WatchGuard tames security log overload with Dimension 'visibility' engine

Don't find the problems, see them

UTM vendor Watchguard has expanded its security platform with a new 'visibility' engine that turns the raw data from its physical or virtualised appliances into useful intelligence about applications, users and the threats facing them in real time.

Called Dimension, the software's innovation is not so much that it presents this data - much of it is already available in logs - but that it makes sense of it, presenting it in an easily understandable form.

As the firm concedes, evolving security platforms from an age where log data sufficed to one where security managers need far more hand-holding is becoming an important challenge for all vendors in the security appliance sector.

Quite simply, pages of log data have become a blunt tool for understanding security events and how these relate to the most basic elements of networks, namely users and their applications.

"Around the world, network security pros tell us they are drowning in logs of data and find it time consuming - or nearly impossible - to identify key issues on their networks and make proper policy decisions," said Watchguard's vice president or product strategy, Dave R. Taylor.

A recent survey carried out by the firm had found that although almost all those questioned monitored log data closely, many felt that they had limited visibility on important metrics such as bandwidth consumed and threat geography, he said.

Four out of ten reported taking hours to compile a simple compliance reports covering only two days of traffic. Identifying problems on networks could take hours.

Founded on a simple 'TreeMap' that made spotting events and problems easy, Dimension offered an executive dashboard with a sophisticated reporting feature for generating compliance overviews. A separate 'TheatMap' provided a regional overview of security threats as detected by Watchguard and its partners.

The software offered benefits not only for enterprises but also the firm's tier of Managed Security Solution Providers (MSSPs), said Mike Pencavel, North West sales manager at WatchGuard MSSP, Concorde IT Group.

"With WatchGuard Dimension it's easy to provide automated reports that make it simple for customers to see how we're protecting their interests. And because it's cloud-based, we have easy and secure access on any device, anywhere, to meet the needs of our diverse client base."

Dimension is available for all customers of Watchguard's 11.8 XTM Unified Threat Management platform.

Tags watchguardConfiguration / maintenancesecurityhardware systemsData Centre

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Security Solutions-GigaVUE-420

In partnership, Newgen provides innovative network monitoring and security solutions based upon Gigamon’s GigaVUE-420 systems.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.