Requirement |
How EventLog Analyzer helps with compliance |
PMC-1
Accurate time stamp |
Prevents anyone from tampering with log timestamps. |
PMC-2
Recording of business traffic crossing a boundary |
Records traffic that passes through IIS and Apache web servers in the PMC-2 reports. |
PMC-3
Recording of suspicious activity at the boundary |
Displays all connections that have been denied and possible attacks on network perimeter devices in the PMC-3 reports. |
PMC-4
Recording of internal workstation, server, or device status |
Detects and records any suspicious activity, including configuration changes, privileged access, unexpected system and application restarts, software installation, removable media insertion and removal, and sensitive file access. |
PMC-5
Recording of suspicious internal network activity |
Records policy changes and helps identify if an inside user is carrying out malicious activity. |
PMC-6
Recording of network connections |
Records all Windows, Unix, and network perimeter device logons. |
PMC-7
Recording of session activity of users and workstations |
Tracks entire user sessions from start to close, including details of their activity during the session. |
PMC-8
Recording of data backup status |
Records failed backups and restoration events. |
PMC-9
Alerting when critical events occurs |
Sends real-time alerts via email and SMS when any anomalous activity happens in the network. A program can be assigned to run when an alert is generated. |
PMC-10
Reporting on the status of the audit system |
Tracks the clearing of all security logs and event logs. |
PMC-11
Production of sanitized and statistical management reports |
Offers a highly customizable reporting function; admins can configure existing reports to suit their specific requirements, or they can create new ones. |
PMC-12
Providing a legal framework for protective monitoring activities |
Ensures that all data is collected and analyzed for forensic validity. |