Security Information & Event Log Management (SIEM)

Secure, Centralized Event Log Management from NNT

Show me the detail

As well as being a fantastic aid to general IT troubleshooting and management, Log Analysis or SIEM, is a key weapon in the fight against any cyber-attack. By gathering logs from all devices including network devices, Unix and Windows servers, applications and databases, and analyzing them for unusual or suspicious activity the method and source of any attack can be identified, enabling preventative measures to be continually improved.

This is why all security policies place log retention at their core. PCI DSS compliance for example, requires logs to be gathered and reviewed daily, and retained for at least one year. Similarly for GCSx Code of Connection or CoCo compliance - audit logs recording user activities, exceptions and information security events are to be retained for at least 6 months.

Log Tracker Enterprise™ from NNT will gather logs from all:-

• Network devices
• Windows, Unix and Linux servers
• Firewall or IPS and IDS devices, Email and Web Servers
• Database and Application servers – including IBM Mainframes
• All other potentially useful sources of log information

NNT Log Tracker Enterprise™ doesn’t stop there. All event logs are analyzed and correlated automatically, applying a comprehensive series of rules pertinent to any Security or Governance policy. Any breach of compliance will be alerted immediately allowing pre-emptive action to be taken before a problem arises. Pre-defined rules templates allow you to be in control of compliance, straight out-of-the box.

NNT’s complete solution for all Security Information and Event Management (SIEM) requirements provides:-

• Support for all Security and Governance policies, via pre-packed Compliance Rule Templates
• Real-time security warnings i.e. violation of file integrity monitoring rules
• PCI DSS and GCSx Code of Connection support ‘out of the box’
• Web-based dashboard and integration with Servicedesk as standard
• Powerful, keyword-based Event Log mining across any combination of devices and applications

Log Tracker Enterprise™ allows you to focus on true exceptions and important events by masking off the sometimes overwhelming flood of logs. The pre-built Compliance Templates can be used to build your own keyword and logic-based correlation rules, allowing you to manage what really matters to your organization from a security and compliance standpoint.

NNT Log Tracker Enterprise integrates with NNT Change Tracker™ for a fully comprehensive security and compliance solution.