ossim user training: get improved security visibility with ossim

APRIL 2014

What’s New in AlienVault v4.6?OSSIM Customer Training

COMMUNITY GUIDELINES

Community members are not leads

We are a commercial company

OSSIM is not trialware

If you see something, say something

http://forums.alienvault.com/discussion/4/

AGENDA

v.4.6 Feature Overview

How To … Examples

Questions

New v4.6 Features

SUMMARY OF NEW FEATURE AREAS

Improved Download Experience Console Improvements

Getting Started Wizard Updates

Multi-Asset DeleteGetting Started Guide

Reduced Image Size Increased Download Reliability

IMPROVED DOWNLOAD EXPERIENCE

Feature Summary:

40% decrease in download size (2.4GB ~1.3GB)

Added new download servers + pause / resume capability

Customer Benefit:

Download the virtual appliance more quickly

Get to value more quickly

http://www.alienvault.com/free-trial

NEW GETTING STARTED GUIDE

Feature Summary:

Updated the AlienVault Quick Start Guide

New AlienVault Getting Started Guide

Customer Benefit:

Clear, detailed installation and configuration instructions to help new users get AV running quickly.

https://alienvault.bloomfire.com/posts/785625

CONSOLE IMPROVEMENTS

Feature Summary:

Improved menu structure, easier to navigate

New static configuration option on the Management Interface configuration

Prominently display the IP address of the device to ensure users are connected to the right device

Validate DNS entry to ensure that the DNS server is internal, allows internal hostname resolution

GETTING STARTED WIZARD IMPROVEMENTSFeature Summary:

New welcome screen that describes the wizard workflow

Merged the Log Management, Network monitoring paths into a single workflow

New screen to configure network interfaces

Visually show what devices have a plugin enabled

Clearly define the Management Interface within the network interface configuration screen

Automatically detect Management Interface network

MULTI-ASSET DELETE

Feature Summary:

It’s Back

Use the asset filter to select the assets

Delete them all with one click

How To …Examples

How To …Generate an email about an alarm

How To …Avoid SQL Storage for Events

How To …Find your Windows XP assets

OSSIM vs. USM

DIFFERENCE BETWEEN OSSIM AND USM

OSSIM USM

Support Community Commercial

Management - Centralized Administration and

ConfigurationThreat Intelligence Community

DevelopedAV Labs Threat

Intelligence Subscription

Reporting Community Developed

100+ Compliance and Threat Reports

Access Control - Rich RBAC with Permission Templates

Deployment Types Flat Deployments Single / Multi-Tiered Small Business to

Enterprise

http://www.alienvault.com/marketing/smb-bundles

SMALL BUSINESS BUNDLE OPTIONS

http://forums.alienvault.com