2
agileSI™ light overview 360° SAP® Security Monitoring www.it-cube.net iT-CUBE SYSTEMS GmbH agileSI™ is the first industry-grade solution for continuous monitoring of SAP® security events and parameters. The product approach does not deliver another isolated solution, but pursues an holistic strategy of esta- blishing security event management at a central point in the company: in the SOC (Security Operation Center), on the basis of SIEM solutions that are planned or already being used in all security-conscious organi- zations. Would you like to take the gradual approach? If so, agileSI™ light is precisely the right solution for you, as agileSI™ light covers the most important log sources “SAP Security Audit Log“ and “SAP System Log“ and is compatible with the products of the most well-established SIEM manufacturers. This means customers who already have an SIEM solution receive solid basic protection while fulfilling the requirements of many auditors. agileSIlight – minor effort meets significant benefit SAP® is unarguably one of the most important applications in the IT world. However, ERP systems remained out of the focus of attackers for quite some time. But this situation has now changed dramatically. Industrial espionage is increasingly targeting SAP® systems, but these systems still represent the “blind spot” when it comes to IT security monitoring. The SAP® security solutions currently available on the market are limited to the areas Permissions Management, Authorization and SoD checks. The “Business Runtime“ is however rarely considered. But SAP® systems offer numerous possibilities for accessing systems internally and externally and triggering security-critical actions, the traces of which cannot be noticed when the system is subjected to a simple check. This is where agileSI™ light comes in. The new agileSI™ module works without an agent and thus simplifies integration significant- ly. Logon details for the system that is to be monitored are all that is needed. Thanks to the simpler implementation, which requires fewer resources, larger SAP® environments can also be monitored centrally and simply. What’s more, agentless data extraction means the integration of SAP® SIEM is easier than ever. Simply install, configure and operate agileSI™ light on a Windows or Unix server and establish a connection to SAP® and your SIEM solution. Was is agileSI™ light? agile stands for agility: Permanent monitoring instead of snapshot audits Fully-automated data acquisition instead of manual checks Easily interpretable processing in charts, tables, and control indicators SI stands for Security Intelligence: The art of knowing where important information is located in SAP® , how it can be extracted, what it means, and how it needs to be processed In short: the ability to draw valuable knowledge from a flood of log data and initiate actions

Flyer AgileSI Light ENG Web

  • Upload
    faraj9

  • View
    219

  • Download
    1

Embed Size (px)

DESCRIPTION

rthfgy

Citation preview

  • agileSI light overview360 SAP Security Monitoring

    www.it-cube.net iT-CUBE SYSTEMS GmbH

    agileSI is the first industry-grade solution for continuous monitoring of SAP security events and parameters. The product approach does not deliver another isolated solution, but pursues an holistic strategy of esta-blishing security event management at a central point in the company: in the SOC (Security Operation Center), on the basis of SIEM solutions that are planned or already being used in all security-conscious organi-zations.

    Would you like to take the gradual approach? If so, agileSI light is precisely the right solution for you, as agileSI light covers the most important log sources SAP Security Audit Log and SAP System Log and is compatible with the products of the most well-established SIEM manufacturers. This means customers who already have an SIEM solution receive solid basic protection while fulfilling the requirements of many auditors.

    agileSI light minor effort meets significant benefitSAP is unarguably one of the most important applications in the IT world. However, ERP systems remained out of the focus of attackers for quite some time. But this situation has now changed dramatically. Industrial espionage is increasingly targeting SAP systems, but these systems still represent the blind spot when it comes to IT security monitoring.

    The SAP security solutions currently available on the market are limited to the areas Permissions Management, Authorization and SoD checks. The Business Runtime is however rarely considered. But SAP systems offer numerous possibilities for accessing systems internally and externally and triggering security-critical actions, the traces of which cannot be noticed when the system is subjected to a simple check.

    This is where agileSI light comes in. The new agileSI module works without an agent and thus simplifies integration significant-ly. Logon details for the system that is to be monitored are all that is needed. Thanks to the simpler implementation, which requires fewer resources, larger SAP environments can also be monitored centrally and simply. Whats more, agentless data extraction means the integration of SAP SIEM is easier than ever. Simply install, configure and operate agileSI light on a Windows or Unix server and establish a connection to SAP and your SIEM solution.

    Was is agileSI light?

    agile stands for agility: Permanent monitoring instead of snapshot audits Fully-automated data acquisition instead of manual

    checks Easily interpretable processing in charts, tables,

    and control indicators

    SI stands for Security Intelligence: The art of knowing where important information is

    located in SAP , how it can be extracted, what it means, and how it needs to be processed

    In short: the ability to draw valuable knowledge from a flood of log data and initiate actions

  • www.it-cube.net

    Paul-Gerhardt-Allee 2481245 Mnchen, Germany

    T: +49 89 2000 148 00 F: +49 89 2000 148 29

    [email protected] www.it-cube.net

    iT-CUBE SYSTEMS GmbH

    Our experts would be happy to assist you. Please feel free to contact us at any time without obligation!

    agileSI light, the easy approach for your IT security

    agileSI light is easy to install and includes a convenient administration tool that is used to establish a connection to the SAP systems that are to be monitored. All that is needed are the connection and logon data. The events are visualized in SIEM using our analysis tool, which is provided with the solution. Its never been so easy to monitor complex SAP environments without being a SAP specialist. SIEM takes care of the archiving in an audit-compliant manner. All of this means that agileSI light is the ideal way to get started with SAP security monitoring.

    SIEMSAP Security

    Audit Log

    SAP System Log

    What is the difference with the full version of agileSI?

    The full version of agileSI is based on a three-layer architectural model with a collection, administration, and analytics layer. With the help of the agents, all required information is extracted from the SAP systems to be monitored. To this end, the agents use vari-ous data extractors for accessing information in log files, tables, change documents, etc.

    Thanks to the modular design and compatibility within the agileSI product group, the solution can be expanded simply at any time to cover increasing or new requirements (for example, the inclusion of transaction monitoring).

    Select one of three different integration approaches.

    The versions Extended and Light utilize agileSI as the bridging technology, which is compatible with leading SIEM solution, including HP ArcSight, QRadar (Q1Labs/IBM), Logpoint, LogRhythm and Splunk.

    The Standalone version includes an embedded front end, which means custo-mers that have not used a SIEM system in the past can now monitor SAP systems without the involvement of the Security department.

    agileSI Light utilizes an agentless technology with minimal integration requirements and includes the top use cases from the security audit and system log to establish basic coverage.

    Our Professional Services Team is also available to help you audit and optimize security and risk management for your SAP environment.

    Our solutions enable you to significantly reduce the number and severity of security gaps in your SAP environment - without the need for additional personnel resources. We support you with intelligent technology, automation, continuous reviews and a process that turns risks into actions. With more than 10 years of experience in SAP Security and IT security, our teams have the requisite knowledge to ensure the critical systems of our customers are effectively protected while keeping an eye on costs.

    agileSI Time to Value in three versions

    agileSI lightagileSI Light

    agileSI Extended

    agileSI Standalone

    agileSI Professional Services

    Agent-free SAP Connector

    Top Use Cases based on SAL + System Log

    Utilizing existing SIEM

    Perpetual or term license for agileSI Agent, Core, Security Analytics Pack

    Utilizing existing SIEM-System Maintenance & Support Implementation Service &

    Operations

    agileSI Agent, Core, Security Analytics Pack

    Embedded SIEM-based Frontend

    Maintenance & Support Implementation Service &

    Operations

    System Integration & Customization Joint Development & Migration Programs for homegrown developments Operations and Managed Security Services