|
Windows Event Logs & Syslog Consolidation
PCI Compliance at a Glance
- Install and maintain a firewall configuration
to protect cardholder data
- Do not use vendor-supplied defaults for system
passwords and other security parameters
- Protect stored cardholder data
- Encrypt transmission of cardholder data across
open, public networks
- Use and regularly update anti-virus software
- Develop and maintain secure systems and applications
- Restrict access to cardholder data by business
need-to-know
- Assign a unique ID to each person with computer
access
- Restrict physical access to cardholder data
- Track and monitor all access to network resources
and cardholder data
- Regularly test security systems and processes
- Maintain a policy that addresses information
security
|
|
|
If your company must maintain and verify compliance with
the Payment Card Industry (PCI) Data Security Standard (DSS),
you are well aware of the mandate’s comprehensive nature.
And you need to sustain overall good governance of your IT
environment not only during periodic audits and assessments,
but each and every day.
Make Longitude® Event Log and Syslog monitoring software
part of your proactive best practices approach to PCI DSS
- one that promotes the availability and performance of your
IT environment while helping you automate the daunting process
of daily compliance monitoring. Longitude conforms to the
PCI DSS principles of vulnerability management, strong access
control measures, regularly monitoring and testing networks,
and maintaining an information security policy.
For example, use Longitude to perform the event log monitoring
specified by PCI DSS Requirement 10. Longitude automates the
daily monitoring required with comprehensive WindowsEventLog
and Syslog solutions that collect and centralize event log
records for reporting, display, and alerting. Event log records
can be consolidated and viewed within the Longitude real-time
Event Monitor and used to automatically trigger Longitude
actions: including Email, Text Message, SNMP Trap, or Execute
a corrective OS command.
To reduce event volume and increase situational awareness,
leverage Event Correlation in Longitude to detect patterns
in audit events - such as multiple logon failures followed
by successful logons, or logon failures from unexpected sources
- or combinations of events and data from other sources.
Role-based security also ensures Longitude users see only
those specific monitoring tasks and related information they
are pre-authorized to view.
Contact us for more information on how Longitude monitoring
can support your PCI DSS compliant environment. For complete information about the PCI DSS, visit the PCI Security Standards Council.
About Longitude
With Longitude
you get the best of both worlds – agentless
software that’s not only affordable and easy to install
and use, but gives you the kind of comprehensive application
and network performance monitoring that you’d expect
from high end agent-based software. Longitude monitors hundreds
of vital performance metrics, alerts you to problems, takes
any corrective actions you specify, and generates reports
and graphs that demonstrate just how well your
operating system,
databases,
web servers,
messaging,
and J2EE applications are
performing. Best of all, everything is presented in dashboard
views that let you drill down to investigate problems and
find answers fast.
In keeping with its robust functionality, Heroix Longitude
scales with ease. It’s equally adept at monitoring a few
servers and databases or many. And unlike some other agentless
solutions, Longitude is totally self-contained with no
prerequisites for layered software. You won’t have to
install extra software, nor will you get stung by unexpected
costs such as additional database, report writer, and runtime
license fees. In most cases, Longitude can be deployed in
about 15 minutes!
|
