This document discusses Alert Logic's cloud-based security and compliance solutions including vulnerability assessment, intrusion protection, and log management. It highlights how the cloud-based solutions solve key problems by identifying weaknesses before attacks, isolating attacks during, and investigating incidents after. The solutions help customers meet compliance requirements, improve network security, and enable regulatory compliance with easy deployment and no capital expenses.
9. Vulnerability Assessment Schedule ongoing internal and external vulnerability scans Alert Logic is an Approved Scanning Vendor (ASV) for quarterly PCI scans Results integrate with intrusion protection for optimum accuracy Why Cloud?Centralized view of internal & external scan results for your entire network
10. Intrusion Protection Automatically detect thousands of incidents with built-in correlation Protect your network with firewall and ACL based defensive actions Continuously updated to identify latest threats Why Cloud?Hosted expert system provides level of accuracy unmatched by hardware and software solutions
11. Optional Monitoring Services 24/7 threat monitoring for rapid incident response Integrated incident and case management
12. Log Management Collect logs from any syslog or windows source without agents Always-on, on-demand log storage Configure custom correlation rules and log alerts Why Cloud?Non-DBMS grid computing provides 10X+ faster search and reporting performance unmatched by appliance solutions
14. Cloud-based management redundant data centers, event processing and archival, analysis, reporting, compliance review and monitoring On-premise collection appliance based threat and vulnerability detection, log collection, compression, encryption and secure transport Cloud Architecture
This is a testament to our Cloud-based model that any company from any vertical can take advantage of our solution.In addition if you are using a hosting firm to outsource some of your infrastructure – it’s worth pointing out that we are the preferred security and compliance offering of leading hosting companies like Rackspace, etc. Some customer anecdotes:GSI Commerce is one of the largest processors of ecommerce transactions in the world, they handle all ecommerce operations for some very well known brick & mortar businesses like Toys “R” Us, Radio Shack, Levi’s, Ace Hardware, National Football League, NASCAR, Reebok, etc. – We help protect GSI’s datacenter where their transactions are processed, and we help them comply with the Payment Card Industry security standard.Columbia College based in Columbia, MO, has 25,000 students on 32 campuses across the US. Like most education institutions, their network is highly distributed and constantly challenged with Internet-active students who contribute to a very target-rich network threat environment. We displaced Qualys at Columbia and protect their internal network from dangerous threats.Rackspace is a premier name in the managed hosting world and is the fastest growing managed hosting specialist in the world. Rackspace was the largest Cisco IDS customer in Texas until we came along and displaced Cisco as the internal network security vendor of choice for Rackspace’s thousands of customers.
Although there are a number of reasons why our customers approach us to solve their IT security problems, the top two challenges they are trying to address are: Complying with regulations such as PCI DSS, HIPAA, and SOX. All of which require or suggest the use of Log Management, Vulnerability Management and Intrusion protection. Continued evolution of network threats Companies have to constantly protect themselves from never ending and evolving network threatsWe take the difficulty out of obtaining, achieving ,and affording compliance solutions by offering IDS, Vulnerability Management, and Log Management in a cloud-based delivery model. The cloud-based model removes the need to purchase expensive and complicated hardware and software solutions to buy and implement because all the infrastructure is deployed and maintained in Alert Logic’s redundant data centers.
Our approach is simple.Our vulnerability solution will scan your internal and external network to indentify weaknesses before an attack occurs. Once a weakness is indentified our solution will provide the information you need to fix the vulnerability to ensure your network is protected. Finding missing patches Our IDS solution is constantly monitoring your network for security events. If an attack does occur our IDS solution will indentify the security breach and generate an alert to notify you where the attack is occurring. Discover worms or botnets that are difficult to detect using any other type of technology After an attack our log management solution enables you to perform forensic analysis on the log data to determine who did what, when and to whom. You can also use log manager to generate alerts based on your log data to identify suspicious activity on your network.Detect unauthorized access attempts to your networkAll of our solutions are delivered from the cloud, which means we can eliminate hardware, software, and maintenance costs. All of the infrastructure resides in the cloud and is maintained and supported by Alert Logic.
One of the primary reasons our customers purchase our solution is to meet compliance standards. Our solutions cover the most expensive and labor intensive areas of compliance The following is a breakdown of the PCI and SOX requirements we satisfy with our solutions. For PCI we cover requirement 10, 11.2, and 11.4 which are the most costly and cumbersome to comply with. Examples: Vulnerability Assessment: 11.2 in PCI because Alert Logic is an Approved Scanning Vendor (ASV) for quarterly PCI scans Intrusion Protection: All mandates and regulations require or recommend an intrusion detection system. Log Management: We cover the majority of requirement 10 of PCI and DS 5.5 for Cobit. We make log review simple and automate the log management process.
Our vulnerability assessment offering provides both internal and external scanning at no additional charge. If a vulnerability is detected in the scan we provide a report with recommendations on how to fix the problem.Why the cloud is better: For vulnerability assessment the cloud gives companies with a distributed network the ability to have a centralized view of the entire network, including both internal and external vulnerabilities.In addition Alert Logic is an Approved Scanning Vendor for PCI DSS quarterly scans. The PCI quarterly scan report can be submitted directly to your acquiring bank.
Our Threat Manager solution includes intrusion protection which detects attacks in real time to protect . All of the alerts from our network appliance are fed directly into a centralized expert system hosted in our datacenter. The expert system's 7-Factor threat analysis correlates the IDS alert data with vulnerability data and real-time threat trend info from Alert Logic customers worldwide, and identifies only valid security incidents that threaten your network (our detection accuracy is greater than 99%), something a traditional standalone appliance simply cannot accomplish.7 Factors: Attacker Reputation, Nature of Exploit, Attacker Behavior, Target Asset Vulnerability, Target Asset Value, Global Threats Trends, and Attack confirmation.The cloud is better because our expert system provides a level of accuracy unmatched by on premise hardware or software based solutions.
Alert Logic’s Active Watch is a threat monitoring service which provides an additional layer of network security. Our certified security experts will monitor your internal network and notify you directly if a security breach or incident has occurred.The active watch team works with our customers to help them resolve the security breach or incident.
Log Manager was the first cloud-based log solution. With it, we collect, aggregate, and compress your log data and then perform all necessary processing and analysis in our data center, and send it back to you through our web-based UI.The cloud is better for log because our grid in the cloud provides 10X+ faster search and reporting performance unmatched by hardware or software based solutions.Ask your log vendor if they are using a relational database backend because it means that the search performance will be slower and less scalable
In summary.Our cloud-based solutions are easy to buy, deploy and own. With Alert Logic you won’t have to pay hardware, software, or maintenance cost. An appliance based solution can not offer you the same savings. We enable regulatory compliance by providing IDS, Vulnerability Management, and Log Management. We improve network security by detecting security incidents and vulnerabilities along with making log data available for analysis and forensics.