Recently in SIEM Category

Connecting Physical and Logical Security Data for Comprehensive Security View

Proximex,a physical security information management (PSIM) vendor, announced today at ISC West in Las Vegas that it has joined the ArcSight Common Event Format(CEF) program. As a member of the ArcSight CEF program, Proximex has developed an integration between its Proximex Surveillint PSIM solution and ArcSight's SIEM Platform.

Proximex said this development makes Surveillint the first PSIM solution to enable ArcSight's SIEM Platform to correlate events and information from physical security systems such as electronic access control and video surveillance with logical and/or network security systems to catch coordinated security attacks.

As Security Squared wrote in its recent PSIM report and other reporting on SIEM and convergence, many sources see SIEM to PSIM connections as natural convergence points. Most of the PSIM vendors we spoke said they will connect to SIEM tools, which are offered by vendors such as CA, Cisco, NetIQ, RSA, Splunk and others, as well as ArcSight. ArcSight is generally acknowledged as the leader in the SIEM solution market. Its Common Event Format can be adopted by a variety of vendors so log data coming from their systems can be monitored by ArcSight.

SIEM tools are the IT equivalent of PSIM, monitoring and correlating data from scores of IT systems, from identity management to network intrusion detection to anti-malware software as well as business and operational systems. Linking SIEM and PSIM could enable enterprises to write rich security policies that encompass events occurring across the IT, physical and business systems.

In theory, it would also help them pursue more centralized monitoring and control of physical and logical security events, which today still tend to be managed separately.


Recently in SIEM Category