IBM SELM-NET-SEL-011 Manual Do Utilizador
Executive Summary
The economics of network security have changed. The high cost and
complexity inherent in the use of network perimeter defenses has collided with
the need to document regulatory compliance and the need to lower costs for
redundant network infrastructure. The result is a new recognition –
that today businesses need to maintain continuity while analyzing security
events and logs from a true enterprise-wide perspective in order to accurately
document what happened, how it was resolved and how security policy and
implementation improve over time. Security event management and log
management technologies are a key part of this goal. However, it takes a
managed security event and log management solution – with measurable cost
and performance advantages – to fully realize the promise of an enterprise-
level security event and log management system.
complexity inherent in the use of network perimeter defenses has collided with
the need to document regulatory compliance and the need to lower costs for
redundant network infrastructure. The result is a new recognition –
that today businesses need to maintain continuity while analyzing security
events and logs from a true enterprise-wide perspective in order to accurately
document what happened, how it was resolved and how security policy and
implementation improve over time. Security event management and log
management technologies are a key part of this goal. However, it takes a
managed security event and log management solution – with measurable cost
and performance advantages – to fully realize the promise of an enterprise-
level security event and log management system.
Security Event and Log Management (Re-)Defined
Security event management tools and services provide an enterprise-wide
security monitoring and administration solution that collects data on events,
analyzes the data and provides a suitable response to threats on enterprise
assets. Security event management is positioned as a security management tool
that can be used by enterprise-class network management centers or managed
security service providers that are protecting physical and/or logical assets.
Security event and log management encompasses the same functionality as
security event management, but can collect data not only on security events, but
can also collect generic text-based logs generated from various devices such as
firewalls, routers and application servers.
security monitoring and administration solution that collects data on events,
analyzes the data and provides a suitable response to threats on enterprise
assets. Security event management is positioned as a security management tool
that can be used by enterprise-class network management centers or managed
security service providers that are protecting physical and/or logical assets.
Security event and log management encompasses the same functionality as
security event management, but can collect data not only on security events, but
can also collect generic text-based logs generated from various devices such as
firewalls, routers and application servers.
Security event and log management technologies were designed to give
administrators the ability to analyze and understand every security event and
log that occurs within the perimeter of a large enterprise network. Unlike the
log analysis tools built into individual appliances or applications, security
event and log management works across multiple devices (firewalls, intrusion
detection systems, intrusion prevention systems, application servers, etc.) from
multiple vendors.
administrators the ability to analyze and understand every security event and
log that occurs within the perimeter of a large enterprise network. Unlike the
log analysis tools built into individual appliances or applications, security
event and log management works across multiple devices (firewalls, intrusion
detection systems, intrusion prevention systems, application servers, etc.) from
multiple vendors.
2 Executive Summary
2 Security Event and Log
2 Security Event and Log
Management (Re-)Defined
4 The Need for Security Event and
Log Management
5 Managed Security Event and Log
Management Services -
The Smarter Decision
The Smarter Decision
6 Introducing IBM Internet Security
Systems Security Event and Log
Management Service
Management Service
8 A Better Security Event and Log
Management Solution
12 IBM Security Operations Center
(SOC) Event Monitoring Service
13 Conclusion
14 Protection on demand
14 Contact IBM Internet Security
14 Protection on demand
14 Contact IBM Internet Security
Systems to Learn More
14 About IBM Internet Security
Systems
Contents
Security Event and Log Management Service
Page 2
Page 2