Log management activities on the network are often seen as very routine and can be extremely time-consuming when you could be focusing your time and effort on more revenue-generating activities.
Persistent log collection however is often the only way to gain a centralised view of security posture, threats against assets and general compliance.
Our Log Collection service leverages market-leading BlackStratus LOG Storm technology and includes:
- Initial Assessment: We’ll help you to determine log and event rate to aid service sizing
- Service Set-up & Configuration
- Log Collection: Logs can be collected from any Syslog device, including firewalls, IDS/IPS, UTMs, WAFs, SIEMs, VPNs, applications, databases, endpoints and network devices. The number of devices under service is unlimited. Logs are collected via a dedicated appliance either in our Operations Centre, connected via VPN, or on your site, and then transmitted with full encryption to our Operations Centre for redundant storage and reporting.
- Storage & Archiving: All logs will be digitally signed and securely stored on a RAID system for 12 months.
- Backup & Vaulting: A scalable backup and secure vaulting service can be provided as log data grows, charged on a service fee basis per 1TB per month.
- Log Access & Incident Dashboard: Access to raw logs is provided online. An Incident Dashboard is made available for viewing top level service information.
- Basic Automated Reports: 5 standard reports are provided per month. Basic templates relating to specific compliance standards e.g. Sarbanes-Oxley, HIPAA, FISMA, GLBA, and PCI-DSS are available.
- Custom Reports: 2 custom reports will be provided per month. These can be compiled for analysts, operators or executives depending on your needs.
This service is delivered using one of two different sizes of BlackStratus appliance, based on Events per Second (EPS):
- LOG Storm Express for up to 14,826 EPS
- LOG Storm Ranger for up to 34,656 EPS
For fully Managed SIEM, view our Managed SIEM service.