ManageEngine is a division of Zoho Corporation and offers a full suite of IT management tools. This includes security, help desk, networking, and application performance. The ManageEngine IT security portfolio spans everything from privileged access management (PAM) to network configuration to password management. It provides controls for managing security from all angles.
The entire ManageEngine product offering is flexible, scalable, and can be deployed as cloud-native or cloud-ready, so it’s suitable for businesses of all sizes. Each solution places a heavy emphasis on auditing and reporting, which is valuable for organizations that are subject to strict compliance regulations. There are also many specific use cases for education, healthcare, manufacturing, government and financial services.
One potential drawback to consider across the board, however, is that most ManageEngine products only support Linux and Windows operating systems, and some products can run on Windows exclusively. This is likely not a deal-breaker for most users, but it could be a limitation for some.
ManageEngine’s key IT security solutions
Among all of the products under the ManageEngine umbrella, there are a few that play a key role in supporting IT security management.
The EventLog Analyzer product is a log management tool at its core. It’s marketed as a SIEM tool, but it focuses more on collecting and analyzing data from multiple sources rather than taking action to prevent potential threats from causing harm. ManageEngine offers a forever-free edition of EventLog Analyzer for up to 5 log sources, so even small operations can benefit from these effective management tools.
This tool automates a number of log management processes, including collection, normalization, analysis, reporting, and alerts. It also includes controls for application auditing, user access and activity monitoring, file and folder monitoring, and compliance auditing. EventLog Analyzer integrates with help desk consoles like ServiceNow and ManageEngine’s ServiceDesk Plus to advance the threat mitigation process, but prospective customers will need to look elsewhere for advanced features like behavioral analytics or threat visualization.
As the name suggests, the Firewall Analyzer solution is a web-based tool for managing an organization’s firewall. This includes change management, configuration analysis, security auditing, bandwidth monitoring, and reporting. Firewall Analyzer is vendor-agnostic, so it will integrate with almost any open-source or commercial firewall product.
This module is sometimes used as an add-on to supplement another ManageEngine product like OpManager or Desktop Central. No matter the context, Firewall Analyzer helps monitor activity levels across VPNs, proxy servers, network traffic, and other devices. It also helps IT admins monitor users system-wide and identify those who pose the highest risk based on bandwidth consumption.
Log360 is ManageEngine’s comprehensive network security and threat mitigation tool. It’s versatile, especially for Microsoft Windows and Azure ecosystems. In fact, Log360 combines all of the capabilities of the following products under one roof:
- ADAudit Plus
- EventLog Analyzer
- O365 Manager Plus
- Exchange Reporter Plus
- Cloud Security Plus
This tool collects logs across many different sources, analyzes the collected data to detect potential threats, and then takes action to stop them from inflicting damage. Log360 also comes with many features like threat intelligence and alerts pre-configured, so it starts monitoring from day one.
Compared to other SIEM tools in the ManageEngine arsenal, Log360 tackles both security information (logs) as well as security events (threats). However, the all-in-one approach has caused some users to report a considerable learning curve when using the platform. Similarly, it doesn’t offer quite as wide a variety of features as some other SIEM tools, so it may not be suitable for large organizations with advanced needs.
Recommended: Best SIEM Tools & Software for 2021