Product - iSIEM（PLD Intelligent Security Information And Event Management）

iSIEM（PLD Intelligent Security 線東Information And Event Manageme女可nt）

Product Overview Deployment mode Advantages Customer Benefits Classic case

Product Overview

Verizon's 2021 Data Breach Investig空快ation Report, which analyzed 5,358 dat劇件a breaches based on 83 contributing 水件organizations worldwide. With 85% of 志兒data breaches involving a human factor,答體 human negligence remains the bigge放錯st threat to security. To mitig化器ate information damage and informati林微on leakage, log audits must be con場金ducted, and with the complexity of 喝麗network structure and the complexi唱的ty of data systems, the difficulty 村做of information security managem光頻ent and maintenance is also increa章爸sing.

Especially for security managers, m飛新anpower alone can no longer comple話報te the effective management and analy朋樹sis of massive security logs. In resp也冷onse to the above problems, a log anal這術ysis product based on big data tec技子hnology, the Security Event Big冷又 Data Platform (iSIEM), came int雨場o being.

Palladium Security Event Big Data Platform 這呢(iSIEM) is a new generation of log c近票ollection and analysis products知拍 based on big data technology in你唱dependently developed by Hangzhou Palladium Network Technology Co., Ltd. iS校黑IEM can collect massive log data across志唱 the network to achieve centralized lo數國g management, real-time monitoring廠日, alarm analysis, and rapid retri我湖eval. By generating rich view re制化ports, it can help administrators ti書上mely understand the overall operation 友木situation of the whole network 計坐and generate compliance reports for va笑線rious laws (such as equal prot麗離ection, ISO27001, SOX, PCI DSS, etc.).

iSIEM can support log data gene刀現rated by all device assets on the n場是etwork, such as: system logs (Windo紅湖ws, Linux, UNIX, etc.), network機中 devices (routes, switches), applicati分很ons (Oracle, Apache), security錢物 device logs, etc.

iSIEM fully considers the actual sit黑文uation of various customers, r西風elies on the good scalability and城場 scalability of big data archit綠少ecture, and can be configured ind多如ependently to meet the needs of房自 small networks, or distributed and國術 clustered to meet the needs of large件一 networks.

Deployment mode

Advantages

(1) Deep correlation analysis

The system supports multi-level雪新 event correlation analysis, does not短話 limit the level of aggregated events, 我得independently sets filter conditions a吧會nd aggregation conditions for each 日快level of aggregated events, and fle信高xibly defines the timing of each小人 level of events to prevent the attac大暗k window from being evaded. In-depth a能門nalysis capabilities help customers fi長銀lter valueless alarms and perce去黃ive risks in advance.

(2) Big data technology realizes high個草-speed retrieval

The high-speed retrieval engine for機村 big data applications independ現作ently developed by Palladium realizes second-level responses to mult些月i-condition queries of hundreds of mill醫秒ions of data, provides iQL search synta農男x, and flexibly queries any comb些道ination of any field, keyword, re謝紙gular, wildcard, and logical re光街lationship to quickly locate events暗有;

(3) In-depth analysis of events and al看熱arms

Based on in-depth analysis of securi聽為ty events, multiple event dimensio到筆ns detect threat behavior, and她樂 support alarm event context analysi白煙s and data drilling.

(4) Centralized management of massive l服鐘ogs

The system can automatically collec購弟t and store massive data, and r明低ealize centralized collection and unifi拍事ed management of massive log data 短照in the entire network environmen生年t.

(5) Visual log analysis

Based on the statistical analysis of lo科小g data, visual event auditing, report d時下isplay, and flexible and customizable 長老dashboard monitoring are realized小空.

(6) Highly scalable

It supports point deployment an在去d cluster/hierarchical deploymen動綠t, which can expand resources 有人according to the actual needs of志媽 customers and reduce unnecessary w下我aste of resources.

Customer Benefits

(1) Safety management benefits

Multi-level event correlation analys也愛is, filtering valueless alarms,兒問 tracking and tracing attack ev林制ents, deeply analyzing the caus答民es of problems, and improving the eff讀紅iciency of security incident manageme近吧nt.

(2) Audit management benefits

Implement centralized log auditing; 愛風Based on big data storage and analysi鄉錯s framework, hundreds of millions of da房畫ta query responses are measured in s房玩econds; Provide iQL search syn技暗tax to flexibly set search conditi間作ons; At the same time, meet the 學一compliance needs of third-party 民兵audits;

(3) O&M management benefits

Data collection, storage and analys小放is of various infrastructures; Realiz裡文e real-time monitoring, timely fin務大d fault bottlenecks, and improve tro術校ubleshooting efficiency; Centralized la錯討rge-screen monitoring to reduce t都請he workload of managers;

(4) Collaborative management of bene女員fits

Assigning different data access 影舊rights to different roles and users a家城llows more personnel from differe男短nt departments to participate in sec她如urity log analysis scenarios under th坐白e premise of ensuring controll麗歌able permissions, which is conducive t購少o improving the efficiency of c內中ommunication.

Classic case