Solarwinds nta12/20/2023 ![]() ![]() ![]() Regarding what Orion can do, you can capture all the syslog data from your firewalls and send it to your SIEM this gets them the north-south data, but none of the east-west data. Gigamon will send ALL NetFlow data and parse it out to MANY different kinds of reports. If they need greater detail, look into something like Gigamon's product line to accomplish this. Capturing that data and sending it to their SIEM (like Splunk or SW's product or any other SIEM) will enable them to see what they need between your organization and the Internet. Then send that traffic to a service like Web Sense (or any of many other content filters). The simple solution is to place physical network taps between your internal network and your firewall, and also between the firewall and the Internet. The should already be filtering, and be aware of every request that hits your firewall-both from outside and from inside. ![]() Your security team needs to have a content filter in place, a proxy solution, to get this information in the granular format they desire. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |