LogInspect can help you achieve a complete insight to your network, and help meeting common regulations such as PCI, Sarbanes Oxley, HIPAA, Basel-II, ISO-17799 (auditing and monitoring) and ISO27001 which includes DS-484:2005. The LogInspect provides prebuilt templates for most common use-cases like compliance and security reports. But reports can also be custom made with the modular report engine so it matches your needs.
Reports on Asset Security Modifications. Security changes to a system asset is registered in a "Security Modification" category.
Reports on User Authentication. User authentication are stored for reporting in administrator successful and failed attemps, plus user successful and failed attempts.
Reports on Security Incidents. Security Incidents and system errors are automatically detected and reported by the LogInspect intelligence.Besides presentation the findings in easily to read reports we also meeting other requirements put forward by the regulations such as.
Integrity of Logs. Log data collected are stored in a secure archive which protects against data modifications and audit logs disappears (with checksums and double timestamps).
Access to Original Log Data. The original log format is accessible for backup, forensic usage and statistical usage. This gives a big flexibility when integrating with third party vendors or investigators.
Asset Owners. Each asset defined can have a primary owner and a list of secondaries. This makes the process of incident respond and incident management more smooth since there can be set a default assigned person (or group).
Role Based Access. LogInspect has a very complex Role Based Access model which can be used if needed. Every view can be defined whether they are allowed to be presented or not for a user and each object can have its own settings too. A good use-case example of this is; to let a user view (but not modifiy) all pages, and only present the systems which he/she is responsible for.
Audit Logs. Every authentication attempt and user action made which results in a modification is logged in an audit log. This audit log can be used to track changes to discover errors based on configuration, who made the changes and from where.
August 16, 2010
Automated Log Management
COLLECT – STORE – ANALYZE – REPORT
Collection of logs is demanded by regulatory or security requirements. Log data is collected from any number of devices on a network and is created in the millions every day resulting in a staggering volume that in itself is a huge task to manage.
Secure storing of the massive Log data is imperative for IT controls and compliance. The LogInspect architecture ensures that any IT environment, whether local or distributed worldwide, can scale to fit even the most demanding IT infrastructures.
Analysis remains the most sophisticated part of LogInspect. Different devices generate logs in a distinct, inconsistent and often cryptic format that is difficult to analyze without in-depth system specific expertise. Also, many of the conditions that indicate issues can only be detected when logs are correlated or associated with logs happening on other systems and devices. If caught in time, these signs can alert personnel to take necessary actions before security is compromised.
LogInspect analysis is done in real-time for immediate insight into unusual and suspicious user/network activity - a task that is impossible to do manually in even midsized companies.
Once a given task is defined the best management tool for control is reporting. LogInspect include a powerful report generator that makes it easy to define and schedule relevant reports based on standard compliance or fully customized requirements.
Collection of logs is demanded by regulatory or security requirements. Log data is collected from any number of devices on a network and is created in the millions every day resulting in a staggering volume that in itself is a huge task to manage.
Secure storing of the massive Log data is imperative for IT controls and compliance. The LogInspect architecture ensures that any IT environment, whether local or distributed worldwide, can scale to fit even the most demanding IT infrastructures.
Analysis remains the most sophisticated part of LogInspect. Different devices generate logs in a distinct, inconsistent and often cryptic format that is difficult to analyze without in-depth system specific expertise. Also, many of the conditions that indicate issues can only be detected when logs are correlated or associated with logs happening on other systems and devices. If caught in time, these signs can alert personnel to take necessary actions before security is compromised.
LogInspect analysis is done in real-time for immediate insight into unusual and suspicious user/network activity - a task that is impossible to do manually in even midsized companies.
Once a given task is defined the best management tool for control is reporting. LogInspect include a powerful report generator that makes it easy to define and schedule relevant reports based on standard compliance or fully customized requirements.
Subscribe to:
Posts (Atom)