UTAS OMAN Pre-requisites
Pre-requisites
Start date: 01/02/2023
Customer's MS Sentinel
Subscription Name: utas enterprice
Subscription ID: 1a2fab55-8285-4363-a6ae-deccf56e7aef
Resource Group: utaspoc
FOR EVENTS - Workspace Name: UTASSentinel
FOR EVENTS - Workspace Id: 485f4a1a-5bf5-4f17-8873-041d85413d61
Softline's MS Sentinel
Subscription Name: IsocIndia
Subscription ID: 9ee3095b-24b4-4bf4-8c3d-7484ff131b52
Resource Group:
FOR ALERTS - Workspace Name:
FOR ALERTS - Workspace Id:
Event source
ID
Type
System
count
Responsible
Connectors and limitations
Status
SRC-1
Windows Servers (on-premises)
Dell/windows2019 server
6
Collection of logs using AMA agent
SRC-2
Windows Endpoint Device (Laptop/Desktop)
Windows 10
2
Collection of logs using AMA agent
SRC-3
NGFW (on-premises)
Fortinet FGT-1500D
1
Collection of events (CEF)local6
SRC-4
Switches
Cisco (6500, 4500,3800, 3560,2900), Aruba (2530)
10
Collection of events(syslog)
SRC-5
WLAN controller
Cisco WLC 5508
1
Collection of events(syslog)
SRC-6
Azure
Azure AD
Office365
Azure
Contact details of the Customer for Incident Verification
Contact Name
Email
Phone number
Raja Salim Hamood Al Harrasi
raja.alharrasi@nct.edu.om
-
Ghaniya Al-Hinai
ghaniya.alhinai@nct.edu.om
-
Rommel Halcon
rommel.halcon@nct.edu.om
-
Collectors
No
Server
Computer Name
IPaddress
Username
Password
Connection Method
1
Terminal Server
172.16.10.70
RDP through VPN
2
Windows Collector
172.16.10.71
RDP through VPN
3
Linux Collector
172.16.10.69
SSH through VPN