Interactive Demo

Watch 3-minute video tour

Affordable Protective Monitoring for GPG 13 Compliance

AlienVault Unified Security Management (USM) combines the essential security controls needed to achieve GPG 13 compliance and reduce risk.

See below how AlienVault helps you cover key GPG 13 compliance requirements, or download the GPG 13 Solution Brief.

Achieve protective monitoring easily. Reduce the cost of maintaining it.

The Communications-Electronics Security Group (CESG) is Britain’s information assurance authority. Their Good Practice Guide 13 (GPG 13) is a Protective Monitoring framework for British government systems and networks, service providers and outsourcing companies to reduce risk and secure confidential data.

The goal of the Protective Monitoring guideline, or GPG 13, is to direct organisations to follow essential business and technology recommendations to improve company risk profiles. At a very basic level, GPG 13 requires reliable, complete, and accurate security visibility—a key cornerstone of any risk management program.

As with any compliance management program, achieving compliance with GPG 13’s twelve Protective Monitoring Controls (PMC) is challenging—especially for organisations managing competing priorities, limited budgets, and small IT security teams. The secret to success is to simplify, consolidate, and automate the essential security controls to unify visibility and
effectively prioritize remediation efforts.

AlienVault’s Unified Security Management (USM) platform combines the essential security controls needed for protective monitoring with real-time, global threat intelligence so that you can achieve GPG 13 compliance and reduce risk—all at the same time.

Recording Profiles

GPG 13 defines 4 recording profiles that describe the impact of data and segment the requirements based on the impact of data. Each organisation will have one of four recording profiles, depending on the Impact Level of the data involved.

  • Aware
    The lowest segmentation level is Aware. At this level, the organisation has an obligation to be Aware of public domain threats, common attack vectors and known vulnerabilities.
  • Deter
    The second segmentation level is Deter. At this level, the organisation has an obligation to Deter an attack from a skilled hacker and appropriate controls should be in place to Deter such an attack.
  • Detect and Resist
    The second segmentation level is Detect and Resist. At this level, the organisation has an obligation to Detect and Resist an attack from a skilled hacker and appropriate controls should be in place to do so.
  • Defend
    The highest segmentation level is Defend. At this level, the organisation has an obligation to Defend against an attack from a sophisticated attacker.

AlienVault USM Covers All 12 Protective Monitoring Controls

The following table includes details on how AlienVault USM provides the unified visibility to manage all 12 PMCs while simultaneously reducing risk, complexity, and cost.

  PMC Requirement
1 Accurate timestamp in logs
Provide a means to ensure that accounting and auditing logs record accurate timestamps.
See How AlienVault Fulfills Requirement 1
Integrated USM Capabilities AlienVault USM Capability
Aware
  • Ensure all accounting and audit logs include a timestamp
  • Any Alerts generated must be timestamped and should reference the original audit log

All of the necessary “Aware” recording requirements are satisfied within the USM solution. AlienVault’s Logger preserves the integrity of all audit logs collected, and timestamps each audit log, as well as any alerts that are generated related to the audit log.

Deter
  • Ensure you meet the requirements of lower recording profiles
  • Digitally sign the timestamp as a minimum
  • Hash the log file that stores the collected audit log
All of the necessary “Deter” recording requirements are satisfied within the USM solution. AlienVault’s Logger preserves the integrity of all audit logs collected, which includes a digital signature, hash code and MD5 checksum.
Detect and Resist
  • Ensure you meet the requirements of lower recording profiles
  • Hash the transaction and digitally sign, plus retain a copy of the audit log
All of the necessary “Detect and Resist” recording requirements are satisfied within the USM solution. AlienVault’s Logger preserves the integrity of all audit logs collected, which includes a digital signature, hash code and checksum. Additionally, the original audit log is retained.
Defend
  • Ensure you meet the requirements of lower recording profiles
All of the necessary “Defend” recording requirements are satisfied within the USM solution. AlienVault’s Logger preserves the integrity of all audit logs collected, which includes a digital signature, hash code and checksum. Additionally, the original audit log is retained.
2 Recording relating to business traffic crossing a boundary
Define a set of Alerts and Reports that will identify authorized vs. non-authorized business traffic across the network boundary. This requires the ability to identify authorised vs. non-authorised traffic, transportation of malicious code is prevented and alerted, and the identification of the manipulation of other business traffic.
See How AlienVault Fulfills Requirement 2
Integrated USM Capabilities AlienVault USM Capability
Aware
  • Report and Alert on Malware detected crossing the boundary

All of the necessary “Aware” recording requirements are satisfied within the USM solution. AlienVault’s built-in IDS (network, host-based, and wireless) will report and alert on detected malware—wherever it is on the network.

