Security Management Solutions
Security Management Solutions
Overview | Management | Board & Investors | Careers | Contact Us
Overview | NerveCenter | InfoCenter | ThreatCenter | LogCenter | InfoCenter on IBM BladeCenter
Overview | Compliance Solutions | Security Management Solutions | Network Management Solutions
Overview | Professional Services | Education & Training | Customer Support
Overview | Case Studies
Overview | Premier Partners | Strategic Partners | Technology Partners
Press Releases | Articles & News | Tradeshows & Exhibits
Firewall Log Analysis & Security Event Correlation Software

Firewall Log Analysis


Even for organizations with one or two firewalls, it can be difficult to take the time to perform firewall log analysis to determine whether and how hackers are trying to break in, or understand whether the latest worm is trying to exploit yesterday's newly announced vulnerabilities. For larger enterprises and government entities, the problem gets significantly worse. Firewall log volumes can reach tens of thousands of events per second, a volume that required specialty firewall log analysis and security event correlation software to make sense of. Also firewall log analysis (both real-time and forensic) is becoming a fundamental requirement to meet newly enacted legislative mandates and regulatory rules.

Unfortunately, many companies still rely on firewall log analysis using traditional batch processing techniques such as PERL scripts. While the data obtained may be useful, it certainly isn't timely—and as a result its relevance is significantly reduced. Worse yet, home-grown solutions can't easily link firewall logs from multiple systems together—a problem made worse for organizations with more than one firewall vendor—and can't correlate the data seen from an individual device with any others, target vulnerabilities, downstream IDS solutions, or the business that would be affected by a threat against the targeted asset.

ThreatCenter solves this firewall log analysis dilemma. By using a highly efficient, scalable and distributed processing architecture, ThreatCenter can handle firewall log analysis for the largest, global enterprises. Easily deployed and supporting enterprise standard systems from leading vendors, ThreatCenter builds on your existing firewall logging and consolidation architecture rather than replacing or modifying it. It analyzes logs in true real-time, normalizes data streams to enable cross-vendor correlation, and integrates these data streams with events from other systems, asset value data and vulnerability scans. As a result of ThreatCenter's firewall log analysis capabilities, you get an integrated view into the threats outside and inside your organization, enabling you to prove regulatory compliance and getting more efficient, more effective, more relevant security operations.

ThreatCenter's firewall log analysis enables comprehensive, understandable and interactive threat, alert and operations reports based on the analyzed data. Its complementary firewall log management system, optimized to store, analyze and report on terabytes of firewall log data using commodity hardware, delivers affordable long term storage and analysis of firewall (and other system) log events, at a price/performance point that simply cannot be matched by commercial or in-house relational firewall log analysis and persistence databases.

 | Privacy Policy  | Copyright  | ©2002-2008 OpenService, Inc. All Rights Reserved