StoneGate Management Center
StoneGate Perimeter Protection
Network Security Management for Firewall, VPN and IPS
The StoneGate Management Center forms the core of the StoneGate Platform, providing unified network security management for StoneGate Firewall, VPN and IPS solutions.
- Manage the security solution holistically
- Utilize shared network elements
- Benefit from shared logging, reporting, auditing, and other tools
When it comes to security, organizations are often forced either to use different management tools for each security product, or sacrifice manageability to use a so-called "unified management" for systems that were not initially designed to be managed together. The result is inefficiency, higher costs for training and an overall decrease in security due to the administrator's inability to effectively manage the overall security environment.
- Architecture
- Web Portal
- Third Party Management
- System Monitoring
- Network Monitoring
- Reporting
- Log Browsing
- Security Policies
- Incident Management
- Alert Escalation
- Audit
- High Availability
Architecture
StoneGate Security Platform has been designed to be very scalable and flexible. The core of the system, StoneGate Management Center (SMC), consists at least one management server and one log server, which can be installed either to the same or to separate servers.
SMC functionalities can be extended by installing a Web Portal Server, which provides read-only access to selected management server resources. For high availability or scalability reasons, any of the servers can be easily multiplied.
The SMC has the ability to grow from managing a couple of security devices to the highly available management system of a large enterprise with hundreds of devices.
SMC consists of the following standard components:
- Management server
- Log server
- One or more Management Clients
The Management Client is the graphical user interface used for configuring, managing and monitoring the entire StoneGate system.
Optionally, and for a separate license fee:
- One or more backup Management Servers in addition to the active Management Server
- One or more additional Log Servers
- One or more Web Portal Servers
Web Portal
Managed Security Service Providers and large enterprises often need to give their customers or remote offices access to the logs of their security modules without actually granting them access to the Management Server. The customers may also require to be able to review the current configuration of their engines and ensure that their change requests have been implemented. Often you also need to provide daily,
weekly or monthly reports to certain stakeholders to keep them updated what's happened in their network.
StoneGate Web Portal provides efficient tools for all the needs mentioned above. The Web Portal provides your customers, local administrators or management people a light-weight web access to view the logs, scheduled reports, current policies and the policy change history of their environment. Administrators can accurately define what information is shown for the Web Portal users. They can even publish announcements for the Web Portal users about the upcoming service breaks as well as general instructions.
The Web Portal does not require any installations from the end-users. Since the Web Portal is implemented in HTML, it can be used with almost any mobile device. Because of its great accessibility, the Web Portal is actually a very interesting tool for the administrators as well. The administrators may start troubleshooting network issues with their mobile phone before heading for a place with a proper Management Client access.
Third-Party Management
StoneGate Management Center (SMC) provides centralized management also for third-party device events. These features help you to collect critical log and monitoring information in one centralized place and get total overview of the critical path from the perimeter to the application servers.
Status Monitoring
It is easy to monitor whether critical servers, routers, switches, and security devices on are online and functional.
Log Reception
StoneGate Management Center is able to receive and display log events from third-party devices. An integrated validation tool helps to create logging profiles for third-party devices. Logging profile will make third-party log entries understandable for the StoneGate solution. StoneGate users can also share their logging profiles of different third-party devices on StoneBlog.
System Monitoring
All StoneGate systems (including Firewalls, IPSs, VPNs and SSL VPNs and Servers) as well as any third-party devices can be monitored from the same unified interface.
The Status Monitoring view offers an easy way to get an overview of the current situation and smoothly drill down into the monitored devices' detailed information, down to diagnostic-level information. The view can also present information about the appliances' hardware status, such as the status of network interfaces and hard-drive, fan speeds, temperature, and much more.
From the System Status Monitoring view, the administrator can directly control the devices, for example, by changing their status. The monitoring system can also notify the administrator via alert channel using Policy-Based Alert Escalation, if the monitored devices become unreachable.
By creating Network Diagrams, the administrator can follow the status of the network in a user-friendly, graphical style.
Network Monitoring
The StoneGate Monitoring Overviews dashboard provides a central visual monitoring place for the network data. The overviews are collections of statistical charts and tables, which can be arranged in a grid to conveniently to monitor several statistical charts at once. The administrator can save several Overviews to have quick access to, for example, most important or most used views.
Some issues that would require an administrator's attention can develop gradually. For instance, the firewall may start to drop packets at a rate that is slowly increasing. As it is difficult to notice this by just looking at the numbers, the trend is easy to see when the same information is presented graphically.
To be truly useful, the presentation needs to be customizable to meet the specific requirements of each customer’s environment and the needed information has to be available and visible immediately.
With Monitoring Overviews, the administrator can follow the general trends in network traffic and bandwidth utilization from several sources in real time. The administrator can, for example, see the utilization of an interface or VPN tunnel, allowed and denied connections, and general volume of traffic as pie charts, bar charts, or curve charts, depending on the type of statistics viewed.
Reporting
Today's organizations need to be able to provide reports of their services and security status both internally and to public authorities. Service providers need to provide customized reports for their customers. Reports are required for system troubleshooting and security policy enforcement. In order to create these reports administrators must be able to locate specific information from a large amount of log data.
The information visible in reports can provide:
- Trend information to help with network planning.
- Baseline information, which can be used to identify unusual conditions and possible attacks.
- Historical information that can help in analysis when investigating and cleaning up after an attack.
The Report tool summarizes and visualizes system event data for disclosing trends and anomalies in network usage. Its extensive customization and filtering features make it a powerful aid for researching and documenting specific incidents and patterns.
