• No results found

syslog-ng Product Line

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "syslog-ng Product Line"

Copied!
18
0
0

Loading.... (view fulltext now)

Download now ( 18 Page )

Full text

(1)

■ www.balabit.com

(2)

■ www.balabit.com

syslog-ng Description

■ IT environments constantly generate

important data in log messages

■ syslog-ng □ Collects □ Filters □ Classifies □ Normalizes □ Stores □ Transfers

■ syslog-ng is not a log analysis tool but it is

(3)

■ www.balabit.com

Log Management Infrastructure Debugging

Software InfrastructureDiagnostics Compliance Security

The Evolution of Log Management

Servers, Routers, Gateways Network Configuration Changes Audit Logs File changes Authentication Radius LDAP Firewalls Intrusion Detection Identity Access Management Business Intelligence Web Servers Clickstream Data Custom Applications Databases ERP CRM Mobile Devices ■ More data

■ More complex data ■ More important data

■ Can your log management

(4)

■ www.balabit.com

Product Family

syslog-ng Open Source Edition

□ Leader since 1998, de facto standard in 2001 □ Large, world-wide community

syslog-ng Premium Edition

□ Commercial version □ Additional features □ Professional support

syslog-ng Store Box

□ Turnkey appliance

(5)

■ www.balabit.com

syslog-ng Open Source Edition

Key Features

□ Flexible message filtering and re-writing □ Pattern-based classification

□ Secure log transfer via SSL/TLS

□ Flow-control – adaptive message rate

control

□ High speed processing > 650k/sec

Community

□ 100,000s of users worldwide □ Well know by system admins □ Included in 3rd party devices

(6)

■ www.balabit.com

syslog-ng Premium Edition

Additional Features

□ Zero Message Loss

□ Reliable Log Transfer Protocol

(RLTP)

□ Client side failover □ Disk buffer

□ Encrypted log storage

□ SQL source and destination support □ Windows support

□ Support for more than 50 server

platforms

(7)

■ www.balabit.com

syslog-ng Store Box (SSB)

■ Key Features

□ Turnkey solution

□ Web-based Graphical User Interface (GUI)

□ Flexible message filtering, classification, re-writing □ Encrypted storage

□ Fast search capability via indexing □ Message rate alerts

□ Customizable reports

(8)

■ www.balabit.com

Key Technology Differentiators

■ Reliability - Zero message loss

□ Application level acknowledgement - Reliable Log Transfer Protocol □ Disk-based buffer

□ Client side failover

■ Security

□ Encrypted transfer and storage

■ Scalability

□ High speed processing < 650k/sec

■ Flexibility

□ Widest platform support

□ OS support AIX, FreeBSD, Solaris, RHEL, SLES, Debian, Ubuntu, Tru64

□ CPU architectures - x86_64, i386, Alpha, PA-RISC, Itanium, SPARC, POWER □ Wide variety of logs messages natively supported

(9)

■ www.balabit.com

Typical Use Cases

Enterprise Class Log Management

Distributed, heterogeneous IT environments

Optimizing SIEM solutions

Lower TCO, Improve analysis performance

Compliance

Meet SOX, HIPAA, PCI-DSS and more regulatory

requirements more efficiently with reliable,

tamper-proof data

Forensics

Find out what, when, and who more quickly with

(10)

■ www.balabit.com

Typical Use Case

Optimizing SIEM

■ The Challenge – Ensuring data feeding SIEM is reliable

□ “By 2016, 40% of enterprises will actively analyze at least 10 terabytes of data for

information security intelligence, up from less than 3% in 2011.” source: Gartner

□ Analysis is only as good a the data feeding it

□ Many SIEM installations fail due to poor log management

■ The Solution – Optimize SIEM with robust log management

□ syslog-ng improves SIEM installations with □ Wider log source coverage

□ Extensive platform support □ Zero message loss

□ Optimize Performance

□ Faster SIEM query times – analyze what is important

□ Lower TCO – SIEM vendors offer usage or capacity based pricing (eps or

(11)

■ www.balabit.com

Typical Use Case

Enterprise Class Log Management

■ The Challenge – Managing logs in a large, global IT environment

□ Large distributed IT infrastructure

□ 100s of locations, 1000s of log sources □ Heterogeneous environment

□ Many legacy systems, custom applications □ Mission critical

□ Business processes rely on infrastructure and applications

■ The Solution – Centralize log data

□ One tool for collection and pre-processing

□ Collect from wide variety of sources □ Filter, classify, parse, re-write

□ Wide range of server platforms supported

□ Scale to the largest IT environments

(12)

