,

More information

Monitoring Network DMN

Monitoring Network DMN Monitoring Network DMN User Manual Table of contents Table of contents... 2 1. Product features and capabilities... 3 2. System requirements... 5 3. Getting started with the software... 5 3-1 Installation...

More information

Microsoft Access 2010 handout

Microsoft Access 2010 handout Microsoft Access 2010 handout Access 2010 is a relational database program you can use to create and manage large quantities of data. You can use Access to manage anything from a home inventory to a giant

More information

IBM Security QRadar SIEM Version 7.1.0 MR1. Administration Guide

IBM Security QRadar SIEM Version 7.1.0 MR1. Administration Guide IBM Security QRadar SIEM Version 7..0 MR Administration Guide Note: Before using this information and the product that it supports, read the information in Notices and Trademarks on page 07. Copyright

More information

AlienVault. Unified Security Management 5.x Configuring a VPN Environment

AlienVault. Unified Security Management 5.x Configuring a VPN Environment AlienVault Unified Security Management 5.x Configuring a VPN Environment USM 5.x Configuring a VPN Environment, rev. 3 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

Chapter 15: Forms. User Guide. 1 P a g e

Chapter 15: Forms. User Guide. 1 P a g e User Guide Chapter 15 Forms Engine 1 P a g e Table of Contents Introduction... 3 Form Building Basics... 4 1) About Form Templates... 4 2) About Form Instances... 4 Key Information... 4 Accessing the Form

More information

There are numerous ways to access monitors:

There are numerous ways to access monitors: Remote Monitors REMOTE MONITORS... 1 Overview... 1 Accessing Monitors... 1 Creating Monitors... 2 Monitor Wizard Options... 11 Editing the Monitor Configuration... 14 Status... 15 Location... 17 Alerting...

More information

ICP Data Entry Module Training document. HHC Data Entry Module Training Document

ICP Data Entry Module Training document. HHC Data Entry Module Training Document HHC Data Entry Module Training Document Contents 1. Introduction... 4 1.1 About this Guide... 4 1.2 Scope... 4 2. Step for testing HHC Data Entry Module.. Error! Bookmark not defined. STEP 1 : ICP HHC

More information

Device Integration: CyberGuard SG565

Device Integration: CyberGuard SG565 Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

Module 2: AlienVault USM Basic Configuration and Verifying Operations

Module 2: AlienVault USM Basic Configuration and Verifying Operations Course Introduction Module 1: Overview The Course Introduction provides learners with the course objectives and prerequisite learner skills and knowledge. The Course Introduction presents the course flow

More information

Novell ZENworks Asset Management 7.5

Novell ZENworks Asset Management 7.5 Novell ZENworks Asset Management 7.5 w w w. n o v e l l. c o m October 2006 USING THE WEB CONSOLE Table Of Contents Getting Started with ZENworks Asset Management Web Console... 1 How to Get Started...

More information

Infinity Web Viewer Reference Guide

Infinity Web Viewer Reference Guide Infinity Web Viewer Reference Guide Table of Contents Overview... 1 Security Considerations... 1 System Setup... 1 Infinity Configuration... 1 Workstation Prerequisites... 2 Configuring Internet Security...

More information

Device Integration: Citrix NetScaler

Device Integration: Citrix NetScaler Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

HP Quality Center. Software Version: 10.00. Microsoft Word Add-in Guide

HP Quality Center. Software Version: 10.00. Microsoft Word Add-in Guide HP Quality Center Software Version: 10.00 Microsoft Word Add-in Guide Document Release Date: February 2012 Software Release Date: January 2009 Legal Notices Warranty The only warranties for HP products

More information

Pharos Control User Guide

Pharos Control User Guide Outdoor Wireless Solution Pharos Control User Guide REV1.0.0 1910011083 Contents Contents... I Chapter 1 Quick Start Guide... 1 1.1 Introduction... 1 1.2 Installation... 1 1.3 Before Login... 8 Chapter

More information

User Guide Online Backup

User Guide Online Backup User Guide Online Backup Table of contents Table of contents... 1 Introduction... 2 Adding the Online Backup Service to your Account... 2 Getting Started with the Online Backup Software... 4 Downloading

