by Nancy Richards
According to the SANS Institute, congress and state governments are expected to pass more legislation governing the protection of customer information in the foreseeable future. “This is a great challenge for business since more legislation inherently means more electronic data retention and harsher penalties for non-compliance” according to Activeworx Technical Manager, Albert Caballero CISSP, GSEC, BA MIS Security. How can a business quickly adapt to ever changing compliance rules? Does this mean that a corporation has to continually buy new software and hardware in order to comply with these new regulations?
Activeworx Security Center (ASC), CrossTec Corporation’s Security Information and Event Management (SIEM) tool, provides the software solution for these ever growing problems by providing real-time security event analysis, reporting, and correlation. ASC’s robust, built-in reporting engine and multi-vendor support enables administrators to leverage current technologies and is FLEXIBLE enough to support any new technologies as they are implemented. Comprehensive reports for investigative or compliance purposes can be quickly generated with ASC. These rich, graphical reports are CUSTOMIZABLE to meet current and future compliance needs, and detailed enough to provide a picture of the overall security posture of the organization. This is all in one software solution, not an expansive device.
Another question that needs to be addressed is how does an administrator guess what information will be relevant at a later time or which electronic data must be archived for compliance? There’s no need to try to predict the future. With ASC Enterprise (ASCe), CrossTec Corporation is introducing complete Log Management capabilities for every event that occurs on your network and/or systems. Caballero continues to explain that “although SIEM and Log Management are tightly related, their purposes are completely opposed. Whereas SIEM allows an analyst to discard tons of unnecessary events to pick out the few that are important, the goal of a good Log Management solution is to log every single event from every single device or system on the network and store them to disk for regulatory compliance and future analysis”. Thus, with ASCe, information that may be needed in the future is ACCESSIBLE.
ASCe will be released this Summer and it will support the logging of over 20,000 – 30,000 Events Per Second (EPS), boast 20 to 1 compression of all logs, MD5 check summing and password protection of log data, daily rotation of log files for archives and backups, easy search capabilities on archived audit data. ASCe fully integrates with the ASC SIEM component, so events that occurred in the past can be imported and analyzed today. Thus, ASCe meets compliance regulations and saves administrators time, money and headaches!
Who's Who
- CrossTec
- Edited by Jeff Richards With contributions from: Jeff Dell, Jeff Bowser, Brooke Greenwald, Don Vander Wall, Michael Chatzillias, and other CrossTec people, friends and partners around the world.