Free webinar

Audit Collection Services:
Correlating DHCP, DNS and Active Directory data with Network Logs for User Attribution

  • November 7 at 2 PM EST | 11 AM PST
  • 45 Mins

Presented by

Andy,Product expert

Agenda

You need to know who is generating the events on your network before you can begin to do user behavior analysis or detect anomalous activity. By “who”, I mean both the user account and the computer or device.

But this is by no means easy because so many of the logs we deal with are collected at the network level and only bear IP addresses. When you see an internal IP address, you need to know if it’s a printer, network device, appliance, server or workstation or something else. If it’s a server, what kind of server, OS, and its workload and applications. If it’s a workstation – whose workstation. What department are they in? Job title? Manager? And of course, IP addresses aren’t static – especially with workstations using DHCP.

In this webinar, we will look at how to correlate logs from your DHCP server, logs and data from DNS servers, and LDAP identity information from Active Directory to answer these questions.

Here are a few other topics that will be covered in this webinar:

  • Discovering and adding devices
  • Searching through logs to find events of interest
  • What kind of system sent the query?
  • Managing incidents end to end
  • Detecting behavior anomalies.
  • 2Different components of a network and the need to audit them.
  • Tracking logons and critical changes made to network device configurations.
  • Monitoring network devices to get clear insights into network activity.
  • Common techniques of network attacks and how security and attack reporting.
  • Detecting and mitigating threats at an early stage with alerts.
  • How EventLog Analyzer can help secure your network.
  • 3Different components of a network and the need to audit them.
  • Tracking logons and critical changes made to network device configurations.
  • Monitoring network devices to get clear insights into network activity.
  • Common techniques of network attacks and how security and attack reporting.
  • Detecting and mitigating threats at an early stage with alerts.
  • How EventLog Analyzer can help secure your network.
  • 4Different components of a network and the need to audit them.
  • Tracking logons and critical changes made to network device configurations.
  • Monitoring network devices to get clear insights into network activity.
  • Common techniques of network attacks and how security and attack reporting.
  • Detecting and mitigating threats at an early stage with alerts.
  • How EventLog Analyzer can help secure your network.

Thanks!

Your e-book is on its way.

If you don't find it in your inbox within the next few minutes, check your spam folder.

Closed

© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.

Claim Your Spot Now