syslog-ng Product Line

www.balabit.com syslog-ng Product Line

syslog-ng Description www.balabit.com IT environments constantly generate important data in log messages syslog-ng Collects Filters Classifies Normalizes Stores Transfers syslog-ng is not a log analysis tool but it is essential to analysis 2

The Evolution of Log Management www.balabit.com More data More complex data More important data Can your log management handle all the data? Audit Logs File changes Identity Access Management Firewalls Intrusion Detection Mobile Devices Databases ERP CRM Custom Applications Servers, Routers, Gateways Network Configuration Changes Authentication Radius LDAP Web Servers Clickstream Data Debugging Software Infrastructure Diagnostics Compliance Security Business Intelligence Log Management Infrastructure 3

Product Family www.balabit.com syslog-ng Open Source Edition Leader since 1998, de facto standard in 2001 Large, world-wide community syslog-ng Premium Edition Commercial version Additional features Professional support syslog-ng Store Box Turnkey appliance Index, search, reporting Professional support 4

syslog-ng Open Source Edition www.balabit.com Key Features Community Flexible message filtering and re-writing Pattern-based classification Secure log transfer via SSL/TLS Flow-control adaptive message rate control High speed processing > 650k/sec 100,000s of users worldwide Well know by system admins Included in 3rd party devices Custom add-ons 5

syslog-ng Premium Edition www.balabit.com Additional Features Zero Message Loss Reliable Log Transfer Protocol (RLTP) Client side failover Disk buffer Encrypted log storage SQL source and destination support Windows support Support for more than 50 server platforms Professional Support 6

syslog-ng Store Box (SSB) www.balabit.com Key Features Turnkey solution Web-based Graphical User Interface (GUI) Flexible message filtering, classification, re-writing Encrypted storage Fast search capability via indexing Message rate alerts Customizable reports Professional Support 7

Key Technology Differentiators www.balabit.com Reliability - Zero message loss Application level acknowledgement - Reliable Log Transfer Protocol Disk-based buffer Client side failover Security Encrypted transfer and storage Scalability High speed processing < 650k/sec Flexibility Widest platform support OS support AIX, FreeBSD, Solaris, RHEL, SLES, Debian, Ubuntu, Tru64 CPU architectures - x86_64, i386, Alpha, PA-RISC, Itanium, SPARC, POWER Wide variety of logs messages natively supported Log filtering, classification, and normalization 8

Typical Use Cases www.balabit.com Enterprise Class Log Management Distributed, heterogeneous IT environments Optimizing SIEM solutions Lower TCO, Improve analysis performance Compliance Meet SOX, HIPAA, PCI-DSS and more regulatory requirements more efficiently with reliable, tamperproof data Forensics Find out what, when, and who more quickly with reliable, accessible log data 9

Typical Use Case www.balabit.com Optimizing SIEM The Challenge Ensuring data feeding SIEM is reliable By 2016, 40% of enterprises will actively analyze at least 10 terabytes of data for information security intelligence, up from less than 3% in 2011. source: Gartner Analysis is only as good a the data feeding it Many SIEM installations fail due to poor log management The Solution Optimize SIEM with robust log management syslog-ng improves SIEM installations with Wider log source coverage Extensive platform support Zero message loss Optimize Performance Faster SIEM query times analyze what is important Lower TCO SIEM vendors offer usage or capacity based pricing (eps or GB/mo) 10

Typical Use Case www.balabit.com Enterprise Class Log Management The Challenge Managing logs in a large, global IT environment Large distributed IT infrastructure 100s of locations, 1000s of log sources Heterogeneous environment Many legacy systems, custom applications Mission critical Business processes rely on infrastructure and applications The Solution Centralize log data One tool for collection and pre-processing Collect from wide variety of sources Filter, classify, parse, re-write Wide range of server platforms supported Scale to the largest IT environments > 650,000 messages/sec > 10,000s log sources 11

Typical Use Case www.balabit.com Forensics The Challenge Find out what, when, who...and fast IT Operations Server or network crash Fraud investigation Internal or external threats Legal challenges Providing evidence in court The Solution Reliable, accessible log data Centralize Collect log data from a wide variety of sources and locations Organize - Filter, classify, and organize various types of logs to ensure logs are quickly accessed Preserve Ensure log data is not lost Reliable transfer Secure transfer and storage 12

Typical Use Case www.balabit.com Compliance The Challenge Comply with many regulations efficiently Data Protection - PCI-DSS, HIPAA, EU Data Directive Financial - SOX (EuroSox, Jsox), FISMA Basel II Internal Policies - Data retention/deletion The Solution Reliable log management solution Ensure reliability Zero message loss Ensure security Encrypted transport TLS/SSL Encrypted storage Logstore Customize reports to facilitate audits (SSB) 13

Licensing www.balabit.com syslog-ng Open Source Combination of GPL and LGPL syslog-ng Premium Edition Log Source Hosts (25 3,000, > 3,000 unlimited) High Speed deployments ( > 200k messages per second) priced individually syslog-ng Store Box Log Source Hosts (50 1,000, > 1,000 unlimited) Hardware Configurations SSB1000-1xQuad Core CPU, 4 GB RAM, 1 TB SATA HDD, RAID1 SSB5000-2xQuad Core CPU, 24 GB RAM, 5 TB SATA HDD, RAID50 SSB10000-2xQuad Core CPU, 24 GB RAM, 10 TB SATA HDD, RAID50 SSBVA - Virtual appliance run under VMware ESXi 14

BalaBit Professional Support Post-Sales Support www.balabit.com Part of the Product Three level support Level 1 Customer care Level 2 System Engineers Level 3 Software Developers Highly qualified engineers Direct contact with software development team Tight coordination with 1st line Partner Support Three Support Packages Base 8x5, Next business day response time Extended 12x5, 4 hour response time Privileged 24x7, 2 hour response time 15

BalaBit Professional Support www.balabit.com Pre-Sales Support Technical Consultation Project Scoping Proof of Concept Request for Information/Proposal Feature request management Integration Services Design, Planning, Installation Pilot configuration support Configuration validation Training Services Certification programs On-site e-learning 16

Customers www.balabit.com 17

Conclusion www.balabit.com Log data is essential for IT operations, security, compliance, and increasingly for business intelligence Choose a trusted log management infrastructure that Prevents message loss during transfer Prevents tampering with encrypted transfer and storage Scales to the ever increasing amount of data To learn more Visit our website http://www.balabit.com/network-security/syslog-ng Contact our Sales Team sales@balabit.com Contact our Pre-Sales Support Team pre-sales@balabit.com 18