With regulatory guidance not specifically being addressed in 10 CFR 73.54, the Nuclear Energy Institute (NEI) developed and published NEI 08-09 Rev 6 to cover many areas surrounding access control, audit and accountability, incident response, and system and information integrity.
LogRhythm’s policy-based log processing capabilities provide automatic audit log reduction. “Interesting” audit logs can be forwarded as events for immediate monitoring and alerting. “Uninteresting” audit logs can be filtered out and retained at an archive-only level.
LogRhythm completely automates the process and requirements of collecting and retaining audit logs. The NextGen SIEM Platform retains logs in compressed archive files for cost-effective, easy-to-manage, long-term storage. Log files can be restored quickly and easily months or years later in support of after-the-fact investigations.
Powerful Analysis and Reporting
Aggregated views of audit data provide you with quick insight. For further audit reduction, LogRhythm provides extensive report-generation capabilities with compliance packages that address individual regulatory mandates.
Directly Comply with NEI 08-09 Rev 6
With LogRhythm, you’ll meet specific NEI 08-09 requirements:
- Collect boundary device logs from IDS/IPS systems, routers, firewalls, VPN, A/V systems and other security devices
- Provide central analysis and monitoring of intrusion-related activity across your entire IT infrastructure
- Correlate activity across user, origin host, impacted host, application, etc.
- Alert on unauthorized or suspicious activity
- Apply risk-based assessments of your environment to prioritize log sources according to risk rating classification
You can also configure LogRhythm to identify known bad hosts and networks. Customize the dashboard for real-time monitoring of events and alerts.
LogRhythm’s Investigator provides deep forensic analysis of intrusion related activity and fully automated, pre-packaged reports provide a consolidated review of internal/external boundary activity and threats.
In addition, an integrated knowledge base provides information and references useful in responding to and resolving intrusions. Further, Case Management is a crucial tool to facilitate forensic investigations around Incident Response activity.
To learn more about how LogRhythm can help you to meet compliance mandates, download the LogRhythm Support for NEI 08-09 Rev 6 white paper by completing the form on the right.