SlideShare a Scribd company logo

Sure log full

ANETUSA Software, profile picture
ANETUSA Software

SureLog is an integrated next-generation SIEM and log management solution that provides security monitoring, log collection, analysis, and reporting. It collects logs from over 155 brands and 350 device types and categorizes logs into over 1,500 groups. SureLog offers comprehensive log management, real-time security monitoring, advanced correlation rules, and reports to help with security investigations and compliance auditing.

Technology
1 of 15
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
www.anetusa.net SureLog International Edition //2016 The Easiest Solution for Next-Generation SIEM
page 2SureLog Next - Generation SIEM SureLog International Edition //2016 1. SURELOG: INTEGRATED SIEM AND LOG MANAGEMENT P-3 2. All-in-One IT Security Monitoring P-4 SIEM ...............................................................................................................................................P-4 Correlation Engine ............................................................................................................P-5 Advantages of SureLog Correlation Engine ........................................................................P-5 Simple Correlation Rules ................................................................................................P-6 Advanced Correlation Rules ................................................................................................P-7 Taxonomy ........................................................................................................................P-8 LOG MANAGEMENT ........................................................................................................................P-9 Comprehensive Log Data Collection and Log Management ...........................................P-9 Cross-platform Log Collection ..................................................................................P-10 Windows Event Logs: Agent-less or Agent-based ..........................................................P-10 Syslog .................................................................................................................................P-10 Flat File Logs ......................................................................................................................P-10 Tagging ......................................................................................................................P-11 Scalable Log Centralization ..............................................................................................P-11 Log Archiving and Retrieval ..............................................................................................P-11 Activity Auditing ..........................................................................................................P-11 3. SURELOG ADVANTAGES P-11 What problems does it solve? ..................................................................................P-12 What features does it offer? ..............................................................................................P-12
Chapter 1 SURELOG: INTEGRATED NEXT- GENERATION SIEM AND LOG MANAGEMENT
page 4SureLog Next - Generation SIEM 1. Surelog: Integrated Next Generation SIEM and Log Management ANET Security Informa- tion and Event Management Advanced Correla- tion Engine Security Operati- ons Center Log Management Log Forensics Threat Intelligence Security Reporting Real-Time Alerts Event Correlation & Analysis Compliance Management Rich Taxonomy Protecting Against Insider Attacks ANET SureLog delivers next-generation SIEM, log ma- nagement and intelligent security search in a simple, easyto-install and cost-effective solution that provi- des immediate value for security and compliance to organizations of any size. SureLog has a highly flexible architecture and sup- port for high volume data throughput rates. As well as the flexible architecture, SureLog possesses a superior correlation engine. The system lets you de- fine complex combinations of events that you need to be alerted on by easily creating and customizing correlation rules with a graphical, drag-and-drop rule creator. SureLog supports 155 brands and 350 devices and categorize logs into 1513 groups. The sophisticated threat intelligence management allows SureLog to dynamically collect black lists and update its database. • Multi-Functional Security Management Platform • Integrated Security and Log Management Plat- form • Real-time security management across thousan- ds of devices, including applications as diverse as satellite, cryptography and security devices. • Granular control over any type of event defini- tion, with the ability to collect, normalizes and integrates data from any device, application or service.
Chapter 2 ALL-IN-ONE IT SECURITY MONITORING
page 6SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET Superior SIEM and log management platform that seamlessly combines SIEM, Log Management with Host and Network Forensics, in a unified Security Intelligence Platform. SIEM SureLog is a web based, agent-less, SIEM, log analy- sis and reporting software. The software applicati- on monitors, collects, analyzes, and archives logs and monitoring parameters from enterprise-wide network perimeter security devices, Routers, Swit- ches, SNMP Devices, VM, DHCP servers, Linux or Windows Systems then generate reports. The devi- ces are, Firewalls, Proxy servers, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), and Virtual Private Networks (VPN), Mail Servers like MS Exchange Servers, Zimbra Mail Servers, Postfix Mail Servers etc.. , distributed Windows hosts, distribu- ted Unix hosts, Routers, Switches, and other SysLog devices, Application like IIS web server, IIS FTP server, MS SQL server, Oracle database server, DHCP Win- dows and Linux servers. The SureLog application generates graphs and reports that help in analyzing system problems with minimal impact on network performance. Two prominent features of the applica- tion are correlation and security reports. CorrelationEngine The Correlation Engine leverages predefined rules to identify attack patterns and malicious behavior. When trying to penetrate a system, attackers often take advantage of the fact that security controls are rarely working together and are rarely monitored. Correlation Engine helps to automate that analysis so that attacks can be quickly identified and breac- hes can be quickly contained. AdvantagesofSureLog CorrelationEngine Below are some advantages of SureLog: • SureLog is fast -Supports 50,000 EPS with thou- sands of rules • SureLog can trace multiple logs with different types within a defined time frame. A sample rule to support this advantage is: Detect an unusual condition where a source has authentication fa- ilures at a host, but is not followed by successful authentication at the same host within 2 hours • SureLog can correlate different logs (Example: Windows User Creation Event and Telnet Event) according to related fields. A sample rule to sup- port this advantage is: Look for a new account being created followed by immediate authenti- cation activity from that same account. It would detect the backdoor account creation followed by the account being used to telnet back into the system • SureLog can trace a log being created with desi- red parameters or not. A sample rule to support this advantage is: Detect an unusual condition where a source has authentication failures at a host, is not followed by a successful authenticati- on at the same host within 2 hours. • SureLog can audit privileged user activity such as new account creation for greater operational transparency • SureLog can correlate privileged user behavior with specific network activity. A sample rule to support this advantage is: Look for a new account being created followed by immediate authenti- cation activity from that same account. It would detect the backdoor account creation followed by the account being used to telnet back into the system • SureLog’s correlation rule editor is simple to use • SureLog supports multiple filtering options • SureLog supports compression-based correlation feature: SureLog can monitor multiple occurren- ces of the same event, removes redundancies, and reports them as a single event
