LogRhythm Support for NEI 08-09 Rev 6

LogRhythm’s comprehensive log management and analysis solution can help your organization meet or exceed NEI 08-09 Rev 6 guidelines.

10 CFR 73.54 (Title 10 of the Code of Federal Regulations section 73.54) requires that “licensees provide high assurance that digital computer and communication systems and networks are adequately protected against cyber attacks.” Nuclear permitting and licensing are dependent on compliance to 10 CFR 73.54. With regulatory guidance not specifically being addressed in 10 CFR 73.54 the NEI (Nuclear Energy Institute) developed and published NEI 08-09 Rev 6 to cover many areas surrounding access control, audit and accountability, incident response, and system and information integrity.

LogRhythm’s policy-based log processing capabilities provide automatic audit log reduction. “Interesting” audit logs can be forwarded as events for immediate monitoring and/or alerting. “Uninteresting” audit logs can be filtered out and/or retained at an archive-only level. Powerful analysis and reporting capabilities provide aggregated views of audit data providing further audit reduction. LogRhythm provides extensive report generation capabilities with extensive out-of-the-box compliance packages that address individual regulatory mandates.

LogRhythm completely automates the process and requirement of collecting and retaining audit logs. LogRhythm retains logs in compressed archive files for cost effective, easy-to-manage, long-term storage. Log archives can be restored quickly and easily months or years later in support of after-the-fact investigations.

LogRhythm can:

  • Collect boundary device logs from IDS/IPS systems, routers, firewalls, VPN, A/V systems, and other security devices.
  • Provide central analysis and monitoring of intrusion related activity across the IT infrastructure.
  • Correlate activity across user, origin host, impacted host, application and more.
  • Alert on unauthorized or suspicious activity.

LogRhythm can also be configured to identify known bad hosts and networks. The Personal Dashboard provides customized real-time monitoring of events and alerts. LogRhythm’s Investigator provides deep forensic analysis of intrusion related activity and fully automated, pre-packaged reports provide a consolidated review of internal/external boundary activity and threats. An integrated knowledge base provides information and references useful in responding to and resolving intrusions.

Download LogRhythm and 3rd Party Whitepapers