LogLogic MX2010

It’s pricey but LogLogic can provide proof that you’re complying with data protection standards and keep the auditors happy as well.

Price
£22,705

The shocking number of security breaches involving personal data shows that all too many businesses are still failing to provide adequate measures to stop this information falling into the wrong hands. Fortunately, there are a wide range of standards that aim to prevent this happening by providing best practise guidelines. Developed by all the major credit card companies, the PCI DSS (Payment Card Industry Data Security Standard) is a prime example, which insists that those companies processing, storing or transmitting payment card data must be compliant or they could lose their privileges.

Part of the PCI DSS guidelines are periodic audits carried out by qualified security assessors (QSAs) and this is where LogLogic comes in as its family of appliances aim to provide log data gathering and reporting tools that enable regulatory compliance to be proven.

On review is the latest MX2010 appliance which is aimed at mid-sized businesses and combines the functions of LogLogic's LX and ST appliances into a single solution. It doesn't skimp on features as you get the same choice selection as offered by the larger products and the only payback is a reduced storage capacity for log messages and performance with the MX2010 capable of handling 1,000 messages per second.

The MX2010 can be easily customised to suit requirements as LogLogic offers a range of compliance suites. Along with PCI DSS you have options for SOX (Sarbanes-Oxley), HIPAA (Health Insurance Portability and Accountability Act), ITIL (IT Infrastructure Library) and FISMA (Federal Information Security Management Act). Additional suites cost a shade over 5,000 so can add significantly to the price but LogLogic advised us that most customers only choose one.

Advertisement
Advertisement - Article continues below

The MX2010 accepts log data from a huge range of sources and supports SNMP, HTPP and HTTPS streams, syslog, syslog-ng, Windows drive mapping, JDBC connectors for database logs, FTP, SFTP and SCP. In environments with a wide range of security appliances, servers, firewalls and so on you'd expect deployment to be a lengthy process but you'd be wrong. All you need do is tell each source device where to send its log data and the MX2010 will automatically identify it from its traffic. LogLogic does away with the need for agents as any device that can write log data to any of the supported methods can be used.

The appliance's web interface is very intuitive and the home page provides a rundown on the status of the hardware along with message throughput plus the number of messages and their category. It's easy enough to see the data being provided by a specific device as the appliance automatically categorises it as it is received. You can also approve devices before their log data is accepted by switching off the automatic identification function.

From the real time viewer you can see all log messages being received by the appliance and drill down to specific source devices and types such as firewalls and servers. Filters using phrases and expressions enable you to refine this further and the real time reports can show plenty of activity information on users, connections, databases and access controls plus mail and web servers.

For even more detail you can use LogLogic's advanced reporting facilities. We created a number of custom reports looking at areas such as external users attempting to access personal data. We could select the type of access method such as FTP or SSH, see the physical devices that handled this traffic and list associated IP addresses. If you're enforcing AUPs (Acceptable Use Policy) in the workplace then the web activity reports will come in handy as these can show what sites specific users were accessing.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354252/huawei-takes-the-us-trade-sanctions-into-its-own-hands
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019
Visit/mobile/mobile-phones/354273/pablo-escobars-brother-launches-budget-foldable-phone
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019