Military branches and federal civilian agencies, state and local government and educational institutions are all threatened by foreign and domestic cyber-attacks and have or must now take action to protect their information technology infrastructure. While the threats have increased recently, SNARE by Prophecy has been supporting US and International public sector customers with Event Log Collection, Forwarding, Analysis and Reporting Security Solutions for over two decades.
SNARE Servers and Agents are being utilized across numerous US Navy and US Airforce Programs in both networked and secure air-gapped environments, providing centralized collection, analysis, reporting, and archival function for a range of Windows, Linux and Mac audit log sources.
The SNARE Server generates detailed reports that can be fine-tuned to deliver the information needed to keep systems safe. Upon installation, the SNARE Server runs a configuration wizard that lets administrators install and configure objectives that are specifically targeted to address the requirements of the US Government’s National Industrial Security Program Operating Manual (NISPOM) Chapter 8 and STIG requirements. With STIG enabled, Snare Central has achieved 99% STIG Compliance. SNARE Log Management software now supports the most recent requirement for government contractors, the Cybersecurity Maturity Model Compliance (CMMC) , specifically Level 3, which calls out the requirement for Event Log Management.
The SNARE Central Server is ideal to support State and Local Election Security. The U.S. Election Assistance Commission has published Guidelines for election system security, including: Principle 9: Auditable; P11: Access/Authentication Control, and P15: Detection and Monitoring, among others. These Principles can be addressed by installing commercial off-the-shelf Log Management Security Software from SNARE by Prophecy Americas, on primary election system servers, including: your Voter Registration Systems, Electronic Poll Books, Vote Capture Devices, Vote Tally Systems, and Election Databases. For more information on SNARE Election Security, please read the SNARE Blog Post.
With the SNARE Central Server, organizations can monitor and report on such things as the number and time of day of failed and successful logins, changes to security policies, changes to files, directories and registries and Active Directory, privileged access by administrators, firewall hits and USB file access from desktops, among others. SNARE also offers an Analytics Dashboard that will display Key Performance Indicators of security events in real-time, built on an elastic.index.
SNARE Enterprise Agents will capture syslog events from Windows and Linux Servers, Active Directory, IIS, DNS, DHCP, Exchange and SMTP Servers and Desktops and direct them to the SNARE Server or any 3rd Party Primary SIEM Server.