|
|
07-02-2007
Registered User
26,240,
27
Security Event Management (SEM) with CEP (Part 6) - Realizing SEM with CEP
Security Event Management (SEM) with CEP (Part 6) - Realizing SEM with CEP
In Part 6 in this series, Security Event Management (SEM) with CEP, we look at how CEP can be used to help security experts meet the 5 principles of SEM. In my earlier tutorial series, What is Complex Event Processing?. we reviewed a functional reference architecture for CEP, illustrated below.
- ESB/Messaging Infrastructure - Many state-of-the-art CEP solutions use a secure, standards-based communications infrastructure for distributed event management. This is the most effective way to normalize and manage heterogenous events from many distributed SEM event sources;
- Strong Analytics - Many CEP implementations have extensible event-driven analytics to detect and refine threat-related situations using state-of-the-art techniques like rules-engines, Bayesian networks, neural networks and more;
- EDA - State-of-the-art CEP architectures use standard-compliant messaging, alerts and automated responses to kick off workflow, compliance and other remediation and BPM activities;
- Custom Reporting - Most CEP software applications ofter customizable dashboards. Reports are easily customized with a variety of state-of-the-art graphical studios, including AJAX-based user interfaces; and,
- Scaleable, Distributed Architecture - As illustrated in the CEP reference architecture, event-driven, cooperative agents can be configured to process to millions events in a heterogeneous, distributed architecture.
So, in closing, if you need to build a robust, state-of-the-art fraud, misuse, or intrusion detection system based on the 5 principles of SEM, CEP can help! Congratulations Apama!
Copyright © 2007 by Tim Bass, All Rights Reserved.
More...