In the previous post of this series, we looked at how easy it is to get Log360 up and running due to its various deployment features and easy-to-use UI. Today, we’ll dive into the solution’s wide range of support for event sources across multiple environments.
Servers and workstations. With Log360, you can easily go deep into the events occurring on all Windows, Unix/Linux, and IBM servers and workstations in your network. This is a basic expectation of any SIEM solution, and Log360 doesn’t disappoint, as it offers a vast set of predefined reports to help you audit activities in these systems.
Active Directory environments. With in-depth AD auditing, you’ll ensure that you stay on top of all user activities, including privileged users’ activities. AD auditing helps you track all critical AD events, and it’s especially helpful in detecting insider threats.
Network devices. The importance of auditing your network firewalls, routers, switches, and IDS/IPS devices is often overlooked. By examining these devices, you can gain an understanding of traffic patterns in your network, which in turn allows you to secure your network perimeter from external attacks. Log360 also provides built-in support for network devices from several vendors, including Cisco, SonicWall, HP, Fortinet, Sophos, and WatchGuard.
Applications. Applications account for many business-related activities within your network. Consequently, they handle a lot of sensitive business information in the process. It’s critical to track all events coming from your databases, web servers, and other applications so you can prevent or contain data breaches and ensure business continuity. Log360 provides out-of-the-box support for Microsoft SQL Server, Oracle Database, IIS, and Apache web servers.
File servers. Your network stores a lot of critical files, including binary files related to operating systems and network drivers, network configurations and settings files, confidential business files, and network log files. It is important to monitor all changes to ensure the integrity of these files. Log360 provides you with detailed reports on all changes made to Linux, Windows, EMC, and NetApp file servers.
Cloud environments. As businesses migrate to the cloud, and employees become increasingly mobile, a larger percentage of network activity occurs on the cloud. Needless to say, to get a complete picture of the network, it’s necessary to monitor cloud environments. Log360 provides detailed reports for Amazon Web Services, Microsoft Azure, Azure Active Directory, and Exchange Online instances, as well as several other cloud applications, including Salesforce, OneDrive for Business, and Skype for Business.
Exchange Server environments. Log360 helps you audit on-premise instances of Exchange Server in addition to Exchange Online.
Endpoint solutions. By centrally auditing information from endpoint security solutions, such as vulnerability scanners, threat solutions, and DLP applications, you gain a comprehensive outlook into your endpoints’ security posture. Log360 supports Symantec, Malwarebytes, FireEye, Nessus, Qualys, Nexpose, and more.
Virtual environments. Gaining visibility into your virtual environments helps you ensure that all virtual setups are properly configured and protected from unauthorized access.
With support for such a vast range of log sources, Log360 helps you receive a complete picture of your network, ensuring that you’re always aware of any and all activities.