page 7SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET • SureLog supports threshold-based correlation: SureLog has a threshold to trigger a report when a specified number of similar events occur • SureLog supports filter-based correlation: Sure- Log Inspects each event to determine if it matc- hes a pattern defined by a regular expression. If a match is found, an action may be triggered as specified in the rule. • SureLog supports sequence-based correlati- on: SureLog helps establish causality of events. Events can be correlated based on specific sequ- ential relationships. For example, synchronizing multiple events such as “Event A” being followed by “Event B” to trigger an action. • Its time-based correlation is useful for correla- ting events that have specific time-based rela- tionships. Some problems can be determined only through temporal correlation. For example, time-based correlation can be used to implement cleanup rules given a specific interval • SureLog supports rule suspending. Preventing rule firing for a defined time period SimpleCorrelationRules UserAuthentication • Alert on 5 or more failed logins in 1 minute on a single user ID AttacksontheNetwork • Alert on 15 or more Firewall Drop/Reject/Deny Events from a single IP Address in one minute • Alert on 3 or more IPS Alerts from a single IP Address in five minutes. VirusDetection/Removal • Alert when a single host sees an identifiable pie- ce of malware • Alert when a single host fails to clean malware within 1 hour of detection. • Alert when a single host connects to 50 or more unique targets in 1 minute • Alert when 5 or more hosts on the same subnet trigger the same Malware Signature (AV or IPS) within a 1 hour interval. WebServer • Files with executable extensions (cgi, asp, aspx, jar, php, exe, com, cmd, sh, bat), are posted to a web server, from an external source • Black-listed applications • Alert when an unauthorized application (e.g. Teamviewer, LogmeIn, Nmap, Nessus, etc.) is run on any host MonitoredLogSources • Alert when a monitored log source has not sent an event in 1 Hour UserActivityReports • All Active User Accounts (any successful login grouped by account name in the past XX days) • Active User List by Authentication type a) VPN Users b) Active Directory Users c) Infrastructure Device Access (Firewalls, Rou- ters, Switches, IPS) • User Creation, Deletion and Modification (A list of all user accounts created, deleted or modified) • Access by any Default Account – (Guest, Root, Administrator, or other default account usage) • Password resets by admin accounts in the past 7 days. AccessReports • Access to any protected/monitored device by an untrusted network a) VPN Access to Server Zone b) Access by a Foreign Network to Server Zone Malware • A list of host addresses for any identified malwa-
page 8SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET re name • A count of any given malware (grouped by An- ti-Virus Signature), over the past XX days Emailactivity • Top 10 E-mail subjects • Top 10 addresses to send email • Top 10 addresses to receive email • Top 10 addresses to send email with largest total size (MB) • Top 10 addresses to receive email with largest total size (MB) WebContent • Top 10 Destinations by Domain Name • Top 10 Blocked Destinations by Domain • Name • Top 10 Blocked Sources by IP Address • Top 10 Blocked categories • Total sent and received bytes grouped by IP add- resses UserAccountactivity • Top 10 Failed Logins AdvancedCorrelationRules • Attack Followed by Account Change • Scan Followed by an Attack • Detects An Unusual Condition Where A Source Has Authentication Failures At A Host But That Is Not Followed By A Successful Authentication At The Same Host Within 2 Hours • Look for a new account being created followed by immediate authentication activity from that same account would detect the backdoor ac- count creation followed by the account being used to telnet back into the system • Monitor same source having excessive logon failures at distinct hosts, • Check whether the source of an attack was previously the destination of an attack (within 15 minutes) • Check whether there are 5 events from host firewalls with severity 4 or greater in 10 minutes between the same source and destination IP • Look for a new account being created, followed shortly by access/authentication failure activity from the same account • Monitor system access outside of business hours Taxonomy This is a mapping of information from heterogeneo- us sources to a common classification. A taxonomy aids in pattern recognition and also improves the scope and stability of correlation rules. When events from heterogeneous sources are normalized they can be analyzed by a smaller number of correlation rules, which reduces deployment and support labor. In addition, normalized events are easier to work with when developing reports and dashboards
page 9SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET SureLog supports 155 brands and 350 devices. Cate- gorize (Taxonomy) logs into 1513 groups like • Compromised->RemoteControlApp->Response • HealthStatus->Informational->HighAvailability->- LinkStatus->Down • IPTrafficAudit->IP Too many fragments • IPSpoofAccess->ICMP CODE Redirect for the Host • FileTransferTrafficAudit->Authentication Failed • NamingTrafficAudit • Session->Start • ICMP Destination Network is Administratively Prohibited LOG MANAGEMENT SureLog unique log management feature being able to collect log data from across an enterprise regard- less of their source, present the logs in a uniform and consistent manner and manage the state, location and efficient access to those logs is an essential element to any comprehensive Log Management and Log Analysis solution. The SureLog solution was designed to address core log management needs including: • The ability to collect any type of log data regard- less of source • The ability to collect log data with or without ins- talling an agent on the log source device, system or application. • The ability to “normalize” any type of log data for more effective reporting and analysis • The ability to “scale-down” for small deploy- ments and “scale-up” for extremely large envi- ronments • An open architecture allowing direct and secure access to log data via third-party analysis and reporting tools • A role based security model providing user ac- countability and access control • Automated archiving for secure long term reten- tion • Wizard-based retrieval of any archived logs in seconds ComprehensiveLogDataCollection andLogManagement Being able to collect log data from across an enterp- rise regardless of their source, present the logs in a uniform and consistent manner and manage the state, location and efficient access to those logs is an essential element to any comprehensive Log Mana- gement and Log Analysis solution. The SureLog solu- tion was designed to address core log management needs including: • The ability to collect any type of log data regard- less of source • The ability to collect log data with or without ins- talling an agent on the log source device, system or application. • The ability to “normalize” any type of log data for more effective reporting and analysis • The ability to “scale-down” for small deploy- ments and “scale-up” for extremely large envi- ronments • An open architecture allowing direct and secure