More information

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream User Manual Onsight Management Suite Version 5.1 Another Innovation by Librestream Doc #: 400075-06 May 2012 Information in this document is subject to change without notice. Reproduction in any manner

More information

How to enable File Integrity Monitoring (FIM)

How to enable File Integrity Monitoring (FIM) Complete. Simple. Affordable How to enable File Integrity Monitoring (FIM) AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

AlienVault Unified Security Management (USM) 4.x-5.x. Deployment Planning Guide

AlienVault Unified Security Management (USM) 4.x-5.x. Deployment Planning Guide AlienVault Unified Security Management (USM) 4.x-5.x Deployment Planning Guide USM 4.x-5.x Deployment Planning Guide, rev. 1 Copyright AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

More information

PRINT CONFIGURATION. 1. Printer Configuration

PRINT CONFIGURATION. 1. Printer Configuration PRINT CONFIGURATION Red Flag Server5 has improved the designs of the printer configuration tool to facilitate you to conduct print configuration and print tasks management in a more convenient and familiar

More information

1. Installing The Monitoring Software

1. Installing The Monitoring Software SD7000 Digital Microphone Monitor Software manual Table of Contents 1. Installing The Monitor Software 1.1 Setting Up Receivers For Monitoring 1.2 Running The Application 1.3 Shutdown 2. The Detail Monitoring

More information

Online Help StruxureWare Data Center Expert

Online Help StruxureWare Data Center Expert Online Help StruxureWare Data Center Expert Version 7.2.1 What's New in StruxureWare Data Center Expert 7.2.x Learn more about the new features available in the StruxureWare Data Center Expert 7.2.x release.

More information

Monitoring MySQL database with Verax NMS

Monitoring MySQL database with Verax NMS Monitoring MySQL database with Verax NMS Table of contents Abstract... 3 1. Adding MySQL database to device inventory... 4 2. Adding sensors for MySQL database... 7 3. Adding performance counters for MySQL

More information

User Guide for TASKE Desktop

User Guide for TASKE Desktop User Guide for TASKE Desktop For Avaya Aura Communication Manager with Aura Application Enablement Services Version: 8.9 Date: 2013-03 This document is provided to you for informational purposes only.

More information

Sync IT. Detailed description of program. Tab: Sync

Sync IT. Detailed description of program. Tab: Sync Sync IT Sync IT is used to automatically synchronize folders between different computers and to make backups of folders. The synchronization is done with already existing networks, like the Internet. You

More information

Rapid Assessment Key User Manual

Rapid Assessment Key User Manual Rapid Assessment Key User Manual Table of Contents Getting Started with the Rapid Assessment Key... 1 Welcome to the Print Audit Rapid Assessment Key...1 System Requirements...1 Network Requirements...1

More information

Citrix Access Gateway Plug-in for Windows User Guide

Citrix Access Gateway Plug-in for Windows User Guide Citrix Access Gateway Plug-in for Windows User Guide Access Gateway 9.2, Enterprise Edition Copyright and Trademark Notice Use of the product documented in this guide is subject to your prior acceptance

More information

DarwiNet Client Level

DarwiNet Client Level DarwiNet Client Level Table Of Contents Welcome to the Help area for your online payroll system.... 1 Getting Started... 3 Welcome to the Help area for your online payroll system.... 3 Logging In... 4

More information

Sophos Endpoint Security and Control standalone startup guide

Sophos Endpoint Security and Control standalone startup guide Sophos Endpoint Security and Control standalone startup guide Sophos Endpoint Security and Control version 9 Sophos Anti-Virus for Mac OS X, version 7 Document date: October 2009 Contents 1 Before you

More information

Getting Started with Vision 6

Getting Started with Vision 6 Getting Started with Vision 6 Version 6.9 Notice Copyright 1981-2009 Netop Business Solutions A/S. All Rights Reserved. Portions used under license from third parties. Please send any comments to: Netop

