WatchGuard tames security log overload with Dimension 'visibility' engine
- 12 October, 2013 17:54
UTM vendor Watchguard has expanded its security platform with a new 'visibility' engine that turns the raw data from its physical or virtualised appliances into useful intelligence about applications, users and the threats facing them in real time.
Called Dimension, the software's innovation is not so much that it presents this data - much of it is already available in logs - but that it makes sense of it, presenting it in an easily understandable form.
As the firm concedes, evolving security platforms from an age where log data sufficed to one where security managers need far more hand-holding is becoming an important challenge for all vendors in the security appliance sector.
Quite simply, pages of log data have become a blunt tool for understanding security events and how these relate to the most basic elements of networks, namely users and their applications.
"Around the world, network security pros tell us they are drowning in logs of data and find it time consuming - or nearly impossible - to identify key issues on their networks and make proper policy decisions," said Watchguard's vice president or product strategy, Dave R. Taylor.
A recent survey carried out by the firm had found that although almost all those questioned monitored log data closely, many felt that they had limited visibility on important metrics such as bandwidth consumed and threat geography, he said.
Four out of ten reported taking hours to compile a simple compliance reports covering only two days of traffic. Identifying problems on networks could take hours.
Founded on a simple 'TreeMap' that made spotting events and problems easy, Dimension offered an executive dashboard with a sophisticated reporting feature for generating compliance overviews. A separate 'TheatMap' provided a regional overview of security threats as detected by Watchguard and its partners.
The software offered benefits not only for enterprises but also the firm's tier of Managed Security Solution Providers (MSSPs), said Mike Pencavel, North West sales manager at WatchGuard MSSP, Concorde IT Group.
"With WatchGuard Dimension it's easy to provide automated reports that make it simple for customers to see how we're protecting their interests. And because it's cloud-based, we have easy and secure access on any device, anywhere, to meet the needs of our diverse client base."
Dimension is available for all customers of Watchguard's 11.8 XTM Unified Threat Management platform.