PacketMotion’s User Activity Management (UAM) system captures and saves detailed user transactions across the enterprise, correlating those transactions with identity management systems, indexing the data for quick access, and applying comprehensive reporting and proactive rules to the transaction data.
Built on a robust, yet easy to use rule engine, PacketMotion’s UAM system enables organizations to “blacklist” or “whitelist” specific user behaviors, create alerts based on access levels and known or anticipated behaviors, and block user actions that are identified as being suspicious or out of the norm. PacketMotion provides visibility of detailed user actions at the edge of your network for transactions both inside and outside the network.
What Does the PacketMotion UAM System Do?
With PacketMotions UAM solution the information on user activities is formatted as User Activity Records describing the user and what the user did. This information takes the form of:
- File names, and folders names
- Database names table names, and queries
- Internet chat and Instant Messenger names
- Login attempts, both successful and unsuccessful
- Transaction data from applications and protocols used in the enterprise
Our UAM system can then identify each User Activity Record, or “transaction” tied to each user, giving you complete transparency. Transaction records in the PacketMotion UAM system are full-text-indexed and made searchable with Google-like search functions – allowing the history of all user actions in an enterprise to be recorded and monitored, for the first time.
PacketMotion stores transactions in a SQL relational database, and an integral reporting engine makes it easy to predefine reports on security, compliance, and network performance. PacketMotion’s UAM system even blocks unpermitted actions in real-time, by implementing connection resets to the offending user.
The Benefits of UAM
PacketMotion’s UAM solution spans both traditional and virtualized environments providing the same level of granular user activity data. UAM provides a new level of visibility and control to virtual clusters for user-to-VM and VM-to-VM communications involving sensitive data that is not transmitted over a traditional network. UAM provides fundamental benefits in the following use cases:
Database Activity Monitoring – The UAM solution meets stringent audit and industry compliance reporting requirements (SOX, PCI DSS, HIPPA, etc) and deters fraudulent activity by providing visibility and secure control into identity-based user activity and database responses.
File Shares – PacketMotion’s UAM solution provides activity based monitoring of File Shares (Windows, NetApp, SharePoint, etc) and provides granular controls that limit access and prevent fraudulent behavior.
Virtual Segmentation – PacketMotion replaces traditional port based and IP-addressed firewalls and has the benefit of providing granular audit trail of user activity which satisfies compliance reporting requirements.
High Risk User Management – PacketMotion provides the foundation for actively managing superusers and high risk users access to sensitive data and monitors access control integrity with Active Directory. PacketMotion’s UAM solution also monitors and controls the activity of domain and application accounts to prevent unauthorized access and fraudulent activity.
PacketMotion UAM’s ability to provide detailed insider behavior across the enterprise delivers immediate benefits which are responsible for generating a compelling ROI. Some of these benefits include:
- Dramatic reduction in compliance reporting costs
- Automation of security controls and reports
- Rapid investigation of past behavior of a user or rogue user actions
- Detection and remediation of improper or suspicious insider activity