Centralised log aggregation. Long-term log storage and retention
Log management is the collective processes and policies used to administer and facilitate the generation, transmission, analysis, storage, archiving and ultimate disposal of the large volumes of log data created within an information system.
Vectra’s Security Operations Centre can feed these logs into a correlation engine to create actionable and meaningful security alerts.
With the complexity of threats to information and business processes, and the ever increasing government and industry regulations surrounding the management and processing of sensitive business data, comes a need to manage and monitor the security of your infrastructure beyond the network level. Vectra Managed Logging Service is a cost-effective and comprehensive solution providing analysis, reporting, scheduling and archiving of user and system activity across network devices, applications and operating systems. Vectra Managed Logging Service allows businesses to analyse and assess unauthorised activity and access to sensitive data, providing security against threats while meeting industry and government standards, including PCI DSS compliance.
PCI DSS Compliance
In an effort to establish a globally consistent payment card industry security standard an independent body, the PCI Security Standards Council (PCI Council) was founded by American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International. The PCI Council has issued version 3.0 of the PCI DSS, a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. The PCI DSS consists of 12 security requirements which are organised into 6 categories. Requirement 10 of the PCI DSS mandates all entities that store, process or handle sensitive cardholder data track and monitor all access to network resources and cardholder data, including:
- Logging of all access to cardholder data, including root administration access
- Logging of successful and unsuccessful login attempts and access to audit logs
- Synchronisation of critical system clocks and time stamps in log data
- Regular reviews of logs containing firewall, router, wireless access points and authentication server data to determine unauthorised traffic
- Backed-up, secured log data for all critical systems available online for a minimum of three months, and offline for one year
Vectra works closely with our customers to ensure the correct configuration and PCI compliance requirements of their log monitoring needs. The Vectra Managed Logging Service is available in two versions, PCI Standard and Enhanced, to suit a variety of operational needs.
Our Managed Logging Services provides PCI mandated logging and reporting via 24/7 monitoring of events, and real-time, user definable alerts. Customisable reports are provided via email or online, and our Enhanced Service provides further functionality beyond PCI DSS compliance.
Vectra also offer forensic services to determine the root cause and legitimacy of any threats upon the receipt of a security-relevant event.