LogRhythm Inc. announced on Wednesday its new LRX line of integrated log and event management appliances. The LRX line enables organizations to process billions of logs per day while extracting fine-grained security, compliance, and operational intelligence.
By combining new Log Deduplication technology, a 64 bit architecture, and deep Active Directory integration with new LRX appliances, LogRhythm raises the bar for SIEM 2.0 capabilities that it established in 2004 with the release of its initial integrated log and event management solution.
LogRhythm provides enterprise-class log and event management, file integrity monitoring, and endpoint monitoring and control in a single integrated solution that empowers organizations to comply with regulations, secure their networks, and optimize IT operations. LogRhythm is privately held and based in Boulder, Colorado with European Headquarters in Maidenhead, England, and Asia Pacific operations in Hong Kong.
The collection, normalization, and analysis of log data is a requirement for compliance with most regulatory mandates and is a critical component of in-depth security strategies. With organizations generating hundreds of millions of logs per day, a manual or homegrown approach is no longer feasible. The acuteness of the challenge is captured by the SANS institute estimate that up to 25 percent of all enterprise data can be log data.
To help provide early detection of insider threats and other suspicious user activity, LogRhythm has supplemented its User Activity Monitoring capabilities to include integration with Active Directory (AD). By automatically synchronizing with AD domains and sub-domains, LogRhythm provides visibility into actions by AD users, groups and group members. In addition, AD group filters can be applied for searches, alerts, and other analysis functions to help organizations detect and protect against suspicious activity by employees, contractors, and other trusted users with access to network resources. “Logs represent the digital fingerprints of activity that occurs within an organization’s IT infrastructure. They are the single richest source of data for understanding what is happening at the network, system, and application layer as it affects security, compliance and operations,” said Chris Petersen, co-founder and CTO of LogRhythm. “However, first generation log management and SIEM products lack the integration, performance, and “full stack” monitoring capabilities required to deliver the full potential of this technology platform,” Peterson said. With the LogRhythm LRX line, we are delivering what customers want in a SIEM 2.0 product – a single integrated solution that provides unprecedented visibility across the entire IT stack. Our log and event management platform, combined with file integrity monitoring, user activity monitoring, data leak protection and network flow analysis provides the end-to-end analysis capabilities required to monitor and protect today’s ever changing and often targeted networks,” he added. To help organizations transition from legacy first generation SIEM products to the next generation capabilities of the LRX family, LogRhythm is offering a trade-up program. The LogRhythm SIEM 2.0 Trade Up offer enables enterprises to purchase LogRhythm appliances by reallocating budget dollars currently slotted for maintenance, support and upgrades of their legacy SIEM 1.0 solution. LogRhythm LRX appliances are available, with prices starting at $25,000.
