Providing actionable insights into your network
Server-side real-time thresholds significantly increase the security of your network by detecting lateral movement and similar activity in a network:
Any UPS directly attached to a server/workstations that is detected by Windows can now be monitored by EventSentry. The status of the UPS will show up on the host inventory page, and alerts will be generated when a host is on battery power and back on AC power. EventSentry can also initiate a shutdown when the remaining run-time or charge level falls below a certain limit.
In v3.4 we are taking this to the next level by providing the latest version available from the publisher for a growing list of 100+ software packages so that you can effortlessly identify outdated software on your network.
The user activity page makes seeing all activity by a user as easy as never before!
Reviewing the current audit status of all monitored hosts can be important however, if only to verify that group policies are configured correctly.
Starting with version 3.4, EventSentry now supports the following formats in the Syslog action:
Collecting NetFlow data allows you to see all traffic metadata which passes through network devices that support NetFlow, including:
Communicating and documenting your network has just become a lot easier – add notes and/or upload documents in the web reports. Simply @ mention the computer name and the web reports will associate the update with the respective device on the network.
EventSentry can automatically extract IP addresses from any event and supplement the IP addresses with reverse lookup and/or Geo IP lookup data. Providing geolocation and/or host names inside the email makes the usability of email alerts for the recipient significantly more useful without requiring the recipient to perform manual lookups.
Our compliance module has been updated with new requirements. It is now possible to automate reports to be sent via email or saved directly to a folder.
A central collector service supports data collection over insecure mediums (e.g. Internet) through strong TLS encryption. Also supports local caching and compression.
Finding the port on a switch to which a server, workstation or network device is connected is often a time-consuming and annoying process for most SysAdmins. Starting with version 3.2, EventSentry tries to ease that pain by showing exactly to which switch – and port – a host is connected to. All you need to do is add the switch to the EventSentry configuration.
The new compliance module will install a number of reports that pertain to the specific compliance requirement that was enabled. Every report will be associated with a specific control (e.g. PCI 10.2.2) and allow you to setup a required review, job and more.
Finally, the web reports are now also officially available in 6 additional languages: French, Spanish, Polish, Portuguese, Dutch and Italian. This brings the total number of supported languages in the web reports to 9!
Completely overhauled Network Dashboard now offers support for multiple custom dashboards. Share your dashboard and iterate automatically. Also, a new TV mode was added for enhanced viewing on TVs around the office.
Display the current status of performance, disk space or environment sensor value. We've added heatmaps, gauges, bullet graphs and meters.
Monitor the scheduled tasks running your network. With change detection you can receive alerts and keep a search history for each task.
Quickly see which hosts are running under which servers. Supports Hyper-V and ESX.
The completely redesigned web reports provide several new reporting capabilities with more granular searching syntax to help you find that needle in the haystack.
group:Servers and type:(error or warning)
Any report can now automatically sent via email. Using this functionality you can generate a detailed report on specific error messages across your network or performance trends on your critical servers.
Spot problems with a glance with our improved overview pages. With the new customizable dashboards, you can leave page up and ensure you are always looking at a the most recent information.
We now offer the web reports as a stand-alone installer so you can host your reports any where you would like.
No more running to server room to look up a service tag number. EventSentry provides a detailed inventory of all your monitored hosts. Quickly see your warranty information, check available memory slots, or identify disk serial numbers.
It is now possible to poll SNMP counters to check the output load on a UPS or view the network bandwidth trends on your routers and switches.
You can now monitor performance metrics (CPU, avaliable memory, etc) on your Linux machines.
With a fresh look and the new functional ribbon, configuring EventSentry has never been easier! Many common tasks have been simplified so that working with EventSentry is now more intuitive and faster. The new built-in event log viewer makes viewing event logs, including the new Application & Services logs of Windows, much easier than the built-in Windows event viewer.
The new Arp Watch daemon tracks all network activity on the data link layer to alert you when new devices are added to your network. Network activity is also continuously tracked so that you can see which MAC addresses are actively being used on your network, including MAC to IP address mappings, and when they were last seen. The Arp Watch Daemon also detects ARP Spoof attempts in real-time.