Check Point has upgraded its Eventia event-correlation software so it can now include data from Check Point's own endpoint security platform and from Windows operating systems.
The software is designed to make it easier to sort data about network events, correlate related events and generate reports on security incidents.
With the 2.0 release of Eventia Analyzer, event information from Check Point Integrity endpoint software can become part of the mix of data that Eventia sorts. Integrity scans PCs to see whether they have firewalls, updated antivirus software and the like.
Eventia could already gather data from Check Point's other platforms such as firewalls, internal security gear and Web-protection equipment.
The new Eventia software also adds the ability to gather data from Windows SYS logs, SNMP traps, and Windows Event logs. The software covers server versions of Windows NT, 2000, 2003 and XP.
In addition, the Check Point software can draw event data from anti-virus software from its own antivirus software embedded in Check Point Express and Express CI security platforms. Also new is the ability to gather such information from Trend Micro antivirus software and McAfee IntruShield intrusion prevention system appliances.
Customers are now able to create custom events they want tracked such as port scans or the activities of specific devices. Before, events had to be chosen from a user interface list of predefined events.
Eventia Analyzer 2.0 is available immediately. Pricing ranges from US$18,000 for five devices/gateways to $100,000 for 100 devices/gateways. Current customers can download the upgrades from Check Point's Web site.