More information

How to Program a Commander or Scout to Connect to Pilot Software

How to Program a Commander or Scout to Connect to Pilot Software How to Program a Commander or Scout to Connect to Pilot Software Commander and Scout are monitoring and control products that can transfer physical environmental conditions and alarm sensor electrical

More information

User's Guide. Product Version: 2.5.0 Publication Date: 7/25/2011

User's Guide. Product Version: 2.5.0 Publication Date: 7/25/2011 User's Guide Product Version: 2.5.0 Publication Date: 7/25/2011 Copyright 2009-2011, LINOMA SOFTWARE LINOMA SOFTWARE is a division of LINOMA GROUP, Inc. Contents GoAnywhere Services Welcome 6 Getting Started

More information

Personal Call Manager User Guide. BCM Business Communications Manager

Personal Call Manager User Guide. BCM Business Communications Manager Personal Call Manager User Guide BCM Business Communications Manager Document Status: Standard Document Version: 04.01 Document Number: NN40010-104 Date: August 2008 Copyright Nortel Networks 2005 2008

More information

Using the Cisco OnPlus Scanner to Discover Your Network

Using the Cisco OnPlus Scanner to Discover Your Network Using the Cisco OnPlus Scanner to Discover Your Network Last Revised: October 22, 2012 This Application Note explains how to use the Cisco OnPlus Scanner with the Cisco OnPlus Portal to discover and manage

More information

SonicWALL SSL VPN 3.5: Virtual Assist

SonicWALL SSL VPN 3.5: Virtual Assist SonicWALL SSL VPN 3.5: Virtual Assist Document Scope This document describes how to use the SonicWALL Virtual Assist add-on for SonicWALL SSL VPN security appliances. This document contains the following

More information

Fleet Manager Quick Guide (Non Maintenance Mode)

Fleet Manager Quick Guide (Non Maintenance Mode) Fleet Manager Quick Guide (Non Maintenance Mode) Launch Fleet Manager: Open the Fleet Manager Application by: 1. Double clicking the icon located on the desktop - or 2. Via Start > Programs > MobileView

More information

MyOra 3.0. User Guide. SQL Tool for Oracle. Jayam Systems, LLC

MyOra 3.0. User Guide. SQL Tool for Oracle. Jayam Systems, LLC MyOra 3.0 SQL Tool for Oracle User Guide Jayam Systems, LLC Contents Features... 4 Connecting to the Database... 5 Login... 5 Login History... 6 Connection Indicator... 6 Closing the Connection... 7 SQL

More information

Web Mail Classic Web Mail

Web Mail Classic Web Mail April 14 Web Mail Classic Web Mail Version 2.2 Table of Contents 1 Technical Requirements... 4 2 Accessing your Web Mail... 4 3 Web Mail Features... 5 3.1 Home... 5 3.1.1 Mailbox Summary... 5 3.1.2 Announcements...

More information

SAP Business Intelligence (BI) Reporting Training for MM. General Navigation. Rick Heckman PASSHE 1/31/2012

SAP Business Intelligence (BI) Reporting Training for MM. General Navigation. Rick Heckman PASSHE 1/31/2012 2012 SAP Business Intelligence (BI) Reporting Training for MM General Navigation Rick Heckman PASSHE 1/31/2012 Page 1 Contents Types of MM BI Reports... 4 Portal Access... 5 Variable Entry Screen... 5

More information

Custom Reporting System User Guide

Custom Reporting System User Guide Citibank Custom Reporting System User Guide April 2012 Version 8.1.1 Transaction Services Citibank Custom Reporting System User Guide Table of Contents Table of Contents User Guide Overview...2 Subscribe

More information

Intellect Platform - Tables and Templates Basic Document Management System - A101

Intellect Platform - Tables and Templates Basic Document Management System - A101 Intellect Platform - Tables and Templates Basic Document Management System - A101 Interneer, Inc. 4/12/2010 Created by Erika Keresztyen 2 Tables and Templates - A101 - Basic Document Management System

More information

Snow Active Directory Discovery

Snow Active Directory Discovery Product Snow Active Directory Discovery Version 1.0 Release date 2014-04-29 Document date 2014-04-29 Snow Active Directory Discovery Installation & Configuration Guide Page 2 of 9 This document describes

