Detection
7 pages in this section.
Pages
Detection and Alerts
Detect suspicious activity on your network and get a curated set of alerts out of the box.
Network Zones for Detection
Group parts of your network into zones so Access Gate can alert when traffic crosses a boundary it should not.
Log Forwarding and SIEM Export
Forward Access Gate's alerts, flows, and audit events to your SIEM over syslog.
Log forwarding to Wazuh SIEM
Receive Access Gate security events in Wazuh and trigger alerts on authentication, enclave access, and compliance-relevant activity.
Log forwarding to Elastic SIEM
Receive Access Gate security events in Elastic Stack and surface them in Kibana for detection and search.
Log forwarding to Splunk SIEM
Receive Access Gate security events in Splunk and trigger alerts on authentication, enclave access, and compliance-relevant activity.
Risk Matrix and Subnet Labels
Tag your networks and assets with impact and risk levels so alerts, policies, and reports reflect what actually matters.