Educause Security Discussion mailing list archives
ESM technologies (catching unsuccessful logins, other Windows critical events)
From: "Merlino, Thomas" <tmerlino () MERCYHURST EDU>
Date: Thu, 13 Dec 2007 08:22:02 -0500
Good morning, I wanted to take a moment and see what your thoughts are on ESM technologies that are out there? More specifically, I'm looking for something that sits on the network that will automatically alert us if we see multiple unsuccessful logins or even general Windows events that could be signaling something bigger so we can catch the problem before it "blows up." We have an ESM device in place, but it's not very straightforward and tends to require quite a lot of "babysitting" as far as reading reports every morning, etc. I'd like to have something in place that would actually alert us (via pager or otherwise) at the time that a specific criteria is met as far as Windows event logging goes. Any help or guidance on this subject would be greatly appreciated. Thank you, Thomas Merlino, Jr. | Mercyhurst College | Technical Administrator for Information Technology Phone: 814.824.3240 | Fax: 814.824.3009 | E-mail: tmerlino () mercyhurst edu Schedule - Week Beginning Monday, December 10th: Mo: 7 AM - 3 PM | Tu: 7 AM - 3 PM | We: 7 AM - 3 PM | Th: 6 AM - 2 PM | Fr: 7 AM - 3 PM This electronic message (including all attachments) is intended only for the addressee(s). This electronic message may contain confidential and/or proprietary information and is not intended for unauthorized redistribution. The unapproved use, dissemination, distribution, and/or reproduction of this electronic message, including attachments, is prohibited and may be unlawful.
Current thread:
- ESM technologies (catching unsuccessful logins, other Windows critical events) Merlino, Thomas (Dec 13)