More information

Module 1: Overview. Module 2: AlienVault USM Solution Deployment. Module 3: AlienVault USM Basic Configuration

Module 1: Overview. Module 2: AlienVault USM Solution Deployment. Module 3: AlienVault USM Basic Configuration Module 1: Overview This module provides an overview of the AlienVault Unified Security Management (USM) solution. Upon completing this module, you will meet these objectives: Describe the goal of network

More information

AlienVault. Unified Security Management (USM) 4.8-5.x Initial Setup Guide

AlienVault. Unified Security Management (USM) 4.8-5.x Initial Setup Guide AlienVault Unified Security Management (USM) 4.8-5.x Initial Setup Guide Contents USM v4.8-5.x Initial Setup Guide Copyright AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault, AlienVault

More information

Appointment Scheduler

Appointment Scheduler Appointment Scheduler User s Guide While every attempt is made to ensure both accuracy and completeness of information included in this document, errors can occur, and updates or improvements may be implemented

More information

IBM Tivoli Network Manager 3.8

IBM Tivoli Network Manager 3.8 IBM Tivoli Network Manager 3.8 Configuring initial discovery 2010 IBM Corporation Welcome to this module for IBM Tivoli Network Manager 3.8 Configuring initial discovery. configuring_discovery.ppt Page

More information

NMS300 Network Management System

NMS300 Network Management System NMS300 Network Management System User Manual June 2013 202-11289-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. After installing your device, locate

More information

HP IMC Firewall Manager

HP IMC Firewall Manager HP IMC Firewall Manager Configuration Guide Part number: 5998-2267 Document version: 6PW102-20120420 Legal and notice information Copyright 2012 Hewlett-Packard Development Company, L.P. No part of this

More information

HP Application Lifecycle Management

HP Application Lifecycle Management HP Application Lifecycle Management Software Version: 11.00 Microsoft Word Add-in Guide Document Release Date: November 2010 Software Release Date: October 2010 Legal Notices Warranty The only warranties

More information

NEC Express5800 Series NEC ESMPRO AlertManager User's Guide

NEC Express5800 Series NEC ESMPRO AlertManager User's Guide NEC Express5800 Series NEC ESMPRO AlertManager User's Guide 7-2006 ONL-4152aN-COMMON-128-99-0606 PROPRIETARY NOTICE AND LIABILITY DISCLAIMER The information disclosed in this document, including all designs

More information

HP LaserJet MFP Analog Fax Accessory 300 Send Fax Driver Guide

HP LaserJet MFP Analog Fax Accessory 300 Send Fax Driver Guide HP LaserJet MFP Analog Fax Accessory 300 Send Fax Driver Guide Copyright and License 2008 Copyright Hewlett-Packard Development Company, L.P. Reproduction, adaptation, or translation without prior written

More information

Monitoring ESX/ESXi servers with Verax NMS & APM

Monitoring ESX/ESXi servers with Verax NMS & APM Monitoring ESX/ESXi servers with Verax NMS & APM Table of contents Abstract... 3 Preparing VMware server for monitoring... 3 1. Adding a VMware ESX/ESXi server to device inventory... 4 2. Adding sensors

More information

WAM Remote Wireless Asset Monitoring. Website User Guide

WAM Remote Wireless Asset Monitoring. Website User Guide WAM Remote Wireless Asset Monitoring Website User Guide Table of Contents Overview... 2 Login Page... 2 Quick Start Guide...3-4 Locations Page... 5 Devices Page... 5 Register Devices Page... 6 Temp or

More information

Advanced Event Viewer Manual

Advanced Event Viewer Manual Advanced Event Viewer Manual Document version: 2.2944.01 Download Advanced Event Viewer at: http://www.advancedeventviewer.com Page 1 Introduction Advanced Event Viewer is an award winning application

More information

Quote Upload and Estimates Tool (QUE)

