217-228-6180 or 888-333-2563
salesadmin@etccomputerland.com
ETC’s AlienVault USM (Unified Security Management) Solution

In this installment of ETC’s Managed Security Educational Series, we investigate how changes in the variety and volume of malware threats require changes in the ways security teams deal with those threats.

With new malware payloads created thousands at a time, repackaging of old threats, and the hourly introduction of new variants, the old signature-based detection approach is not a sufficient & viable solution. Today’s threats require monitoring the environment for behavior patterns that are the signs of malware infection, and this can be done in AlienVault USM with just a few clicks.

With almost all traffic going through your firewall, events associated with firewall data can be filtered for communication with IP addresses that are found on AlienVault’s Open Threat Exchange (OTX) – a real-time update of threat intelligence from over 8000 points in over 140 countries.

Identifying the asset from which the communication is originating, group the events by source IP address. In the video example, we see 80 assets in the environment that are communicating with malicious hosts, which are in America and the Netherlands. Open Threat Exchange data shows a given host that been seen engaging in malicious activity for 5 to 6 months.

Identifying malware infections in AlienVault USM is that straightforward. Watch the video to learn more.

This is part of ETC’s Managed Security Educational Series to inform both current and prospective AlienVault customers of its features and managed security best practices. If you haven’t already, opt in below to receive our educational series by email. Conveniently schedule a free assessment to determine your custom Managed Security needs. Call our specialists at (217) 228-6180 to discuss the best managed security solutions for you.

SIEM Solutions
First
Last

217-228-6180 or 888-333-2563
salesadmin@etccomputerland.com
ETC’s AlienVault USM (Unified Security Management) Solution
In this installment of ETC’s Managed Security Educational Series highlighting AlienVault USM (Unified Security Management), we take a different approach and walk you through the steps to identify and locate a machine on the network that is engaging in actions that constitute a security threat. In this case, it is a BitTorrent that is being run by a user named “Mike” in the data center. That’s something you don’t want running in your environment. Watch the video to learn how easy it is to effectively identify, locate, and respond to such threats:

This is part of ETC’s Managed Security Educational Series to inform both current and prospective AlienVault customers of its features and managed security best practices. If you haven’t already, opt in below to receive our educational series by email. Conveniently schedule a free assessment to determine your custom Managed Security needs. Call our specialists at (217) 228-6180 to discuss the best managed security solutions for you.

SIEM Solutions
First
Last

217-228-6180 or 888-333-2563
salesadmin@etccomputerland.com
ETC’s AlienVault USM (Unified Security Management) Solution

In this installment of ETC’s Managed Security Educational Series highlighting AlienVault USM features, we look into Network Vulnerability Assessmenthow to quickly and effectively find, verify, prioritize, and remediate vulnerabilities.

Some common challenges often faced in network vulnerability assessment – which AlienVault USM has overcome – include: Identification of false positives, incorporation of the implications assessment results into the overall security program, and ensuring you are reducing the impact on your network.

AlienVault gets fewer false positives and more accurate results without progressive scanning, instead using cross-referencing of vulnerability data and real-time asset inventory.

It is easy to start a new scan: You name the scan for future reference, choose whether it is an authenticated or non-authenticated scan, and upon completion, you choose your format for the vulnerability results. PDFs, spreadsheets, and HTML links are available for reporting, so you can easily meet the needs of the people who need to know your assessment findings – be they your security team, management, or auditors. Watch the video to learn more.

This is part of ETC’s Managed Security Educational Series to inform both current and prospective AlienVault customers of its features and managed security best practices. If you haven’t already, opt in below to receive our educational series by email. Conveniently schedule a free assessment to determine your custom Managed Security needs. Call our specialists at (217) 228-6180 to discuss the best managed security solutions for you.

SIEM Solutions
First
Last

217-228-6180 or 888-333-2563
salesadmin@etccomputerland.com
ETC’s AlienVault USM (Unified Security Management) Solution

AlienVault Unified Security Management (USM) combines the many essential elements of a compliance and security management system within one integrated platform, providing the information security analysts need in a single dashboard interface.