page 10SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET access to log data via third-party analysis and repor- ting tools • A role based security model providing user ac- countability and access control • Automated archiving for secure long term reten- tion • Wizard-based retrieval of any archived logs in seconds Cross-platformLogCollection Today’s IT operations require many technologies; routers, firewalls, switches, file servers, and appli- cations to name a few. SureLog has been designed to collect from them all through intelligent use of agent-less and agent-based techniques. Windows Event Logs: Agent-less or Agent-based SureLog can collect all types of Windows Event Logs with or without the use of an agent. Many Windows-based applications write their logs to the Application Event Log or a custom Event Log. Examples of supported log sources that can be colle- cted by SureLog in real time include: • Windows System Event Log • Windows Security Event Log • Windows Application Event Log • Microsoft Exchange Server application logs • Microsoft SQL Server application logs • Windows based ERP and CRM systems applicati- on logs Syslog Many log sources, including most network devices (e.g. routers, switches, firewalls) transmit logs via Syslog. SureLog includes an integrated Syslog server for receiving and processing these messages. Simply point any syslog generating device to SureLog and it will automatically begin collecting and processing those logs. FlatFileLogs SureLog can collect logs written to any ASCII-ba- sed text file. Whether it is a commercial system or homegrown application, SureLog can collect and manage them. Examples of supported log sources using this met- hod include: • Web servers logs (e.g. Apache, IIS) • Linux system logs • Windows Forefront TMG / UAG and ISA Server logs • DNS and DHCP server logs • Host based intrusion detection/prevention sys- tems • Homegrown application logs • MS Exchange message tracking logs Since so much sensitive information resides in da- tabases, it is important to monitor and track access and activity surrounding important databases. The actual and reputational cost of a theft of customer records can be very large. SureLog can help. Su- reLog collects, analyzes, alerts, and reports on logs from Oracle, Microsoft SQL Server. It also captures data from custom audit logs and applications that run on the database. This capability enables custo- mer to use SureLog for real-time database monito- ring to guard against insider and outsider threats. Tagging SureLog brings about the addition of a very powerful event tagging system, which allows individual users as well as teams to tag events with an unlimited number of keywords that may define that various Characteristics of an event (intrusion, financial, departmental and topological). System users can create their own set of custom tags. Tags can be added to events individually as needed or through the automated action system as events are imported and normalized. Searching and reporting by tags is supported and tag statistics displays are included as well.
page 11SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET ScalableLogCentralization SureLog is architected to scale easily and incremen- tally as your needs grow. Whether you need to col- lect 10 million or more than 1 billion logs per day, Su- reLog can handle it. With SureLog you simply deploy the capacity you need when you need it, preserving your initial investment along the way. Deployments can start with a single, turnkey appliance and grow easily by adding incremental log manager appliances as needs expand. With SureLog’s “building blocks” distributed architecture, you can access and analyze logs throughout your deployment with ease. LogArchivingandRetrieval Many businesses have compliance requirements to preserve historic log data and be able to provide it in its original form for legal or investigative purposes. Collecting, maintaining and recovering historic log data can be expensive and difficult. Imagine trying to recover logs from a specific server two years ago. Were the logs archived or saved anywhere. If so, where have the logs been stored? What format are they in? Can the correct archived log files be iden- tified among the tens of thousands (or millions) of other archive files…in a reasonable period of time? With SureLog, the answers to these questions are easy. ActivityAuditing For compliance verification, users’ and administra- tors’ actions within SureLog are logged. SureLog user activity reports provide powerful proof that SureLog is actively used to analyze log data for comp- liance purposes or not for illegal aims..
Chapter 3 SURELOG ADVANTAGES
page 13SureLog Next - Generation SIEM 3. SureLog Advantages ANET • Decision speed: Integrated analysis technology processes highly complex decision logic in real-ti- me – similar to how humans reason. • Continuous learning: We continuously learn the behavior of your environment by cross-corre- lating log information, device availability and performance statistics. • Real-time alerting and historical forensics: Many ready to use rules detect anomalous behavior and events. Comprehensive search and reporting capabilities simplify compliance reporting. CustomerswhohaveusedSURELOG haveexperienced: • Improved productivity. • Higher business operations uptime. • Lower IT costs. • Improved business performance. • Ability to meet Service Level Agreements. • By correlating customer service level commit- ments you will have better visibility to required response times. • Monitor applications. • Monitor ecosystem business services, not just devices. Whatproblemsdoesitsolve? SureLog helps network security administrators & IT Managers for security events monitoring efficiently and real-time alerting. Also the SureLog software generates reports to comply with various regulations such as Health Insurance Portability and Accounta- bility Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), and Payment Card In- dustry Data Security Standards (PCI) and archives logs for the purpose of network auditing and forensic analysis. Whatfeaturesdoesitoffer? Multiple Device/ Vendor Support, Flexible Log Ar- chiving, Capability to view traffic trends and usage patterns, Multi-level drill down into top hosts, proto- cols, web sites and more, VPN/ Squid Proxy Reports, Multi-varied Reporting Capabilities, Centralized event log management, Compliance reporting, Auto- matic alerting, Historical trending, Security analysis, Host grouping, Pre-built event reports, Customizable report profiles, Report scheduling, Multiple report formats. Compliant with Turkish Law 5651 which guaranties that logs cannot be changed and digitally signed.
About ANET Software ANET is privately held software company incorporated in VA, USA and branches in Turkey and new Zealand . Our mission is to build a software company that embraces “open development philosophy” and provides innovati- ve solutions to customer problems in collaboration with customers.  We are a SIEM pioneer with over 250 clients throughout Europe experiencing the ANET difference.
TheMost Important PriorityisYour Satisfaction Contact Us Headquarters: Anet, Inc; PMB# 62 11350 Random Hills Rd Suite 800 Fairfax, VA 22030 +1 (703) 346-1222 Offices: 74 / 2 Asquith Ave Mt Albert Auckland, New Zealand +64021 975 369 Istanbul Technology Development Zone Sanayi Mah. Teknopark Blvd. No: 1 Pendik 34906, Istanbul, Turkey +902163540581 E-5 Karayolu Ankara Asfaltaltı, Soğanlık Sapağı Kartal / Istanbul 34912, Istanbul, Turkey +902163540580 info@anetusa.net www.anetusa.net

