Infraskope is a log management and SIEM solution which lets you collect, classify, consolidate, correlate, store, and analyze log records from all major operating systems, network devices, and applications. 

What differentiates Infraskope from other log management solutions is that it can target client computers as well. 

Infraskope uses Microsoft SQL Server as the backend storage. Enabling you to access the log records, software, and hardware inventory records from your custom applications. 

Futures and Benefits:

• Deploy in days: Core product can be installed and configured in less than one day. Deploying agents is easy too. Infraskope Agent (1MB MSI package) supports silent installation which lets you deploy it using Active Directory / Group Policy or with any other electronic software distribution method. 
• Flexible Log Collection Methods: Infraskope supports both w/agent and agentless log collection methods. However, we recommend agent method advanced features such as filtering noise events at the source computer, therefore, reducing the network traffic. IDS features are also available with the agent method. 
• IDS Features: Infraskope is *not* an another log management product! It detects administrator activities, hacker activities, malicious user activities, USB device usage, application monitoring, and much more. 
• Low Total Cost of Ownership (TCO): Infraskope isn't priced according to its event-per-second (EPS) value. You can utilize your existing hardware to its full potential. If you need more power, you can either purchase better hardware (scale-up)  or add a second server (scale-out). 
• Flexible Licensing Methods: You can choose perpetual or subscription-based licensing. 
• Self Monitoring: Infraskope does not require an administrator continually watch and manage it. Its out-of-the-box management jobs it can maintain itself. With automatic compression and archiving methods, the only thing you need to provide is adequate disk space. Infraskope does the rest for you.
• Built-in Reports: Infraskope comes with pre-defined reports. You can comply with nearly all standards and policies like COBIT, SOX, HIPAA, PCI, ISO 27001. 

Key Features: 

• Account management operations
• Screenshots taken by Prnt-Scrn key, Snipping Tool, Gadwin, etc. 
• USB storage device activities (copy/delete/rename)
• Application blocking (based on filename, MD5 hash, or startup directory)
• 3G modem, wifi, bluetooth connections
• Network sniffing, ARP spoofing attacks, MAC spoofing
• Active window title monitoring with URL detection
• Rogue DHCP server direction
• Administrative share usage on client computers (C$ or ADMIN$ connections)
• Logons with Administrator or Power User privileges
• Outbound TCP connection logs with application name, username and PID
• Folder sharing events on client computers
• Online and Offline password attacks including KonBoot, ERDCommander, Hiren, etc.