The Next Generation SmartEvent Software Blade delivers real-time cyber threat visibility in the era of Big Data.  Quickly search and analyze billions of data logs to identify critical security events.   Gain greater network visibility with Next Generation SmartEvent on Smart-1 Appliances, and more easily manage big data security, to make faster, more informed security decisions.

 

Benefits

Effective and focused threat analysis with customizable visibility
  • Easily understand security status and trends with a clear timeline overview
  • Quickly investigate security incidents using one-click detailed views
  • Create rich, personalized reports for security professionals, network engineers, and executives
  • Correlate multiple logs to identify suspicious activities from the clutter
Detect cyber threats from big data in seconds
  • Analyze billions of logs per day with the new SmartEvent
  • Search over a hundred million logs in just seconds
  • Facilitate forensic investigation and regulatory compliance with easy access to terabytes of historical logs
One single view for all security threats and network components*
  • One-stop security monitoring for Firewall, IPS, Anti-Virus, Anti-Bot, Threat Emulation, URL Filtering and Application Control
  • Track network activity and device usage for gateways, endpoint and mobile devices
  • Gain “everywhere monitoring” with a new web and tablet portal*

Features

Every organization requires different information regarding security posture, events, and network usage. Next Generation SmartEvent allows users to create customized views and reports to tailor a view to reflect and display only the information that is relevant to your organization; whether you need to understand severity of attacks, common attacks, or attack origin or destination.  Further optimize the visual display of the data by adding widgets and customizing the chart types to make security data easy to understand at a glance.
smartevent_customized_report
Next Generation SmartEvent provides flexibility to be able to produce customized and tailored reports for specific stakeholders within your organization.  A C-level executive may need an overview of high risk events in the last month, but the department head may need to know where employees are going online. Next Generation SmartEvent enables you to easily create reports customized to display only the information relevant to the stakeholder, providing them easy access to the information they need to make informed security decisions.
SmartEvent
Next Generation SmartEvent enables one click exploration of security incidents.  In a single click, move from a high-level overview to specific details needed for forensic analysis, including type of attack, timeline, application type and source.  Next Generation SmartEvent provides the tools to rapidly conduct forensic investigations and delivers complete visibility into potential threats.
detailedforensics2
Next Generation SmartEvent also provides a free text search to facilitate searching through billions of logs in just seconds. Recent searches, suggestions and favorites help make your search even faster.

With Next Generation SmartEvent, monitor all activity and events and correlate multiple logs to identify suspicious activity from the clutter.  Rapid data analysis, and the ability to create customized event logs, immediately alerts administrators to discrepancies and inconsistencies such as someone attempting to use the same credential in multiple geographies simultaneously.

Next Generation SmartEvent delivers the ability to handle exponentially more logs per day, delivering faster, unprecedented performance to organizations of any size.  From small and medium businesses to large enterprises and data centers, Next Generation SmartEvent enables organizations to perform big data cyber threat detection in seconds. Generate a weekly report of activity in less than ten seconds with Next Generation SmartEvent.

Search much larger databases, over 100 million logs, in less than one second.  Easily access billions of historical logs to aid in forensic analysis and compliance. Next Generation SmartEvent provides the scale and speed to handle your most complex security environments.

SmartEvent ensures you can stay on top of your network, no matter where you go.  The SmartEvent web portal provides access to SmartEvent from anywhere, at any time, using mobile phones and tablet devices.*

 

*Available in the next major release

The SmartEvent Software Blade is fully integrated into the Software Blade architecture.  It can be easily and rapidly deployed on Smart-1 appliances, saving time and reducing costs by allowing customers to quickly expand security protections to meet changing requirements.

Specifications

Features
Description
Visibility
OverviewRich and customized Overviews for high-level blade activity
Timelines Views Graphical views of real-time event information and trends
MapsPinpoint event source and destination IP addresses on maps
Top StatisticsSummary view for top protections, applications, users etc.
Chart ViewsView event statistics in bar and pie chart formats
Events Quick-Views Quickly group events by type, source, destination, user or country
Event Analysis
Pre-Defined Event Correlation RulesBased on Check Point best-practices for common industry security concerns
Customized Security EventsCustom build events correlation rules to monitor any security event
Free-Text SearchEasy-to-use search, featuring suggestions, recent searches and favorites to rapidly search billions of events
ForensicsDouble-click on event timelines, and maps for rapid drill-down to packet level
Identity LoggingMap IP addresses to user-names based on Active Directory
Vulnerability Assessment for Security EventsBuilt-in assessment of applicable security events
Reporting
Pre-defined ReportsPre-defined graphical report templates covering most common security needs
Customized ReportsSelect categories, filters, and chart types to display relevant information in a visually optimized format
Actionable Information
Event TicketingAssign events to administrators with ticketing workflow
Global and Event Specific ExceptionsCustomize events exclusions/exceptions by product, source, destination and service
Automatic ReactionAutomatic alerting mechanism for critical events
Remediation OptionsEasy access to changing security policy based on event analysis
Data Sources
Check Point ProductsIntegrated, pre-defined rules and event correlation
3rd Party Security Products Multiple pre-defined 3rd party log formats supported
Graphical Log ParserAdd support for any other 3rd party syslog
Windows EventsIntegrated conversion and presentation for Windows related events
Other
Scalable Distributed ArchitectureLog server, event correlation server and event server can be deployed on separate systems