Quote Upload and Estimates Tool (QUE) Quote Upload and Estimates Tool (QUE) Smart Care Estimates Tool V1.7 UPDATED: March 17, 2011 Copyright Cisco systems, Inc. All rights reserved Page: 1 TABLE OF CONTENTS ABOUT THIS DOCUMENT...4 INTRODUCTION...4

More information

System Administrator Guide

System Administrator Guide System Administrator Guide Webroot Software, Inc. PO Box 19816 Boulder, CO 80308 www.webroot.com Version 3.5 Webroot AntiSpyware Corporate Edition System Administrator Guide Version 3.5 2007 Webroot Software,

More information

Decision Support AITS University Administration. Web Intelligence Rich Client 4.1 User Guide

Decision Support AITS University Administration. Web Intelligence Rich Client 4.1 User Guide Decision Support AITS University Administration Web Intelligence Rich Client 4.1 User Guide 2 P age Web Intelligence 4.1 User Guide Web Intelligence 4.1 User Guide Contents Getting Started in Web Intelligence

More information

Comodo LoginPro Software Version 1.5

Comodo LoginPro Software Version 1.5 Comodo LoginPro Software Version 1.5 User Guide Guide Version 1.5.030513 Comodo Security Solutions 1255 Broad Street STE 100 Clifton, NJ 07013 Table of Contents 1.Introduction to Comodo LoginPro... 3 1.1.System

More information

SecuraLive ULTIMATE SECURITY

SecuraLive ULTIMATE SECURITY SecuraLive ULTIMATE SECURITY Home Edition for Windows USER GUIDE SecuraLive ULTIMATE SECURITY USER MANUAL Introduction: Welcome to SecuraLive Ultimate Security Home Edition. SecuraLive Ultimate Security

More information

NI InsightCM Server Version 1.0

NI InsightCM Server Version 1.0 GETTING STARTED NI InsightCM Server Version 1.0 This document contains step-by-step instructions for the setup tasks you must complete to connect an NI Condition Monitoring System to NI InsightCM Server

More information

CHAPTER. Monitoring and Diagnosing

CHAPTER. Monitoring and Diagnosing CHAPTER 20. This chapter provides details about using the Diagnostics & Monitoring system available through ShoreTel Director. It contains the following information: Overview... 661 Architecture... 661

More information

? Index. Introduction. 1 of 38 About the QMS Network Print Monitor for Windows NT

? Index. Introduction. 1 of 38 About the QMS Network Print Monitor for Windows NT 1 of 38 About the QMS Network for Windows NT System Requirements" Installing the " Using the " Troubleshooting Operations" Introduction The NT Print Spooler (both workstation and server versions) controls

More information

Using WhatsUp IP Address Manager 1.0

Using WhatsUp IP Address Manager 1.0 Using WhatsUp IP Address Manager 1.0 Contents Table of Contents Welcome to WhatsUp IP Address Manager Finding more information and updates... 1 Sending feedback... 2 Installing and Licensing IP Address

More information

INVENTORY MANAGEMENT. TechStorm. http://www.gotechstorm.com/howto/inventorymanagement.pdf

INVENTORY MANAGEMENT. TechStorm. http://www.gotechstorm.com/howto/inventorymanagement.pdf INVENTORY MANAGEMENT TechStorm http://www.gotechstorm.com/howto/inventorymanagement.pdf Inventory Management Table Of Contents Add Inventory Items In Tablet... 3 Transaction Flow for Adding Inventory in

More information

Installing SQL Express. For CribMaster 9.2 and Later

Installing SQL Express. For CribMaster 9.2 and Later Installing SQL Express For CribMaster 9.2 and Later CRIBMASTER USER GUIDE Installing SQL Express Document ID: CM9-031-03012012 Copyright CribMaster. 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,

More information

Vulnerability Remediation Plugin Guide

Vulnerability Remediation Plugin Guide Vulnerability Remediation Plugin Guide Plugin V 1.0 Doc Rev. 0.139 April 17, 2014 Table of Contents INTRODUCTION... 3 Background... 3 Purpose... 3 PRE-REQUISITES... 4 Supported versions of Venafi Trust

More information

TRUSTWAVE VULNERABILITY MANAGEMENT USER GUIDE

TRUSTWAVE VULNERABILITY MANAGEMENT USER GUIDE .trust TRUSTWAVE VULNERABILITY MANAGEMENT USER GUIDE 2007 Table of Contents Introducing Trustwave Vulnerability Management 3 1 Logging In and Accessing Scans 4 1.1 Portal Navigation and Utility Functions...

