jinlei801011 2 Posted July 10, 2017 Share Posted July 10, 2017 Dear ESET, My customer is interesting in ESA to protect their office 365 and fortigate VPN, I have few questions need your advise Office 365 1. Can OTP only required for external access (Out of office)? 2. Can we import user phone number into AD instead of enter manually? 3. Can ESA able to track log activities ( who, when) sign on portal? 4. Can we set policies to log out users after certain unsuccessful tries. 5. API to SIEM Thanks Link to comment Share on other sites More sharing options...
ESET Staff VladimirVladimir 14 Posted July 10, 2017 ESET Staff Share Posted July 10, 2017 (edited) Hi there 1. We have a feature called IP range whitelisting where you can define IP ranges from which second factor is not required (see product guide for more details) 2. Importing phone numbers is up to the AD capabilities. ESA just utilized the AD functionality. I presume, AD has an option to import data in bulk. 3.We internal product logging for (product logs) some of the user login activities. But there is not a dedicated UI for accessing such information. Also administrator can find last successful login and last failed login per each user in the AD tab of dedicated user (see attached screenshot). 4. Not sure if I understand. ESA has a security mechanism to lock user after certain amount of unsuccessful login attempts. ESA does not have a capability to set policies. 5. ESA has an API. please find details in product documentation. User guide API guide regards vladimir Edited July 10, 2017 by VladimirVladimir Link to comment Share on other sites More sharing options...
jinlei801011 2 Posted July 11, 2017 Author Share Posted July 11, 2017 17 hours ago, VladimirVladimir said: Hi there 1. We have a feature called IP range whitelisting where you can define IP ranges from which second factor is not required (see product guide for more details) 2. Importing phone numbers is up to the AD capabilities. ESA just utilized the AD functionality. I presume, AD has an option to import data in bulk. 3.We internal product logging for (product logs) some of the user login activities. But there is not a dedicated UI for accessing such information. Also administrator can find last successful login and last failed login per each user in the AD tab of dedicated user (see attached screenshot). 4. Not sure if I understand. ESA has a security mechanism to lock user after certain amount of unsuccessful login attempts. ESA does not have a capability to set policies. 5. ESA has an API. please find details in product documentation. User guide API guide regards vladimir Hi Vadimir, Thanks. For SIEM, I mean can we integrate ESA in SIEM (Security Information & Event Management)? Regards, Link to comment Share on other sites More sharing options...
ESET Staff VladimirVladimir 14 Posted July 11, 2017 ESET Staff Share Posted July 11, 2017 Hi regarding the SIEM. We do not have any plugins/APIs for such products. But we are happy to hear any details regarding such requirement. Which specific SIEM tools are you interested in? what would you like to manage/configure/monitor from such tool? do you prefer a dedicated API, or also specific plugins are required? Thanks regards v. Link to comment Share on other sites More sharing options...
Recommended Posts