More Related Content

PPSX
ANET SureLog International Edition Main Advantages
Murat Korucu
 
DOCX
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Ertugrul Akbas
 
PDF
Cheatsheet for your cloud project
Petteri Heino
 
PDF
Infocyte Mid-market Threat and Incident Response Report Webinar
Infocyte
 
PDF
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
NoNameCon
 
PPTX
OSSIM Overview
n|u - The Open Security Community
 
PPTX
Integrated Tools in OSSIM
AlienVault
 
PDF
ExpertsLiveNL - Post Breach Security with ATA or ATP
Tim De Keukelaere
 
ANET SureLog International Edition Main Advantages
Murat Korucu
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Ertugrul Akbas
 
Cheatsheet for your cloud project
Petteri Heino
 
Infocyte Mid-market Threat and Incident Response Report Webinar
Infocyte
 
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
NoNameCon
 
OSSIM Overview
n|u - The Open Security Community
 
Integrated Tools in OSSIM
AlienVault
 
ExpertsLiveNL - Post Breach Security with ATA or ATP
Tim De Keukelaere
 

What's hot (20)

PDF
20 Security Controls for the Cloud
NetStandard
 
PPTX
AWS Security Best Practices for Effective Threat Detection & Response
AlienVault
 
PPTX
Whats New in OSSIM v2.2?
AlienVault
 
PPTX
Improve Security Visibility with AlienVault USM Correlation Directives
AlienVault
 
PDF
Check point response to Cisco NGFW competitive
Moti Sagey מוטי שגיא
 
PDF
Cisco Connect 2018 Thailand - Telco service provider network analytics
NetworkCollaborators
 
PDF
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
NetworkCollaborators
 
PDF
Next-Generation SIEM: Delivered from the Cloud
Alert Logic
 
PPTX
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
Infocyte
 
PPTX
Cyber Resiliency
Alert Logic
 
PPTX
Infocyte - Digital Forensics and Incident Response (DFIR) Training Session
Infocyte
 
PPTX
Extending the 20 critical security controls to gap assessments and security m...
John M. Willis
 
PDF
How to expose shortcuts in competitive poc
Moti Sagey מוטי שגיא
 
PPTX
Best Practices for Configuring Your OSSIM Installation
AlienVault
 
PDF
Security Framework from SANS
Jeffrey Reed
 
PPTX
Presentacion demo mc afee siem
victor bueno
 
PPTX
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
AlienVault
 
PPTX
How to Audit Firewall, what are the standard Practices for Firewall Audit
keyuradmin
 
PDF
presentacion Demo McAfee SIEM
victor bueno
 
PPTX
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
AlienVault
 
20 Security Controls for the Cloud
NetStandard
 
AWS Security Best Practices for Effective Threat Detection & Response
AlienVault
 
Whats New in OSSIM v2.2?
AlienVault
 
Improve Security Visibility with AlienVault USM Correlation Directives
AlienVault
 
Check point response to Cisco NGFW competitive
Moti Sagey מוטי שגיא
 
Cisco Connect 2018 Thailand - Telco service provider network analytics
NetworkCollaborators
 
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
NetworkCollaborators
 
Next-Generation SIEM: Delivered from the Cloud
Alert Logic
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
Infocyte
 
Cyber Resiliency
Alert Logic
 
Infocyte - Digital Forensics and Incident Response (DFIR) Training Session
Infocyte
 
Extending the 20 critical security controls to gap assessments and security m...
John M. Willis
 
How to expose shortcuts in competitive poc
Moti Sagey מוטי שגיא
 
Best Practices for Configuring Your OSSIM Installation
AlienVault
 
Security Framework from SANS
Jeffrey Reed
 
Presentacion demo mc afee siem
victor bueno
 
OSSIM User Training: Detect and Respond to Threats More Quickly with OSSIM v4.5
AlienVault
 
How to Audit Firewall, what are the standard Practices for Firewall Audit
keyuradmin
 
presentacion Demo McAfee SIEM
victor bueno
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
AlienVault
 
Ad

Viewers also liked (20)

