Firewalls and Intrusion Detection Systems or Intrusion Prevention Systems (IDS/IPS) have the capability of blocking internet attacks coming from the trusted or untrusted side of a connection and as they monitor all the data coming in each direction; they log “interesting” events. Such logs represent a great tool for troubleshooting or to improve an organization’s security.
The problem is that such logs represent thousands or hundreds of thousands of lines in a short period of time (depending on the size of your company and amount of traffic passing by). It is impossible for a human to manage and analyze such a volume of logs in a timely manner. This is put even further out of reach if you have multiple devices to keep track of, and further if you are expected to draw a conclusion.
In many companies Network, Server and Security Administrators do not collaborate on security details/logs, or there is no expertise that crosses such platforms.
If you are in a regulated industry, you most likely have to keep device logs for a mandated period of time. At the same time, keeping logs could be a liability against your organization as they could be used to prove negligence or failure to act in the event that a crime was performed using your organization IT resources.
Having a tool that consolidates and aggregates logs from multiple sources, performs event correlation, and provides root-cause analysis in a timely fashion is a major advancement on the security posture of an organization. This is even better if you have a security expert reviewing such logs in a continuous basis; not only from time to time. Remember, you are part of the Internet community and criminals are not necessarily in your time zone.
Be sure to check out Dell Secureworks’ flexible Log Monitoring services for organizations of all sizes.
This blog is part of our IT planning made simple series – Over the next few week, Dell’s technologists will be sharing the latest industry trends and Dell solutions to help maximize your IT investments. Find out the latest IT Trends at dell.com/business/itplanning