contents

software
 
SenSage Debuts New Government Compliance Analytics Package

SenSage has announced the availability of the SenSage Government Analytics package. The compliance analytics suite is an extension of SenSage's award-winning scalable log management and analysis software. The solution helps government agencies and system integrators adhere to the growing number of security regulations such as FISMA, NISPOM and DCID. These guidelines mandate consistent monitoring and long-term retention of security, access and system events for security assurance.

The SenSage suite is among the industry's first enterprise security analytics solutions to support the NIST SP-800-53 control guidelines and enable granular, compliant auditing of network devices, security countermeasures, operating systems and applications. The suite incorporates rules and reports mapped to Federal guidelines and leverages SenSage's IntelliSchema technology, which enables rapid integration with any application log source found in government information technology environments.

Civilian and military IT networks contain highly sensitive information and are therefore subject to more extensive security monitoring and retention requirements. These regulations include the Federal Information Security Management Act (FISMA), the National Industrial Security Protection Operating Manual (NISPOM), NIST SP-800-53 and the Director of Central Intelligence Directive 6/3 (DCID 6/3). These regulations recognize that despite the attention paid to external security threats, insider threats represent the most dangerous source of security breach. To address these threats all four guidelines require agencies to perform frequent auditing of activity throughout the IT network, including monitoring of authenticated access to sensitive devices, operating systems, applications, files and access privileges. The regulations further require organizations to maintain long term archives of critical system event logs to allow in-depth investigations and forensics. DCID 6/3, for example, requires that government organizations and contractors with access to classified information must consistently analyze system events and retain event logs for a minimum of five years.

These security guidelines place enormous data management burdens on agencies and contractors, which must implement processes and procedures to capture massive volumes of audit data, identify potential security threats, and perform comprehensive investigations and incident response. Given the size and breadth of these networks, government agencies and contractors must analyze millions of events daily, and retain terabytes of data for trending and forensic analysis. SenSage's powerful log management and analytics solution is distinguished for its high volume data capture, high-speed precision search and reporting, ability to bridge real-time and historic analysis, and fully optimized log data storage. These unique capabilities accelerate return on compliance investment.

The SenSage Government Compliance Analytics incorporates features that are important to government organizations, such as granular role-based access controls that ensure that only those users with appropriate privileges can operate the system or view particular reports or report fields containing sensitive data. SenSage's IntelliSchema technology allows government organizations to collect and audit data from any device or application, and correlate activity across different sources while avoiding any data normalization or modification that can damage the data's forensic quality. The SenSage architecture scales to support nearly limitless data volumes, providing exceptional data load and query performance against terabytes of compressed event log data. Such scalability is important because it ensures consistent delivery of alerts, reports and searches, while providing significant operational savings.

In addition to servicing government agencies directly through its McLean, VA federal office, SenSage has also developed relationships with specialized systems integrators, contractors and other channel partners who integrate SenSage technology into their products, systems and contracts. Among SenSage's prominent integration partners, CSC, Hewlett-Packard and Lockheed Martin have been instrumental in deploying SenSage security analytics solutions to numerous government organizations. SenSage's federal partner program aims to expand SenSage's government security opportunities by offering sales incentives, training and support to new partners.



write your comments about the article :: 2006 Computing News :: home page