Your organization needs to know who is interacting with your network resources, your applications, and your data. You also need to know what they’re doing, how they’re doing it, and when. This information is of immense value when it is provided in real time and combined with alerts, empowering your security team to take informed actions quickly to resolve issues as they are identified.

AlienVault translates the information provided into suggested actions for your team to take to respond to security incidents. Emergency threat intelligence from AlienVault Labs is provided in real time. With over 1500 finely-tuned event correlation rules, the information and analysis are highly accurate. You receive customized guidance for next steps in responding to issues. Watch the video to learn more.

This is part of ETC’s Managed Security Educational Series to inform both current and prospective AlienVault customers of its features and managed security best practices. If you haven’t already, opt in below to receive our educational series by email. Conveniently schedule a free assessment to determine your custom Managed Security needs. Call our specialists at (217) 228-6180 to discuss the best managed security solutions for you.

SIEM Solutions
First
Last

217-228-6180 or 888-333-2563
salesadmin@etccomputerland.com
ETC’s AlienVault USM (Unified Security Management) Solution

In this installment of ETC’s Managed Security Educational Series highlighting AlienVault USM, we explain Event Log Correlation. This is a process of discovering and applying logical associations among raw log events, which empowers your security team to make informed security decisions, identify and respond to threats, validate the effectiveness of your security controls, detect policy violations, and to measure and report on compliance.

AlienVault USM is the ideal solution for organizations in industries that must comply with PCI, HIPAA, SOX, and similar standards. You get the benefit of a Unified Security Management system that combines the various essential tools that work in concert to maintain security compliance while also providing the ideal reporting tools to clearly demonstrate that compliance to auditors.

Event logs are used for troubleshooting. Logs have the “breadcrumbs” that indicate information about your network and devices on that network. This can include the behavior of users, the data being accessed, and activities that may indicate a security threat or an attack in progress.

Logs differ in format among systems, with some easily read by humans, while others appear cryptic. Logs also do not contain complete information in context, and they record different types of information in silos. Analysis by humans or by event correlation rules is therefore required to make use of logs for practical security management use. Event log correlation and log correlation connect the dots to provide alarms to your security team, indicating a potential issue to be addressed. Watch the video to learn more.

This is part of ETC’s Managed Security Educational Series to inform both current and prospective AlienVault customers of its features and managed security best practices. If you haven’t already, opt in below to receive our educational series by email. Conveniently schedule a free assessment to determine your custom Managed Security needs. Call our specialists at (217) 228-6180 to discuss the best managed security solutions for you.

SIEM Solutions
First
Last

217-228-6180 or 888-333-2563
salesadmin@etccomputerland.com
ETC’s AlienVault USM (Unified Security Management) Solution

We continue our Managed Security Educational Series highlighting the features of AlienVault USM (Unified Managed Security), this time focusing on Behavioral Monitoring.

The first step in effectively monitoring the behavior in your network for security purposes is to establish what is normal behavior. Once that’s established, behaviors that are abnormal can be detected.

Strange behaviors can be correlated with other data within USM to pinpoint policy violations, threat risks, malware infections, and instances of system compromise.

AlienVault’s Behavioral Monitoring features include the secure storage of log events. This aids in meeting compliance requirements for data retention, and the information is of interest in forensic investigations.

AlienVault makes the data and the processes for interacting with it convenient by digitally signing and timestamping the data, securely storing the raw log format for data integrity, providing web-based search and navigation to isolate date of interest, as well as pie charts, graphs, and other tools to assist you in reporting on the information reflecting behaviors in your environment. Watch the video to learn more.

This is part of ETC’s Managed Security Educational Series to inform both current and prospective AlienVault customers of its features and managed security best practices. If you haven’t already, opt in below to receive our educational series by email. Conveniently schedule a free assessment to determine your custom Managed Security needs. Call our specialists at (217) 228-6180 to discuss the best managed security solutions for you.

