It is a system for centralised event administration covering all components of the IT infrastructure, including security components and other sources. LOGmanager complies with the Cybersafety Act, log management and SIEM. It does not need to be used only by IT security departments of the companies, it can also be of assistance for operation departments.
The scope of the most important possibilities of utilisation of this system includes log protection against loss, damage or intentional modification and/or deletion (concealing tracks), increasing network security (IDS/IPS, VPN and other), inspections and resource utilisation statistics (ports, applications, bandwidth and more). Additionally, configuration changes can be monitored and abnormalities (if any) detected.
- storing logs in a central secured data storage,
- long-term storage of data in correct format,
- real-time searching in huge quantities of data,
- data access management using roles,
- internal RAID disc arrays.
LOGmanager (SIEM) will provide:
- compliance with the Cybersecurity Act and ČSN ISO 27001 for audit records,
- forensic analysis or security audits,
- transfer of logs to CESNET, CERST, CIRST, Police of the Czech Republic and other organisations dealing with security issues.