Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
SolarWinds Log & Event Manager
Workstation Edition
© 2017 SolarWinds Worldwide, LLC. All rights reserved.
What is LEM Workstation Edition?
• SolarWinds® Log & Event Manager ...
© 2017 SolarWinds Worldwide, LLC. All rights reserved.
Benefits of Using LEM Workstation Edition
• LEM Workstation Edition...
© 2017 SolarWinds Worldwide, LLC. All rights reserved.
Key Use Cases for Workstation Log Monitoring
• Account logon events...
Useful Workstation-based LEM Active Responses
• Kill Suspicious and Unapproved Processes
• The Kill Process Active Respons...
© 2017 SolarWinds Worldwide, LLC. All rights reserved.
Useful Workstation-based LEM Active Responses
• Remove Unapproved U...
© 2017 SolarWinds Worldwide, LLC. All rights reserved.
Supported Workstation Operating Systems
• LEM Workstation Edition s...
© 2017 SolarWinds Worldwide, LLC. All rights reserved.
LEM Workstation Edition Licensing & Pricing
• LEM differentiates
wo...
© 2017 SolarWinds Worldwide, LLC. All rights reserved.
Extend log monitoring to your workstations, today.
SolarWinds Log &...
© 2017 SolarWinds Worldwide, LLC. All rights reserved.
Helpful Resources
• Why & How of Monitoring Workstations with Log &...
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive
property of SolarWinds Worldwide, LLC ...
Upcoming SlideShare
Loading in …5
×

Extending Log Management to Desktop for LEM Users

5,204 views

Published on

Join SolarWinds Sales Engineer Rob Johnson for an exclusive presentation for LEM Customers on LEM’s new Workstation Edition Features. There will be explanations on how to expand your compliance and log management to desktops for current LEM Customers

Published in: Technology
  • Be the first to like this

Extending Log Management to Desktop for LEM Users

  1. 1. SolarWinds Log & Event Manager Workstation Edition
  2. 2. © 2017 SolarWinds Worldwide, LLC. All rights reserved. What is LEM Workstation Edition? • SolarWinds® Log & Event Manager (LEM) Workstation Edition is a pricing model designed for SolarWinds LEM customers to make Windows® workstation log management more affordable than ever!
  3. 3. © 2017 SolarWinds Worldwide, LLC. All rights reserved. Benefits of Using LEM Workstation Edition • LEM Workstation Edition provides ALL the functionality of LEM (including active responses, FIM, USB defender, compliance reports, etc.) to help you collect, correlate, analyze, and store logs from Windows workstation nodes. • Monitor all workstation events in real time: • Security events – to monitor and prevent security threats • Operational events – to identify and troubleshoot performance issues • Policy-driven events – to analyze and report non-compliance and policy violations
  4. 4. © 2017 SolarWinds Worldwide, LLC. All rights reserved. Key Use Cases for Workstation Log Monitoring • Account logon events • Account management • Directory service access • Logon events • Object access • Policy change • Privilege use • Process tracking • System events Windows Workstation Windows Servers Windows Event Logs • Unauthorized authentication • Changes (create, update, delete) to local accounts and groups • System changes like installation of unexpected software and changes to local policies • Usage of removable USB disk and networking devices • Monitor for unauthorized file access and changes to critical system files and registry keys • Launch of prohibited applications (IM, games, etc.)
  5. 5. Useful Workstation-based LEM Active Responses • Kill Suspicious and Unapproved Processes • The Kill Process Active Response enables LEM to automatically kill a suspicious or unapproved process by name or ID • Log off unauthorized users • Automatically log out users when unauthorized or malicious activity is detected • Out of hours authentication monitoring to stop suspicious taking place outside of normal business hours • Disable Networking on Infected Workstation • Use the Disable Networking Active Response to disable networking on a workstation at the Windows® Device Manager level • This action is useful for isolating network infections and attacks, and can be automated in an LEM rule, or executed manually from the Respond menu in the LEM Console
  6. 6. © 2017 SolarWinds Worldwide, LLC. All rights reserved. Useful Workstation-based LEM Active Responses • Remove Unapproved Users from Administrative Group • LEM uses a Windows Active Response tool based on where you want to remove the user(s) from—the domain level or local level. • This tool configures an actor that enables Windows Active Response capabilities on LEM Agents deployed Windows operating systems. • Detach Unauthorized USB Device • The Detach USB Device Active Response allows you to automatically detach a USB or mass storage device from a workstation. • This action is useful for allowing only specific devices to be attached to your Windows computers or detaching any device exhibiting suspicious behavior.
  7. 7. © 2017 SolarWinds Worldwide, LLC. All rights reserved. Supported Workstation Operating Systems • LEM Workstation Edition supports workstation nodes that run the following workstation client operating systems: • Windows Vista • Windows 7 • Windows 8 • Windows 10 • Universal (or non-workstation) nodes consist of all other data sources supported by LEM
  8. 8. © 2017 SolarWinds Worldwide, LLC. All rights reserved. LEM Workstation Edition Licensing & Pricing • LEM differentiates workstation nodes from universal nodes only in terms of pricing and NOT functionality. • A universal node license is required in order to purchase LEM Workstation Edition Workstation Node Count Price* Up to 250 nodes $2,570 Up to 500 nodes $4,115 Up to 1,000 nodes $7,205 Up to 2,000 nodes $10,595 Up to 4,000 nodes $13,245 Up to 8,000 nodes $18,545 Up to 10,000 nodes $20,665 *Price listing is in USD as of August 3, 2017. Prices vary based on geographic region. SolarWinds retains the right to change pricing.
  9. 9. © 2017 SolarWinds Worldwide, LLC. All rights reserved. Extend log monitoring to your workstations, today. SolarWinds Log & Event Manager solarwinds.com/lem GET A QUOTE
  10. 10. © 2017 SolarWinds Worldwide, LLC. All rights reserved. Helpful Resources • Why & How of Monitoring Workstations with Log & Event Manager • Why Workstation Log Management is Crucial For Network Security • Useful Active Responses to Combat Workstation Security Threats • Workstation Log Management Made Easy
  11. 11. The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.

×