PPTX
Acuerdos de convivencia y consecuencias
Jr. Estrella
 
DOCX
La divina comedia de dante
angie paola parra mosos
 
PPTX
Presentacion cambio climatico en paramos
Frank Celis
 
PPTX
Historia Del Computador
Ruben Gomez Mejia
 
PPTX
3Com 1.012.0904-B
savomir
 
PPT
Dictadura monarquia democracia_teocracia
Lervin Loyo
 
PPT
Otros tipos de estado
Lervin Loyo
 
PPT
Tipos de estado
Lervin Loyo
 
PDF
Coates Hire - Water Treatment Engineering Solutions
Rafi Tchopourian
 
DOC
Parcial calificado 5 relaciones internacionales ldb
Leidy Dueñas Barahona
 
PPTX
Access
Ana Gastelum
 
DOCX
NACIONALIZACION ESTATIZACION PRIVATIZACION Y EXPROPIACION
Lervin Loyo
 
PPT
Politicas petroleras en_venezuela
Lervin Loyo
 
PPTX
Higiene y seguridad industrial
kengy carrillo
 
PDF
3行ラベリング 事例9-pdca
Mizuhiro Kaimai
 
DOCX
Surelog Detail
ANETUSA Software
 
ODP
Judith leyster
getafista
 
PPTX
March 26, 2017
triumphantlife
 
PPTX
Historia y la_evolución_del_computador
Sandrid Vanesa
 
PPTX
Ct
Dejee Dejidmaa
 
Acuerdos de convivencia y consecuencias
Jr. Estrella
 
La divina comedia de dante
angie paola parra mosos
 
Presentacion cambio climatico en paramos
Frank Celis
 
Historia Del Computador
Ruben Gomez Mejia
 
3Com 1.012.0904-B
savomir
 
Dictadura monarquia democracia_teocracia
Lervin Loyo
 
Otros tipos de estado
Lervin Loyo
 
Tipos de estado
Lervin Loyo
 
Coates Hire - Water Treatment Engineering Solutions
Rafi Tchopourian
 
Parcial calificado 5 relaciones internacionales ldb
Leidy Dueñas Barahona
 
Access
Ana Gastelum
 
NACIONALIZACION ESTATIZACION PRIVATIZACION Y EXPROPIACION
Lervin Loyo
 
Politicas petroleras en_venezuela
Lervin Loyo
 
Higiene y seguridad industrial
kengy carrillo
 
3行ラベリング 事例9-pdca
Mizuhiro Kaimai
 
Surelog Detail
ANETUSA Software
 
Judith leyster
getafista
 
March 26, 2017
triumphantlife
 
Historia y la_evolución_del_computador
Sandrid Vanesa
 
Ct
Dejee Dejidmaa
 
Ad

Similar to Sure log full (20)

PDF
Why SureLog?
Ertugrul Akbas
 
DOCX
ANET SureLog SIEM IntelligentResponse
Ertugrul Akbas
 
PDF
Crypto sim_cryptolog_cryptospot_v3
Mustafa Kuğu
 
PDF
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Deepak Mishra
 
PDF
Open service risk correlation
frantzyv
 
PDF
Leveraging Log Management to provide business value
Enterprise Technology Management (ETM)
 
PDF
The correlation advantages of ANET SURELOG International Edition SIEM product
Ertugrul Akbas
 
PDF
SureLog intelligent response
Ertugrul Akbas
 
PPTX
Study And Implemenataion Of Advance Intrusion Detection And Prevention Sysyte...
Deepak Mishra
 
PDF
Security Certification: Security Analytics using Sumo Logic - Oct 2018
Sumo Logic
 
PPTX
Cryptography and system security
Gary Mendonca
 
PDF
Use Exabeam Smart Timelines to improve your SOC efficiency
JonathanPritchard12
 
DOCX
Part 3 ApplicationEnd-User Security Recommendations.docx
danhaley45372
 
PDF
00 Introduction for sangfor more important
shalehgaul1
 
PDF
What is Continuous Monitoring in DevOps.pdf
flufftailshop
 
PDF
What is Continuous Monitoring in DevOps.pdf
kalichargn70th171
 
DOCX
Overall Security Process Review CISC 6621Agend.docx
karlhennesey
 
PPTX
First Responders Course - Session 6 - Detection Systems [2004]
Phil Huggins FBCS CITP
 
PPTX
PKI.pptx
Ajit Wadhawan
 
PPTX
SOAR and SIEM.pptx
Ajit Wadhawan
 
Why SureLog?
Ertugrul Akbas
 
ANET SureLog SIEM IntelligentResponse
Ertugrul Akbas
 
Crypto sim_cryptolog_cryptospot_v3
Mustafa Kuğu
 
Report: Study and Implementation of Advance Intrusion Detection and Preventio...
Deepak Mishra
 
Open service risk correlation
frantzyv
 
Leveraging Log Management to provide business value
Enterprise Technology Management (ETM)
 
The correlation advantages of ANET SURELOG International Edition SIEM product
Ertugrul Akbas
 
SureLog intelligent response
Ertugrul Akbas
 
Study And Implemenataion Of Advance Intrusion Detection And Prevention Sysyte...
Deepak Mishra
 
Security Certification: Security Analytics using Sumo Logic - Oct 2018
Sumo Logic
 
Cryptography and system security
Gary Mendonca
 
Use Exabeam Smart Timelines to improve your SOC efficiency
JonathanPritchard12
 
Part 3 ApplicationEnd-User Security Recommendations.docx
danhaley45372
 
00 Introduction for sangfor more important
shalehgaul1
 
What is Continuous Monitoring in DevOps.pdf
flufftailshop
 
What is Continuous Monitoring in DevOps.pdf
kalichargn70th171
 
Overall Security Process Review CISC 6621Agend.docx
karlhennesey
 
First Responders Course - Session 6 - Detection Systems [2004]
Phil Huggins FBCS CITP
 
PKI.pptx
Ajit Wadhawan
 
SOAR and SIEM.pptx
Ajit Wadhawan
 

Recently uploaded (20)

PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PDF
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
PPTX
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
PDF
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PDF
August Patch Tuesday
Ivanti
 
PPTX
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
A Presentation on Artificial Intelligence
memembruh336
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
August Patch Tuesday
Ivanti
 
