Altor’s security suite is fully integrated into the virtual environment. The product uses a number of
interfaces to monitor the VMware environment and proactively protect the virtual machines. The firewall engine, IDS engine and other advanced Altor security components will generate logs based on the settings the security administrator selects. Instead of just writing these various logs and events to the Altor management center, an administrator can choose to have them written into RSA enVision. This allows advanced storage and correlation of all the virtual security events alongside the physical security events so customers can see the full picture of security across their environment. Altor can send syslog from either the Altor Center or the individual Security Virtual Machines located on each physical ESX/ESXi Host in the environment.
What’s New In This Release
Initial support for Altor Networks Security Suite.
Converted to content 2.0.
Note: Content 2.0 features substantial improvements to the parsing of event data into the various tables that are used for queries and reports. Content 2.0 is the future direction for all event sources within the supported library. For rules and reports, note the following:
-For factory reports, as existing event sources are converted to Content 2.0, their device-specific reports are updated to work with the new content. In some cases, class-specific reports have replaced device-specific reports.
-Factory correlated rules have been modified to take advantage of the improved tables, variables and parsing.
-Custom rules, that involve event sources updated to work with Content 2.0, need to be rewritten.
-Custom reports may not produce the same results as previously. For guidance on updating custom reports, see the RSA enVision Content Inspection Tool document and the online Help topics that describe the Content 2.0 tables