Security Applications

ELM can provide numerous security solutions for your organization. ELM is firewall friendly, and transmits its data from an Agent to the Server in encrypted form. Below are a couple of sample security-based scenarios for ELM Enterprise Manager.

Perimeter Monitoring

In this example, the ELM Server receives Syslog message and SNMP traps from the corporate firewall. The ELM Server monitors low-level network availability of the corporate firewall by polling any TCP port and pinging its interfaces. To monitor the internal security perimeter, administrators monitor and collect security events from Windows domain controllers. ELM monitors the member server security logs, workstation security logs, and the standard application and system event logs to detect denial of service attacks, anti-virus logging, and protected resource access information.

Border and DMZ Monitoring

In this example, the ELM Server is monitoring the corporate DMZ. Administrators have opened the port for Agents running in the DMZ to forward information to the ELM server inside the corporate network. Communication from these Agents is encrypted to prevent interception. RPC communication is not necessary in this configuration. Administrators have configured appropriate ports in the firewall to allow non Windows systems to forward SNMP and Syslog information to the ELM Server as well.