“What makes Power LogOn so valuable is the security of all user passwords, the convenience for the user access services, and the integration into our SIEM.”
-Law Enforcement IT Director
Power LogOn:
SIEM Extension
Allows you to collect real-time security event data for analysis, from multiple sources, including logon, and other telemetry-specific data.
Introducing
Power LogOn:
Your Complete Cyber Authentication Solution
How can Power LogOn SIEM extension help you?
Power LogOn SIEM extension helps agencies, businesses, and organizations to easily manage potential cyber threats before the threat disrupts operations. Power LogOn is a true MFA, IT centralized password manager that is easily added to existing employee physical access control (PAC) credentials.
SIEM solutions allow IT Administrators to collect real-time security monitoring and event data for analysis, from multiple sources, including logon and other telemetry-specific data. SIEM is a key element in cyber security compliance, auditing, and network intelligence.
Flexible and Scalable
SIEM systems in real-time. Event logs resulting from activities at Power LogOn client workstations or at the Power LogOn server, are generated and sent by the Power LogOn server to a SIEM system at a selected IP address and port.
Secure, Automated Logins
Power LogOn with SIEM capabilities is essential for our customers to fulfill cyber insurance requirements, HIPAA/HITECH compliance, and NIST 800-171 DFAR MFA mandates. While Google and Microsoft both state that MFA based password management will decrease credential theft cyber-attacks by 99%, having the SIEM integration eliminates even more threats.
There are no modifications to either the client computer or server because the SIEM is already collecting the information.
Power LogOn
SIEM Extension Features
Event Forwarding Commands
Power LogOn SIEM is a key element in cyber security compliance, auditing, and network intelligence.
- bEnableSysLog
- sSyslogServerIP
- sSyslogServerPort
- bAddHeader
- lLogSyslogServerConnectFailure
- lMinimumPriorityLevel_1To10
- sProductVersion
Event Types
Power LogOn SIEM Extension manages over thirty-five different Common Event Format (CEF) events including users logging on and off, administrators issuing, denying access, and revoking cards that are forwarded to 3rd-party RFC-adhering, SIEM systems in real-time.
The following table lists supported event types:
| Logon to Windows | Restore card system | Report lost/stolen | Admin logon with pw |
| Logoff from Windows | System backup failed | Report left card | Add administrator |
| Lock computer | Sys restore failed | Report add new device | Remove administrator |
| Unlock computer | Remove from hotlist | Report defective | Change admin PIN |
| Issue card | Change PIN | Report returned card | Access denied! |
| Re-issue RF card | Lock card | Card rejected | Error reset PIN |
| Self-reenroll card | Reset PIN | Admin logon with card | Password incorrect! |
| Update Card Settings | Card rejected | Admin logoff | Delete cardholder |
| Backup card system | OTP expired | Admin logon failed | Update / Add cardholder |
Testimonial
“We are aggregating telemetry data from every telephony marker you can think of. From all the computers, servers, domain controllers, email servers, firewalls, spam filters, MFA solutions, and BYOD to name a few. All that data is fed into the SIEM service for analysis.
Within a two-month period, the SIEM has performed over twenty-million observations, which lead to investigations and found interesting security activities that would have been difficult to identify without the use of the SIEM.
What makes Power LogOn so valuable is the security of all user passwords, the convenience for the user access services, and the integration into our SIEM. Users can access the cloud, on-prem, or offline data, and Power LogOn protects the logon credential. The SIEM captures Power LogOn activities to create one concise report. Power LogOn SIEM has taken a great load off my mind to where I can now go on vacation and know that an attempted ransomware attack will be isolated, and no passwords will be discovered or compromised.”
– IT Director, Law Enforcement
Availability
Power LogOn SIEM Extension is available through a network of approved resellers and distributors. If you’re interested in testing or implementing Power LogOn SIEM, reach out to your IT reseller. If they are not an authorized reseller, they can contact us to become one.