Security Event Manager

SEMs are a relatively new idea, and in late 2005 are still evolving rapidly. Just a year or two ago they were called Security Information Managers (SIMs). SEMs can help satisfy U.S. regulatory requirements such as those of
Sarbanes-Oxley
which require (among other things) that certain events, such as accesses to systems and modifications to data, be logged and that the logs be kept for a specified period of time.

Many systems and appplications which run on a computer network generate events which are kept in event logs. These logs are essentially lists of events, with records of new events being appended to the end of the logs as they occur. Well-defined Protocols , such as SYSLOG and SNMP , can be used to transport these events, as they occur, to logging software that is not on the same host on which the events are generated.

It is beneficial to send all events to a centralized SEM system for the following reasons:

Access to all logs can be provided through a consistent central interface

The SEM can provide secure, forensically sound storage and archival of event logs

Powerful reporting tools can be run on the SEM to mine the logs for useful information

Events can be parsed as they hit the SEM for significance, and alerts and notifications can be immediately sent out to interested parties as warranted

Related events which occur on multiple systems can be detected which would be impossible to detect if each system had a separate log

Events which are sent from a system to a SEM remain on the SEM even if the sending system fails or the logs on it are accidentally or intentionally erased

	APPAREL
	BABY
	BEAUTY
	BOOKS
	CAR TOYS
	CELL PHONES
	DVD'S
	ELECTRONICS
	GOURMET FOOD
	GROCERIES
	HEALTH & PERSONAL
	HOME & GARDEN
	JEWELRY
	MUSIC
	MUSIC INSTRUMENTS
	OFFICE PRODUCTS
	SOFTWARE
	SPORTING GOODS
	TOOLS & HARDWARE
	TOYS
	VIDEO GAMES
	SHOPPING HOME

	MORE SHOPPING...

	CATEGORIES ABOUT SECURITY EVENT MANAGER

	information systems

Information About

Security Event Manager