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 

Sure log full

  • 2. page 2SureLog Next - Generation SIEM SureLog International Edition //2016 1. SURELOG: INTEGRATED SIEM AND LOG MANAGEMENT P-3 2. All-in-One IT Security Monitoring P-4 SIEM ...............................................................................................................................................P-4 Correlation Engine ............................................................................................................P-5 Advantages of SureLog Correlation Engine ........................................................................P-5 Simple Correlation Rules ................................................................................................P-6 Advanced Correlation Rules ................................................................................................P-7 Taxonomy ........................................................................................................................P-8 LOG MANAGEMENT ........................................................................................................................P-9 Comprehensive Log Data Collection and Log Management ...........................................P-9 Cross-platform Log Collection ..................................................................................P-10 Windows Event Logs: Agent-less or Agent-based ..........................................................P-10 Syslog .................................................................................................................................P-10 Flat File Logs ......................................................................................................................P-10 Tagging ......................................................................................................................P-11 Scalable Log Centralization ..............................................................................................P-11 Log Archiving and Retrieval ..............................................................................................P-11 Activity Auditing ..........................................................................................................P-11 3. SURELOG ADVANTAGES P-11 What problems does it solve? ..................................................................................P-12 What features does it offer? ..............................................................................................P-12
  • 4. page 4SureLog Next - Generation SIEM 1. Surelog: Integrated Next Generation SIEM and Log Management ANET Security Informa- tion and Event Management Advanced Correla- tion Engine Security Operati- ons Center Log Management Log Forensics Threat Intelligence Security Reporting Real-Time Alerts Event Correlation & Analysis Compliance Management Rich Taxonomy Protecting Against Insider Attacks ANET SureLog delivers next-generation SIEM, log ma- nagement and intelligent security search in a simple, easyto-install and cost-effective solution that provi- des immediate value for security and compliance to organizations of any size. SureLog has a highly flexible architecture and sup- port for high volume data throughput rates. As well as the flexible architecture, SureLog possesses a superior correlation engine. The system lets you de- fine complex combinations of events that you need to be alerted on by easily creating and customizing correlation rules with a graphical, drag-and-drop rule creator. SureLog supports 155 brands and 350 devices and categorize logs into 1513 groups. The sophisticated threat intelligence management allows SureLog to dynamically collect black lists and update its database. • Multi-Functional Security Management Platform • Integrated Security and Log Management Plat- form • Real-time security management across thousan- ds of devices, including applications as diverse as satellite, cryptography and security devices. • Granular control over any type of event defini- tion, with the ability to collect, normalizes and integrates data from any device, application or service.
  • 6. page 6SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET Superior SIEM and log management platform that seamlessly combines SIEM, Log Management with Host and Network Forensics, in a unified Security Intelligence Platform. SIEM SureLog is a web based, agent-less, SIEM, log analy- sis and reporting software. The software applicati- on monitors, collects, analyzes, and archives logs and monitoring parameters from enterprise-wide network perimeter security devices, Routers, Swit- ches, SNMP Devices, VM, DHCP servers, Linux or Windows Systems then generate reports. The devi- ces are, Firewalls, Proxy servers, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), and Virtual Private Networks (VPN), Mail Servers like MS Exchange Servers, Zimbra Mail Servers, Postfix Mail Servers etc.. , distributed Windows hosts, distribu- ted Unix hosts, Routers, Switches, and other SysLog devices, Application like IIS web server, IIS FTP server, MS SQL server, Oracle database server, DHCP Win- dows and Linux servers. The SureLog application generates graphs and reports that help in analyzing system problems with minimal impact on network performance. Two prominent features of the applica- tion are correlation and security reports. CorrelationEngine The Correlation Engine leverages predefined rules to identify attack patterns and malicious behavior. When trying to penetrate a system, attackers often take advantage of the fact that security controls are rarely working together and are rarely monitored. Correlation Engine helps to automate that analysis so that attacks can be quickly identified and breac- hes can be quickly contained. AdvantagesofSureLog CorrelationEngine Below are some advantages of SureLog: • SureLog is fast -Supports 50,000 EPS with thou- sands of rules • SureLog can trace multiple logs with different types within a defined time frame. A sample rule to support this advantage is: Detect an unusual condition where a source has authentication fa- ilures at a host, but is not followed by successful authentication at the same host within 2 hours • SureLog can correlate different logs (Example: Windows User Creation Event and Telnet Event) according to related fields. A sample rule to sup- port this advantage is: Look for a new account being created followed by immediate authenti- cation activity from that same account. It would detect the backdoor account creation followed by the account being used to telnet back into the system • SureLog can trace a log being created with desi- red parameters or not. A sample rule to support this advantage is: Detect an unusual condition where a source has authentication failures at a host, is not followed by a successful authenticati- on at the same host within 2 hours. • SureLog can audit privileged user activity such as new account creation for greater operational transparency • SureLog can correlate privileged user behavior with specific network activity. A sample rule to support this advantage is: Look for a new account being created followed by immediate authenti- cation activity from that same account. It would detect the backdoor account creation followed by the account being used to telnet back into the system • SureLog’s correlation rule editor is simple to use • SureLog supports multiple filtering options • SureLog supports compression-based correlation feature: SureLog can monitor multiple occurren- ces of the same event, removes redundancies, and reports them as a single event
