Follow LogRhythm:

 Follow LogRhythm on Twitter Visit the LogRhythm BLOG, The DiaLog

French Landing Page
Products
       One Integrated Solution
       Log and Event Management
          Log Management
          Log Analysis
          Event Management
          Intelligent IT Search
       Advanced Intelligence Engine (AI)
       SmartResponse
       File Integrity Monitoring
       Host Activity Monitoring
       Geolocation & Visualization
       Reporting
       Turnkey Appliances
       High Availability Solutions
       Software & Virtual Deployments
       Advanced Agent
       WebRhythm Remote Access
       Cisco MARS Replacement

Applications
       Overview
       Compliance
          PCI DSS Compliance
          HIPAA Compliance
          NRC GR 5.71
          NEI Compliance
          NERC CIP Compliance
          SOX Compliance
          GLBA Compliance
          FISMA Compliance
          GCSX Compliance
          Protective Monitoring: GPG13
       SIEM
       NERC - SCADA
       IT Optimization
       Business Intelligence
       Insider Threat/Fraud Detection
       Forensics/Investigation
       eDiscovery
       Database Monitoring

Services
       Professional Services
       LogRhythm Labs
       Training Options
          Online Instructor-Led Schedule
          Boulder Based Schedule
       Maintenance and Support

Resources
       Overview
       Datasheets
       Use Cases
          Protective Monitoring
          Detect Advanced Threats (APTs)
          Absence of an Event
          Continuous Monitoring
          Rapid Forensics
          Advanced Correlation
          Rapid Time-to-Value
          Fraud Detection and Prevention
          Protecting Critical Assets
          Change Control
          Protecting ePHI
          Enriching Data w/ Geolocation
          Network & Process Monitoring
          Controlling Operating Costs
          Privileged User Monitoring
          Flexible Reporting
          Visualizing Log & Event Data
          Zero Day Exploits
          Architecture for Any Enterprise
       Case Studies
          Canadian Auto Association
          University of Nottingham
          Endsleigh Insurance Services
          The Share Centre
          ALPS Funds Services
          St John Ambulance
          Phoenix Sun
          Ventura
          Ascent Media Group
          Commidea
          Center for American Progress
          Fortis Bank
          Cardiff County Council
          Regis Corporation
          Kwik Trip PCI Case Study
       Compliance Solution Briefs
       Compliance White Papers
       Independent Product Reviews
       Sample Reports
       Customer Testimonials
       3-Minute Product Demo
       In-Depth Product Demo
       Request Online Demonstration
       Multimedia
       Industry Info
       Request More Info

Partners
       Partners Overview
       Reseller Partners
       MSP/MSSP Partners
       Services and Solutions Partners
       Technology Partners
       Ecosystem Partners

Company
       Overview
       In the News
       Press Releases
          Press Releases - Current
          Press Releases 2010
          Press Releases 2009
          Press Releases 2008
       Events
       Executive Team
       Careers
       Contact
       Privacy Policy

Support
       Customer Support Portal
Schedule an Online LogRhythm Demo Download White Papers Request More Information View 3-Minute Product Demo
Resources

What sold me on LogRhythm was … the simple, straightforward way we can get real insight into our network. Everyone in IT can use it to be more effective.

 

Steve Heibein
Vice President of Technology 
Center for American Progress

Network & Process Monitoring


Blue cube on diagramIn today’s globally distributed enterprises, it’s critical to know what’s happening throughout the entire IT environment and be able to tie it all together. The challenge is finding a way to correlate event data that is consistently recorded with activities that may not be regularly logged, such as processes starting and stopping or network connections being established.

LogRhythm delivers independent awareness and unprecedented insight into what’s happening on your network, from routers and switches to host systems and endpoint devices–both inside and outside the network. Automated data enrichment adds event-specific network context, such as Source IP and Impacted Host. LogRhythm also factors in network-aware risk-level information with event and asset-specific risk ratings, providing a comprehensive and globally aware view of the entire IT environment.
Download Network and Process Monitoring 'PDF" Network and Process Monitoring PDF
 

Network Connection and Process Monitoring deliver rapid insight into critical events by providing access to detailed event information at the endpoint, above and beyond what is available in standard log data.

Process Perception
Challenge Enterprise IT systems have a constant flow of processes starting and stopping, but they are inconsistently logged, making them difficult to monitor without an independent record of the event.  The sheer volume of activities makes identifying failing or rogue processes.
Solution LogRhythm creates an independent log of all processes and adds valuable context, including process name, user or account that owns the process, and process start time and duration.
Benefit LogRhythm can automatically alert on non white-listed processes when they are started on controlled servers and devices.  Additional visualization tools can be used to map all locations within the environment where that same process is running for rapid forensic and root cause analysis.

 

Plugging the Leaks
 Challenge Access to host-level detail surrounding network behavior is a critical component of real time monitoring and forensic analysis. This can be limited in an enterprise environment due to a lack of connection-specific log data or limited access to flow data.
 Solution LogRhythm creates an independent log with relevant detail such as ID port, communication direction, the process that opened the connection and users that are logged in.  
Benefit LogRhythm can alert on suspect behavior and blacklisted activities, such as unauthorized hosts running web servers or ftp services running on confidential file servers. Actual in-use services can also be reverse-engineered to help establish tighter access control lists.

 

The Buck Stops Here
Challenge Gathering accurate endpoint data from remote devices like Point-of-Sale systems is particularly challenging for IT organizations. Problems range from limited bandwidth, unencrypted and unreliable UDP transport, to managing individual collection mechanisms on each device.
Solution

In addition to independent, detailed logging of network connections and processes, LogRhythm’s centrally encryption, 10:1 compression, reliable TCP transportation and spooling capabilities during dropped connections.
Benefit LogRhythm’s agents provide additional independent security and compliance controls at the endpoint with fully integrated File Integrity Monitoring and protection against unauthorized removable media usage via Data Loss Defender.

 

 
 
© 2011 LogRhythm, Inc.    All Rights Reserved.