24x7 Log Monitoring: Track and Stop Security Intrusions on the Fly

Share Article

24x7 Security Log Monitoring is yet another instrument of defense that organizations can leverage to protect their networks and applications from malicious attackers. PCI DSS 1.2 mandates merchants to collect and review security logs of security devices and systems that process or protect card holder data. Agnelo D'Souza, Information Security Officer of Kotak Mahindra Bank and Jose Varghese head of Paladion's Managed Risk Services group will jointly present at RSA Conference 2009, San Francisco a case study on how they solved this problem and more.

Servers, Firewalls, Routers, Databases and Applications, in fact all active and intelligent IT infrastructure systems create Logs in truly industrial quantities. Most of the logs represent standard transactions and legitimate activities. But the logging device will capture everything it is configured to log which translates to a log of any illegitimate transactions or activities happening on your network.

As the quantity of logs is massive, you are now faced with the needle in a haystack problem but fortunately it is a problem that can be solved with mature technologies and solid processes. Agnelo D'Souza, Information Security Officer of Kotak Mahindra Bank and Jose Varghese head of Paladion's Managed Risk Services group will jointly present at RSA Conference 2009, San Francisco a case study on how they solved this problem and more.

In very simple terms, the process starts with what devices should be monitored and what kind of activities on these devices should be logged. Once log collection is implemented, the logs are collected in one place and normalized i.e. modified to have the same formats and subsequently fed into a log correlation engine. This log correlation engine does something interesting, it studies all the events at the perimeter routers, firewalls, attempts to break into applications etc. and has the capability to spot the relationship between seemingly unrelated events. This is when the needles in the haystacks are found and SOC (security operations center) operators analyze the alerts and start taking steps to thwart these potential attacks in progress.

24x7 Security Log Monitoring is yet another instrument of defense that organizations can leverage to protect their networks and applications from malicious attackers. PCI DSS 1.2 mandates merchants to collect and review security logs of security devices and systems that process or protect card holder data. Any organization that has critical information assets on the web can benefit from 24x7 security log monitoring. With several providers offering a global delivery model, price points are as attractive as they have ever been. Take advantage of 24x7 Log Monitoring and monitor your critical IT infrastructure 24x7.

About Paladion
Paladion is a full service information security provider with US head office in Herndon. VA. Paladion manages technology and operational risks in a continuous and holistic manner. Paladion was founded in 2000 and is already serving 400+ customers in 15 nations globally. Paladion delivers its services from ISO 27001 security certified facilities and hosts SOC infrastructure in SAS 70 Type II certified datacenters. Paladion provides a unique technology platform and integrated services framework to actively monitor, reduce and prevent risks on 24x7 basis. Paladion is also a world leader in security testing services offered under the Plynt trade name.

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

SACHIN VARGHESE
Visit website