Introduction to SmartEvent Intro
SmartEvent Intro lets you use SmartEvent features with
one Security Gateway Software Blade.
SmartEvent Intro has these modes:
o
IPS mode - shows events from the IPS blade
o
DLP mode - shows events from the DLP blade
o
Application Control mode - shows events from the Application
Control blade
The mode is determined by the Software Blades activated
and the licenses installed on the management server. If more than one of
the possible SmartEvent Intro blades are installed and licensed, select
which mode to use from the properties of the Management object >
SmartEvent Intro.
|
|
Important
-
o
You cannot monitor more than one of the
possible software blades: IPS, DLP, or Application Control. To monitor
more than one blade, you must purchase the full SmartEvent Suite.
o
A Security Management Server can host only
one
SmartEvent Intro server.
|
Basic Concepts and
Terminology
o
Event Policy - the rules and behavior of SmartEvent
o
Event - activity that is perceived as a threat and is classified as
such by the Event Policy
o
Log Server - receives log messages from the gateway
o
SmartEvent Correlation - component that analyzes logs on Log
servers and detects events
o
Event Database - stores all detected events
o
SmartEvent Server - houses the Event Database, receives
events from Correlation Units, and reacts to events as they occur
o
SmartEvent Client - Graphic User Interface where the Event
Policy is configured and events are displayed
o
Management Server - Security Management Server or, in a
Multi-Domain Security Management environment, Domain Management Server
SmartEvent Sizing
Guide
The SmartEvent Sizing Guide helps you find the
recommended SmartEvent appliance suitable to your environment scale. See
the Sizing Guide in sk87263.
|
