Network Session Essentials (Preview)

Microsoft Sentinel, Microsoft Corporation

Network Session Essentials (Preview)

Microsoft Sentinel, Microsoft Corporation

Network Session Essentials

Note: Please refer to the following before installing the solution:

• Review the solution Release Notes

• There may be known issues pertaining to this Solution, please refer to them before installing.

Network Session Essentials is a domain solution and does not include any data connectors. The content in this solution requires one of the product solutions below , as well as any other connector or data source normalized to the ASIM.

Prerequisite :-

Install one or more of the listed solutions, or develop your custom ASIM parsers to unlock the value provided by this solution.

  1. Amazon Web Services
  2. Azure Firewall
  3. Azure Network Security Groups
  4. Check Point
  5. Cisco ASA
  6. Cisco Meraki Security Events
  7. Corelight
  8. Fortinet FortiGate
  9. Microsoft Defender for IoT
  10. Microsoft Defender for Cloud
  11. Microsoft Sysmon For Linux
  12. Windows Firewall
  13. Palo Alto PANOS
  14. Vectra AI Stream
  15. WatchGuard Firebox
  16. Zscaler Internet Access

Underlying Microsoft Technologies used:

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

  1. Product solutions as described above
  2. Logic app for data summarization

Recommendation :-

It is highly recommended to use the Summarize data logic app playbook provided with this solution as it will significantly improve the performance of the Workbook, Analytic rules & Hunting queries.

Workbooks: 1, Analytic Rules: 9, Hunting Queries: 7, Watchlists: 1, Playbooks: 1

Learn more about Microsoft Sentinel | Learn more about Solutions