LogRhythm SIEM 2.0

LogRhythm uniquely combines enterprise-class SIEM, Log Management, File Integrity Monitoring and Machine Analytics, with Host and Network Forensics, in a fully integrated Security Analytics platform. The LogRhythm solution gives customers profound visibility into threats and risks in areas that were previously exposed. Designed to help prevent breaches before they happen, LogRhythm Security Analytics accurately detects an extensive range of early indicators of compromise, enabling rapid response and mitigation. The deep visibility and understanding delivered by LogRhythm Security Analytics empowers enterprises to secure their networks and comply with regulatory requirements. LogRhythm delivers:

  • Next Generation SIEM and Log Management
  • Independent Host Forensics and File Integrity Monitoring
  • Network Forensics with Application ID and Full Packet Capture
  • Advanced Correlation and Pattern Recognition
  • Multi-dimensional User / Host / Network Behavior Anomaly Detection
  • Rapid, Intelligent Search
  • Large data set analysis via visual analytics, pivot, and drill down
  • Workflow enabled automatic response via LogRhythm’s Smart Response TM
  • Integrated Case Management

LogRhythm Appliances

LogRhythm high performance appliances are built to deliver maximum flexibility, with options ranging from convenient all-in-one platforms to high-performance, dedicated appliances for massive scalability in extremely large environments. Because of LogRhythm’s distributed, incrementally scalable architecture, deployments can scale horizontally and vertically by simply adding appliances. Regardless of the performance, storage or geographic requirements, LogRhythm is architected for flexible and efficient scaling.

LogRhythm Event Manager (EM)

LogRhythm EM appliances provide centralized event management and administration for a LogRhythm deployment. Each LogRhythm deployment has a single LogRhythm Event Manager, with an embedded Advanced Intelligence (AI) Engine License.

  • Appliance Lines: 3300, 5300, 6300

LogRhythm Log Manager (LM)

LogRhythm LM appliances provide high performance, distributed and redundant log collection and management. Log managers scale incrementally and can be configured to failover. Each LogRhythm deployment has at least one Log Manager.

  • Appliance Lines: 3300, 5300, 7300
  • Max Archiving Rates: 10,000 MPS, 25,000 MPS, 50,000 MPS
  • Max Processing Rates: 2,000 MPS, 5,000 MPS, 15,000 MPS

LogRhythm All-in-one (XM)

LogRhythm XM appliances provide all the capabilities of the EM and LM appliance on the same platform. Many deployments begin with an XM configuration providing a high performance solution in a single turn‐key appliance. An XM appliance can be combined with additional LM appliances to enable fault tolerance and increase the overall capacity and performance of a LogRhythm deployment. Every XM appliance comes with an embedded AI Engine License.

  • Appliance Lines: 4300, 6300
  • Max Archiving Rates: 10,000 MPS - 25,000 MPS
  • Max Processing Rates: 1,000 MPS - 5,000 MPS

LogRhythm Dedicated AI Engine (AIE)

LogRhythm AIE appliances deliver high-capacity, automated correlation and behavioral analysis of all data in real-time, delivering immediate visibility to threats and critical issues that would otherwise go undetected.

  • Appliance Lines: 5300, 7300, 9300
  • Max Processing Rates: 5,000 MPS, 30,000 MPS, 75,000 MPS

LogRhythm Network Monitor (NM)

LogRhythm NM appliances provide full visibility into network traffic, identifying applications via deep packet inspection, providing real-time unstructured search access to all metadata and packet captures, as well as optionally forwarding layer 7 flow data to the SIEM and other integrated solutions for further analysis

  • Appliance Lines: 3300
  • Max Processing Rates: 1 Gbps

LogRhythm Site Log Forwarder (SLF)

LogRhythm’s optional SFL appliances collect all log, flow and machine data for secure transport from remote locations to LogRhythm LMs. SFLs additionally manage bandwidth consumption via collection scheduling and/or compression of transmitted data

  • Appliance Lines: 3310