CloudNetworks_CI_Horizontal B text white
Contact Us

CNEye

Splunk-based security monitoring solution

CN-Eye Product Overview

CN-Eye is a monitoring solution developed by CloudNetworks based on the big data platform Splunk Enterprise.
It works in conjunction with Citrix and HashiCorp solutions.

CNEye

CNEye for UAB

Abnormal behavior management and monitoring

CNEye for Citrix

Citrix ADC integrated management and monitoring

CNEye for Vault

HashiCorp Vault Security Automation Monitoring

CN-Eye for UAB

Splunk-based internal information leakage detection solution

CNEye is an integrated internal information leakage management system that analyzes various system-generated risk signs in combination with user behavior and scenarios based on the big data analysis platform Splunk. It provides a comprehensive risk sign management system through pre-analysis, cause identification and intensive analysis, and clarification procedures.

Configuration diagram

It detects abnormal signs through various scenario-based event rulesets by collecting internal security equipment and work system logs.
Internal personnel DB is easily integrated into the company's infrastructure through linkage with the mail server to provide a reporting process.

Main Features

Monitoring of overall status

Dashboard configuration that can monitor the status of the entire system by integrating linked system data and monitor the risk level by department/branch, etc.

Monitoring of abnormal behavior

Dashboard configuration for monitoring by event for abnormal behavior and major activities, and report and monitoring dashboard configuration using flexible visualization tools

Concentrated analysis of user patterns

Analysis of abnormal behavior, misuse and insider information leakage based on scenario, timeline analysis of usage patterns and overall status of events by user

Explanation process management

If a user is deemed to be behaving abnormally through user analysis, management is carried out through an explanation process, and it can be processed by specifying an example and user.

Expected Effects

  • Collecting various data to provide meaningful scenario-based security risk information
  • Responding and tracking management through anomaly monitoring
  • Ensuring business continuity through quick and accurate response to security incidents

CN-Eye for Citrix

Splunk-based CITRIX ADC integrated management and monitoring solution

CNEye For Citrix is a monitoring solution for CITRIX ADC products. It provides easy asset management and real-time information collection, analysis, and event and integrated dashboard functions based on an intuitive UI, making it convenient to use.

Product Architecture

System Configuration Diagram

Solution Configuration Diagram

Main Features

Provides integrated management monitoring of hardware status information such as bandwidth usage and packet loss, interface errors,
and equipment temperature for each device, and consent software status information in real time, including traffic usage by ADC function, event status,
and session information.

Provides an integrated dashboard

  • Provides a real-time dashboard for the status and traffic of all equipment
  • Provides a UI that allows you to easily identify the resource utilization rate of each piece of equipment

Provides equipment asset management functions

  • Provides equipment status management functions such as resource information, IP information, and OS information for physical equipment (MPX, SDX) or virtualized equipment (VPX, etc.)
  • Provides a history management function for resource changes to equipment

Provides performance management functions

  • Provides real-time or minute monitoring of important performance items such as CPU, memory, disk, traffic, and interface.
  • Provides monitoring of each metric such as TCP, UDP, HTTP, SSL, and connection.
  • Provides traffic usage monitoring from various perspectives such as virtual server, real server, and overall throughput of ADC.

Provides event management.

  • Provides event reception via SNMP trap when an event occurs in the Citrix ADC product.
  • When receiving an event, provide each administrator with a notification service according to the individual level in real time (e.g. Slack, SMS, Mail, Teams, etc.)
  • Provide an automatic deletion function from the event history when an event is automatically/manually resolved after the event occurs.

Expected Effects

Through CNEye for CITRIX, easy asset management and resource, performance usage status,
and event occurrence history for ADC products Monitoring allows you to compare past and present usage and predict trends.
  • Easy asset management with automatic asset registration and performance management monitoring by simply entering the IP address of the equipment.
  • Monitoring of resources, performance usage, and event history allows you to compare past and present usage and predict trends.

CN-Eye for Vault

Splunk-based cloud security automation monitoring solution

CNEye for Vault is a cloud security automation monitoring solution that can be linked and analyzed with HashicCorp Vault for secret management. It allows convenient operation and management from a security perspective with a visual dashboard for Vault configuration and various metrics.

Main Features

Integrated dashboard

Provides an integrated dashboard according to the configuration of Vault, enabling you to understand Vault from an operational and security perspective and build your own visualizations according to the configuration

Cluster Management

Smooth cluster management by checking the cluster status and the mode of each node

Manage licenses

Pre-manage by setting license expiration dates and D-Day, and check the total number of entities

Visualization of various metrics

Visualization of key items from an operational perspective, such as Auth, Secret, Token, Policy, and Resource (CPU/Memory/Disk), to identify abnormal patterns

Audit Log

Check in the form of a message table of Warm/Error levels, Receive alarms via Slack integration

Expected Effects

  • Enables efficient operation of Vault as a whole, including IT operations, security, and DevOps teams
  • Real-time response is possible with the Alarm linkage function of the Audit Log
  • Abnormal behavior can be identified by providing information on whether Vault is operating normally
  • Increased management convenience for various items such as Token and Entity
  • Resource management is possible by checking the CPU, memory, and disk usage of each node