  • 7. page 7SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET • SureLog supports threshold-based correlation: SureLog has a threshold to trigger a report when a specified number of similar events occur • SureLog supports filter-based correlation: Sure- Log Inspects each event to determine if it matc- hes a pattern defined by a regular expression. If a match is found, an action may be triggered as specified in the rule. • SureLog supports sequence-based correlati- on: SureLog helps establish causality of events. Events can be correlated based on specific sequ- ential relationships. For example, synchronizing multiple events such as “Event A” being followed by “Event B” to trigger an action. • Its time-based correlation is useful for correla- ting events that have specific time-based rela- tionships. Some problems can be determined only through temporal correlation. For example, time-based correlation can be used to implement cleanup rules given a specific interval • SureLog supports rule suspending. Preventing rule firing for a defined time period SimpleCorrelationRules UserAuthentication • Alert on 5 or more failed logins in 1 minute on a single user ID AttacksontheNetwork • Alert on 15 or more Firewall Drop/Reject/Deny Events from a single IP Address in one minute • Alert on 3 or more IPS Alerts from a single IP Address in five minutes. VirusDetection/Removal • Alert when a single host sees an identifiable pie- ce of malware • Alert when a single host fails to clean malware within 1 hour of detection. • Alert when a single host connects to 50 or more unique targets in 1 minute • Alert when 5 or more hosts on the same subnet trigger the same Malware Signature (AV or IPS) within a 1 hour interval. WebServer • Files with executable extensions (cgi, asp, aspx, jar, php, exe, com, cmd, sh, bat), are posted to a web server, from an external source • Black-listed applications • Alert when an unauthorized application (e.g. Teamviewer, LogmeIn, Nmap, Nessus, etc.) is run on any host MonitoredLogSources • Alert when a monitored log source has not sent an event in 1 Hour UserActivityReports • All Active User Accounts (any successful login grouped by account name in the past XX days) • Active User List by Authentication type a) VPN Users b) Active Directory Users c) Infrastructure Device Access (Firewalls, Rou- ters, Switches, IPS) • User Creation, Deletion and Modification (A list of all user accounts created, deleted or modified) • Access by any Default Account – (Guest, Root, Administrator, or other default account usage) • Password resets by admin accounts in the past 7 days. AccessReports • Access to any protected/monitored device by an untrusted network a) VPN Access to Server Zone b) Access by a Foreign Network to Server Zone Malware • A list of host addresses for any identified malwa-
  • 8. page 8SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET re name • A count of any given malware (grouped by An- ti-Virus Signature), over the past XX days Emailactivity • Top 10 E-mail subjects • Top 10 addresses to send email • Top 10 addresses to receive email • Top 10 addresses to send email with largest total size (MB) • Top 10 addresses to receive email with largest total size (MB) WebContent • Top 10 Destinations by Domain Name • Top 10 Blocked Destinations by Domain • Name • Top 10 Blocked Sources by IP Address • Top 10 Blocked categories • Total sent and received bytes grouped by IP add- resses UserAccountactivity • Top 10 Failed Logins AdvancedCorrelationRules • Attack Followed by Account Change • Scan Followed by an Attack • Detects An Unusual Condition Where A Source Has Authentication Failures At A Host But That Is Not Followed By A Successful Authentication At The Same Host Within 2 Hours • Look for a new account being created followed by immediate authentication activity from that same account would detect the backdoor ac- count creation followed by the account being used to telnet back into the system • Monitor same source having excessive logon failures at distinct hosts, • Check whether the source of an attack was previously the destination of an attack (within 15 minutes) • Check whether there are 5 events from host firewalls with severity 4 or greater in 10 minutes between the same source and destination IP • Look for a new account being created, followed shortly by access/authentication failure activity from the same account • Monitor system access outside of business hours Taxonomy This is a mapping of information from heterogeneo- us sources to a common classification. A taxonomy aids in pattern recognition and also improves the scope and stability of correlation rules. When events from heterogeneous sources are normalized they can be analyzed by a smaller number of correlation rules, which reduces deployment and support labor. In addition, normalized events are easier to work with when developing reports and dashboards
  • 9. page 9SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET SureLog supports 155 brands and 350 devices. Cate- gorize (Taxonomy) logs into 1513 groups like • Compromised->RemoteControlApp->Response • HealthStatus->Informational->HighAvailability->- LinkStatus->Down • IPTrafficAudit->IP Too many fragments • IPSpoofAccess->ICMP CODE Redirect for the Host • FileTransferTrafficAudit->Authentication Failed • NamingTrafficAudit • Session->Start • ICMP Destination Network is Administratively Prohibited LOG MANAGEMENT SureLog unique log management feature being able to collect log data from across an enterprise regard- less of their source, present the logs in a uniform and consistent manner and manage the state, location and efficient access to those logs is an essential element to any comprehensive Log Management and Log Analysis solution. The SureLog solution was designed to address core log management needs including: • The ability to collect any type of log data regard- less of source • The ability to collect log data with or without ins- talling an agent on the log source device, system or application. • The ability to “normalize” any type of log data for more effective reporting and analysis • The ability to “scale-down” for small deploy- ments and “scale-up” for extremely large envi- ronments • An open architecture allowing direct and secure access to log data via third-party analysis and reporting tools • A role based security model providing user ac- countability and access control • Automated archiving for secure long term reten- tion • Wizard-based retrieval of any archived logs in seconds ComprehensiveLogDataCollection andLogManagement Being able to collect log data from across an enterp- rise regardless of their source, present the logs in a uniform and consistent manner and manage the state, location and efficient access to those logs is an essential element to any comprehensive Log Mana- gement and Log Analysis solution. The SureLog solu- tion was designed to address core log management needs including: • The ability to collect any type of log data regard- less of source • The ability to collect log data with or without ins- talling an agent on the log source device, system or application. • The ability to “normalize” any type of log data for more effective reporting and analysis • The ability to “scale-down” for small deploy- ments and “scale-up” for extremely large envi- ronments • An open architecture allowing direct and secure
