Antikor CLM: NGFW Centralized Log Management System
The Antikor CLM Centralized Log Management System is a 100% domestic and national product that provides centralized logging with advanced functionalities. With flexible configuration, live dashboard, and statistical capabilities, it collects all logs from Antikor NGFWs centrally and allows users to search through them. It collects logs generated by our Antikor NGFW products and enables reporting based on those logs. Reports and graphs such as daily session counts, hourly session counts, top 10 destination IPs, top source IPs, and protocol distribution statistics provide operational value to users.
- To view the product models, Click here
Core Features of the Antikor CLM Centralized Log Solution
Centralized Logging
The Centralized Logging System collects and consolidates logs from multiple edge NGFWs into a single center. In the graphs generated from the collected logs, clicking on a specific log enables retroactive searches using the “Search Logs” option.
Statistical Capabilities
In the Antikor CLM Centralized Log system, the statistics from logs received from edge NGFWs are visualized with graphs showing session counts (allowed/dropped). It classifies and visualizes them based on highest source IPs, destination IPs, services, and protocols.
Daily Session Statistics
Daily Session Statistics on the Antikor CLM Centralized Log System are a key metric for evaluating network connection loads, user behavior, and system health. These stats enable both quantitative and temporal tracking of daily network activity.
Hourly Session Statistics
Hourly Session Statistics in the Antikor CLM Centralized Log System provide critical visibility for monitoring traffic fluctuations throughout the day. This is especially useful for identifying peak usage periods, detecting anomalous traffic times, and planning resources.
Top 10 Destination IP Statistics
“Top 10 Destination IP” statistics in the Antikor CLM system typically show the most frequently accessed or most data-received destination IP addresses. These stats are important for network security, performance analysis, and anomaly detection.
Top 10 Source IP Statistics
The “Top 10 Source IP” statistics on the Antikor CLM system allow you to analyze the IP addresses that initiate the most traffic or connections. This analysis is especially critical for security monitoring, performance tracking, and anomaly detection.
Top 10 Service Statistics
The “Top 10 Service Statistics” in the Antikor CLM system provide analysis of the most frequently used or highest-traffic generating services on your network. These statistics are highly valuable for verifying access policies, managing performance, and maintaining security.
Protocol Distribution Statistics
“Protocol Distribution Statistics” in the Antikor CLM system allow analysis of protocols used across the network (e.g., TCP, UDP, ICMP) based on quantity and ratio. This provides critical visibility for understanding network behavior and detecting abnormal traffic.
Authorization
The Antikor Centralized Logging system provides authorization services for data coming from connected Antikor NGFWs. Authorized users can search logs based on their access rights.
Log Template Management
Log Template Management in the Antikor CLM Centralized Log System is at the heart of collecting, configuring, parsing, and reporting logs. This ensures that data from various log sources is standardized and made meaningful.
Monitoring Alerts and Notifications
Setting thresholds on the Antikor CLM Centralized Log System is crucial for system continuity. Notifications for events like disconnections, reconnections, authorization failures, CPU, disk, and memory spikes are sent to system administrators via browser notification, email, or SMS.
Encrypted Transfer via SSH Tunnel
Encrypted data transfer is established between Antikor NGFWs and the Antikor CLM via an SSH Tunnel. Logs are securely and regularly transferred to the Centralized Log System. This method is especially useful for securing otherwise unencrypted protocols.
Detailed Audit Logs
The CLM Centralized Log Management System generates detailed time-based reports with graphs and tables for traffic, VPN, DNS, application, website, and threat data from connected NGFW devices.
Traffic Analysis
Traffic Statistics
Time-based protocol distribution graphs for allowed and blocked traffic are displayed. Additionally, each packet passing through the sources is listed in tables with source/destination IP addresses, interface information, and allowed, blocked, and total packet counts.
Rule Logs
Rule logs include the number of hits received by each security rule, along with rule information, first hit time, and last hit time.
VPN Reports
VPN reports include time-based graphs showing daily user count and traffic (sent/received bytes) for users connected via VPN. Tables include each user’s IP information, traffic volume, number of connections, and total connection duration per device.
Application Logs
Application logs show time-based graphs of allowed and blocked applications per source. The table view below the graphs includes application categories, user count, and the number of times each action (allowed/blocked) was triggered.
Threat Analysis
Threats detected on sources are visualized with time-based graphs based on severity. Tables include the threat’s source info, type, score, severity, and frequency of occurrence.
Website Logs
Time-based graphs show allowed and blocked access to websites visited via the sources. Tables include the domain names, session counts per domain, and total session durations.
DNS Analysis
Time-based weekly allowed/blocked graphs for top 10 destination and source IP addresses are available. Tables on the left show allowed, blocked, and total packet counts per source IP. The table on the right shows the same for destination addresses.
Antikor CLM Central Log Management System Models and Product Details
| # | Model No | Product Name | Links |
|---|---|---|---|
| 1 | EPA-CLM-1K-TR | EPA-CLM-1K-TR Antikor NGFW Central Log Management System | Datasheet |
| 2 | EPA-CLM-2K-TR | EPA-CLM-2K-TR Antikor NGFW Central Log Management System | Datasheet |
| 3 | EPA-CLM-5K-TR | EPA-CLM-5K-TR Antikor NGFW Central Log Management System | Datasheet |
| 4 | EPA-CLM-10K-TR | EPA-CLM-10K-TR Antikor NGFW Central Log Management System | Datasheet |
| 5 | EPA-CLM-15K-TR | EPA-CLM-15K-TR Antikor NGFW Central Log Management System | Datasheet |
| 6 | EPA-CLM-20K-TR | EPA-CLM-20K-TR Antikor NGFW Central Log Management System | Datasheet |
| 7 | EPA-CLM-25K-TR | EPA-CLM-25K-TR Antikor NGFW Central Log Management System | Datasheet |