UpPrevious Next Sheriff CSM™ About Sheriff CSM %TWISTY{ showlink="table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=""...

UpPrevious Next Sheriff CSM™ About Sheriff CSM Network Security Capabilities Sheriff CSM is designed primarily to help mid size organizations effectively defend t...

UpPrevious Next Sheriff CSM™ Agentless Monitoring Sheriff HIDS allows you to run integrity checking without agents installed on hosts, network devices, routers, f...

UpPrevious Next Sheriff CSM™ Asset Administration Managing assets occurs in Sheriff CSM in the Asset List View. This section covers the following subtopics: *...

UpPrevious Next Sheriff CSM™ Asset List View The Asset List view, Environment Assets Groups Assets, provides a centralized view of your assets. For fiel...

UpPrevious Next Sheriff CSM™ Asset Management %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" ...

UpPrevious Next Sheriff CSM™ Assets and Groups It is important for security practitioners to know what assets are connected on the company network and how the de...

UpPrevious Next Sheriff CSM™ Back Up and Restore System Configuration %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgl...

UpPrevious Next Sheriff CSM™ Configuring Sheriff NIDS Sheriff CSM comes with Sheriff NIDS already enabled, but you need to perform the steps below in order to mo...

UpPrevious Next Sheriff CSM Connecting to AlienVault Open Threat Exchange® AlienVault Open Threat Exchange® (OTX™) is an open information sharing and analysis net...

UpPrevious Next Sheriff CSM™ Customize Sheriff NIDS Rules Occasionally you may want to customize the Sheriff NIDS rules or enable a rule that is disabled by defa...

UpPrevious Next Sheriff CSM™ Deploy Sheriff HIDS Agents You can deploy a Sheriff HIDS agent to a host * Through the Getting Started Wizard This option suppor...

UpPrevious Next Sheriff CSM™ Deploying HIDS Agents In this section, you will learn about deploying HIDS agents from the asset list view: * Deploying HIDS Agen...

UpPrevious Next Sheriff CSM™ Deploying HIDS to Servers We recommend deploying a host based intrusion detection system (HIDS) to enable * File integrity monito...

UpPrevious Next Sheriff CSM™ Discovering Assets in Your Network Understanding what is in your environment is a critical step towards identifying threats and vuln...

UpPrevious Next Sheriff CSM™ Editing the Assets You can edit your assets once they are in Sheriff CSM. For example, you can add a description or a location for y...

UpPrevious Next Sheriff CSM™ Enable Plugins Sheriff provides more than one way to enable plugins in Sheriff CSM. First, you can enable plugins on specific discov...

Environment Status Colors and Meanings for Asset Groups Environment StatusColorMeaning HIDS Green All the assets in this group have HIDS agents deployed and ...

UpPrevious Next Sheriff CSM™ File Integrity Monitoring You can configure Sheriff HIDS to perform File Integrity Monitoring (FIM), which identifies changes in sys...

UpPrevious Next Sheriff CSM™ Firewall Permissions Sheriff CSM components must use particular URLs, protocols, and ports to function correctly. Note: If deploying ...

UpPrevious Next Sheriff CSM™ Getting Started Wizard %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgle...

UpPrevious Next Sheriff CSM™ IDS Configuration %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=""...

UpPrevious Next Sheriff CSM™ Introduction to Sheriff CSM This guide provides information for users of the Sheriff CSM system, that are responsible for monitoring...

UpPrevious Next Sheriff CSM™ Limit User Visibility with Entities %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="...

UpPrevious Next Sheriff CSM™ Managing the Sheriff CSM Environment In addition to monitoring and analyzing events and alarms, there are other aspects of security ...

UpPrevious Next Sheriff CSM™ NXLog Plugins Microsoft Windows includes different categories of logs (Security, System, or Application event logs) to record importa...

UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 10: Track and Monitor Access to All Network Resources and Cardholder Data Testing Procedure How Sherif...

UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 11: Regularly Test Security Systems and Processes Testing Procedure How Sheriff CSM Delivers Sherif...

UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 5: Protect All Systems Against Malware and Regularly Update Anti Virus Software or Programs Testing Proc...

UpPrevious Next Sheriff CSM™ Plugin Fundamentals %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=...

UpPrevious Next Sheriff CSM™ Running Asset Scans You can run an asset scan on individual assets. This is useful, for example, if you want to find out if anything ...

UpPrevious Next Sheriff CSM™ Searching for Assets You can either search for or filter your assets by simply typing what you are looking for in the search box, in ...

UpPrevious Next Sheriff CSM™ Selecting Assets in Asset List View To select a single asset * Select the check box to the left of the asset. To select multiple a...

UpPrevious Next Sheriff CSM™ Sheriff CSM Updates %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=...

UpPrevious Next Sheriff CSM™ Sheriff HIDS %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" }% ...

Sheriff HIDS A Sheriff CSM feature and data source for intrusion detection that enables host based log collection, file integrity monitoring, and, on Windows host...

Sheriff HIDS Description A Sheriff CSM feature and data source for intrusion detection that enables the host based log collection, file integrity monitoring, and,...

UpPrevious Next Sheriff CSM™ Sheriff NIDS %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" }% ...

UpPrevious Next Sheriff CSM™ USB Device Monitoring on Windows Systems In Sheriff CSM version 5.3, Host Intrusion Detection System (HIDS) rules and plugins have b...

UpPrevious Next Sheriff CSM™ Viewing Asset Details To view asset details from the Asset List view, double click a specific asset or click the magnifying glass () ...

UpPrevious Next To change the settings on Windows 8 and 10 1 Go to Control Panel Folder. Options View 1 Deselect Use Sharing Wizard (Recommended). 1 G...

UpPrevious Next To change the settings on Windows Server 2003, 2008 R2, and 2012 R2 1 Go to Control Panel Windows Firewall Advanced Settings Inbound Rul...

UpPrevious Next To change the settings on Windows XP 1 Go to Control Panel Folder Options View. 1 Deselect Use simple file sharing. 1 Go to Contro...

UpPrevious Next Sheriff CSM™ Working with Sheriff HIDS Rules Sheriff HIDS expands from the open source project, OSSEC, by providing additional rules that are esse...