NetIQ Sentinel Log Manager

Specs

Sentinel Log Manager 500 EPS

  • Compression: Up to 10:1
  • Devices: Up to 1000
  • Max EPS: 500
  • CPU: 1 x Intel Xeon E5450@3GHz (4 core CPU) or 2 x Intel Xeon L5240@3GHz (2 core CPU)
  • RAM: 4GB
  • Local Storage (30 days): 2 x 500GB - 7.2k RPM (Hardware w/256MB cache, RAID 1)
  • Networked Storage (90 days): 600GB

Sentinel Log Manager 2500 EPS

  • Compression: Up to 10:1
  • Devices: 1000
  • Max EPS: 2,500 and 500 respectively
  • CPU: 1 x Intel Xeon E5450@3GHz (4 core CPU) or 2 x Intel Xeon L5240@3GHz (2 core CPU)
  • RAM: 4GB
  • Local Storage (30 days): 4 x 1TB - 7.2k RPM (Hardware w/256MB cache, RAID 10)
  • Networked Storage (90 days): 2TB

Sentinel Log Manager 7500 EPS

  • Compression: Up to 10:1
  • Devices: 2000
  • Max EPS: 7,500
  • CPU: 2 x Intel Xeon X5470@3.33GHz (4 core CPU)
  • RAM: 8GB
  • Local Storage (30 days): 16 x 600GB - 15k RPM (Hardware w/512MB cache, RAID 10)
  • Networked Storage (90 days): 5.8TB

Collector Manager

  • CPU: 1 x Intel Xeon X5570@2.93GHz (4 core CPU)
  • RAM: 4GB
  • Storage: 10GB free disk space

Supported Operating Systems

  • Sentinel Log Manager is certified to run on
    • 64-bit SUSE Linux Enterprise Server 11 for Sentinel Log Manager Versions 1.1, 1.1.0.1, and 1.1.0.2.
    • 64-bit SUSE Linux Enterprise Server 11 SP1 for Sentinel Log Manager versions 1.2 and later.
  • The Collector Manager is supported on the following platforms:
    • SUSE Linux Enterprise Server 10 SP2 (32-bit and 64-bit)
    • SUSE Linux Enterprise Server 11 (32-bit and 64-bit)
    • SUSE Linux Enterprise Server 11 SP2 (32-bit and 64-bit) for Collector Maangers 1.2 and later.
    • Windows 2003 (32-bit and 64-bit)
    • Windows 2003 SP2 (32-bit and 64-bit)
    • Windows 2003 R2 (32-bit and 64-bit)
    • Windows Server 2008 (64-bit)
    • Windows Server 2008 R2 (64-bit)

Supported Platforms

  • VMWare ESX/ESXi/4.0 or higher
  • Xen 3.1.1

Supported Browsers

Linux:
  • Mozilla Firefox 3.6
Windows:
  • Mozilla Firefox 3 (works best on 3.6)
  • Microsoft Internet Explorer 8 (works best on 8.0)

Supported Connection Methods

  • Audit Connector
  • Check Point LEA Process Connector
  • Database Connector
  • Data Generator Connector
  • File Connector
  • Process Connector
  • Syslog Connector
  • SNMP Connector
  • SDEE Connector
  • Sentinel Link Connector
  • WMS Connector
  • Mainframe Connector
  • SAP Connector

Note: The Mainframe and SAP Connectors require a separate license.

Supported Event Sources

  • Cisco Firewall 6/7
  • Cisco Switch Catalyst 6500 Series (CatOS 8.7)
  • Cisco Switch Catalyst 6500 Series (IOS 12.2SX)
  • Cisco Switch Catalyst 5000 Series (CatOS 4.x)
  • Cisco Switch Catalyst 4900 Series (IOS 12.2SG)
  • Cisco Switch Catalyst 4500 Series (IOS 12.2SG)
  • Cisco Switch Catalyst 4000 Series (CatOS 4.x)
  • Cisco Switch Catalyst 3750 Series (IOS 12.2SE)
  • Cisco Switch Catalyst 3650 Series (IOS 12.2SE)
  • Cisco Switch Catalyst 3550 Series (IOS 12.2SE)
  • Cisco Switch Catalyst 2970 Series (IOS 12.2SE)
  • Cisco Switch Catalyst 2960 Series (IOS 12.2SE)
  • Cisco VPN 3000 (4.7.2, 4.1.7, and 4.1.5)
  • Extreme Networks Summit X650 (with ExtremeXOS 12.2.2 and earlier)
  • Extreme Networks Summit X450a (with ExtremeXOS 12.2.2 and earlier)
  • Extreme Networks Summit X450e (with ExtremeXOS 12.2.2 and earlier)
  • Extreme Networks Summit X350 (with ExtremeXOS 12.2.2 and earlier)
  • Extreme Networks Summit X250e (with ExtremeXOS 12.2.2 and earlier)
  • Extreme Networks Summit X150 (with ExtremeXOS 12.2.2 and earlier)
  • Enterasys Dragon (7.1 and 7.2)
  • Generic Event Collector
  • HP HP-UX (11iv1 and 11iv2)
  • IBM AIX (5.2, 5,3, and 6.1)
  • Juniper Netscreen Series 5
  • McAfee Firewall Enterprise
  • McAfee Network Security Platform (2.1, 3.x, and 4.1)
  • McAfee VirusScan Enterprise (8.0i, 8.5i, and 8.7i)
  • McAfee ePolicy Orchestrator (3.6 and 4.0)
  • McAfee AV Via ePolicy Orchestrator 8.5
  • Microsoft Active Directory (2000, 2003, and 2008)
  • Microsoft SQL Server (2005 and 2008)
  • Nortel VPN (1750, 2700, 2750, and 5000)
  • Access Manager 3.1
  • Identity Manager 3.6.1
  • NetWare 6.5
  • Modular Authentication Services 3.3
  • Open Enterprise Server 2.0.2
  • Privileged User Manager 2.2.1
  • Sentinel Link 1
  • SUSE Linux Enterprise Server
  • NetIQ eDirectory 8.8.3 with the NetIQ eDirectory instrumentation patch
  • Micro Focus iManager 2.7
  • Red Hat Enterprise Linux
  • Sourcefire Snort (2.4.5, 2.6.1, 2.8.3.2, and 2.8.4)
  • Snare for Windows Intersect Alliance (3.1.4 and 1.1.1)
  • Sun Microsystems Solaris 10
  • Symantec AntiVirus Corporate Edition (9 and 10)
  • TippingPoint Security Management System (2.1 and 3.0)
  • Websense Web Security 7.0
  • Websense Web Filter 7.0
  • Micro Focus iManager
  • NetWare 6.5

NOTE: Data collection from the following events sources are supported by Log Manager by using the Audit Connector and can be managed through the web console. In order to enable the web console management of these event sources, you must first use the ESM UI to add an instance of a Collector as well as add one child Connector for the below listed event sources. Once this is done, these event sources appears in the web console under the Audit Server tab.

NetIQ Sentinel Log Manager documentation

release-rel-2019-10-2-2896 | Wed Oct 16 03:58:53 PDT 2019
2896
release/rel-2019-10-2-2896
Wed Oct 16 03:58:53 PDT 2019