syslog-ng Store Box - BalaBit

CENTRAL LOG SERVER FOR HETEROGENEOUS ENVIRONMENTS
■ Central logserver appliance
■ Complete log-lifecycle management
■ Encrypted, signed, and timestamped log storage
■ Web-based configuration interface and log search
■ Log collector agent for Windows, IBM System i and
Unix-variant hosts
<strong>syslog</strong>-ng Store Box
trusted log collection and storage
■ Fast search capability via log message indexing
■ Forward logs to external database or SIEM devices
■ Up to 10 Terabytes of effective disk space
■ Collect more than 100,000, and index more than
75,000 log messages per second real-time
Are you looking for a simple way to store your logs in one place? Do you need to prevent unauthorized access to
your logs? Do you need a reliable platform with excellent hardware support and high availability? Is your logging
infrastructure subject to policy compliance?
Built around the popular <strong>syslog</strong>-ng application used by thousands of organizations worldwide, the <strong>syslog</strong>-ng Store Box
(SSB) brings you a powerful, easy to configure appliance to collect and store your logs. SSB allows you to collect, process,
and store log messages from a wide range of platforms and devices.
www.balabit.com

Secure, reliable log transfer
The <strong>syslog</strong>-ng Store Box collects and classifies log messages from a
wide variety of devices and applications and can receive log messages
sent using both the legacy BSD-<strong>syslog</strong> protocol, as well as the latest
<strong>syslog</strong> protocol standards. Transferring messages to SSB is supported
using the UDP, TCP, and TLS protocols. Mutual authentication of the
TLS- encrypted channels maintains the integrity and confidentiality of
transferred information. Using <strong>syslog</strong>-ng to transfer the log messages
helps you avoid losing messages even in case of network or hardware
errors.
Web-based configuration and access
SSB can be conveniently configured from a browser using a simple,
clean user interface. Logs, including logs stored remotely on a remote
backup server, are also accessible and can be browsed from the SSB
interface. SSB also features highly customizable access control –
you can specify exactly who has access to certain parts of the SSB
configuration, or to log messages. User groups and privileges can be
retrieved from your LDAP server (e.g., from Microsoft Active Directory).
Configuration changes are automatically logged.
Handle extreme load
The <strong>syslog</strong>-ng Store Box is optimized for performance, and can handle
enormous amount of messages. Depending on its exact configuration,
it can collect over 100,000 messages per second, and index over
75,000 messages per second, and process over 35 GB of raw logs per
hour. Larger versions of the appliance are capable of storing up to 10
Terabytes of data.
Direct database access
SSB natively supports SQL database sources allowing users to fetch log
messages directly from MySQL, Microsoft SQL (MSSQL), Oracle, and
PostgreSQL databases. In addition to storing messages locally on SSB,
log messages can be transferred directly to SQL databases.
Trusted, timestamped log storage
The <strong>syslog</strong>-ng Store Box can store log messages securely in encrypted,
compressed, and digitally signed binary files. That ensures that any
sensitive data is available only for authorized personnel who have the
appropriate encryption key. Sections of the log files can be timestamped
independently of other sections; timestamps can be requested from
external Timestamping Authorities as well. The contents of the log files
are indexed – terabytes of data can be browsed online. All data is stored
on mirrored RAID devices to prevent data loss in case of hardware
failure. Using two SSB units in a high availability configuration is a
simple and convenient way of ensuring continuous log collection.
Licensing and support
Buying the <strong>syslog</strong>-ng Store Box (SSB) allows you also to download
<strong>syslog</strong>-ng Premium Edition (PE) for every available platform and use
it as the log collector agent of SSB. Software upgrades for one year –
updates and fixes for both SSB and <strong>syslog</strong>-ng PE – are included in the
base price. Hardware support covers full on-site support for the first
year. Product support – including 7x24 support – is available on an
annual basis.
Log collector agent for several platforms
SSB uses the <strong>syslog</strong>-ng Premium Edition application to collect logs from
different operating systems and hardware platforms, including Linux,
Unix, BSD, Sun Solaris, HP-UX, IBM AIX, IBM System i, as well as
Microsoft Windows XP, Server 2003, Vista, and Server 2008.
TO TEST THE SYSLOG-NG STORE BOX, REQUEST AN EVALUATION VERSION AT HTTP://WWW.BALABIT.COM/MYBALABIT/
www.balabit.com