Cloud Services ETsiem

ETsiem

Achieve Protection and Compliance with Managed Security Incident Event Management (SIEM) from ETSec

45.jpgTo protect critical corporate information assets and business processes, and to comply with government and industry regulations, enterprises can no longer rely solely on network-level security. They must also monitor a myriad of commercial and custom applications on a variety of different platforms. From an audit, perspective enterprises must show validation that these systems are indeed monitored. Doing so is a complex, labor-intensive undertaking that involves more than simply purchasing security hardware and software; enterprises must identify which devices and applications to monitor, which logs from these sources are critical, and which events constitute a potential security threat. Once they resolve these issues, enterprises must then write general and business-specific rules that trigger “alertable” events from these sources. Enterprises must collect, review, and store logs in a manner that complies with government and industry regulations.

ETSec’s Security Incident Event Management service, ETsiem, is a comprehensive log management solution that helps clients identify threats at the network, host and application layer, as well as address industry and government compliance requirements for log monitoring. ETsiem enables customers to log, track, and analyze user and system activity while eliminating the burden of building, configuring, maintaining, and monitoring an in-house data collection solution.

ETsiem leverages best-of-breed technology, operational expertise and world-class delivery to deliver a scalable solution that is hosted by ETSec.

It is at this point that ETSec’s industry leading security expertise takes over. ETsiem will correlate all logs and provide the following:

  • Create statistical reports that satisfy all regulatory requirements for PCI and SOX (or based on the regulatory requirement)
  • Provide analysis on the logs looking for any security risk to the customer and escalation of any event 24/7
  • Provide storage for all logs in accordance with your data retention policies

Customers can access all reported logs, events, reports, and relevant information 24/7 via the ETSec Universal Compliance Web Portal.

ETSec engineers work closely with clients to help ensure that the log monitoring deployment addresses any compliance requirement and is configured properly. ETSec engineers help customers to identify critical devices and applications; understand the types and methods of log captured; define the type of events to be reported; and implement the filtering rules to capture and report on them. The ETassist Helpdesk assists customers in monitoring and identifying threats at the network and application level; evaluates data collected and reports; and responds to any information security threats.

ETsiem Services

ETsiem services benefit customers in five key areas:

  1. Preserve 100% of logs in unaltered form, normalize security and trends using industry-leading technologies and deliver immediate response to our clients
  2. Satisfy explicit data retention requirements as outlined by our clients
  3. Enable alerting clients to potential threats in a timely fashion
  4. Provide a cost-effective solution to store and process data logs without investing in a costly SAN infrastructure
  5. Provide all the pre-defined regulatory report templates, enabling our clients immediate utility without a time-consuming development lifecycle

Our ETsiem services include the following:

Customized Service Level Agreements

ETSec delivers Service Level Agreements (SLA) of the highest quality of service. These customized SLA’s demonstrate ETSec’s commitment to protecting our clients Support for Compliance with Key Regulations.

ETsiem leverages highly skilled expertise and industry leading technology to help clients address log monitoring requirements of regulations such as Sarbanes-Oxley, Gramm-Leach-Bliley Act (GLBA), Federal Financial Institutions Examination Council (FFIEC), the Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry (PCI) Data Security Standards, and the Federal Information Security Management Act (FISMA).

Customizable Workflows

Our clients will gain access to the ETSec Universal Compliance Web Portal, using our patented technology to gain access to reports, logs, archives, enabling clients to create and secure log data for compliance.

Deployment Services

ETSec security engineers and project managers ensure that the log collection technology is appropriately configured based on the client's requirements and that all logs are sent in a secure fashion using ETSec's patented and award-winning technology.

Robust Multi-Content Correlation

ETSec’s partnership with best-of-breed partners, including NetForensics and Arcsight, allow the data collection system to normalize unstructured log data to support correlation to events, detect anomalies, and provide greater context on the log data.

Management, Monitoring and Support

ETSec’s exert staff of security engineers and help desk analysts is available 24/7 to provide management, monitoring, and support, thereby relieving customers of the unrelenting and time-consuming responsibility of configuring correlation assets.

Communication and Management Channels

ETsiem provides a secure, fault-tolerant communication and management channel. Our door is always open to our clients. ETsiem streamlines security implementation, enhances security and reliability, and lowers capital and operational costs because ETSec assumes all hardware and management expenses.

Trained and Certified Professionals

ETSec’s team of certified security engineers is specially trained to help clients address security and compliance requirements.

Assessment

As part of our overall process, ETSec will conduct an assessment to review the overall requirements for the log management project. The assessment will include:

  • Review of current network architecture
  • Review of systems slated from log reporting
  • Analysis of regulatory requirements
  • Analysis of security requirements
  • Analysis of business and business continuity requirements

Solution Design

Based on the assessment, an overall solutions architecture will be developed and documented. This will include the following:

  • Identification and design of log architecture
  • Documented Design solution which includes:
    • Managed Service Presentation and Services write-up
    • Architectural Diagram
    • Regulatory reporting templates
    • Security reporting templates
    • Log storage and archival procedures
    • SIEM configuration and design
    • Project Plan with Timelines
  • Project Manager and ETSec Security Engineer assigned to the Project
  • Onsite and Offsite development support
  • Web Portal Development
  • Customized log policy management system
  • Customized event triggers based on customer requirements
  • Customized reports based on customer requirements
  • Flexible log storage and retention options

ETsiem Operations

Once the solutions architecture has been finalized, ETSec will implement the solution based on the client requirements as well as developing a long term operation solution for the project. This includes:

  • Project implementation as outlined in the solutions architecture
  • Configuration of all triggers, events, actions, logs, reports based on client requirements
  • Second validation check to ensure compliance standards are being met
  • Health monitoring of log collection technologies
  • Log correlation analysis
  • Log monitoring 24/7/365
  • Ongoing log policy updates
  • Real-Time Alerting based on customer requirements