Share +

Alert Logic Threat Manager with ActiveWatch   

Security

Cloud-Powered Intrusion Detection, Monitoring and Vulnerability Assessment - includes On-boarding

This offer includes:

  • Alert Logic® Threat Manager with ActiveWatch
  • On-boarding engagement by Alert Logic team

Alert Logic® Threat Manager with ActiveWatch is a cloud-based managed network intrusion detection and vulnerability assessment solution delivered as a service that works in any datacenter environment, from on-premises to the cloud. It works the same way in every environment, so you keep costs down without having to learn multiple systems and hire additional staff.

With Alert Logic® ActiveWatch, our GIAC expert analysts are a 24x7 extension to your team constantly looking for suspicious activity. Experts investigate and respond to Threat Manager events and scan data as they are analyzed by Alert Logic® ActiveAnalytics.

Alert Logic On-boarding engagement (required) comes with this offering, and is a critical step to operationalizing your log management solution. Software deployments often go unused or are deployed with partial or default settings – placing businesses at risk while never fully realizing their investments. On-boarding ensures proper deployment, configuration, tuning and optimization of your new Alert Logic® solutions.

The On-boarding engagement begins after purchase. Your Alert Logic On-boarding Project Manager (OPM) will contact you within 1 business day (Excluding US holidays) to coordinate the Alert Logic on-boarding process, starting with a discovery meeting, and conduct design, implementation, configuration, and training.


Features

Designed for Deployment Anywhere

  • Deploys in public and private clouds and supports elastic scaling
  • Provides a single view into cloud, hosted and on-premises infrastructure
  • Usage-based pricing to match your cloud consumption model

Threat Signatures and Rules

  • 68,000+ IDS signature database; new signatures updated weekly
  • Rule set consolidated from multiple sources: Alert Logic security research team, Emerging threats, Open source, third-party collaboration
  • Real-time signature updates to Alert Logic expert system
  • Custom rule creation and editing

Vulnerability Assessment and Intrusion Detection

  • Unlimited internal and external scans
  • Broad scanning and detection visibility
  • Network infrastructure
  • Server infrastructure
  • Business-critical applications
  • Web technologies (IPV6, Ajax, SQL injection, etc.)
  • SSL-based intrusion traffic

Analysis and Reporting

  • Dozens of dashboards and reports available out of the box
  • Custom reporting capabilities
  • Common Vulnerability Scoring System (CVSS) to assess risks
  • Audit-ready reports
  • Detailed vulnerability and host reports provide detailed descriptions and lists of impacted hosts, risk levels and remediation tips
  • Single web-based console for entire environment with: User management and administration, Dashboards and drill-down analysis, Report scheduling, creation and review, Scan scheduling and results review

Integrated Managed Security Services

  • GIAC-certified security analysts and researchers
  • 24x7 state-of-the-art Security Operations Center
  • Trained experts in Alert Logic solutions
  • Monitoring, analysis and expert guidance capabilities
  • Customized alerting and escalation procedures
  • Daily review by senior analyst and weekly reporting available
  • Review of NetFlow data for enhanced malware and APT detection available

Compliance Support

  • PCI Approved Scanning Vendor (ASV)
  • PCI Level 2 Audited Vendor
  • Support for multiple compliance mandates: PCI DSS, HIPAA, SOX, GLBA, CoBIT, etc.
  • 6-month storage of all raw IDS event data
  • SSAE 16 Type II Verified data centers
  • Indefinite storage and archival of incident analysis and cases

Security as a Service Delivery

  • Rapidly deploy and scale as needed
  • Pay-as-you-go; minimal capital expenditure
  • Always utilize latest software and signature database
  • No hidden costs – subscription includes: software and hardware upgrades, maintenance and patches
  • Architected for multi-tenant support
  • Easily deploy in public cloud, private cloud, managed hosting, enterprise data center or hybrid environments

Pricing

Software

  • Threat Manager with ActiveWatch Service [Up to 50 Nodes]: $990/mo (recurring) + setup fee: $990/one-time.
  • Threat Manager with ActiveWatch Service [Up to 100 Nodes]: $1,520/mo (recurring) + setup fee: $1,520/one-time.
  • Threat Manager with ActiveWatch Service [Up to 250 Nodes]: $2,410/mo (recurring) + setup fee: $2,410/one-time.

