Log360 can analyze syslogs generated by your network perimeter devices, including routers, switches, firewalls, and IDS/IPS, in real-time. You can track configuration changes—such as rule modifications, links that are up or down, denied and accepted firewall connections, and IDS/IPS alerts—all from a single console. The solution provides out-of-the-box support for an array of vendors including Cisco, SonicWall, Juniper, Palo Alto Networks, NetScreen, and more.
Log360's correlation engine can detect attack patterns and notify administrators, who can then quickly respond to the incident. Log360's augmented threat intelligence platform, which comes with a built-in STIX/TAXII feed processor and global IP threat database, detects and alerts you about suspicious inbound traffic and connections made to malicious domains.