June 12, 2012
Log Correlation Engine Version 4 Delivers Major Performance Improvements for Large and Complex Network Environments, 'Smart' Load Balancing, and Enhanced Search Capabilities
Tenable Network Security, Inc., the leader in Unified Security Monitoring (USM), today announced the availability of Log Correlation Engine (LCE) Version 4 will be generally available on June 26, 2012.. A critical component of Tenable's USM platform, Tenable's LCE provides advanced and unique SIEM functionality. By combining normalized log data from devices throughout enterprise networks with vulnerability intelligence, it detects botnets and other malicious communications that other solutions miss. The LCE helps organizations move from periodic assessment to continuous and instant identification and response to security and compliance threats.
"It's critical for enterprises to have complete visibility into the threat environment. Tools that can correlate logs and event records, can efficiently prioritize incidents, can separate real security violations from false alarms, and can aggregate security events from different locations and devices, are becoming critical components for security risk management," said Charles Kolodgy, Research VP for security products at IDC. "The synthesis of security and vulnerability management, as occurs in Tenable's USM platform, can facilitate adherence to risk management baselines because it provides policy and compliance context, and puts threat and vulnerability information into proper context, thus offering a comprehensive view of the enterprise's risk posture."
LCE Version 4 introduces several new enhancements that speed results, optimize workflow, and improve system reliability including:
- Event Processing Speeds in excess of 30,000 events per second give network, security, and compliance teams near-instant visibility, pinpointing threats and misconfigurations.
- 'Smart' Load Balancing goes beyond simple "round robin" server switching capabilities by automatically targeting new or underutilized servers when workloads increase. Users can dynamically add new instances of LCE that will aggressively accept workloads until it has caught up with its peers.
- Enhanced Event Full-text Search allows LCE users to identify specific events and network based activity by rapidly sifting through mountains of log data.
"We're achieving our compliance goals, protecting our customers' information, and turning our existing log data into valuable network intelligence that affords us the opportunity to identify threats, problems, and patterns in real time," said Phil Lambert, Director Information Security, Starwood Vacation Ownership and user of Tenable's Log Correlation Engine solution.
These updates, along with additional functionality enhancements embedded in LCE Version 4, make it easier than ever for organizations to integrate log and event management data with vulnerability management initiatives. This integration delivers two key business benefits:
- Cost Savings: Integration between log correlation and vulnerability management improves operational efficiency and reduces costs by eliminating the need for a standalone log management solution that requires additional staffing and financial resources.
- Rock-Solid Security: The integration of log correlation data with vulnerability intelligence results in streamlined compliance, faster and more reliable attack mitigation and detection, and deeper intelligence and reporting on existing and emerging risks.
"We're working with some of the industry's largest and most complex networks — actively monitoring tens-of-thousands of IPs for anomalous and malicious activity while red flagging true threats as they emerge," said Ron Gula, CEO and CTO of Tenable Network Security. "Our Log Correlation Engine can literally pick a needle out of a haystack of log data in a matter of seconds — which makes a paramount difference when you're tasked with safeguarding a massive network."
Tenable Network Security is trusted by tens-of-thousands of security professionals worldwide and its SecurityCenter™ and Nessus® solutions are seen as the industry standard by IT security, compliance, and risk managers. The company's technology is the cornerstone for network security in many of the world's largest healthcare, financial, retail, and educational organizations and is currently being deployed across the entire Department of Defense and select federal intelligence agencies. Tenable's USM platform incorporates the world's most accurate vulnerability sensors — the award-winning Nessus vulnerability scanner and the Passive Vulnerability Scanner — with the industry's largest database of vulnerabilities, threats, and compliance data, delivering real-time network vulnerability intelligence and threat correlation.
For more information please visit www.tenable.com.