Below are described a list of features for Babel Enterprise 3.0 version. Click on each feature name to get more information.
Babel Enterprise Professional vs OpenSource edition features
Support for ISO/IEC and internal policies
With Babel Enterprise you can check if your system is consistent with the international regulations like ISO/IEC or with your company security regulations. You can do it because Babel Enterprise auditing system is fully customizable and it fits your needs.
Babel Enterprise collects data from your system and calculates the risk based on how important are each data for you. You can customize the weight of each piece of data inside a policy to set the level of criticity.
System and application auditing
By default Babel Enterprise has a lot of auditing modules for all kind of applications and systems. With these modules you can audit:
- File content
- File permission
- User passwords
- Apache and Tomcat configurations
- Services running
- Ports open
- and much more...
High detailed auditing with change detection
Babel Entereprise stores the result of each audit with high detalied information. Babel also detects the changes between the current and the last audit for each auditing module warning you about any change in your system.
Auditing track and history system
All the audti result are stored with all details and chages. It allows you to see the evolution of the risk of your system and to explore the whole security history detecting problems and configuration changes.
Auditing with agents
Babel Enterprise Agents are small and lightweight programs that run on all platforms. These agents execute the audit modules and get data sending it to the server.
Collectors to audit complex sources (Snort, Nessus and more)
Collectors are special "translators" to audit complex sources for example IDS like Snort or vulnerability scan software like Nessus.
Remote auditing support
With Babel Enterprise you can perform audit agent-less using remote protocol like WMI or SSH so no installations in audited machines are required.
Centralized management using auditing policies
Babel Enterprise centralized policy mangement system allow you to control all audits remotely through web console. This system save a lot of time configuring and deploying new audits and modules.
Centralized file distribution system
Centralized file system of Babel Enterprise allows you to distribute the scripts required to perform aduit checks to agents in a centralized way. With centralized file distribution and policy system Babel Enterprise gives you are a poweful tool to audit huge systems.
Normatives are audit reports focus on some issues that you can not measure using a program. The normatives are very useful to answer some questions like: How many persons could access to high security documents?, Have you got an external backup? or Do you have a catastrophe procedure?. Out of the box Babel Enterprise has some normatives but you can create your own normatives to adapt them to your company rules.
No complex file formats or propietary database management systems. Babel Enterprise uses a MySQL database to store all data collected every audit is executed.
Recommended capacity limit per server
Babel Enterprise has been designed to work in company environments: this means, groups of systems which can grow and grow progressively. Our engineers have estimated an average of 2000 agents per server, executing tasks every 7 days.
3rd Party Product Integration API Library
Babel Enterprise external WEB API is used doing HTTP/HTTPS remote calls (REST API). This is the method that has been defined in Babel Enterprise to integrate applications from third parts with Babel Enterprise. This is a HTTP request with the parameters formated to receive a value or a list of values, the API also allow to set operations on the server (like apply a policy or insert a value). The API is also used to get event information for an external event manager.
Automatic updates with Open Update Manager
Open Update Manager allows Babel Enterprise to get a new version of files to update the web console automaticly. With Open Update Manager Babel Enterprise can update itself to a new version using online service or offline service based on tarball packages.
Full featured multiplatform agents for Windows, HPUX, Solaris, BSD, AIX and Linux
There are software Agents for Windows, Linux, AIX, HP-UX, Solaris, BSD and Mac: lite agents that provide information about the system where they are installed (file permission, services running, ports open, ...).
Remote agent management
With Babel Enterprise you can modify from the Web Console the configuration of any Agent installed. This allows to add or remove audit modules from the agent and any other configuration options.
Agents with Proxy mode
This is a special work method for the agent, which allow it to work in different complex architectures. They act as intermediate servers (Drone mode), so they can be used to centralize the communication with the destination server or with another proxy. This system also allows file collection and remote configuration management. Furthermore Tentacle protocol supports the use of proxies (in HTTP/Connect mode) in a way other agents can connect directly to the server using a standard proxy.
100% WEB Environment, multi client with separated views
Bable Enterprise's architecture and its design has been oriented to serve different clients with the same infrastructure. It is multiclient (each user sees only his elements). Since it is 100% web, it allows any remote client to access its views and the management of its reports from any platform and operation system.
Babel Enterprise has an user role and a permission system, that allows to define new users with different permissions over the different monitoring groups. This way, an user could be administrator of the Accounting System, having only permissions to see the events of the Human Recourses group. There is also an enterprise ACL system which expand this feature.
Fine Grain ACL System
The enterprise ACL system offers the possibility of configure the access to Operation and Administration sections for each user. This allow to define a different interface for each user, removing specific parts of the interface.
Easy reports with risk history
With Babel Enterprise console you can see every eaudit run in the system with a detailed report showing all changes for every audit module. This reports also show the risk measurement history for all policies applied on each host that allow you to see the risk evolution per host, policy and audit module.
Advanced and customizable reports
Babel Entperise also offer advanced reports to show the risk of your organization in different ways. This reports allow you to get risk summaries per domain, asset, host or normatives with filters to select what information you want to see.
Report scheduler with email support
Scheduled reports can help you generating reports for example every week, every day or every month sending the result of the report you have selected to your email address. This feature is very useful and allows you to save a lot of time.
Dashboard with auditing summaries
With Babel Enterprise dashboard you can see the status of your organization at a glance. This view shows summaries of risk per policy, domain, host, normative, some global parameters such as: global risk for all the organization, the risk evolution and some technical parameters such as the number of audits run, number of host and policies.
Document management system
The Document Manager allows you to have all documentation and all audit result in the same tool. You can use the Document Manager to store different documents with security policies for each departments or domains of your organization. The Babel Enterprise Document Manager allows you to create a complete tree with folders an files like in your own computer. The Document Manager also support document revision with all the document history.