  • 10. page 10SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET access to log data via third-party analysis and repor- ting tools • A role based security model providing user ac- countability and access control • Automated archiving for secure long term reten- tion • Wizard-based retrieval of any archived logs in seconds Cross-platformLogCollection Today’s IT operations require many technologies; routers, firewalls, switches, file servers, and appli- cations to name a few. SureLog has been designed to collect from them all through intelligent use of agent-less and agent-based techniques. Windows Event Logs: Agent-less or Agent-based SureLog can collect all types of Windows Event Logs with or without the use of an agent. Many Windows-based applications write their logs to the Application Event Log or a custom Event Log. Examples of supported log sources that can be colle- cted by SureLog in real time include: • Windows System Event Log • Windows Security Event Log • Windows Application Event Log • Microsoft Exchange Server application logs • Microsoft SQL Server application logs • Windows based ERP and CRM systems applicati- on logs Syslog Many log sources, including most network devices (e.g. routers, switches, firewalls) transmit logs via Syslog. SureLog includes an integrated Syslog server for receiving and processing these messages. Simply point any syslog generating device to SureLog and it will automatically begin collecting and processing those logs. FlatFileLogs SureLog can collect logs written to any ASCII-ba- sed text file. Whether it is a commercial system or homegrown application, SureLog can collect and manage them. Examples of supported log sources using this met- hod include: • Web servers logs (e.g. Apache, IIS) • Linux system logs • Windows Forefront TMG / UAG and ISA Server logs • DNS and DHCP server logs • Host based intrusion detection/prevention sys- tems • Homegrown application logs • MS Exchange message tracking logs Since so much sensitive information resides in da- tabases, it is important to monitor and track access and activity surrounding important databases. The actual and reputational cost of a theft of customer records can be very large. SureLog can help. Su- reLog collects, analyzes, alerts, and reports on logs from Oracle, Microsoft SQL Server. It also captures data from custom audit logs and applications that run on the database. This capability enables custo- mer to use SureLog for real-time database monito- ring to guard against insider and outsider threats. Tagging SureLog brings about the addition of a very powerful event tagging system, which allows individual users as well as teams to tag events with an unlimited number of keywords that may define that various Characteristics of an event (intrusion, financial, departmental and topological). System users can create their own set of custom tags. Tags can be added to events individually as needed or through the automated action system as events are imported and normalized. Searching and reporting by tags is supported and tag statistics displays are included as well.
  • 11. page 11SureLog Next - Generation SIEM 2. All-In-One It Security Management ANET ScalableLogCentralization SureLog is architected to scale easily and incremen- tally as your needs grow. Whether you need to col- lect 10 million or more than 1 billion logs per day, Su- reLog can handle it. With SureLog you simply deploy the capacity you need when you need it, preserving your initial investment along the way. Deployments can start with a single, turnkey appliance and grow easily by adding incremental log manager appliances as needs expand. With SureLog’s “building blocks” distributed architecture, you can access and analyze logs throughout your deployment with ease. LogArchivingandRetrieval Many businesses have compliance requirements to preserve historic log data and be able to provide it in its original form for legal or investigative purposes. Collecting, maintaining and recovering historic log data can be expensive and difficult. Imagine trying to recover logs from a specific server two years ago. Were the logs archived or saved anywhere. If so, where have the logs been stored? What format are they in? Can the correct archived log files be iden- tified among the tens of thousands (or millions) of other archive files…in a reasonable period of time? With SureLog, the answers to these questions are easy. ActivityAuditing For compliance verification, users’ and administra- tors’ actions within SureLog are logged. SureLog user activity reports provide powerful proof that SureLog is actively used to analyze log data for comp- liance purposes or not for illegal aims..
  • 13. page 13SureLog Next - Generation SIEM 3. SureLog Advantages ANET • Decision speed: Integrated analysis technology processes highly complex decision logic in real-ti- me – similar to how humans reason. • Continuous learning: We continuously learn the behavior of your environment by cross-corre- lating log information, device availability and performance statistics. • Real-time alerting and historical forensics: Many ready to use rules detect anomalous behavior and events. Comprehensive search and reporting capabilities simplify compliance reporting. CustomerswhohaveusedSURELOG haveexperienced: • Improved productivity. • Higher business operations uptime. • Lower IT costs. • Improved business performance. • Ability to meet Service Level Agreements. • By correlating customer service level commit- ments you will have better visibility to required response times. • Monitor applications. • Monitor ecosystem business services, not just devices. Whatproblemsdoesitsolve? SureLog helps network security administrators & IT Managers for security events monitoring efficiently and real-time alerting. Also the SureLog software generates reports to comply with various regulations such as Health Insurance Portability and Accounta- bility Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), and Payment Card In- dustry Data Security Standards (PCI) and archives logs for the purpose of network auditing and forensic analysis. Whatfeaturesdoesitoffer? Multiple Device/ Vendor Support, Flexible Log Ar- chiving, Capability to view traffic trends and usage patterns, Multi-level drill down into top hosts, proto- cols, web sites and more, VPN/ Squid Proxy Reports, Multi-varied Reporting Capabilities, Centralized event log management, Compliance reporting, Auto- matic alerting, Historical trending, Security analysis, Host grouping, Pre-built event reports, Customizable report profiles, Report scheduling, Multiple report formats. Compliant with Turkish Law 5651 which guaranties that logs cannot be changed and digitally signed.
  • 14. About ANET Software ANET is privately held software company incorporated in VA, USA and branches in Turkey and new Zealand . Our mission is to build a software company that embraces “open development philosophy” and provides innovati- ve solutions to customer problems in collaboration with customers.  We are a SIEM pioneer with over 250 clients throughout Europe experiencing the ANET difference.
  • 15. TheMost Important PriorityisYour Satisfaction Contact Us Headquarters: Anet, Inc; PMB# 62 11350 Random Hills Rd Suite 800 Fairfax, VA 22030 +1 (703) 346-1222 Offices: 74 / 2 Asquith Ave Mt Albert Auckland, New Zealand +64021 975 369 Istanbul Technology Development Zone Sanayi Mah. Teknopark Blvd. No: 1 Pendik 34906, Istanbul, Turkey +902163540581 E-5 Karayolu Ankara Asfaltaltı, Soğanlık Sapağı Kartal / Istanbul 34912, Istanbul, Turkey +902163540580 info@anetusa.net www.anetusa.net