SIEM Solutions
First
Last

217-228-6180 or 888-333-2563
salesadmin@etccomputerland.com
ETC’s AlienVault USM (Unified Security Management) Solution

AlienVault USM combines threat detection functionality with automated asset discovery and vulnerability. That means you can see everything in your environment. AlienVault’s Open Threat Exchange (OTX) leverages threat intelligence from over 8000 points in over 140 countries around the world to keep the system updated. You receive real-time IP reputation data, which helps you to prioritize alerts that may come from known bad actors, command-and-control servers, botnets, and other malicious actors.

It is very important to have threat detection among your security capabilities. Multiple layers of threat detection greatly enhance your security. AlienVault combines Network, Host-Based, and Wireless Intrusion Detection System (IDS) technologies. As soon as you enable one of AlienVault’s sensors, events will appear on the built-in network IDS.

Host-based IDS and its related file integrity monitoring features identify potential system compromise, critical configuration file modifications, and the presence of common rootkits, rope processes, and other policy violations. Wireless IDS identifies rogue access points and anomalous behavior, along with scanners that may be trying to break into your networks or access points. Watch the video to learn more.

This is part of ETC’s Managed Security Educational Series to inform both current and prospective AlienVault customers of its features and managed security best practices. If you haven’t already, Opt in below to receive our educational series by email. Conveniently schedule a free assessment to determine your custom Managed Security needs. Call our specialists at (217) 228-6180 to discuss the best managed security solutions for you.

SIEM Solutions
First
Last

217-228-6180 or 888-333-2563
salesadmin@etccomputerland.com
ETC’s AlienVault USM (Unified Security Management) Solution

Today’s security threats are advanced and constantly evolving. Threats become more complex and targeted for companies dealing with large amounts of sensitive customer and company information. Such organizations need to have an easily-manageable and reasonably-priced solution to ensure they are not susceptible to attacks, that they can respond quickly and effectively in the case they are attacked, and that they meet and surpass compliance standards that are in place to protect their customers. The peace of mind that can be achieved with such a solution creates indispensable value for both the company and the customer alike.

AlienVault USM is the all-in-one solution Security Management tool that is ideal for mid-market organizations. In this Educational Series, we will delve into the various powerful features and demonstrate how to make the most of them. This series is designed both for companies interested in AlienVault and those that already use it. In this article, we will introduce AlienVault from a bird’s-eye view – and then we will follow up with more detail in later installments.

Not only is AlienVault USM reliable and cost-effective, but it is also very fast to implement. As soon as it is turned on, the Asset Discovery feature identifies the assets on your network – along with metadata, software services, operating system information, hardware information, and users that are logged in. You can then access all of this information in one screen. This saves you both time and money.

One of the benefits of having all of your security management services bundled into AlienVault Unified Security Management is that asset information discovered is correlated with known vulnerabilities, and the intrusion detection system is constantly updated.

Some of the Behavioral Monitoring capabilities in USM include: Netflow information, bandwidth monitoring, and Traffic capture.

AlienVault also makes extensive use of information from outside of your network in order to keep your information and the information of your clients safe and uncompromised. AlienVault Labs has security researchers constantly updating the knowledge in the AlienVault Threat Intelligence system, and this data is transmitted directly to USM. This goes beyond the more traditional signature-based detection methods with which you may be familiar. The applicable alarms are shown in the interface, and they are separated by the intent of the attacker. This provides your team with a categorized survey of threats. You will receive information on malware infection attempts, and you are able to drill down to identify information for a given host. AlienVault’s Open Threat Exchange – aka “OTX” – empowers you to easily identify known malicious attackers as they seek to target your environment.

Compliance is a very important part of your organization’s Security Management efforts, and for those companies subject to strict compliance regulations, AlienVault USM’s compliance-ensuring technology is worth the price alone. USM not only collects the data you will need for your reports, but also generates the reports in the formats you will need to present to auditors.

What AlienVault’s Unified Security Management ultimately means for your organization’s security team is that you will have complete security visibility that is fast and easily accessible. Rather than spending time setting up and coordinating several tools, your team will be able to spend more time responding to and investigating alarms related to people using and potentially targeting your systems. You can have it set up in a matter of minutes. Watch the video to learn more.

