1.2 The Solution That Sentinel Provides
Sentinel acts as the central nervous system to the enterprise security. It pulls in data from across your entire infrastructure—applications, databases, servers, storage, and security devices. It analyzes and correlates the data, and makes the data actionable, either automatically or manually.
Figure 1-2 The Solution That Sentinel Provides
The result is that you know what is happening in your IT environment at any given point, and you have the ability to tie the actions taken on resources to the people taking those actions. This allows you to determine user behavior and effectively monitor control. No matter if that person is an insider or not, you can tie together all the actions they take so that unauthorized activities become clear before they do damage.
Sentinel does this in a cost-effective way by:
-
Providing a single solution to address IT controls across multiple regulations.
-
Closing the knowledge gap between what should happen and what is actually happening in your networked environment.
-
Demonstrating to auditors and regulators that your organization documents, monitors, and reports on security controls.
-
Providing out-of-the-box compliance monitoring and reporting programs.
-
Gaining the visibility and control required to continually assess the success of your organization’s compliance and security programs.
Sentinel automates log collection, analysis, and the reporting processes to ensure that IT controls are effective in supporting threat detection and audit requirements. Sentinel provides automated monitoring of security events, compliance events, and IT controls allowing you to take immediate action if there is a security breach or non-compliant event occurring. Sentinel also allows you to easily gather summary information about your environment so you can communicate your overall security posture to key stakeholders.