Access your Pro+ Content below.
Log management reins in security and network device data
This article is part of the October 2007 issue of Information Security magazine
Enterprises are swimming in a sea of logs. The deluge includes logs from servers, security systems such as firewalls and IDSes, events from network infrastructure devices such as routers and access gateways, and from various software and hosted services. Making it even more overwhelming is that the information isn't necessarily collected in a way to resolve security incidents in real time, or to troubleshoot situations that involve multiple segments of the enterprise network infrastructure. Increasingly, however, IT administrators are under pressure to get a handle on their logging practices and manage log data. Regulations such as SOX and HIPAA require some type of audit trail, making log management critical for demonstrating compliance, while the Payment Card Industry (PCI) Data Security Standard specifically calls out the need for log review. Also, the latest changes to the Federal Rules of Civil Procedure (FRCP) require better log collection for legal evidence. "We have seen a shift in the market toward regulatory and ...
Access this Pro+ Content for Free!