Security Lighthouse v7
As a manufacturer-independent, cross-functional tool for security monitoring, AMPEG Security Lighthouse offers deep insight into the security status of the network. More than 300 pre-defined evaluations for ad-hoc and long-term analyses are available immediately after installation and offer a comprehensive analysis of the company network security level.
Structure without software agents
The Security Lighthouse collectors collect the information from central sources like management and log databases. After normalising, correlating and compressing the collected data for analysis, they are transmitted to the database of Security Lighthouse.
The quality of information is essential
Example IDS/IPS: Fixing a reported Common Vulnerabilities and Exposures (CVE) with the help of a new rule. While the analysis of the log file shows whether and how often a rule applies, it is of vital importance for the evaluation of the safety performance, whether a rule was enabled at all. If the rule for blocking an intruder has not been enabled, it cannot be logged either - the attacker can exploit the vulnerability. Without the additional evaluation of the management database of the IDS/IPS this information is not available.
Security Lighthouse is characterised by the following:
- Overall security monitoring with more than 300 predefined analyses: see Assess the security situation
- Comparison of information from the patch management, inventory and intrusion prevention to an integrated CVE Catalogue to identify vulnerabilities and evaluate using CVSS score
- Status determination by checking against thresholds and limits:
Permanent comparison of the achieved security level compared to the defined thresholds and values
- Correlation of data from the different security areas like virus protection, patch management, inventory, SIEM etc.: see Analysed Security Areas
- Matching information from patch management and inventory to the integrated EoL catalogue to identify software that is no longer supported by the manufacturer.
- Overall reporting: see Alerts, Reporting, Export
- Minimum implementation effort: agents do not have to be rolled out
- Security Information Map: Helicopter view of the nationwide security status signalised by traffic light colours for the locations or operational units.
- Security situation in near real-time available:
Companies identify weak points in the network many times faster. They gain time to proactively take action and therefore to minimise the residual risk.
- Work effort reduced to a minimum:
The amount of work for the creation of ad hoc - and long term analyses and also KPI's is reduced to a minimum
- Flexible, personalised Dashboards provide all security officers, and, if required, process owners with targeted access to information relevant to security
- Role based access: see Role Managment
- Safeguarding of business processes by verifying the compliance status of the systems incorporated
- Analysis of the security status according to criticality, protection category of the IT system or assignment to a business process
- Verification of the efficiency of technical measures and calculation of key performance indicators for the continual optimization of IT security
- Sharing information: current and focused information can be passed on to security officers
- Web application: no installation on the workstations required
Positioning: Link between security management and operation
Security Lighthouse offers the security management, administrators and process owner an up-to-date view of the security situation in the company - world-wide, and nearly in real-time. Together they can evaluate the current security situation and find answers to many questions at an early stage (see Assess the security situation).
Show what's going on
Security Lighthouse verifies the work performed by all employees involved in IT security without bursting the bank.
Customer Voice KWS SAAT SE
In addition, AMPEG reacts quickly to requests of all kind and implements customer wishes very quickly, Sternberg adds, speaking about the positive experience of the introductory phase: There are no long waiting times as we have known them from other service providers. Our supplier delivered missing analyses within two to three weeks.
IT Security Officer, KWS SAAT SE
Customer Voice IT.N (LSKN)
“We are now able to show our improvements with facts and figures – we have measurements and analyses that we can pass on to management. What once was a vague gut feeling about IT security has now become specific, quantitative knowledge.”
Michael Schätzke, former Security Officer, Landesbetrieb für Statistik und Kommunikationstechnologie Niedersachsen (Lower Saxony Institute for Statistics and Communication Technology)