This is part of ETC’s Managed Security Educational Series to inform both current and prospective AlienVault customers of its features and managed security best practices. If you haven’t already, opt in below to receive our educational series by email. Conveniently schedule a free assessment to determine your custom Managed Security needs. Call our specialists at (217) 228-6180 to discuss the best managed security solutions for you.

SIEM Solutions
First
Last

The best way to prevent an infection is to not rely on just one solution but to use multiple, layered solutions for the best possible protection.

1. Security Awareness Training
It’s easier to prevent malware infections if you know what to look for. If you understand the latest techniques cybercriminals are using, the easier it will be to avoid. Know your enemy! 

2. Internet Security Products
There are many commercial products that will help you avoid all malware infections, but understand that none of them are 100% effective. The cybercriminals are always looking for weaknesses in security products and promptly take advantage of them.

3. Antivirus Software
While antivirus is highly recommended, you should have multiple layers of protection in place. It is not wise to solely rely on antivirus software to keep your PC secure, as it cannot prevent infections from zero-day or newly emerging threats.

The list of antivirus products below was proven the most effective at preventing malware from AV-Test.org 

Avira Antivirus Pro 2015
Kaspersky Internet Security 2015
Bitdefender Internet Security 2015
Norton Security 2014 & 2015
Trend Micro Internet Security 2015

4. AntiMalware Software
Most anti-malware software like MalwareBytes is designed to run alongside Antivirus products, and it’s recommended you have both in place.

5. Whitelisting Software
Whitelisting offers the best protection against malware and virus attacks. Whitelisting software allows only known good software that you approve to run or execute on your system. All other applications are prevented from running or executing.

6. Backup Solutions
In the event of a catastrophic attack or complete system failure, it’s essential to have your data backed up. Many have been able to quickly and fully recover from an attack because their data was backed up and safe.

Ask us about our KnowBe4 resources.

The phone system is the lifeblood of any business. Unfortunately, an unfit system can be a hindrance, making average tasks like conference calling complicated. Getting in touch with team members, customers, and suppliers should be easy, so you should watch out for the following struggles that point to a complete phone system overhaul.

Adding and removing users is tough

Changes can come to your team at the drop of a hat, so are you ready to add or remove a user from your phone system? Assigning a new phone number should be easy, right? Not necessarily.

Traditional phone systems have limitations because of phone line and port capacity, and upgrading can cost you big time. You often have to wait weeks to get new Direct Dial-In (DDI) numbers for each new employee. Sounds like it’s time to compare these upgrade costs to the overall switch to a VoIP system.

You’re forced to use a third party for conference calls

Traditional phone systems limit the number of lines that can be active on a call at one time. If you dread setting up each conference call because the process is cumbersome or if you’re paying extra for your third-party facilitator then you should consider a new VoIP system. Call conferencing comes standard on the VoIP systems offered by ETC ComputerLand.

Trouble with too many locations

Your business should have the capability to grow. As you set up offices at multiple locations, are you setting up an individual phone system for each? There’s an easier way with VoIP. This cost-effective solution will improve communication between team members across multiple locations thus increasing productivity while allowing you to better serve your customers.

Increasing call volume

A growing business is bound to see a year-over-year increase in calls or even seasonal spikes in activity. If so, you might discover that you don’t have enough incoming or outgoing phone lines. Customers might be getting a busy signal when calling in for customer service or sales and you can’t have that. Lost productivity leads to lost revenues.

This problem can force you to add ports to your existing system, but why not consider a VoIP system that makes adding call capacity easier without depending on hardware ports.

Lack of features

Older phone systems don’t offer features that come with VoIP systems. Personal call routing, mobility, enhanced call routing, voicemail to email, auto attendant, directory assistance, conferencing, call recording, call tracking, and more make the VoIP upgrade worth your investment.

How would you like to save up to 70 percent of your current monthly phone bill? Businesses of all sizes are making the switch to VoIP to save money and invest in improved reliability, mobility, and scalability. Call 217-228-6180 for a no-obligation consultation and we’ll show you where you can save money right away!