1.1 Challenges of Securing an IT Environment

Securing your IT environment is a challenge because of the complexity of the environment. Typically, there are many applications, databases, mainframes, workstations, and servers in your IT environment, and all these entities generate logs of events. You might also have security devices and network infrastructure devices that generate logs of events in your IT environment.

Figure 1-1 What Happens in Your Environment

Challenges arise because of the following facts:

There are many devices in your IT environment.
The logs are in different formats.
The logs are stored in different locations.
The volume of information captured in the log files is large.
It is impossible to determine event triggers without manually analyzing the log files.

To make the information in the logs useful, you must be able to perform the following:

Collect the data.
Consolidate the data.
Normalize disparate data into events that you can easily compare.
Map events to standard regulations.
Analyze the data.
Compare events across multiple systems to determine if there are security issues.
Send notifications when the data does not comply with the norms.
Take action on notifications to comply with business policies.
Generate reports to prove compliance.

After you understand the challenges of securing your IT environment, you need to determine how to secure the enterprise for and from the users without impacting the user experience. Sentinel provides the solution.