Security Event Management

A Security Event Manager (SEM) is a computerised tool used on enterprise data networks to centralize the storage and interpretation of logs, or events, generated by other software running on the network.

Many systems and applications which run on a computer network generate events which are kept in event logs. These logs are essentially lists of events, with records of new events being appended to the end of the logs as they occur. Well-defined protocols, such as SYSLOG and SNMP, can be used to transport these events, as they occur, to logging software that is not on the same host on which the events are generated.

It is beneficial to send all events to a centralized SEM system for the following reasons:

Access to all logs can be provided through a consistent central interface
The SEM can provide secure, forensically sound storage and archival of event logs
Powerful reporting tools can be run on the SEM to mine the logs for useful information
Events can be parsed as they hit the SEM for significance, and alerts and notifications can be immediately sent out to interested parties as warranted
Related events which occur on multiple systems can be detected which would be impossible to detect if each system had a separate log
Events which are sent from a system to a SEM remain on the SEM even if the sending system fails or the logs on it are accidentally or intentionally erased

Definitions provided by Wikipedia - The Free Encyclopedia

Security Event Management Related Products

McAfee Firewall Enterprise

McAfee Firewall Enterprise (formerly Secure Computing Sidewinder) appliances provide powerful centralised management and reporting tools to ease planning, troubleshooting, and configuration, while global reputation technology reduces up to 70 percent of unwanted traffic and blocks attacks before they occur.

More information

Security Event Management Related Industry News

Websense Unveils Ecosystem

Websense Unveils Ecosystem Websense, Inc. (Nasdaq: WBSN - News), the world's leading provider of employee internet management solutions, today announced the launch of a new technology alliance partner framework, the Websense® Web Security Ecosystem(TM) extending Websense Enterprise® and Websense Web Security Suite(TM) technology to critical enterprise security initiatives including network access control, security event management and identity management. Websense's expanded network of alliance...... [more]

Radware's APSolute Attack Prevention offers a combination of advanced security protections from hybrid network attacks in a single device

Radware's APSolute Attack Prevention offers a combination of advanced security protections from hybrid network attacks in a single device Recent attacks in 2009 and 2010, such as the July 2009 cyber attacks and Conficker malware show that attackers are using hybrid attack techniques that utilise multiple attack types and vectors. Today, organisations are deploying individual protection tools, such as Intrusion Prevention System (IPS), Network Behavioral Analysis (NBA) and Denial of Service (DoS)...... [more]

Security Manager's Journal: New firewalls should increase protection

Security Manager's Journal: New firewalls should increase protection This week, my company began deploying new firewalls. The old ones have been in place for more than six years; the new ones will allow us to take advantage of the next generation of features. Today, application-based (Layer 7) firewalls provide far more flexibility than was available before. The methods of inspecting traffic enable us to allow or deny traffic based on a variety of factors. In addition, the firewall we chose, whi...... [more]

If you need more information about Security Event Management, please feel free to contact us with your Security Event Management questions using our contact form.

Global Secure Systems - Security Event Management

Search