Sentinel is a security information and event management solution that receives information from many sources across an enterprise, standardizes it, prioritizes it, and presents it to you so that you can make threat, risk, and policy-related decisions.
Sentinel automates the log collection, analysis, and reporting processes to ensure that IT controls are effective in supporting threat detection and audit requirements. Sentinel replaces labor-intensive manual processes with automated, continuous monitoring of security and compliance events and IT controls.
Sentinel also gathers and correlates security and non-security information from across the networked infrastructure of an organization, as well as the third-party systems, devices, and applications. Sentinel presents the collected data in a GUI, identifies security or compliance issues, and tracks remedial activities to streamline the error-prone processes and build a rigorous and secure management program.
Automated incident response management enables you to document and formalize the process of tracking, escalating, and responding to incidents and policy violations, and provides two-way integration with trouble-ticketing systems. Sentinel enables you to react promptly and resolve incidents efficiently.
Solution Packs are a simple way to distribute and import Sentinel correlation rules, dynamic lists, maps, reports, and iTRAC workflows into controls. These controls can be designed to meet specific regulatory requirements, such as the Payment Card Industry Data Security Standard, or they can be related to a specific data source, such as user authentication events for a database.
With Sentinel Rapid Deployment, you get:
Integrated, automated real-time security management and compliance monitoring across all systems and networks.
A framework that enables business policies to drive IT policies and actions.
Automatic documenting and reporting of security, systems, and access events across the enterprise.
Built-in incident management and remediation.
The ability to demonstrate and monitor compliance with internal policies and government regulations, such as Sarbanes-Oxley, HIPAA, GLBA, and FISMA. The content required to implement these controls is distributed and implemented through Solution Packs.
The following is an illustration of the conceptual architecture of Sentinel Rapid Deployment, which shows the components involved in performing security and compliance management.
Figure 1-1 Conceptual Architecture of Sentinel