Infrastructure

  • Pricing varies based on VM size and data center. Visit https://www.ctl.io/estimator/ to evaluate alternatives.
  • Cost for recommended size of 2 CPU / 8GB memory / 250GB disk in a US-based data center is: $120.72/mo

Use Cases

How Threat Manager Works

Threat Manager detects suspicious activity in network environments, quickly identifying threats to your assets so that you can respond. We monitor network traffic and analyze billions of events with our patented ActiveAnalytics.

Using intelligent multifactor correlation, we identify security events requiring attention. After validation by a SOC analyst, we notify you with recommended actions/responses within 15 minutes for critical issues. When needed, senior specialist teams are engaged to assist you. You can also implement automated blocking through integration with your network rewalls.

We give you insight into the real threats in your environments, helping you make more informed security investment and resource decisions. When the security program is driven by a clear understanding of the real threats affecting your network, your efforts and investments will provide more bene t and signi cantly enhance your security posture.

Compliance

We help you meet compliance challenges. Threat ManagerTM intrusion detection and vulnerability scanning capabilities provide key elements to address the requirements of PCI DSS, HIPAA/HITECH, GLBA, Sarbanes-Oxley, and other mandates. Compliance-speci c reporting makes it easy to evaluate and document your compliance stance. Alert Logic® is a PCI-Approved Scanning Vendor (ASV).

Expert On-boarding and Operationalization

Security investments often go unused or are deployed with partial or default settings – placing businesses at risk while never fully realizing their investments. Our security professionals ensure proper deployment, configuration, tuning and optimization of Alert Logic® Threat Manager.

Every customer is assigned an Alert Logic onboarding project manager (OPM) to manage the entire process and onboarding team of 20+ specialists including: Project Managers, Onboarding Engineers, NOC Technicians, Network & System Administrators, Security Analysts and Product Trainers.

The Right Security Approach Means Better Security Outcomes

The Alert Logic® approach is fundamentally different from traditional security vendors, who sell single purpose security technologies that require their customers to staff, train, implement and monitor which constantly increases costs and seldom fully addresses the full scope of your security issues. If you’ve ever seen complex implementation and large investments produce disappointing results, you know the challenges. With Alert Logic, you pay for specific security capabilities and our expertise in delivering them, and you don’t make a capital investment to achieve your security goals. In the age of fast-changing threats and distributed infrastructure, Security-as-a-Service gives you the outcomes you need.

You get all these benefits without a large investment, staff burden or distractions from your strategic IT initiatives. Security-as-a-Service delivery provides you Threat Manager with ActiveWatch for a fixed monthly fee, including all monitoring, software and our 24x7 Security Operations Center (SOC) to validate incidents and provide support. You access your Threat Manager data through a web interface – the very same one used by our analysts.

Active Watch: Expert Security Services for Threat Manager

  • Monitor – the ActiveWatch team augments your existing IT team to ensure rapid detection and response to network incidents. In addition to monitoring the network traffic flows for incidents, the SOC team reviews suspicious network traffic to identify zero-day attacks that might not otherwise trigger an alert. This intelligent review and response by industry professionals not only increases the overall visibility into your network, it reduces the potential for false positive alarms and helps identify zero-day attacks that may have slipped by or gone unnoticed.
  • Alert – when an incident or suspicious network activity is detected, the ActiveWatch team will conduct an analysis of the situation and notify your staff based on predetermined escalation procedures. They will work with your team to perform in-depth analysis and assessment of the incident and recommend containment and mitigation actions.
  • Report – ActiveWatch also includes integrated incident and case management capabilities that allow customers to track and report on incident trends across their entire enterprise, including the services hosted outside of the internal perimeter. This capability provides an audit trail of suspicious findings and gives a historical record of the response and actions from start to finish.
  • Additional Services – called ActiveWatch Premier are available which include daily summary review by a senior security analyst, weekly reporting on security posture based on business goals, and review of NetFlow for anomaly detection, enhanced detection of malware and advanced persistent threats are also available.

End User License Agreement (EULA)

https://www.ctl.io/assets/pdf/Alert Logic MSA for CenturyLink Marketplace.pdf



You Agree to the Provider Terms of Service Associated with this Software.
Not a customer? Register now.

Other Products by Alert Logic



company

Alert Logic

category

Security

deployment models

  • Runner/Ansible

operating systems

not specified

resources

support

support@alertlogic.com