Security Event Manager
Hacking of valuable customer data is becoming a lucrative business. Security attacks are on the rise – and attackers are stealthy, persistent, and focused. With an enormous and growing amount of logs, log files, and other IT data in geographically dispersed information silos, defending against a breach is difficult.
TIBCO LogLogic® Security Event Manager technology provides intelligent, easy-to-use management and protection for your IT infrastructure. It collects, monitors, and correlates IT big data to help you identify even the most sophisticated threats. Its patented technology uses a library of predefined, customizable correlation rules to establish relationships among messages or events generated by devices, systems, and applications. It detects anomalous conditions in real time, and tracks and analyzes the progression of an attack, event, or user across systems within your specified timeframe.
- Protect in Real Time: Set real-time alerts for events such as password brute force, denial of service, account hijacking, and virus outbreak using baselines and trending – and develop precise recommendations for threat removal by correlating internal and external patterns for known and unknown threats.
- Speed Resolution: Integrate with service desk management systems and quickly and easily resolve underlying security issues within seconds by tracking all user activity using advanced root-cause analysis and forensic workflow.
- Increase ROI: Avoid maintenance of complex rules and practically eliminate false positives using an accurate security event manager with a unique taxonomy design.
- See Everything: Track all user activity such as geography, rights and configuration changes, asset misuse, and proxy bypass using a browser-based interface and out-of-the-box reports for access control, policy information, and network, database, IDS, email, Web, and legacy system activity.
- Scale and Extend as Needed: Correlate more than 5,000 events per second per appliance using an architecture that scales across deployments – and use the open API to easily integrate with your existing analytical solutions.
Security Event Management Appliances
|Sustained messages per second (MPS)||1,500||3,000||5,000|