■ www.balabit.com

Typical Use Case

Forensics

■ The Challenge – Find out what, when, who...and fast

□ IT Operations

□ Server or network crash □ Fraud investigation

□ Internal or external threats □ Legal challenges

□ Providing evidence in court

■ The Solution – Reliable, accessible log data

□ Centralize – Collect log data from a wide variety of sources and locations

□ Organize - Filter, classify, and organize various types of logs to ensure logs are

quickly accessed

□ Preserve – Ensure log data is not lost □ Reliable transfer

(13)

■ www.balabit.com

Typical Use Case

Compliance

■ The Challenge – Comply with many regulations efficiently

□ Data Protection - PCI-DSS, HIPAA, EU Data Directive □ Financial - SOX (EuroSox, Jsox), FISMA Basel II

□ Internal Policies - Data retention/deletion

■ The Solution – Reliable log management solution

□ Ensure reliability

□ Zero message loss □ Ensure security

□ Encrypted transport – TLS/SSL □ Encrypted storage – Logstore

(14)

■ www.balabit.com

Licensing

■ syslog-ng Open Source

□ Combination of GPL and LGPL

■ syslog-ng Premium Edition

□ Log Source Hosts (25 – 3,000, > 3,000 unlimited)

□ High Speed deployments ( > 200k messages per second) priced individually

■ syslog-ng Store Box

□ Log Source Hosts (50 – 1,000, > 1,000 unlimited) □ Hardware Configurations

(15)

■ www.balabit.com

BalaBit Professional Support

■ Post-Sales Support

□ “Part of the Product” □ Three level support

□ Level 1 – Customer care □ Level 2 – System Engineers □ Level 3 – Software Developers □ Highly qualified engineers

□ Direct contact with software development team □ Tight coordination with 1st line Partner Support

■ Three Support Packages

□ Base – 8x5, Next business day response time □ Extended – 12x5, 4 hour response time

(16)

■ www.balabit.com

BalaBit Professional Support

■ Pre-Sales Support

□ Technical Consultation

□ Project Scoping

□ Proof of Concept

□ Request for Information/Proposal

□ Feature request management

■ Integration Services

□ Design, Planning, Installation □ Pilot configuration support □ Configuration validation

■ Training Services

(17)

■ www.balabit.com

(18)

■ www.balabit.com

Conclusion

Log data is essential for IT operations, security,

compliance, and increasingly for business intelligence

Choose a trusted log management infrastructure that

□ Prevents message loss during transfer

□ Prevents tampering with encrypted transfer and storage □ Scales to the ever increasing amount of data

To learn more

□ Visit our website

http://www.balabit.com/network-security/syslog-ng

□ Contact our Sales Team – [email protected] □ Contact our Pre-Sales Support Team –

References

Download now ( PDF - 18 Page - 598.40 KB )

Related documents

Roles of Protein Arginine Methyltransferase 7 and Jumonji Domain-Containing Protein 6 in Adipocyte Differentiation: A Dissertation

Thus while JMJD6 has the potential to post- translationally modify chromatin and/or proteins involved in transcription, splicing, or any other cellular process,

Ten Ways the IT Department Enables Cybercrime

Why else would we spend disproportionate time and money reinforcing the data centre perimeter with technologies such as authentication, access management, firewalls, network

SERVICE MANUAL. Commercial Air Conditioning. Models. Features AS072XVERA AS092XVERA AS122XVERA AU182XFERA AU222XFERA

Press ON/OFF button (from OFF mode to ON mode), the times of SLEEP button to be pressed is the set unit number, then press ON/OFF button to quit unit number setting state, at

Ancero Hosted Virtual Server (HVS) and Hosted Virtual Desktop (HVD) Service Guide

 Notify Ancero of equipment or network configuration changes that affect the Services provided for herein  Perform authentication process required to determine the identity of

Event Log Management & Compliance Best Practices: For Government & Healthcare Industry Sectors. By Ipswitch, Inc. Network Managment Division

BASELINE ELM STRATEGY FOR SECURITY, COMPLIANCE AND AUDIT Key Windows and Syslog Events to Monitor • Any changes to File or Folder ACLs • Registry Access – adds, changes,

STATE OF ARIZONA 2007 HOMELAND SECURITY STRATEGY. Securing Arizona, Together

The Arizona State Homeland Security Strategy (SHSS) of 2004 implemented regionalization, providing a statewide supplemental, independent and standardized threat-

Release Note Um180fdkmfc c02 Pb

The model files and rule decks included in this release Design Kit were available at the time of this revision.. The user needs to obtain the latest model files and rule decks

Cybersecurity: Who's Watching the Store?

Even so, fewer than half of respondents in the 2002 CSI survey (44 percent) were willing or able to quantify financial losses due to attacks, which means that the data that