Dimerson писал(а):А можно поподробнее ? Тут тоже планы на год по софту пишем ... может вкючить его ???
http://www.novell.com/products/sentinel
http://www.novell.com/huddle/event/inde ... e32772b1bf
http://www.novell.com/rc/docrepository/ ... NAL_en.pdf
http://www.novell.com/rc/docrepository/ ... its_en.ppt
Ну вот как-то так...
Product Similarities:
Both products collect event and log data into a central store
Both products can take some actions in response to events
Both products store data to a back-end database
Both products have some reporting tools
Major differences:
Architecture
Event collection
Taxonomy and event enrichment
Real-time event response / event correlation
Real-time monitoring / dashboards
Reporting differences
Extensibility
Database management
Novell Audit solves one specific problem for customers:
“How do I keep track of what's happening in my Novell Identity infrastructure?”
Limited scope and upsell opportunity – can't be easily expanded to non-Novell systems, or even Novell products such as ZEN and Groupwise without Novell Audit instrumentations
The Sentinel value proposition is much broader:
“How do I collect all the data needed to ensure I can detect and respond to any security incidents?”
“How do I collect all the data I need to meet regulatory requirements?”
“How do I handle logs stored in disparate data stores and formats?”
Sentinel's flexible event collection allows for expansion of an initial installation over time. For example, an initial implementation collecting Novell events can be expanded to OS, firewall, mainframe, etc.
Ну и так далее..