Cloud Log Collection and Reporting for Microsoft 365 & Azure
For large enterprise organizations or MSSPs, the Snare Management Center (SMC) will provide users with the ability for centralized management of policies for AMC, Reflector, Reports, Users, Schedules, Health Checker for Snare Centrals remotely via a new centralized management view of multiple Snare Central systems.
Snare Central v8.5 introduces a real-time cyber network map, designed and developed to dramatically to help security teams quickly geo-locate potential threat actors or anomalous activities.
Expanded cloud-based log management capabilities enable users to collect, manage, and report on cloud-based activity. This includes monitoring administrative activity, capturing failed logon logs, or alerting to changes made to mail boxes or overwriting information.
Enhanced Automated Alerts to Improve Threat Hunting Speed
Expanded Reporting Capabilities for Cloud and Hybrid Environments
New Log Formats for Expanded Coverage
Speed is everything when it comes to cybersecurity. Enhanced automated alerting will notify your SOC or security analysts immediately to potential threats or anomalous activities in your system, enabling your team to respond to a threat and gather critical information in a matter of minutes.
Snare’s expanded report library now includes over 50 cloud log reports, Cisco fire-powered threat defense reports, and Kernel-based activity reporting.
New log formats mean expanded coverage for more granular audit and forensics capability. This update will add enhanced support for Microsoft Sentinel,CEF, SQL, and Linux.
The Snare Management Center (SMC) will provide users with the ability for centralized management of core settings via a new centralized management view of multiple Snare Central systems. This central management capability is designed for enterprise customers with multiple Snare Centrals and/or MSSPs that manage multiple customers across different locations or geographies.
Save time on visiting each system for status updates or managing configuration
Ensure consistent application of security policies, alerting, and reporting across your organization
Monitor the health status of all Snare systems via one single view
Immediately alert your SOC or IT stakeholders to specific systems showing problems or anomalous activity so they can be investigated in minutes
Save time and resources by centrally configuring core settings: AMC Policies, Reports, Health Check, Objective Schedules, Reflector Configuration, User Access
Based on live network-related events, Snare’s real-time Cyber Network Map will help security teams quickly identify potential threats and locate the source in a fraction of the time. The interactive 3-D globe and world map enables users to visualize, explore, and geo-locate the source of potential threats or activities that require further investigation.
The highly visual 3-D cyber network map means faster time-to-detection of unusual or unauthorized network activity. This dramatically improves the speed at which a SOC or security analyst can:
Visualize network activity
Identify the country of origin, source and destination IP addresses, ports, and more
Detect and identify unusual threat traffic patterns for internet-facing systems and network devices
Detect the exfiltration of data
Extended Cloud Capabilities
Log Reports for Microsoft 365 & Azure
As many organizations migrate to a cloud-based architecture, it is critical to monitor cloud logs. With the addition of over 40 new cloud reports for Office 365 and Azure, users can effectively monitor and report on activity from Microsoft environments.
Expanded cloud-based log management capabilities enable users to collect, manage, and report on cloud-based activity.
Monitoring administrative activity
Capturing failed logon logs, or
Alerting to changes made to mail boxes or overwriting information
Enhanced automated alerting will notify your SOC immediately to potential threats or anomalous activities in your system, enabling your team to respond to a threat and gather critical information in a matter of minutes.
In the event of a breach or an attack, your organization may have as few as 24-hours to answer these critical questions. Snare will enable your SOC to answer these questions in a matter of minutes vs months:
High Availability helps to ensure there is minimal chance of lost log data, which is critical for forensic analysis in the event of a cyber attack or breach. High Availability also helps meetregulatory compliance requirements such as GDPR, ISO27001, and PCI DSS.
