Upload
faraj9
View
219
Download
1
Embed Size (px)
DESCRIPTION
rthfgy
Citation preview
agileSI light overview360 SAP Security Monitoring
www.it-cube.net iT-CUBE SYSTEMS GmbH
agileSI is the first industry-grade solution for continuous monitoring of SAP security events and parameters. The product approach does not deliver another isolated solution, but pursues an holistic strategy of esta-blishing security event management at a central point in the company: in the SOC (Security Operation Center), on the basis of SIEM solutions that are planned or already being used in all security-conscious organi-zations.
Would you like to take the gradual approach? If so, agileSI light is precisely the right solution for you, as agileSI light covers the most important log sources SAP Security Audit Log and SAP System Log and is compatible with the products of the most well-established SIEM manufacturers. This means customers who already have an SIEM solution receive solid basic protection while fulfilling the requirements of many auditors.
agileSI light minor effort meets significant benefitSAP is unarguably one of the most important applications in the IT world. However, ERP systems remained out of the focus of attackers for quite some time. But this situation has now changed dramatically. Industrial espionage is increasingly targeting SAP systems, but these systems still represent the blind spot when it comes to IT security monitoring.
The SAP security solutions currently available on the market are limited to the areas Permissions Management, Authorization and SoD checks. The Business Runtime is however rarely considered. But SAP systems offer numerous possibilities for accessing systems internally and externally and triggering security-critical actions, the traces of which cannot be noticed when the system is subjected to a simple check.
This is where agileSI light comes in. The new agileSI module works without an agent and thus simplifies integration significant-ly. Logon details for the system that is to be monitored are all that is needed. Thanks to the simpler implementation, which requires fewer resources, larger SAP environments can also be monitored centrally and simply. Whats more, agentless data extraction means the integration of SAP SIEM is easier than ever. Simply install, configure and operate agileSI light on a Windows or Unix server and establish a connection to SAP and your SIEM solution.
Was is agileSI light?
agile stands for agility: Permanent monitoring instead of snapshot audits Fully-automated data acquisition instead of manual
checks Easily interpretable processing in charts, tables,
and control indicators
SI stands for Security Intelligence: The art of knowing where important information is
located in SAP , how it can be extracted, what it means, and how it needs to be processed
In short: the ability to draw valuable knowledge from a flood of log data and initiate actions
www.it-cube.net
Paul-Gerhardt-Allee 2481245 Mnchen, Germany
T: +49 89 2000 148 00 F: +49 89 2000 148 29
[email protected] www.it-cube.net
iT-CUBE SYSTEMS GmbH
Our experts would be happy to assist you. Please feel free to contact us at any time without obligation!
agileSI light, the easy approach for your IT security
agileSI light is easy to install and includes a convenient administration tool that is used to establish a connection to the SAP systems that are to be monitored. All that is needed are the connection and logon data. The events are visualized in SIEM using our analysis tool, which is provided with the solution. Its never been so easy to monitor complex SAP environments without being a SAP specialist. SIEM takes care of the archiving in an audit-compliant manner. All of this means that agileSI light is the ideal way to get started with SAP security monitoring.
SIEMSAP Security
Audit Log
SAP System Log
What is the difference with the full version of agileSI?
The full version of agileSI is based on a three-layer architectural model with a collection, administration, and analytics layer. With the help of the agents, all required information is extracted from the SAP systems to be monitored. To this end, the agents use vari-ous data extractors for accessing information in log files, tables, change documents, etc.
Thanks to the modular design and compatibility within the agileSI product group, the solution can be expanded simply at any time to cover increasing or new requirements (for example, the inclusion of transaction monitoring).
Select one of three different integration approaches.
The versions Extended and Light utilize agileSI as the bridging technology, which is compatible with leading SIEM solution, including HP ArcSight, QRadar (Q1Labs/IBM), Logpoint, LogRhythm and Splunk.
The Standalone version includes an embedded front end, which means custo-mers that have not used a SIEM system in the past can now monitor SAP systems without the involvement of the Security department.
agileSI Light utilizes an agentless technology with minimal integration requirements and includes the top use cases from the security audit and system log to establish basic coverage.
Our Professional Services Team is also available to help you audit and optimize security and risk management for your SAP environment.
Our solutions enable you to significantly reduce the number and severity of security gaps in your SAP environment - without the need for additional personnel resources. We support you with intelligent technology, automation, continuous reviews and a process that turns risks into actions. With more than 10 years of experience in SAP Security and IT security, our teams have the requisite knowledge to ensure the critical systems of our customers are effectively protected while keeping an eye on costs.
agileSI Time to Value in three versions
agileSI lightagileSI Light
agileSI Extended
agileSI Standalone
agileSI Professional Services
Agent-free SAP Connector
Top Use Cases based on SAL + System Log
Utilizing existing SIEM
Perpetual or term license for agileSI Agent, Core, Security Analytics Pack
Utilizing existing SIEM-System Maintenance & Support Implementation Service &
Operations
agileSI Agent, Core, Security Analytics Pack
Embedded SIEM-based Frontend
Maintenance & Support Implementation Service &
Operations
System Integration & Customization Joint Development & Migration Programs for homegrown developments Operations and Managed Security Services