Deter
  • Ensure you meet the requirements of lower recording profiles
  • Report and Alert on:
    • Blocked web browsing activities
    • Failed file imports and exports across boundary
All of the necessary “Deter” recording requirements are satisfied within the USM solution. Provided the gateway firewall or filtering proxy is configured properly, USM will report and alert on blocked activities and failed file imports and exports.
Detect and Resist
  • Ensure you meet the requirements of lower recording profiles
  • Report on:
    • Failed file imports and exports across boundary and keep a copy of file content for auditing purposes
    • Failed file imports and exports across boundary and keep a copy of file content, Security Label and File Signature, for auditing purposes
    • Accepted web traffic across boundary
    • Accepted incoming and outgoing file transfers across boundary
All of the necessary “Detect and Resist” recording requirements are satisfied within the USM solution. Provided the gateway firewall or filtering proxy is configured properly, USM will report and alert on blocked activities and failed file imports and exports—through the correlation of the firewall/ proxy logs. Additionally, any accepted incoming and outgoing file transfers and web activity will also generate alerts and can be investigated using USM’s single-pane-of-glass incident response workflow, reporting and dashboards.
Defend
  • Ensure you meet the requirements of lower recording profiles
  • Report on:
    • Accepted incoming and outgoing file transfers across boundary, including a copy of the file content
    • Accepted file imports and exports across boundary and keep a copy of file content, Security Label and File Signature, for auditing purposes
    • Files that have been placed in a file cache, including its URL, content, Security Label, Signature and time to live
    • Who has accessed file cache
All of the necessary “Defend” recording requirements are satisfied within the USM solution. Provided the gateway firewall or filtering proxy is configured properly, USM will report and alert on blocked activities and failed file imports and exports—through correlation of the firewall/proxy logs. Additionally, any accepted incoming and outgoing file transfers and web activity will also generate alerts and can be investigated using USM’s single-pane-of-glass incident response workflow, reporting and dashboards.
3 Recording relating to suspicious activity at a boundary
Define a set of alerts and Reports that will identify suspicious network traffic crossing the network boundary.
See How AlienVault Fulfills Requirement 3
Integrated USM Capabilities AlienVault USM Capability
Aware
  • Report Deny or Dropped packets on Firewall

Provided the firewall is configured properly, USM will report and alert on all deny or dropped packets from the firewall.

Deter
  • Ensure you meet the requirements of lower recording profiles
  • Report and Alert on Critical console messages from boundary devices
  • Report and Alert on Authentication failures on boundary devices and systems
  • Report and Alert on suspected Attacks at the boundary
  • Report on:
    • Error console messages from boundary devices
    • User sessions on boundary devices and consoles
    • Changes to Firewall and boundary device rule base, including in response to a detected Attack
    • Status Change to security software monitoring tools, such as your Security Incident and Event Management, Intrusion Detection Software, Intrusion Prevention Software, etc.
All of the necessary “Deter” recording requirements are satisfied within the USM solution. Quickly identify and isolate suspicious network traffic leveraging built-in security controls such as IDS, netflow analysis, event correlation, and log analysis. Additionally, dynamic incident response templates provide customized guidance for each alert.
Detect and Resist
  • Ensure you meet the requirements of lower recording profiles
  • Report on:
    • Warning console messages from boundary devices
    • All commands issued to boundary devices or boundary consoles
    • Packets traversing the boundary device, including packet header, size and firewall interface
    • Packets traversing the boundary device, including full packet capture, size and firewall interface
All of the necessary “Detect and Resist” recording requirements are satisfied within the USM solution. Specifically, enabling sniffing on the AlienVault Sensor will provide full packet capture for in-depth network flow analysis and granular event correlation.
Defend
  • Ensure you meet the requirements of lower recording profiles
  • Report and Alert on all automated responses at the boundary
All of the necessary requirements for the lower recording profiles are satisfied with the USM solution. Specifically, reports and alerts can be easily set up to fire for all automated responses at the network boundary.
4 Recording of workstation, server or device status
Define a set of Alerts and Reports that will identify configuration and status changes on internal workstations, servers and network devices.
See How AlienVault Fulfills Requirement 4
Integrated USM Capabilities AlienVault USM Capability
Aware
  • Report and Alert on all Critical and above messages from hosts in scope
  • Report and Alert on all detected Malware on hosts in scope
  • Report on all Error messages from hosts in scope
  • Report on changes in status to Malware signature base

All of the necessary “Aware” recording requirements are satisfied within the USM solution. Quickly identify and isolate malware outbreaks throughout your network leveraging built-in security controls such as host-based IDS, netflow analysis, event correlation, and log analysis.

