LogPoint SIEM Solution
LogPoint for Security Information and Event Management
By extracting events and incidents from the logs of your existing IT infrastructure, LogPoint provides a secure, centralized log archive. The built-in log analysis engine automatically detects, and notifies on, all critical incidents on your systems.
EAL 3+ certified, the solution is tailored to solve the specific security management challenges of your business – whether the goal is compliance, forensics or operational insight. The raw log data from your systems can be used to:
- Automate compliance processes
- Improve efficiency in forensics investigations
- Increase troubleshoot turnaround time
- Improve your security position
- Gain visibility into the organization
The solution is scale-able and easy to implement and manage. Filtered and carefully correlated results are displayed in easy-to-manage Dashboards that can be configured based on the specific roles and responsibilities of each user.
Available as a perpetual or annual subscription model, on a preconfigured appliance or any common brand of hardware, VMware or HyperV – there is flexibility in terms of deployment.
A wide range of reporting templates are included for compliance such as PCI, SOX, ISO2700X etc. These can be modified to suit or new reports created from scratch using the intuitive Report Wizard.
The dashboard offers a structured overview of critical events & security incidents in real-time. User configurable, they can reflect desired views based on a user’s privileges.
With LogPoint’s full data-enrichment capabilities you obtain an added dimension of analysis, without the need to import and fragment existing data.
The solution is powered by the latest NoSQL technologies - thus enabling the ability to receive and normalize billions of logs generated on your infrastructure every day.
The built-in scaling architecture enables enterprise-wide implementation. Supporting an infinite number of collection, analysis and presentation points, the solution provides the ultimate degree of flexibility.
The solution can be shipped as a virtual appliance, a physical appliance or software to be installed on your own hardware; allowing organizations flexibility in deployments and orchestrating of storage.
The solution is licensed on the number of devices that send logs to the solution. Thus, organizations can scale to as many LogPoint servers as needed, while maintaining transparent cost-projections.
The solution offers easy integration with both external data and existing information sources such as asset-management systems, directories, HR- and ERP systems and others.
Categorizing New Elements
Any new application, business process or infrastructure component will be immediately covered and classified, thus featuring in LogPoint without user involvement.