With High Availability, security teams can:
Reduce the risk of losing log data, in particular UDP-based systems where data can be lost more easily
Have more resiliency in log collection
Reduce the need for caching when systems can failover
Make it easier to reflect to two or more “master” collection Centrals or SIEM systems
Separate hardware provides better redundancy
Distribute the load over multiple clusters
Backup & Restore
BACKUP & RESTORE LOG DATA FOR FORENSIC ANALYSIS
Snare Central’s simple Backup & Restore feature helps to save on downtime and system rebuilds. With Snare’s Backup & Restore capabilities and the ability to workflow the process with scheduled backups, security teams can quickly, easily, and automatically recover log data for forensic analysis or use disk manager to view log data from backup locations.
Simply put, Snare Central makes sure your company’s valuable log data is there when you need it:
Easily restore and select components
If a user makes a mistake or breaks their Snare Central configuration, they can recover the components from backup
Small workflow of steps required
Flexible backup options and granular recovery of Snare Central components or system logs
Flexible options for backup destinations – NAS, USB, ISO, DVD for long term storage or immutable media
COLLECT MORE LOGS FROM MORE SYSTEMS
Snare Central’s Reflector makes it easier for security teams to collect logs from more systems. The Snare Reflector provides enriched data to third party SIEM systems, improving performance and scalability.
With the new Snare Reflector, security teams can enhance their log collection and log management capabilities with:
New log formats such as JSON
Improved disk caching that requires less admin to manage
Enhanced ability to collect logs at higher eps rates on the same hardware
Additional log formats for compatibility with other third party SIEM systems
Snare Central Capabilities
– Experience the Full Suite –
Snare automated alerts notify your SOC or security analyst(s) immediately if there is a potential threat or anomalous activity in your system.
THREAT INVESTIGATION CAPABILITIES
Snare includes FIM/FAM/RIM/RAM/USB and Database Activity Monitoring to answer critical questions in a matter of minutes: who got in, how they got in, and what they took.
UNLIMITED, PRISTINE DATA STORAGE
Improve compliance and save money by compressing and storing an unlimited number of log data for the required timeframes in a pristine environment – logs may be required to be stored and untouched for 7+ years.
High Availability helps to ensure there is minimal chance of lost log data, which is critical for forensic analysis in the event of a cyber attack or breach. High Availability also helps meet compliance regulatory requirements such as GDPR, ISO27001, and PCI DSS.
BACKUP & RESTORE
Helps to save on downtime and system rebuilds with simple Backup & Restore. Recover log data for forensic analysis or use the disk manager to view log data from backup locations.
600+ REPORTS | XDR & SYSMON
Over 600 reports cover new log types and threat hunting enhancements using Sysmon and additional log sources.
COLOR CODING BY CRITICALITY
Report criticality is now visible on report icons. Users can set up reports based on criticality levels and what the they deem to be Low Priority (green) to High Priority (red). You can also filter your reports by criticality so you’re always focused on what’s most pressing.
DEDICATED TLS SYSLOG PORT
Snare Central includes a new dedicated TLS listener port for syslog collection.
NETWORK STORAGE FOR BACKUPS
Redundancy is critical in cybersecurity compliance and Snare Central now supports Network Storage (CIFS or NFS) to back up your collected log data.
ENHANCED FILE INTEGRITY CHECK ADMINISTRATION
This tool allows the user to schedule, monitor, and administrate system files integrity checks and report on any changes on such files.
SNARE ENTERPRISE AGENTS
The industry’s best for Windows, Linux, Unix, macOS, Epilog, etc. – including FIM, RIM, FAM, RAM, and USB solutions. Windows Agents Veracode Verified. No Java or .NET required
We have customers all over the globe and on every continent, so we are here to support you whenever you need it.
Ask Us About Snare Central
Get in touch with your regional Snare office about upgrading or deploying Snare.
Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.
Essential Website Cookies
These cookies are strictly necessary to provide you with services available through our website and to use some of its features.
We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.
Google Analytics Cookies
These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.
If you do not want that we track your visist to our site you can disable tracking in your browser here:
Other external services
We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.
Google Webfont Settings:
Google Map Settings:
Google reCaptcha Settings:
Vimeo and Youtube video embeds: