You’re worried about data breaches or maybe you’re working toward
PCI-DSS, FISMA or HIPAA compliance, but you’re not sure what more you need to do or where to start. You likely have some combination of firewalls, intrusion prevention systems, vulnerability scanners and AV software in place, but these systems generate more information than you can act on, and are completely siloed from each other. You know you need to address your compliance requirements for log collection, but how do you turn all that information from all your different systems’ logs into usable information? Also, from that information, you want to be able to easily investigate and quickly respond to suspicious incidents that occur on your network. On top of that, you don’t want to spend a lot of time and money on products that don’t end up addressing your needs.
In a recent discussion with Brian Singer, Solutions Marketing Manager for Novell Security Management, he outlined a security management model that addresses these concerns with a phased approach comprised of the following three main security management aspects:
This phased approach is designed to help you immediately get more value out of your existing investments, and also allows you to grow and add more capabilities as you’re ready.
If an organization simply looks at its log data, it can often spot breach warning signs and stop breaches before they ever occur.
Start withLog Management
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.