Log Management

NTT Security Log Management provides secure, cloud-based log retention for forensics, compliance and incident investigation. The patented, cloud-based ActiveGuard® Security and Compliance platform stores logs in a secure, forensically-sound facility in the cloud.

Log Retention for Compliance and Forensics

Organizations need to retain logs as part of their security program as well as to comply with regulations that require log retention. Compliance mandates such as the PCI DSS, SOX, HIPAA and others require organizations to monitor and retain logs.

When a security incident or compliance exception occurs, security teams require forensically sound logs to serve as evidence for investigations. Investigators require quick access to comprehensive, accurate and correlated log data and reporting.

Getting full log management capability for the entire IT environment can be a real challenge. Ensuring that logs are being stored properly, that coverage is uninterrupted, and that the logs are secure from manipulation by the very staff that has direct access to the systems generating them demands true separation of duties, robust controls and dedicated IT staff. Specialty systems including mid-range, mainframe, and security devices require a combination of catch and pull capabilities with unique interfaces and transport agents.

Many log retention solutions require on-premise systems that require an investment in hardware and software with ongoing maintenance. Because of this, storing logs on-premise can be cost and resource intensive.

Centralized, Cloud-based Log Management as a Service

NTT Security stores all collected and analyzed logs in a secure, forensically-sound facility in the cloud, without the need for on-premise storage. By storing logs in the cloud, organizations save on storage costs and have no extra hardware or software to buy and maintain. Logs from across the entire infrastructure are stored in a single, centralized repository, providing complete visibility and reporting. Logs and reports are accessible via the ActiveGuard Security and Compliance Portal.

The NTT Security Log Management process includes:

  • Collect - Real-time information on threats in one centralized database
  • Classify - Maximum security value and content extracted from log sources
  • Analyze - Heuristic, statistical, threshold and time-based rules engines
  • Correlate - Source, destination, user, asset and vulnerability interaction correlation
  • Investigate - Incident details in context with processing and analysis trail down to the raw log lines
  • Audit - Evidence repository, proof-of-compliance, auditable record of response process 

NTT Security Log Management Service Features

  • Log Monitoring clients receive one full year of log storage for 100% of logs collected and analyzed
  • Proven, patented technology platform
  • Flexible, cloud-based log storage
  • Experienced security engineers
  • Dedicated account management team
  • 205+ technologies/devices supported
  • Log retention for applications, databases, network devices, security devices, servers and endpoints
  • Privileged-user monitoring, tracking and audit reporting
  • Quickly deployed, configured and tuned for individual environments and security programs

More Information

Log Monitorning and Management Datasheet

Log Monitoring and Management Datasheet

Download it now.