Deter
  • Ensure you meet the requirements of lower recording profiles
  • Report on:
    • Failed access attempts to files
    • Changes to File or directory access rights of system folders
    • Change to status of networked hosts
    • Change in status of attached devices connected to controlled hosts
    • Status of storage volumes of monitored hosts
    • Changes to software configuration of monitored hosts
All of the necessary “Deter” recording requirements are satisfied within the USM solution. Built-in host-based IDS alerts on policy violations such as failed access attempts to files on critical systems. Additionally, built-in file integrity monitoring captures anomalous changes to critical files and file systems such as access rights modifications, software configuration, and changes to storage volumes.
Detect and Resist
  • Ensure you meet the requirements of lower recording profiles
  • Report and Alert on changes to system files or folders
  • Report on:
    • All critical messages below Warning level from hosts in scope
    • Changes to system configuration on monitored hosts
    • Changes to system processes on monitored hosts
All of the necessary “Detect and Resist” recording requirements are satisfied within the USM solution. Built-in host-based IDS and file integrity monitoring technologies alert on critical changes to system files and folders. These changes may include configuration changes as well as changes to key processes, critical for service availability monitoring and management.
Defend
  • Ensure you meet the requirements of lower recording profiles
  • Report on:
    • Changes to software configuration of monitored hosts, including software inventory
    • Changes to system files, including before and after content
    • Changes to system configuration on monitored hosts, including before and after content
All of the necessary “Defend” recording requirements are satisfied within the USM solution. Built-in host-based IDS and file integrity monitoring technologies alert on critical changes to system files and folders.
5 Recording relating to suspicious internal network activity
Define a set of Alerts and Reports that will identify suspicious activity across internal network boundaries from either internal or external agents.
See How AlienVault Fulfills Requirement 5
Integrated USM Capabilities AlienVault USM Capability
Aware
  • Report on all Deny or Dropped packets on the Firewall

All of the necessary “Aware” recording requirements are satisfied within the USM solution. Provided the firewall is configured properly, USM will report and alert on all deny or dropped packets from the firewall.

Deter
  • Ensure you meet the requirements of lower recording profiles
  • Report and Alert on:
    • All Critical and above console messages from internal Firewalls
    • All Authentication Failures from internal network devices and monitoring consoles
  • Report on:
    • All Error status messages from the console or internal Firewalls
    • User sessions on the console or internal Firewalls
    • Change of status of Rule base on internal Firewalls and network devices
All of the necessary “Deter” recording requirements are satisfied within the USM solution. Provided the firewall is configured properly, USM will report and alert on all necessary activities for the “Deter” recording profile. Specifically, USM will report and alert on error messages, authentication failures, user sessions, and rule base changes on firewalls and network devices. Additionally, these activities can be correlated against other relevant data to provide a full picture of suspicious network activity.
Detect and Resist
  • Ensure you meet the requirements of lower recording profiles
  • Report and Alert on suspected internal Attacks
  • Report on:
    • All Warning messages from internal network devices
    • All commands sent to network devices or firewalls
    • Accepted packets being transferred by internal firewalls
    • All Deny or Dropped packets on internal Firewall, including full packet capture
    • Response to internal attacks and actions undertaken
    • Status Change to internal security software monitoring tools, such as your Security Incident and Event Management, Intrusion Detection Software, Intrusion Prevention Software, etc.
All of the necessary “Detect and Resist” recording requirements are satisfied within the USM solution. Provided the firewall is configured properly, USM will report and alert on all necessary activities for the “Detect and Resist” recording profile. Specifically, our built-in threat detection and behavioral monitoring technologies are combined with event correlation rules to provide the security intelligence needed to identify suspected internal attacks.
Defend
  • Ensure you meet the requirements of lower recording profiles
  • Report and Alert on all automated response by internal IPS
  • Report on Accepted packets being transferred by internal firewalls, including full packet capture
All of the necessary “Defend” recording requirements are satisfied within the USM solution. Specifically, enabling sniffing on the AlienVault Sensor will provide full packet capture for in-depth network flow analysis and granular event correlation.
6 Recording relating to network connections
Define a set of Alerts and Reports that will identify temporary connections to the network, such as those made via a VPN or wireless connection.
See How AlienVault Fulfills Requirement 6
Integrated USM Capabilities AlienVault USM Capability
Aware
  • Report and Alert on all remote Authentication Failures
  • Report and Alert on failed attempts to connect to the VPN
  • Report on:
    • DHCP assigned IP registration
    • Remote Access User sessions
    • Changes to VPN Node registrations

