Security Operations

AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet. Correlated events in Sentinel can be automatically provisioned to AbuseIPDB using the following script with the Execute Action. Due to Bug # 944428, you will require at least Execute a Command 2011.1r2 or greater.

ScorpionSting
Aug 10, 2018
4:24 pm
Reads:
103
Score:
5

Recently I had a need for encrypting the e-mail notifications that Sentinel sends from e.g. correlation rules. The e-mails were going to be sent outside the organization to an external e-mail address, and the requirement was that only the recipient should be able to read the messages which of course presents a problem when using…

+ read more

Apr 9, 2018
9:08 am
Reads:
588
Score:
Unrated

NetIQ is pleased to announce the availability of NetIQ Secure Configuration Manager 7.0. Secure Configuration Manager 7.0 is a significant release for existing and prospective customers introducing a modern web-based experience that reduces administrative and operational complexities improving time to deployment and time to value. Key enhancements with this release include: New and Improved User…

+ read more

Jan 31, 2018
3:07 pm
Reads:
1,461
Score:
Unrated

This article explains the procedure to migrate the Sentinel event and raw data with less down time

Jul 17, 2017
8:15 am
Reads:
1,109
Score:
Unrated

This article explains the steps of how to migrate the old Remote Collector Manager (RCM) to new hardware. Here is the use case we used…

Jul 13, 2017
12:13 pm
Reads:
838
Score:
Unrated

NetIQ_Access_Manager_Solution_Pack_2011.1r2_sample_pdfs contains sample reports for the complete set of reports found in the NetIQ Access Manager Solution Pack (version 2011.1r2).

Jul 11, 2017
10:15 am
Reads:
940
Score:
Unrated

NetIQ_SecureLogin_Solution_Pack_2011.1r1_sample_pdfs contains sample reports for the complete set of reports found in the NetIQ SecureLogin Solution Pack (version 2011.1r1).

Jul 11, 2017
10:14 am
Reads:
1,043
Score:
Unrated

Why wildcard certificate? A general description and advantage of the wildcard, is that the same certificate can be used for multiple subdomains of a domain. It will be cheaper and more convenient, rather than buying a certificate for each domain…

Jun 28, 2017
3:56 pm
Reads:
1,174
Score:
5

By default Sentinel creates a self-signed certificate which would be valid for 100 years. Due to security reasons we should sign the SSL certificate with Certificate Authority. This document describes the steps involved in creating a custom certificate for Sentinel with the third-party CA.

Jun 22, 2017
3:19 pm
Reads:
1,674
Score:
1.5

Sentinel collector for the Pulse Connect Secure and Pulse Policy Secure products from Pulse Secure.

Norbert Klasen
Jun 5, 2017
2:11 pm
Reads:
1,199
Score:
Unrated
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow