LogLogic MX2010

It’s pricey but LogLogic can provide proof that you’re complying with data protection standards and keep the auditors happy as well.

Price
£22,705

The shocking number of security breaches involving personal data shows that all too many businesses are still failing to provide adequate measures to stop this information falling into the wrong hands. Fortunately, there are a wide range of standards that aim to prevent this happening by providing best practise guidelines. Developed by all the major credit card companies, the PCI DSS (Payment Card Industry Data Security Standard) is a prime example, which insists that those companies processing, storing or transmitting payment card data must be compliant or they could lose their privileges.

Part of the PCI DSS guidelines are periodic audits carried out by qualified security assessors (QSAs) and this is where LogLogic comes in as its family of appliances aim to provide log data gathering and reporting tools that enable regulatory compliance to be proven.

On review is the latest MX2010 appliance which is aimed at mid-sized businesses and combines the functions of LogLogic's LX and ST appliances into a single solution. It doesn't skimp on features as you get the same choice selection as offered by the larger products and the only payback is a reduced storage capacity for log messages and performance with the MX2010 capable of handling 1,000 messages per second.

The MX2010 can be easily customised to suit requirements as LogLogic offers a range of compliance suites. Along with PCI DSS you have options for SOX (Sarbanes-Oxley), HIPAA (Health Insurance Portability and Accountability Act), ITIL (IT Infrastructure Library) and FISMA (Federal Information Security Management Act). Additional suites cost a shade over 5,000 so can add significantly to the price but LogLogic advised us that most customers only choose one.

The MX2010 accepts log data from a huge range of sources and supports SNMP, HTPP and HTTPS streams, syslog, syslog-ng, Windows drive mapping, JDBC connectors for database logs, FTP, SFTP and SCP. In environments with a wide range of security appliances, servers, firewalls and so on you'd expect deployment to be a lengthy process but you'd be wrong. All you need do is tell each source device where to send its log data and the MX2010 will automatically identify it from its traffic. LogLogic does away with the need for agents as any device that can write log data to any of the supported methods can be used.

The appliance's web interface is very intuitive and the home page provides a rundown on the status of the hardware along with message throughput plus the number of messages and their category. It's easy enough to see the data being provided by a specific device as the appliance automatically categorises it as it is received. You can also approve devices before their log data is accepted by switching off the automatic identification function.

From the real time viewer you can see all log messages being received by the appliance and drill down to specific source devices and types such as firewalls and servers. Filters using phrases and expressions enable you to refine this further and the real time reports can show plenty of activity information on users, connections, databases and access controls plus mail and web servers.

For even more detail you can use LogLogic's advanced reporting facilities. We created a number of custom reports looking at areas such as external users attempting to access personal data. We could select the type of access method such as FTP or SSH, see the physical devices that handled this traffic and list associated IP addresses. If you're enforcing AUPs (Acceptable Use Policy) in the workplace then the web activity reports will come in handy as these can show what sites specific users were accessing.

Featured Resources

BIOS security: The next frontier for endpoint protection

Today’s threats upend traditional security measures

Download now

The role of modern storage in a multi-cloud future

Research exploring the impact of modern storage in defining cloud success

Download now

Enterprise data protection: A four-step plan

An interactive buyers’ guide and checklist

Download now

The total economic impact of Adobe Sign

Cost savings and business benefits enabled by Adobe Sign

Download now

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
Nokia will replace Huawei as BT's largest 5G equipment provider
5G

Nokia will replace Huawei as BT's largest 5G equipment provider

29 Sep 2020