Solution Integration
PacketMotion recognizes that integration with technology partners and leading infrastructure vendors is crucial to making PacketSentry both easy to install, and use in a manner consistent with our customer’s operational model. Our rapidly-expanding list of integration partners includes the following:
Intel
PacketSentry is Intel Business Exchange / SpikeSource certified for Multi-Core Processor Support. The certification validates PacketSentry’s efficient use of the quad Xeon multi-core processor complex that is a key differentiator of our custom appliance hardware. The partnership also provides assurance that the solution has been tested against a wide range of potential security threats and vulnerabilities.
Oracle
PacketSentry integrates Oracle’s industry-leading Enterprise Edition embedded database solution. Enterprise Edition is used to hold the user activity records as well as the system configuration itself. Unlike some other vendors, PacketMotion invested in a state-of-the-art database repository in order to provide the most robust and scalable storage solution for our customer’s critical audit and security data. No end-user database administration is required: the PacketSentry Manager appliance automatically manages the embedded database.
Citrix
PacketMotion, a Citrix Ready partner, has developed a unique solution for tracking the activity of users of XenApp/Presentation Server. Our Citrix User Association Connector allows PacketSentry to create an audit trail of user activity without requiring agents on the client PCs, even though many users are sharing one XenApp server. This is especially valuable given that many organizations use Citrix to provide access for higher-risk user groups such as 3rd parties/contractors, consultants and remote users.
Identity and Directory Services
A crucial PacketSentry advantage is its ability to integrate with directory services. The solution can work with both Microsoft Active Directory and other LDAP-compliant solutions such as Novell eDirectory. User, group and host objects from the directory system are all supported, and the system continuously and automatically keeps directory objects synchronized. For additional flexibility, Custom Groups can be created on PacketSentry that contain objects imported from the directory service. By leveraging your directory services investment, overall administration effort is reduced and the accuracy of audit data and security policies is maximized.
ArcSight
PacketSentry integrates seamlessly with ArcSight Enterprise Security Manager (ESM). As a member of ArcSight’s EnterpriseView and Technology Alliance Partner Programs, PacketMotion has worked with ArcSight to develop a tight integration between PacketSentry and ArcSight ESM and IdentityView using the Common Event Format (CEF). PacketSentry CEF messages include a rich data dictionary of 25 identity parameters that can be leveraged by ESM to correlate identity-aware alerts from PacketSentry with data from other information sources such as application level logging or network security devices.
Logging Solutions
PacketSentry can easily integrate with most log collection systems. It can send human-readable SYSLOG alert messages to as many logging systems as needed, and can also send ArcSight CEF messages to ArcSight systems and human-readable messages to other destinations simultaneously.