Employing steady-state monitoring to ensure the integrity of sensitive filesis more than just a security best practice; for many organizations, it is a regulatory mandate as well. By combining File Integrity Monitoring (FIM) with Log Management, The ControlScan Log Monitoring and Management Service, powered by LogRhythm, allows customers to simplify and strengthen their security, audit and compliance postures.
User-Aware File Integrity Monitoring
ControlScan’s holistic approach allows security personnel to be notified when files are created or key files are viewed, deleted or modified, and when group ownership of files is changed.
For selective monitoring, The ControlScan Log Monitoring and Management Service adds granular controls and filters that can select specific files and either perform scans at desired intervals or operate in real time mode for continuous protection. File-level behavior can then be correlated to additional security and audit activities to investigate potentially harmful network activity.
The service supports policy-based FIM that allows multiple policies to be assigned to the same endpoint, reducing ongoing management as policies are updated. For example, individual policies can be created for Linux Operating System files and Directories, Web Application Servers and DNS Servers.
When the Web Application Servers and DNS Servers are running on a Linux Host, all three FIM policies will be combined. FIM multi-policy support ensures that FIM policies are assigned to the appropriate assets and that changes to those policies are propagated across the environment.
Fully Integrated with Log and Event Management as well as Endpoint Monitoring and Control
Monitors All Types of Files