All of the necessary “Aware” recording requirements are satisfied within the USM solution. Built-in log management and event correlation enables the collection and analysis of valid and invalid authentication attempts to VPN and other network devices. Other activities such as DHCP assignments, remote access user sessions, and changes to VPN node registrations are also logged and collected.

Deter
  • Ensure you meet the requirements of lower recording profiles
  • Report and Alert on:
    • Failed equipment connection attempts to protected network attachment points
    • Critical and above messages
    • Authentication Failures on network consoles
  • Report on:
    • Error messages from network consoles
    • All connection attempts to Wireless Access Points
    • User sessions to network connection consoles
All of the necessary “Deter” recording requirements are satisfied within the USM solution. Specifically, failed connection attempts and authentication failures are captured and securely logged via AlienVault’s Logger. Additionally, built-in wireless IDS detects all connection attempts to wireless access points.
Detect and Resist
  • Ensure you meet the requirements of lower recording profiles
  • Report and Alert on all suspected wireless attacks
  • Report on:
    • Commands issued on network connection consoles
    • Remediation steps taken in response to internal attack notification
    • Status changes to IPS, IDS signatures
All of the necessary “Detect and Resist” recording requirements are satisfied within the USM solution. Specifically, built-in wireless IDS will detect and alert on all suspected wireless attacks. Additionally, built-in log management records commands issued on network connection consoles and dynamic incident response templates provide the detailed remediation steps needed for any internal or external attack activity. Finally, status changes to IDS signatures are also logged.
Defend
  • Ensure you meet the requirements of lower recording profiles
  • Report and Alert on non-approved wireless interfaces and wireless access points
All of the necessary “Defend” recording requirements are satisfied within the AlienVault USM solution. Specifically, AlienVault’s built-in wireless IDS will detect and alert on non-approved wireless interfaces and wireless access points.
7 Recording on session activity by user and workstation
Define a set of Alerts and Reports that will identify suspect user activity or allow forensic analysis of user activity within the network.
See How AlienVault Fulfills Requirement 7
Integrated USM Capabilities AlienVault USM Capability
Aware
  • Report on:
    • User network sessions
    • User Account changes
    • User privilege or group changes
    • Administrator or super user application management

All of the necessary “Aware” recording requirements are satisfied within the AlienVault USM solution. AlienVault’s built-in log management and event correlation engine collects, correlates and analyses logs from directory servers, Windows and Unix servers, and other devices to capture the full context of user activity.

Deter
  • Ensure you meet the requirements of lower recording profiles
  • Alert on User account lockouts
  • Report on User privilege escalation on critical workstations and all servers
  • Report on execution of accountable User transactions
All of the necessary “Deter” recording requirements are satisfied within the AlienVault USM solution. Specifically, user account activity such as lockouts, transactions, and escalation of privilege will signal alerts.
Detect and Resist
  • Ensure you meet the requirements of lower recording profiles
  • Report on User sessions on critical workstations
  • Report on local User account changes on critical workstations
  • Report on changes to local user account or group membership changes on critical workstations
  • Report on execution of all network commands and executables
All of the necessary “Detect and Resist” recording requirements are satisfied within the AlienVault USM solution. Specifically, user account and administration activities such as session activity, changes on critical workstations, local user account and group membership changes as well as network commands will produce alerts and can be displayed in dashboard views and reports.
Defend
  • Ensure you meet the requirements of lower recording profiles
  • Report on execution of accountable User transactions including the content of the transaction
  • Report on execution of all Workstation critical commands and executables
All of the necessary “Defend” recording requirements are satisfied within the AlienVault USM solution. Specifically, user transactions and critical commands and executables are logged, and these events are processed and analysed by AlienVault’s event correlation engine to produce alerts and user activity reports.
8 Recording of data backup status
Ensure a backup and recovery process is defined and adhered to, such that business can be confident of integrity and availability of the network resources.
See How AlienVault Fulfills Requirement 8
Integrated USM Capabilities AlienVault USM Capability
Aware
  • Report on Backup, Test and Recovery operations
  • Alert on Backup, Test and Recovery operation failures

