SIEM KOMRAD


komrad_Logo.jpg

Overview


Komrad is a SIEM software product for IT-infrastructure. It is designed for threat detection, alerts and incident response, as well as for maintaining compliance with security regulations.

Advantages

  • centralized collection and analysis of event logs from security facilities, workstations, servers and network equipment;
  • remote configuration control and monitoring for workstations;
  • alerting and incident response;
  • maintaining compliance with security regulations, statistics collection and generating reports for compliance purposes.

Technical Specification

  • operates on a 64-bit CPU architecture (Intel x86-64); security events processing speed is up to 5000 EPS (events per second) on a single node of the network; 
  • supports wide-ranging technologies for integration with data sources (security facilities, workstations, servers, network equipment) including Syslog, Syslog-ng, SNMPv2, SNMPv3, Opsec, HTTP, SQL, ODBC, WMI, FTP, SFTP, sockets Unix/Linux, plain log, SSH, Rsync, Samba(NetBIOS), NFS, SDEE, RDEP, OPSEC, CPMI; 
  • generates the following reports: list of network devices, security events data storage, threats alerts, incident response, list of detected vulnerabilities, overall network status, availability of network devices, network statistics; 
  • provides integration with the following national secure platforms and security facilities: OS MSVS, OS Astra Linux, Scanner-VS, Firewall & IDS Rubikon, XSpider.

User manual: Download

Certificate

The Russian Ministry of Defense and the Russian Federal Service on Technical and Export Control certify Komrad.