XYGATE® Merged Audit (XMA) Security & Compliance Across the HPE NonStopTM Server Network

XYGATE Merged Audit XMA is a comprehensive security audit solution that enables businesses to meet security, audit and compliance requirements across the entire network. XMA collects, merges, filters, normalizes and writes NonStop audit data to a single NonStop SQL/MP database. The solution’s intuitive Windows® interface allows users to select database items from drop-down lists, drag and drop predefined filters items, write advanced queries and use many other selection options to define events of interest to report on, alert on and send to enterprise SIEM (Security Incident and Event Management) devices. From installation to advanced management functions, XMA is simple to use.

Minimize Data,Maximize System EfficiencyMinimize the amount of security audit data you store by filtering irrelevant and redundant data, consequently maximizing the efficiency and effectiveness of your security audit system. Voluminous amounts of redundant audit data can be discarded before ever reaching the XMA database, saving disk space and valuable I/O cycles. The solution also enables you to capture audit data in real-time or use batch entries to collect and filters audit data at specified times or intervals that are best suited to your needs.

Simplify Actions & AlertingXMA’s advanced filtering capabilities allow users to define their own rules, so events of interest can be automatically sent to other locations. A GU I Security Event Monitor (XEM) is included with XMA, allowing users to monitor and be notified of events right on the desktop in graphical, acoustical and action-oriented formats.

Using the pre-filtered messages chosen for the monitor window, you can further enhance the monitor to highlight and notify you of specific events of interest. Setting up monitor windows is a simple process of choosing which audit events you want to monitor and what information to display.

Customized AlertsWith XMA, users can choose e-mail type alerts to send formatted and information-rich messages to SMS enabled mobile phones or standard e-mail recipients. Tokenized EMS messages may also be generated and captured by other third party EMS monitoring tools. You may also choose to perform custom actions or send data to an IP address and enterprise audit SIEM (Security Incident and Event Management) devices in SYSLOG format.

• Single source for all security audit data

• Merges multiple audit sources (i.e.,Safeguard, XYGATE, EMS, Measure, including ACI BASE24® and HPE’s HLR Telco solution) into a SQL database

• An HPE NonStop SQL/MP license is not required

• Automatic alerting of security events

• Windows event monitor interface

• E-mail, EMS, SNMP Trap, IP and custom event delivery destinations

• Unlimited reporting capabilities

• Preformatted and custom reports

• Easy-to-use Windows management and reporting interface

• Automatic archiving and clean-up

• Efficient real-time or batch processing

• Interfaces to enterprise logging, reporting, and intrusion detection technologies

The ability to track and review all activity on the HPE NonStop is a requirement for most businesses today. This requirement is no small task as businesses must quickly identify suspicious activity in the increasingly open, complex and diverse HPE NonStop environment. Although businesses are faced with ever-shrinking time frames and ever-increasing security threats, this review and tracking is a regulatory requirement.

Key Features/Benefits

Multiple Message FormatsSNMP Trap messages are a recent addition to the ever-growing number of event notification options. You can use XMA to feed central monitoring systems with security information never before available to these devices. Users to choose from several event alerting options to identify and notify specific audit events, such as failed logons. You can create any or all of the following notifications:

• Highlighted text• Boldface fonts and colors• Play sounds• Generate pop-up windows and require acknowledgment• Send an e-mail message• Send an SNMP trap• Deliver a SYSLOG message

Unlimited Report CapabilitiesXMA enables users to design custom, consolidated audit reports with ease. You may choose from a wide selection of report templates, use preformatted samples as your own or design reports for your specific needs.

Viewing & Delivering Information is EasyWhen creating reports, XMA enables users to easilyand effectively:

• Set your selection criteria for audit you wish to report• Choose the columns on which you wish to report• Selecting which columns to display and how to display them• Group and sort the information any way you like• Add custom headers and footers• Save your designs• Repeat daily, weekly, monthly or on the fly

Whether you are generating reports to the NonStop spooler or to a Windows PC, get the right information to the right people at the right time!

SIEM IntegrationUsers can report from within the XMA database or integrate audit data from the entire NonStop network into existing enterprise audit, reporting, and intrusion detection technology, such as HPE’s ArcSight SIEM

solution, RSA®’s enVision and LogLogic®.Easily provide reports to comply with regulations such as the Sarbanes Oxley Act (SOX), Payment Card Industry Data Security Standard PCI DSS, and the Health Insurance Portability and Accountability Act (HIPPA) from a central audit logging facility. XMA provides this secure centralized audit logging capability, either on an HPE NonStop server or your enterprise data store.

Rely on Complete Audit Insurance and Integrity XSW’s automatic archiving and database clean-up facilities offer complete assurance that no important information will be lost or missed. Unlike other audit “roll-over” and “maxfile” settings, XMA manages data based on defined date and time ranges, ensuring you will always have the data you need.

A faulty process or improperly configured audit environment can quickly fill all audit files and cause frequent audit trail rollovers. This could cause permanent loss of audit information as audit files could be deleted in the “rollover” process before ever having been reported against. You would not be able to retrieve event information from that lost time. Not only does XMA ensure that the integrity of all audit is maintained, XMA can also identify the problematic audit configuration and the faulty process before either can cause damage to your environment.

Multi-Source AuditsLastly, with XMA security audit data is no longer limited to a single audit trail. Many system and user events are written to other data sources such as EMS, JDBC/MX and ODBC/MX. XMA handles all sources of audit (including ACI BASE24® and HPE’s HLR Telco solution) and intelligently merges them together to form a single audit database.

XYGATE® Merged Audit

As HPE NonStop security solutions providers for over 30 years, XYPRO works closely with HPE to ensure that NonStop customers have access to the security essentials they need to protect their NonStop systems and applications. XYPRO literally wrote the books on NonStop security and we incorporate that knowledge into our software products.

About XYPRO Technology Corporation XYPRO Headquarters, USA4100 Guardian St., Suite 100Simi Valley, California 93063 USA

USA / Canada: +1 805 583 2874Asia Pacific: +61 3 9008 4283EMEA: +44 207 099 4176 Ibero América: +52 55 4170 8281Japan: 0066 33 821682

www.XYPRO.com

Security

Intelligence Data

Protection

Secure

Datab

ase

Man

agem

ent

Authentication

&

SSOAudit

&

Compliance

Iden

tity

&

Acc

ess

Man

agem

ent

Risk Management

Security Audit & Compliance