|
Logging at the Gateway, on Internal Workstations and Servers, and on Remote Activity
Vendor Safe Technologies gathers log data and processes it in our central logging servers. The data is encrypted in our systems and is hardened against tampering for integrity controls. As log data comes into the Network Operations Center (NOC) it is routed to the appropriate system and is instantly available for analysis. Even though many security standards, PCI-DSS for example, only require logs on line for 3 months and off line for an additional 9 months, Vendor Safe keeps the logs on-line and accessible for 12 months.
Gateway Security Alerts
Gateway logs are useful for detecting and tracking intrusion and penetration attempts onto a network from the Internet. Vendor Safe engineers use this information as the basis for much of our security management services.
Operating System Alerts
Logging from computers, either workstations or servers, requires Vendor Safe’s Logging client to be installed on the systems in the logging scope. This Vendor Safe technology enables full critical log management from these systems without seriously impacting bandwidth. Vendor Safe has developed an aggregation and compression method that minimizes the data that needs to be sent to the logging servers while still actively supporting critical alerts and messaging.
Remote Access Activity
Remote access activity can potentially create a hole in security systems. Tracking who was granted access into a network and where they went can be crucial in identifying and mitigating issues pertaining to this type of communication.
|
