IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

LogLogic MX2010

It’s pricey but LogLogic can provide proof that you’re complying with data protection standards and keep the auditors happy as well.

Price
£22,705

The shocking number of security breaches involving personal data shows that all too many businesses are still failing to provide adequate measures to stop this information falling into the wrong hands. Fortunately, there are a wide range of standards that aim to prevent this happening by providing best practise guidelines. Developed by all the major credit card companies, the PCI DSS (Payment Card Industry Data Security Standard) is a prime example, which insists that those companies processing, storing or transmitting payment card data must be compliant or they could lose their privileges.

Part of the PCI DSS guidelines are periodic audits carried out by qualified security assessors (QSAs) and this is where LogLogic comes in as its family of appliances aim to provide log data gathering and reporting tools that enable regulatory compliance to be proven.

On review is the latest MX2010 appliance which is aimed at mid-sized businesses and combines the functions of LogLogic's LX and ST appliances into a single solution. It doesn't skimp on features as you get the same choice selection as offered by the larger products and the only payback is a reduced storage capacity for log messages and performance with the MX2010 capable of handling 1,000 messages per second.

The MX2010 can be easily customised to suit requirements as LogLogic offers a range of compliance suites. Along with PCI DSS you have options for SOX (Sarbanes-Oxley), HIPAA (Health Insurance Portability and Accountability Act), ITIL (IT Infrastructure Library) and FISMA (Federal Information Security Management Act). Additional suites cost a shade over 5,000 so can add significantly to the price but LogLogic advised us that most customers only choose one.

The MX2010 accepts log data from a huge range of sources and supports SNMP, HTPP and HTTPS streams, syslog, syslog-ng, Windows drive mapping, JDBC connectors for database logs, FTP, SFTP and SCP. In environments with a wide range of security appliances, servers, firewalls and so on you'd expect deployment to be a lengthy process but you'd be wrong. All you need do is tell each source device where to send its log data and the MX2010 will automatically identify it from its traffic. LogLogic does away with the need for agents as any device that can write log data to any of the supported methods can be used.

The appliance's web interface is very intuitive and the home page provides a rundown on the status of the hardware along with message throughput plus the number of messages and their category. It's easy enough to see the data being provided by a specific device as the appliance automatically categorises it as it is received. You can also approve devices before their log data is accepted by switching off the automatic identification function.

From the real time viewer you can see all log messages being received by the appliance and drill down to specific source devices and types such as firewalls and servers. Filters using phrases and expressions enable you to refine this further and the real time reports can show plenty of activity information on users, connections, databases and access controls plus mail and web servers.

For even more detail you can use LogLogic's advanced reporting facilities. We created a number of custom reports looking at areas such as external users attempting to access personal data. We could select the type of access method such as FTP or SSH, see the physical devices that handled this traffic and list associated IP addresses. If you're enforcing AUPs (Acceptable Use Policy) in the workplace then the web activity reports will come in handy as these can show what sites specific users were accessing.

Featured Resources

2023 Strategic roadmap for data security platform convergence

Capitalise on your data and share it securely using consolidated platforms

Free Download

The 3D trends report

Presenting one of the most exciting frontiers in visual culture

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Most Popular

Warning issued over ransomware attacks targeting VMware ESXi servers globally
cyber attacks

Warning issued over ransomware attacks targeting VMware ESXi servers globally

6 Feb 2023
Yandex data breach reveals source code littered with racist language
data breaches

Yandex data breach reveals source code littered with racist language

30 Jan 2023
BT Group extends Kyndryl deal to migrate legacy mainframe apps to the cloud
Business strategy

BT Group extends Kyndryl deal to migrate legacy mainframe apps to the cloud

31 Jan 2023