More information

Avaya Network Configuration Manager User Guide

Avaya Network Configuration Manager User Guide Avaya Network Configuration Manager User Guide May 2004 Avaya Network Configuration Manager User Guide Copyright Avaya Inc. 2004 ALL RIGHTS RESERVED The products, specifications, and other technical information

More information

WebSphere Business Monitor V7.0 Business space dashboards

WebSphere Business Monitor V7.0 Business space dashboards Copyright IBM Corporation 2010 All rights reserved IBM WEBSPHERE BUSINESS MONITOR 7.0 LAB EXERCISE WebSphere Business Monitor V7.0 What this exercise is about... 2 Lab requirements... 2 What you should

More information

Webmail Instruction Guide

Webmail Instruction Guide Webmail Instruction Guide This document is setup to guide your through the use of the many features of our Webmail system. You may either visit www.safeaccess.com or webmail.safeaccess.com to login with

More information

How to configure High Availability (HA) in AlienVault USM (for versions 4.14 and prior)

How to configure High Availability (HA) in AlienVault USM (for versions 4.14 and prior) Complete. Simple. Affordable How to configure High Availability (HA) in AlienVault USM Copyright 2015 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM,

More information

ORACLE USER PRODUCTIVITY KIT USAGE TRACKING ADMINISTRATION & REPORTING RELEASE 3.6 PART NO. E17087-01

ORACLE USER PRODUCTIVITY KIT USAGE TRACKING ADMINISTRATION & REPORTING RELEASE 3.6 PART NO. E17087-01 ORACLE USER PRODUCTIVITY KIT USAGE TRACKING ADMINISTRATION & REPORTING RELEASE 3.6 PART NO. E17087-01 FEBRUARY 2010 COPYRIGHT Copyright 1998, 2009, Oracle and/or its affiliates. All rights reserved. Part

More information

SuccessMaker Learning Management System User s Guide Release 1.0

SuccessMaker Learning Management System User s Guide Release 1.0 SuccessMaker Learning Management System User s Guide Release 1.0 Copyright 2007 2008 Pearson Education, Inc. or its affiliates Copyright 2007 2008 Pearson Education, Inc. or its affiliates. All rights

More information

ManageMyHealth SMS Text Message Service User Guide. Medtech32. Version 20.0 (March 2012)

ManageMyHealth SMS Text Message Service User Guide. Medtech32. Version 20.0 (March 2012) ManageMyHealth SMS Text Message Service User Guide Medtech32 Version 20.0 (March 2012) IMPORTANT NOTE Medtech recommends that all Medtech upgrades and database back-up and restore processes are performed

More information

Software Version 5.1 November, 2014. Xerox Device Agent User Guide

Software Version 5.1 November, 2014. Xerox Device Agent User Guide Software Version 5.1 November, 2014 Xerox Device Agent User Guide 2014 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United States and/or

More information

Contact Center Anywhere: Supervision Manager (SM) Overview

Contact Center Anywhere: Supervision Manager (SM) Overview Contact Center Anywhere: Supervision Manager (SM) Overview Supervision Manager Overview The majority of all Call Center expenses revolve around people. The ability to more effectively manage the people

More information

Knowledge Base Articles

Knowledge Base Articles Knowledge Base Articles 2005 Jalasoft Corp. All rights reserved. TITLE: How to configure and use the Jalasoft Xian Syslog Server. REVISION: Revision : B001-SLR01 Date : 11/30/05 DESCRIPTION: Jalasoft has

More information

HP A-IMC Firewall Manager

HP A-IMC Firewall Manager HP A-IMC Firewall Manager Configuration Guide Part number: 5998-2267 Document version: 6PW101-20110805 Legal and notice information Copyright 2011 Hewlett-Packard Development Company, L.P. No part of this

More information