Organizations are increasingly challenged by the need for a high scalable solution that can monitor and secure their network. With workforces dispersed across the globe, it's essential for organizations to implement a single solution to track activities and help them make informed decisions.

EventLog Analyzer MSSP is the ideal platform for managed security service providers (MSSPs) to gain a bird's eye view of all the events happening in their client's network, including across different geographical regions. Controlled by a single central admin server, EventLog Analyzer MSSP makes it easier to administer all the managed servers, helping SOCs to monitor them efficiently from a single console.

Further, the solution lets you gather insights from different events, identify threats as they happen, and use sophisticated workflows to reduce the impact of an attack and mitigate threats. EventLog Analyzer MSSP is also integrated with Webroot BrightCloud® Threat Intelligence Services that helps administrators and SOCs gain real-time insights on malicious URLs, IPs, and more.

Architecture

Admin server

This is a central server that provides insights into the network activities and helps you monitor the managed servers.

Managed server

Each managed server helps you control a fragment of the entire network and will function exactly like a standalone edition.

Eventlog MSSP Architecture

Key capabilities of the EventLog Analyzer MSSP

  • The solution scales up to 20,000 hosts and applications to address the scalability requirements of enterprises having a global presence and MSSPs.
  • The architecture enables NOCs and SOCs to monitor managed servers across the globe from a single admin web console.
  • The dashboard is customizable to enable role-based views for different users.
  • The communication between managed servers and admin server is streamlined to ensure that the bandwidth usage is kept to a minimum.