All of the necessary “Aware” recording requirements are satisfied within the AlienVault USM solution. Notably, as long as backup, test and recovery operations are logged then AlienVault’s USM server can produce alerts when failures occur.

Deter
  • Ensure you meet the requirements of lower recording profiles
All of the necessary “Deter” recording requirements are satisfied within the AlienVault USM solution.
Detect and Resist
  • Ensure you meet the requirements of lower recording profiles
  • Report on Backup, Test and Recovery operations including catalog details
All of the necessary “Detect and Resist” recording requirements are satisfied within the AlienVault USM solution.
Defend
  • Ensure you meet the requirements of lower recording profiles
  • Report on Backup, Test and Recovery operations including catalog details, site information and version information
All of the necessary “Defend” recording requirements are satisfied within the AlienVault USM solution. Specifically, as long as backup, test, and recovery operations (including catalog details, etc.) are logged, AlienVault’s USM server can produce alerts if any failure occurs during these operations.
9 Alerting critical events
Define a set of real-time Alerts and Reports that will identify events classified as “Critical” by the organisation.
See How AlienVault Fulfills Requirement 9
Integrated USM Capabilities AlienVault USM Capability
Aware
  • Report and Alert on all Alert messages generated by the SIEM solution

All of the necessary “Aware” recording requirements are satisfied within the AlienVault USM solution. Built-in asset discovery, vulnerability assessment, threat detection and behavioral monitoring data provide a rich set of environmental information to be analyzed by AlienVault’s built-in SIEM and event correlation engine.

Deter
  • Ensure you meet the requirements of lower recording profiles
  • Reports and Alerts to be delivered by secondary delivery mechanisms, such as email, SMS etc.
  • Report on changes to Alert rule base
All of the necessary “Deter” recording requirements are satisfied within the AlienVault USM solution. AlienVault supports secondary delivery mechanisms for alerts such as email, SMS, and will report on changes to the alert rule base.
Detect and Resist
  • Ensure you meet the requirements of lower recording profiles
  • Ensure Alerts are visible on consoles and or wall displays
All of the necessary “Detect and Resist” recording requirements are satisfied within the AlienVault USM solution. AlienVault’s all-in-one console provides flexible dashboards and reporting views to ensure prioritized follow-up to all alerts.
Defend
  • Ensure you meet the requirements of lower recording profiles
  • SIEM solution should allow multicasting of Alerts to several locations
All of the necessary “Defend” recording requirements are satisfied within the AlienVault USM solution. Specifically, sending alerts to multiple destinations is fully supported by AlienVault’s built-in SIEM engine.
10 Reporting on the status of the audit system
Define a set of Alerts and Reports that will allow confidence in the integrity of the auditing system, such that the output of this system can be relied upon in a court of law.
See How AlienVault Fulfills Requirement 10
Integrated USM Capabilities AlienVault USM Capability
Aware
  • Report and Alert on Log Cleared or Reset, Log collection errors, and threshold exceptions
  • Report on status of active log storage, space allocated, space used, space remaining and total record count

All of the necessary “Aware” recording requirements are satisfied within the AlienVault USM solution. AlienVault’s USM will report on status of active log storage, total record count, and other details regarding space available and usage metrics.

