LogLogic MX2010

It’s pricey but LogLogic can provide proof that you’re complying with data protection standards and keep the auditors happy as well.

Real time reports can be used to alert you to critical events. Filters are used to look for specific events and if triggered the MX2010 can send messages to a syslog server or via email and SNMP trap. Naturally, you'll want to ensure only authorised users can access the log data and the extensive range of controls enables you to determine precisely what each user can see and do. Even the appliance itself can be audited, as it acts as its own logging source. Furthermore, if you have already have laid down compliancy reporting procedures LogLogic enables you to customise its reports with its XML and SOAP APIs

Advertisement - Article continues below

The review system was supplied with the PCI compliance suite preinstalled and this is accessed from a separate menu tab. Each suite collects data from a range of real time reports and produces the required compliance reports for you, thus avoiding the need to understand the regulations. For example, we created a PCI compliance report that showed all the password changes that occurred over a specific period for Windows servers. Once completed you can export them to HTML, PDF or CSV formats and simply hand them over to the auditor.

The MX2010 provides forensics facilities that can be used to interrogate the raw log data and if you're looking for a particular event you can also show prior and post events to see what happened before and after the period of interest. Similar to Google, searches are indexed to improve performance and you can prove that logs haven't been meddled with as the appliance digitally signs them on receipt.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

You are more limited on what you can do with index searches as only the AND, OR and NOT terms can be used as filters. However, although the reports will take longer to run, LogLogic's contextual analysis can glean far more information as it provides a wider range of expressions. Summary reports are useful for producing reports over longer time periods as these can reduce the amount of data being presented. All report types can be scheduled to run at regular times of the day and week and have their output emailed to designated users.

Businesses handling sensitive and personal information cannot afford to be slack with their security. However, it's one thing to implement data protection standards and another to prove you're adhering to them and for the latter Loglogic can do all the hard work for you with its impressive range of log data reporting tools and compliancy suites.

Advertisement - Article continues below

Verdict

With log management and analysis now an important part of regulatory compliance it pays to have a solution that can take the hard work out of preparing reports for auditors. The MX2010 isn't the best value we've seen and the compliance suites will increase costs significantly so you may want to check out the alternative from LogRhythm, which comes with all the main reporting packages as standard. However, we did find the MX2010 extremely easy to deploy and capable of providing impressively detailed log reporting and forensics tools along with strong alerting facilities.

Verdict

With log management and analysis now an important part of regulatory compliance it pays to have a solution that can take the hard work out of preparing reports for auditors. The MX2010 isn’t the best value we’ve seen and the compliance suites will increase costs significantly so you may want to check out the alternative from LogRhythm, which comes with all the main reporting packages as standard. However, we did find the MX2010 extremely easy to deploy and capable of providing impressively detailed log reporting and forensics tools along with strong alerting facilities.

Chassis: Tyan 2U rack chassis CPU: 2 x 2.2GHz AMD Opteron 248HE Memory: 4GB DDR2 Storage: 8 x 250GB Seagate Barracuda SATA hard disks RAID: AMCC 3Ware 9550SXU-8LP RAID controller (drives in RAID-1 mirror). Network: 2 x Gigabit Ethernet Management: Web browser

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Most Popular

Visit/mobile/google-android/356373/over-2-dozen-additional-android-apps-found-stealing-user-data
Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/cloud/356260/the-road-to-recovery
Sponsored

The road to recovery

30 Jun 2020