Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable and Reconnex


Tenable's Log Correlation Engine (LCE) can accept events from the Reconnex iGuard. If you are not familiar with products like the iGuard, it is a sophisticated network traffic analyzer that can look for social security numbers, credit card numbers, and important corporate data as it flows across instant messaging, email attachments, web surfing and most other forms of network traffic.

Having the LCE be able to parse logs from the iGuard allows users of the Security Center to analyze traffic on their separate network segments. This means Joe from accounting can see the iGuard events for his network and Sue from HR can get alerted for their events. Tenable has also written some advanced TASL correlation rules that look for systems being attacked and then having their sensitive data transferred by the attacker. Using intrusion detection logs and iGuard logs, the LCE can recognize when a system has been under attack and then sensitive data has been obtained from the target.