Monday February 06 , 2012
Text Size
   
  • Information Security
  • Endpoint Security
  • Governance Regulatory Compliance
  • Network/Infrastructure Security
  • Web Security
datawarehouse

Ensure Confidentiality, Integrity and Privacy of Critical Information

datawarehouse

Protection of Computer Systems and Devices

datawarehouse

Risk Management and Ensure Compliance to Regulations

datawarehouse

Protection for your Local Area Network (LAN) and infrastructure

datawarehouse

Secure Web Content and Infrastructure

Log Management


The Challenge

One major challenge that most organizations have is collecting logs securely, reliably and without heavy management overhead and complexity of access. Users want fast and ad hoc reporting on logs but having both is not easily attainable.

Event data is the utmost growing data and often the principal data store. Even small firms produce more than a terabyte size of data in one day. For the majority, legacy data management is the common source of help. Regrettably, traditional data management systems were developed for transactional data not event data. Diverse requirements to manage event data are:

  • Data - Log and event data can never be updated or changed/span>
  • Collection - Difficult due to hundreds of data formats and dispersed endpoints
  • Analysis - Data must be analyzed in real-time and over extremely long frames
  • Users - Typically few users but they need access to years of data
  • Queries - Often ad hoc, time-sensitive, and dispersed across huge data sets
  • Volume - Enormous volumes of data creation and collection
Efforts to use traditional data management systems to administer event data often direct to a higher overheads and complexity. Security vendors promote the benefits of legacy log management and SIEM tools to manage event data. However, these solutions don't balance and are difficult to customize. These solutions also often can't deal with many of the rising use cases of event data management.

The Solution

Log Management comprises an approach to dealing with large volumes of Computer-generated log messages (also known as audit records, Audit-trails, event-logs, etc). It covers log collection, centralized aggregation, long-term retention and log analysis (in real-time and in bulk after storage).

Today's security and regulatory compliance issues needs a log management solution that can effectively overcome the known challenges of log management to facilitate security information and event management (SIEM) systems without the expensive and lengthy software implementations.

In a latest report in print by the US National Institute of Standards and Technology as the authoritative documentation for Federal requirements for complying with FISMA, the major challenges of log management were independently identified:

  • Number of log sources, velocity of log records, arcane and inconsistent formats
  • Storage requirements, data security
  • Analysis requirements and ability to correlate records from many sources
  • Administrator time, effort and expense to maintain meaningful log management
Log management offers automated assembly, storage, link and reporting to let organizations effectively monitor report and investigate activity and events from thousands of different log sources throughout the enterprise.

Log management functionality enables the ability to monitor end-users as well as administrators for the purpose of detecting suspicious behavior and intrusion attempts, establish audit trails for change control, enforce accountability over administrators, conduct better investigations and forensic analysis.

log_management

The Benefits

Log Management help organizations cost effectively collect, normalize and archive enterprise-wide, security-related data that can be invaluable for security investigation and compliance reporting. Moreover, most companies soon discover their additional value: A centralized and normalized view of system, application and network device logs helps staff quickly troubleshoot and recognize the root cause of an IT problem.

Log Management reduces the time and risk for exhibiting control for regulatory compliance through a combination of advantages:
  • A solution built on the Event Data Warehouse that is very fast to employ and can support various different log data sources including customer sources in just one solution. Our sole event data warehouse architecture that merges the ability to collect, store, report and obtain security event data and provide out-of-the-box reports for all consumers of SIEM.
  • With some of the most respected technology and integration firms as a partner. For almost every significant industry vertical, we work with the leading integrators and solution providers to provide certified support.
  • A Global 2000 customer base including government entities all over the world. Because of a broad customer base, it would be unlikely if haven’t worked before with an organization previously with a similar set of regulatory compliance requirements.