NNT Log Tracker Enterprise™
Comprehensive and easy-to-use Security Information and Event Management (SIEM) solution for any compliance mandate providing:
- Enterprise-Class SIEM Capabilities
- Compliance Automation
- User & System Activity Audit Trails
- Network Anomaly Forensics
- Proactive Threat Detection
Log Analysis or SIEM, is a key weapon in the fight against any cyber-attack. By gathering logs from all devices including network devices, Unix and Windows servers, applications and databases, and analyzing them for unusual or suspicious activity, the method and source of any attack can be identified, enabling preventative measures to be continually improved.
NNT Log Tracker Enterprise has built-in support for all major GRC standards, protecting customer data and customer privacy to auditor-ready levels right out of the box, including:
Compliance Standards Supported
- PCI DSS V3.2
- Sarbanes-Oxley
- NIST 800-53
- DISA STIG
- HIPAA
- NERC CIP and NRC RG
- DODI Defense Cybersecurity Program
- FedRAMP
- COBIT
Platforms and Applications Supported
- Network Devices, including Cisco, Juniper, Nortel, Avaya, Huawei, Dell
- All Windows, Unix and Linux servers, including Solaris, RHEL, SUSE, Ubuntu, CentOS, HP/UX, AIX and Non Stop
- Firewall or IPS and IDS devices, including Checkpoint, Cisco ASA, Palo Alto, Fortinet, WatchGuard and SonicWall
- Database and Data Warehouses servers including SQL Server, Oracle, DB2, MySQL, PostgreSQL, Hadoop, Netezza, Informix, and Teradata
- Middleware and Web Servers including JBOSS, Fusion, WebSphere, IIS, Apache, Tomcat, JBoss, HIS, Websphere, SunOne and Weblogic
- SCADA, HMI, MES and other Industrial Control Systems, including Schneider Electric, GE and Siemens
- IBM Mainframes and IBM AS/400-iSeries, for user activity and File Integrity Monitoring
- All other potentially useful sources of log information such as door Entry systems, Environmental sensors, etc
NNT Log Tracker Enterprise™ doesn’t stop there. All event logs are analyzed and correlated automatically, applying a comprehensive series of rules pertinent to any Security or Governance policy. Any breach of compliance will be alerted immediately allowing pre-emptive action to be taken before a problem arises. Pre-defined rules templates allow you to be in control of compliance, straight out-of-the box. And of course, even subtle hacker activity will be highlighted in real-time using Log Tracker SIEM threat detection rules.
- Support for all Security and Governance Policies, via pre-packed Compliance Rule Templates
- Real-Time Security Warnings i.e. Attempted Brute Force Attack
- PCI DSS, SOX, NIST 800-53, DISA STIG, HIPAA, NERC CIP and NRC RG, DODI Defense Cybersecurity Program
- FedRAMP
- COBIT of Connection support ‘out of the box’
- Web-based Dashboard and Integration with Servicedesk as standard
- Powerful, Keyword-Based Event Log Mining across any combination of Devices and Applications
- Easy to Expand Coverage and Storage
Log Tracker Enterprise™ allows you to focus on true exceptions and important events by masking off the sometimes overwhelming flood of logs. The pre-built Compliance Templates can be used to build your own keyword and logic-based correlation rules, allowing you to manage what really matters to your organization from a security and compliance standpoint.
- 100% software-based solution provides a much less restrictive solution than fixed-form appliances from LogRhythm and McAfee
- Easy to expand capacity via VM resource without rigid events per seconds (EPS) licensing used by most other SIEM appliances such as QRadar and ArcSight
- Larger scale requirements catered for using multiple distributed Event Collectors and Servers much more flexible and less expensive than appliance-based solutions
- No limit on daily license or indexing capacity unlike comparable solutions from Splunk which cost more anytime the basic Gigabyte allowance is exceeded
- No hidden or extra costs for different device types, Manufacturers or Databases to be covered
- Where a managed SIEM service or outsourced PCI Compliance Service is preferred, NNT can offer our NNT Security Event Analysis Service, providing a comparable service to that offered by the likes of Trustwave and Dell SecureWorks
Best of all, its quick and easy to get results for any log source (application, platform, device, appliance etc). Unlike most other SIEM tools, there is no need for any complicated configuration of log sources, parsing rules, custom properties or regular expressions to normalize data – Log Tracker runs a keyword index for all log data from all sources straight out of the box!
Plus all the benefits of NNT Change Tracker's non-stop, continuous vulnerability management and real-time, enterprise-class file integrity monitoring to give an unrivaled security and compliance solution.
