With ELM, system security is proactively managed on an enterprise-wide scale. ELM is a 32-bit, multi-threaded client/server application specifically designed for minimal system overhead, minimal network impact and maximum visibility and monitoring. ELM may be configured to notify of activity or problems using a wide variety of methods, including customizable beeps and multimedia sound files, network pop-up messages, SMTP or MAPI email, posting to web forms, alpha-numeric/numeric pagers, SNMP traps, and user-written batch files, command files or applications.

ELM provides many security solutions for an organization. ELM can monitor network security perimeters, keeping watch on sensitive file servers. ELM is firewall friendly and transmits data from a Service Agent to the ELM Server in encrypted form. Below are just two sample security-based scenarios for ELM:

In the first example, the ELM Server receives Syslog messages and SNMP Traps from the corporate firewall. To monitor the internal security perimeter, administrators can monitor and/or collect security events from domain controllers on their networks. Administrators can extend this scenario by monitoring member server security logs, workstation security logs, and other event logs, as well as by monitoring critical system-based text files and log files that contain security-related log entries.

The second example is a variation of the first example. Instead of monitoring a non-Windows firewall, the ELM Server is monitoring a Microsoft ISA Server or a Microsoft Proxy Server. Using an Event Collector, the ELM Server receives security event log entries from the ISA/Proxy Server. In addition, a File Monitor is used to monitor the ISA/Proxy Server log files for intrusions and other security-related entries.

ELM Enterprise Manager Security Features

ELM Log Manager Security Features

ELM Event Log Monitor Security Features

ELM Enterprise Manager enables you to:

Monitor event logs in real-time, and store the events in a database for archiving, auditing alerting and reporting Collect and store all published performance counters, including application-related performance counters, for base lining, trending and capacity planning Monitor log files and text files Create top-level and drill-down reports of event data and performance data Schedule reports for automatic production Send and receive alert notifications, including via email and pager, when events occur, services fail or performance exceeds thresholds Automatically restart failed services Stop and start services locally and remotely Kill processes locally and remotely Monitor end-to-end availability and quality of service of Microsoft Exchange Server Perform query-based monitoring of Microsoft SQL Server Perform query-based monitoring of WMI Monitor the availability of SMTP gateways, Web services, Outlook Web Access, and POP3 servers Monitor SNMP Object IDs Process and forward Syslog messages Process and forward SNMP traps

Using ELM Log Manager, you can:

Monitor server system, security and application events in real-time, and store the events in a database for archiving and auditing Monitor IIS log files and other text files Create top-level and drill-down reports of event data Send and receive alert notifications, including via email and pager, when events occur, services fail or performance exceeds thresholds Automatically restart failed services Stop and start services locally and remotely Kill processes locally and remotely Process and forward SNMP traps or Syslog Messages

Using ELM Event Log Monitor, you can:

Monitor server system and security events in real-time, and store the events in a database for archiving and auditing Create top-level and drill-down reports of event data Send and receive alert notifications, including via email and pager, when events occur, services fail or performance exceeds thresholds Automatically restart failed services Stop and start services locally and remotely Kill processes locally and remotely

See Also

• Security Application Examples
• Integrated Security & Auditing
• ELM Server Data Encryption