NetIQ’s Sentinel product is a SIEM solution that provides the ability to capture events from any number of event sources, and of any type, into a system that normalizes the data, finds meaning in a barrage of nonsense (needle in a haystack), and includes incidents management based on custom workflows as defined by each customer….
Purposes: POC (internal use only) Version: Sentinel 7 (it would work on Sentinel 6 as well) and Novell Identity Manager Type: Solution Pack Some notes: – This pack has some correlation rules that were grouped by InfoSec (security) and Operational issues. – A specific action (correlated event) was added but you can use whatever action….
Purposes: POC (internal use only) Version: Sentinel 7 (it would work on Sentinel 6 as well) Type: Solution Pack Some notes: – This solution pack was built based on some (not all) Change Guardian rules and there are around 47 correlation rules– It could be used when Change Guardian is missing and you need some…
This AppNote by Justin Birt explains how to construct complex conditional statements within a single IDM rule.
Geoffrey Carman handles an exception to the Veto rule in this tip.
Tired of adding proxies to block lists to keep up with crafty students? This tip from Rod Urquhart shows how to deny about 90% of proxy server sites at once.
Daniel Griswold helps us stay one step ahead of those crafty students looking to bypass blocking filters …
Here’s a tip from Geoff Carman that helps you apply scoping to your IDM driver without inadvertently vetoing the driver startup.
David Gersic shares an placement rule that uses the IDM mapping table to get eDirectory users into a target context.
Here’s a tip from Aaron Burgemeister that helps you use Identity Manager to put a new GroupWise account into two different Post Office objects.