Global DataGuard Enhances Log Management

Firewall/Syslog Module version 3.4 provides increased storage, advanced search capabilities, and more sophisticated log parsing and alerting

August 13, 2009

4 Min Read


Dallas, Texas, August 17, 2009 " Global DataGuard', the premier provider of network behavior analysis-based (NBA) Enterprise Unified Threat Management for small and medium businesses to large enterprise environments, has enhanced its Firewall/Syslog Module (FSM) technology with the release of version 3.4 to provide increased storage " up to 1.5 terabytes of onboard storage; advanced search capabilities for locating and analyzing specific log events over vast periods of time; and more sophisticated log parsing and alerting that's designed to help businesses achieve full regulatory compliance. The FSM's ability to collect, analyze, respond to and retain log information is instrumental in offering visibility into IT operational efficiencies, detecting potential security breaches, providing forensic capacity, and enabling corporate accountability across an organization's entire enterprise. Recent data breaches show that employees and other internal threats are responsible for upwards of 50% of data theft. According to Gartner analysts, log management is becoming more important to organizations as compliance requirements " such as PCI DSS " mandate the capture and retention of audit trails, particularly those related to sensitive cardholder data and personal information. "Global DataGuard's log management and monitoring solution is one of the first systems of its kind to include innovative active response capabilities. It can help companies to identify and prevent security breaches, hacker or insider intrusions, or other activities that can harm valuable corporate assets," stated Scott Paly, chief executive officer for Global DataGuard. "Moreover, this robust capability integrates with our adaptive, predictive Enterprise UTM portfolio to provide customers with features that can be customized to fit their unique business requirements." Real-time Log Monitoring, Analysis and Correlation With the FSM, all log files are continuously analyzed by customer-specified rule sets and then retained for reporting and forensics. Detected policy violations or activities of interest result in alerts on the unified management console for further analysis, incident response and ticketing. In addition, the FSM:

  • Collects, normalizes, aggregates, compresses and encrypts log data from disparate 3rd party routers, switches, firewalls, IDS/IPS, AV, SPAM/spyware, Windows, UNIX and Linux systems and associated applications;

    • Adds necessary resources, services and applications to a Whitelist to ensure that critical network ports and services are never accidentally blocked;

    • Provides a sophisticated search and parsing capability;

    • Allows an organization to customize the severity of log alerts;

    • Enables users to define their own custom online SLA within the Global DataGuard Security Alert Response Procedure (SARP); and

    • Automates the process of producing comprehensive reports and enables 24/7 online access, via the Enterprise UTM++ monitoring console, so customers can easily review relevant data that can identify an anomaly or threat. As an Approved PCI Scanning Vendor, Global DataGuard originally designed the FSM to address PCI DSS requirements through log file harvesting, parsing and alerting. The FSM can help an organization achieve full PCI compliance because it:

    • Enables logging for all events, with data on user ID, customizable groups, type of event, date and time, success or failure indication, origination of event, and identity of the system component;

    • Provides 1.5 terabytes of onboard storage to hold collected log information;

    • Ensures that viewing of audit trails is limited to those with a job-related need

    • Protects audit trail files from unauthorized modification " existing log data cannot be changed; and

    • Makes log data accessible through a local NAS partition. The FSM integrates at the architectural level with all of Global DataGuard's industry proven, Enterprise UTM applications to provide early warnings of threats that other solutions may not see, reduce false positives, and enable unparalleled management of a company's total information security environment. The Firewall/Syslog Module is priced at $30,000.00 in the U.S., and it can be leased with turnkey managed services for $2,815.00 per month. Because the FSM is a fully integrated component within the Global DataGuard Enterprise UTM++ portfolio, custom configurations can be designed and priced based on an organization's unique network requirements. About Global DataGuard, Inc. Global DataGuard is the technology leader in network behavior analysis-based Enterprise Unified Threat Management for small/medium business to large enterprise environments. The company has been arming Fortune 1000 companies with battle-tested, proven Enterprise UTM solutions and Security Risk Management (SRM) Managed Security Services since 2001. Today, Global DataGuard solutions are deployed on three continents in both corporate and managed services environments. For more information, call (972) 980-1444 or visit our web site at

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights