FISMA News

VeriSign Enterprise Security Services Announces Enhancements to Log Management Service

(June 04, 2008)-- VeriSign Enterprise Security Services announced major enhancements to the VeriSign Log Management Service. The enhancements include expanded reporting capabilities, deeper correlation across log sources, and an agreement with ArcSight to integrate support for the company's Logger technology into the VeriSign service. The addition of the ArcSight solution makes VeriSign Log Management Service the first of its kind to support multiple technologies from best-of-breed providers through a fully managed solution.

To protect critical information and to comply with government and industry regulations, organizations must monitor a myriad of commercial and custom applications on a variety of different platforms. Doing so is a complex, labor-intensive undertaking. The VeriSign Log Management Service allows customers to collect, analyze and store system and application logs to provide a deeper level of security monitoring as well as meet a broad array of compliance requirements, such as the Payment Card Industry (PCI) Data Security Standards, Sarbanes-Oxley, the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act (HIPAA), and the Federal Information Security Management Act (FISMA).

"Our Log Management Service has received tremendous market response since its launch 2 years ago," said Scott Magrath, vice president and general manager for VeriSign® Managed Security Services. "As one of the first managed security service providers with a comprehensive log management offering, we've learned a lot about the challenges and complexity of deploying these technologies for large global organizations. That experience is reflected in the enhancements we're announcing today that will result in a more mature and flexible solution."

VeriSign Enterprise Security Services continues to invest in improving log management service delivery, including the establishment of a specialized professional services team for log management deployments. These teams help clients work through implementation challenges at the system and application-level as well as developing support for non-standard log sources. Investments have also been made to enhance reporting through web services APIs and enhanced correlation across the vast network, host, and application log sources being monitored by VeriSign. The correlation capabilities allow for broader visibility while the APIs allow for deeper drill-down into suspicious events that have occurred.

Through its business relationship with ArcSight, VeriSign has expanded its support for log management technology through its market leading Managed Security Services offering. VeriSign will now support the ArcSight Logger technology, enabling VeriSign to write parsers for clients' critical custom applications and access to the ArcSight library of more than 275 SmartConnectors. For customers of VeriSign Managed Security Services, this will enable faster integration of the service with customer-specific applications without the need for custom development. As part of the service VeriSign will deploy ArcSight C1000 connector appliances for event collection, which will decrease the cost of audit quality event collection for MSSP customers.

"VeriSign provides leading hosted log management services," said Chris Peterson, VP of Worldwide Channel Sales, ArcSight. "ArcSight is excited to work with VeriSign to offer customers this managed service. ArcSight log collection and management products, together with VeriSign's expertise, are a solid combination for the businesses looking to improve their security and compliance in a cost-effective manner."

The VeriSign Log Management service uses third-party technology -- deployed on the customer's premises -- to collect, aggregate, and pre-filter raw logs from the sources that VeriSign monitors. After this initial filtering, the technology uses the VeriSign® Security Defense Appliance (SDA) to forward potentially significant events and alerts to TeraGuard, VeriSign's information management architecture, for further analysis. VeriSign continues to support LogLogic technology through the Log Management service.

In its report, "Magic Quadrant for Security Information and Event Management," Gartner stated, "The SIEM market is driven by customer needs to analyze security event data in real time ... and to analyze and report on log data ..." The report further states, "The primary driver of the North American SIEM market continues to be regulatory compliance. European SIEM deployments have been focused on external threat monitoring."

Share or bookmarklet this web page at: