LogLogic Announces FISMA Control and Compliance Suite Based On NIST For Government Organizations
SAN JOSE, Calif. - January 24, 2007 - LogLogic, the log management and intelligence...
SAN JOSE, Calif. - January 24, 2007 - LogLogic, the log management and intelligence leader, today announced the LogLogic Compliance and Control Suite for the Federal Information Security Management Act (FISMA), adding to the industry's deepest log reporting and alerting capabilities. Offering more than 100 alerts and reports out-of-the box, the Suite enables users to move to continuous FISMA compliance through real-time and automated reports, and alerts on 100% of log data. Designed for IT professionals, auditors and end-users alike, the new Suite promises to cut hundreds of hours of time from routine log management tasks such as log collection and storage, report writing and audit sampling.
"Log data provides an immutable fingerprint of user and IT activity," said Dominique Levin, VP of Product Management for LogLogic. "LogLogic not only allows that fingerprint to be captured and securely stored, but also reported and alerted on - we transform it into intelligence that can be acted on. By automating this process we are easing the burden most Government departments face in complying with multiple external compliance mandates and internal IT controls."
FISMA requires US Government organizations to put in place a mandatory set of processes that protect the organizations' information systems and data. FISMA uses several standards as the basis for these processes - the Federal Information Processing Standards (FIPS), the National Institute of Standards and Technology (NIST) "Recommended Security Controls for Federal Information Systems" (Special Publication 800-53), and other regulatory guidelines specific to particular agencies.
According to Gartner, Inc., "Government organizations that are required to meet FISMA compliance should use [compliance] as a control framework. Use compliance as an opportunity to improve operational security not only by defining assets and documenting the current state of the organization, but also by implementing control objectives that drive effective risk analysis and management." Additionally, "Organizations should use compliance as an opportunity to implement technologies and processes that improve operational security as well as provide support for FISMA and FIPS 199 compliance."1
"US government organizations are currently required to comply with FISMA," continues Levin. "Log management and intelligence is a simple and cost effective way to cut through the complexities of continuously complying with the standards and FISMA regulation, while improving processes, reporting and other efficiencies across the IT infrastructure."
Log Intelligence Delivers FISMA Compliance In Minutes
LogLogic's FISMA Compliance and Control Suite helps government agencies verify that information security policies are being followed, substantially reduce audit time and expense, and achieve FISMA compliance. Out-of-the-box reports and alerts directly map to NIST standards, including NIST 800-53 (security controls) and NIST 800-92 (log management), providing an efficient, easy-to-implement solution. LogLogic's approach is cost-effective, using all available log data to automate the process of auditing and enforcing policies - and supports 100% of all log-related IT controls as outlined by FISMA. The first FISMA compliance solution based on log management and intelligence, LogLogic's Compliance and Control Suite for FISMA runs on LogLogic's award-winning LogLogic appliances.
Independent analysts report that log data accounts for over 25% of all enterprise data, and provides valuable insight into the operation and compliance of IT systems.
Installed within minutes, LogLogic's award-winning solutions aggregate high volumes of log data and offer fast search and drill-down capabilities essential to maintaining IT health, while automating log data archival and providing more secure log data retention.
Through Agile Reporting™, LogLogic can deliver over 13,000 customizable reports. As a result, IT staff can quickly create customizable templates that align with their IT control matrix and best practice standards and regulations, including Sarbanes-Oxley, HIPAA, ISO, CoBIT, COSO and ITIL.
Additionally, LogLogic's Log Management and Intelligence platform goes beyond the scope of traditional security event monitoring tools to enable collection and processing of log data from virtually any source, enabling user activity to be monitored and reviewed across multiple systems from the network, in email, on servers and across databases. LogLogic Open Log Services provide low-level services to a number of applications including Security Event and Information management solutions, including EMC Smarts, IBM Tivoli and HP OpenView, conforming to Web services and Java standards. Open Log Services are designed so that they can be embedded in other software applications from managed security service providers and other vendors.
Pricing and Availability
For more information about LogLogic Control and Compliance Suites, and the FISMA Compliance Suite visit http://www.loglogic.com/industry/government/. NIST's Policy Guide for 800-53 is available for download here: http://csrc.nist.gov/publications/PubsByLR.html.
LogLogic sponsored a webcast with Government Computer News on FISMA compliance with Dr. Ron Ross of NIST. A replay of the event, "FISMA: How can you improve your IT security?" is available on Friday January 26, 2007 11:00 AM EST / 8:00 AM PST. To attend, please sign up here: http://w.on24.com/r.htm?e=35067&s=1&k=A58B041E691FE06B25839FE9391CCD7F.
Available in late Q1 2007, the LogLogic Compliance & Control Suite, FISMA edition, is priced from $9995 USD for LogLogic's award winning family of appliances and through LogLogic Managed Security Services providers.
Note 1 - Gartner, Inc., "Findings From 'Security and Risk' Meeting: Augment FISMA Reporting with Technical Controls to Improve Operational Security," Amrit T. Williams, John Pescatore, April 4, 2006.
About LogLogic
LogLogic® is a visionary leader in log management for business operations, security and compliance for the most demanding global enterprises as well as mid-market companies. The LogLogic family of LX-ST and MX appliances address the compliance, operations and risk mitigation needs for collecting, storing, reporting and alerting on 100 percent of IT log data from virtually any device, operating system or application. LogLogic's innovations include creating the world's first search engine for fast-moving IT log data, the first open log management platform and API, and Compliance Suites for PCI, SOX, HIPAA, and other mandates that automate using log data to enforce critical controls and regulations. LogLogic received four and half stars out of five from SC Magazine's forensic tools review in 2008 and was named a Deloitte Technology Fast 50 Rising Star in 2007. For more information, visit www.loglogic.com and http://blog.loglogic.com.
LogLogic disclaims any interest in the trademarks of others.
Technorati : Compliance, Log Management, Log Management & Intelligence
Posted January 24, 2007 11:50 AMContact me
Have someone contact you within 24-hours.
Weekly Webcast
Join our experts every Tuesday.
3-Minute Tour
View a LogLogic introductory tour