What is the ASGARD Management Center?

The ASGARD Management Center is the central management platform for THOR and SPARK scans. It manages distributed THOR/SPARK scans on thousands of systems, collects, forwards and analyzes logs. Furthermore, the ASGARD Management Center can control and execute complex response tasks if needed.

The hardened, Linux-based ASGARD appliance is a powerful, solid and scalable response platform with agents for Windows, Linux and macOS. It provides essential response features like the collection of file system, registry or memory evidence, malware process termination, remote file system browsing and other counteractive measures. It features templates for scan runs and lets you plan and schedule distributed sweeps with the lowest impact on system resources.

Typical incident response scenarios consists of different stages, whereas each stage has its own challenges and required tools. The ASGARD Management Center platform completes our tool-set universe and supports every stage of the incident response process.

  • Quick Preventive Scanning with the lightweight SPARK scanner or THOR in quick mode
  • Intense Triage Scans with THOR and custom case-based indicators to determine the extend of the incident
  • Evidence Collection with THOR’s quarantine feature or ASGARD Management Center’s file, memory, disk image and registry collection
  • Remediation with ASGARD Management Center’s remote execution and automated counteractive measures
  • Log Collection and Analysis with pre-installed Splunk and ELK services

Other services are:

  • Log Analysis Services – pre-installed ELK and Splunk for maximum convenience
  • Quarantine Service – file quarantine via Bifrost protocol
  • Update Service – automatic updates for THOR / SPARK scanners
  • License Service – central registration and sub license generation
  • Asset Management Service – central inventory and status dashboard

Platform Types

The ASGARD Management Center is provided in the following forms depending on the use case and certain prerequisites.

  • Hard Appliance

Depending on its main use you can control up to 20,000 end systems from a single ASGARD Management Center hard appliance

  • Soft Appliance

If system is mainly used as scan control for THOR / SPARK scan runs, less than 3,000 end systems

  • Debian Base Installation Add-on

Transform a Debian based system into an ASGARD Management Center server by adding additional software sources

It features templates for scan runs and lets you plan and schedule distributed sweeps with the lowest impact on system resources.

Typical incident response scenarios consists of different stages, whereas each stage has its own challenges and required tools. The ASGARD Management Center platform completes our tool-set universe and supports every stage of the incident response process.

ASGARD Management Center’s features are: ƒƒ

  • Flexible and modern web interface ƒƒ
  • Extensive response capabilities ƒƒ
  • Cross-platform agents (Windows, Linux and macOS) ƒƒ
  • Live remote memory analysis via Rekall framework ƒƒ
  • Automatic agent updates ƒƒ
  • Detailed monitoring of client CPU, memory and IO usage and self-imposed limits ƒƒ
  • Task scheduler ƒƒ
  • Fully scalable back-end to handle very large deployments

Further advantages / features are: ƒƒ

  • Customizable platform / open to feature requests ƒƒ
  • Direct contact to the developers / Security Made in Germany