Deter
  • Ensure you meet the requirements of lower recording profiles
  • Report on status of active log storage, space allocated, space used, space remaining and total record count trended in a graph over time
  • Report on status of active log storage, space allocated, space used, space remaining and total record count, plus log rotation information
  • Your SIEM solution should be able to prove chain of custody, including each part of the chain adds source and origin information. Original timestamps should not be modified
  • Report on log sources
  • Your SIEM solution should be able to prove chain of custody, including each part of the chain adds source and origin information, trended in a graphical format over time
All of the necessary “Deter” recording requirements are satisfied within the AlienVault USM solution. Specifically, AlienVault’s Logger preserves the integrity of all audit logs collected to prove chain of custody and the SIEM engine provides the full source and origin information for each event log collected and analyzed. Trending and graphical reports are available through AlienVault’s single management console.
Detect and Resist
  • Ensure you meet the requirements of lower recording profiles
  • Report and Alert on integrity checking failures anywhere within the chain of custody
  • Report on log access requests via queries or reports
  • The SIEM should have the capability to search online and archived log data
All of the necessary “Detect and Resist” recording requirements are satisfied within the AlienVault USM solution. Specifically, AlienVault’s Logger preserves the integrity of all audit logs collected, and alerts on any failures that are generated related to the audit log. Additionally, AlienVault’s USM solution will also report on log access requests and provides easy online searches for all archived raw log data.
Defend
  • Ensure you meet the requirements of lower recording profiles
All of the necessary “Defend” recording requirements are satisfied within the AlienVault USM solution.
11 Production of sanitised and statistical management reports
Define a set of Reports that will provide feedback to management on the performance of the Protective Monitoring system effectiveness.
See How AlienVault Fulfills Requirement 11
Integrated USM Capabilities AlienVault USM Capability
Aware
  • Report must be sanitised and omit identifying and sensitive information such as Username, IP addresses, Workstation names and Server names
  • If web reports are produced these must also be sanitised

All of the necessary “Aware” recording requirements can be satisfied within the AlienVault USM solution. Specifically, the 100+ built-in reports can be easily customized to anonymise specific information.

Deter
  • Ensure you meet the requirements of lower recording profiles
  • If external managed security service providers are used they might include custom reports that can be used directly for management
All of the necessary “Deter” recording requirements can be satisfied within the AlienVault USM solution. For example, customizing the built-in reports, templates, and dashboards can provide the specific views required for your management team.
Detect and Resist
  • Ensure you meet the requirements of lower recording profiles
  • It is expected that an enterprise solution is deployed to meet your GPG 13 requirements, most likely a SIEM working with a number of other technologies, such as an IPS, IDS, and Anti-Virus etc.
  • A complete Protective Monitoring Solution is likely to include an audit or compliance check software
All of the necessary “Detect and Resist” recording requirements can be satisfied within the AlienVault USM solution. In fact, AlienVault’s USM combines built-in security controls such as IDS, log management, netflow analysis, file integrity monitoring, and vulnerability assessment with a SIEM engine to provide complete protective monitoring.
Defend
  • Ensure you meet the requirements of lower recording profiles
  • It is required to use defense in depth at this segment level, meaning different vendors for the different technologies required for a complete Protective Monitoring Solution, such as a different SIEM vendor from Anti-virus, IPS, IDS and Audit or compliance check software
While AlienVault’s USM provides all of the built-in essential security controls necessary for protective monitoring, our open API allows for easy integration with additional data sources from other security vendors.
12 Providing a legal framework for Protective Monitoring activities
Define a requirement that will ensure all monitoring is conducted in a legal manner, and that the collected data is, in itself, protected and treated as sensitive data.
See How AlienVault Fulfills Requirement 12
Integrated USM Capabilities AlienVault USM Capability
Aware
  • No recording profile required at this segm ent level

Not applicable.

Deter
  • Report on user sign up activity to defined terms and condition of network usage terms
This requirement is more of a procedural one than one that can be satisfied with technology alone. However, AlienVault USM can track user activity to verify compliance with network usage terms and conditions.
Detect and Resist
  • Report on user sign up activity to defined terms and condition of network usage terms, to include digital user signatures
  • Any re-affirmation should also be logged and reported
This requirement is more of a procedural one than one that can be satisfied with technology alone. However, AlienVault USM can track user activity to verify compliance and re-affirmation with network usage terms and conditions.
Defend
  • Report on user sign up activity to defined terms and condition of network usage terms, to include digital user signatures and hardware tokens or smart card reference
  • Any re-affirmation should also be logged and reported
This requirement is more of a procedural one than one that can be satisfied with technology alone. However, AlienVault USM can track user activity to verify compliance and re-affirmation with network usage terms and conditions.

Next Steps

Test Drive

Free Trial

Download your free 30-day trial
Live Demo

Live Demo

Request a live demo and get your questions answered
Learn More

Learn More

Learn more about AlienVault Unified Security Management
Contact Us

Contact Us

1.855.425.4367
sales@alienvault.com