Used by government agencies, major commercial organisations, local government departments and IT service providers to deliver IT security intelligence and visibility of system activity to the people who need it. ALM is used to support:
ALM is a software solution, providing significant advantages over hardware appliance based solutions. There is no need to install additional 'black box' appliances to support ALM, instead it can be implemented on existing systems within the IT infrastructure. Advantages over appliance solutions include lower cost, flexibility of implementation, scalability (the ALM Starter Pack allows small initial rollouts to be gradually scaled up to major enterprise implementations very easily) and extensibility, all important features for enterprise implementations.
The data flow diagram below illustrates the flexible and secure collection features within ALM, whereby collection of log files is undertaken using a variety of methods, including fully automated and secure resident agents through to various native collection processes for network devices, firewalls and other security appliances. ALM fully supports the use of one way enforcement devices.
The system requirements indicated below are for Assuria Log Manager version 4.2 or later.
A detailed sizing exercise may be required in order to correctly size the ALM implementation. Details such as typical event size, typical log size, log collection frequency, O/S and hardware versions, application version details and other information may be required. Assuria can provide sizing assistance and a sizing modelling spreadsheet is available on request.
An ALM installation usually consists of one or more core systems that manage and report on multiple agents. An installation can be as small as a single ALM agent installed on a single computer along with the core ALM components, or it can consist of multiple core systems managing agents, and other tools across several systems.
The system requirements for installing the ALM Core on a computer if you are evaluating the software or are conducting small-to-medium installations are:
|Processor||1 Ghz Intel Pentium III or greater|
||Windows Server 2008 / R2|
|Memory||512MB or greater|
|Hard disk space||Software installed 200MB|
|3rd Party s/w (not incl.)||SQL Server Native Client (if ALM Core on separate system)|
|Other ALM components||The ALM console is installed with the ALM core|