The NEI developed and published the NEW 08-09 Rev 6 to address many areas surrounding access control, audit and accountability, incident response, and system and information integrity. This is an extension of CFR 73.54.
LogIT’s log processing capabilities provide automatic audit log reduction. Suspicious audit logs can be forward as events for immediate monitoring and alerting. Normal audit logs will be filtered out and reserved at an archive-only level. LogIT automates the process and requirements of gathering and retaining audit logs. Log files can be restored conveniently months or even years later in support of investigations.
Listed are the specific NEI 08-09 requirements met by LogIT:
- Collect boundary device logs from IDS/IPS systems, routers, firewalls, VPN, A/V systems and other security devices
- Provide central analysis and monitoring of intrusion-related activity across your entire IT infrastructure
- Correlate activity across user, origin host, impacted host, application, etc.
- Alert on unauthorized or suspicious activity
- Apply risk-based assessments of your environment to prioritize log sources according to risk rating classification
LogIT can identify known bad hosts and networks with the option to customize the dashboard for monitoring of events and alerts. LogIT provides deep forensic analysis of intrusion related activity and full automated with reports that provide a consolidated review of internal/external boundary activity and threats. Integrated knowledge base provides information and references useful for responding and resolving intrusions.
Check out Digital Edge’s Log Management Solution: LogIT, where you can learn how our unparalleled solutions can enforce continuous compliance. To assess your Log Management needs and budget your project, visit our Log Management Assessment tool for your instant quote!
To learn more about NEI 08-09 Rev 6 click http://www.nrc.gov/docs/ML1011/ML101180437.pdf.
If you feel that you need assistance from the Digital Edge Security team, please contact us at www.digitaledge.net/contact/.