Unity 360 | Unify your securities

logo unity

UNIFY MONITORING

OF YOUR INFORMATION SYSTEM

Introduction

Security monitoring and management are still activities that are separate from the monitoring of the performance and availability of the information system. There are several reasons for this separation. Historically, performance monitoring has been an old activity under the responsibility of the operating teams. Security management has appeared more recently and has started within teams of security experts and consultants not involved in the daily operation of parks and networks.

Since partitioning is an omnipresent principle in security, it has also helped to separate these two activities. Finally, SIEMs were originally developed by security companies that did not have expertise in performance monitoring and operations in the broad sense, which reinforced this dispersion.

The benefits of convergence

logo prelude siem

logo vigilo nms

Faced with the urgent need to optimize operating costs while improving efficiency, there are many arguments in favour of combining these two activities:

  • The cause of a failure is due to an intrusion or a malfunction, the consequences for the company are equivalent. It is sometimes even difficult to distinguish a malicious act from an unintentional incident. It is therefore inconsistent, while monitoring all incidents, to separate these two activities.
  • There are very similar concepts in both activities: monitoring, correlation, alert or alarm management, workflow, etc.
  • These two activities also share many tools: inventory management, patch management, knowledge base, etc.
  • Several pieces of information are similar to both environments: inventory detail, equipment criticality, network topology, log feedback, network traffic analysis, etc.
  • Each device in the network has dual information, which is requested or managed, sometimes in duplicate, due to the lack of convergence of processing.
  • Like the ITIL method, the performance monitoring activity has an already long-standing and proven know-how which security monitoring could greatly benefit from.
  • The most expensive element in the operation of monitoring, be it availability or security, remains the human resources. Convergence between these two activities may in some cases allow pooling of level 1 resources, which has a significant impact on the overall cost of operating the IS.

Unity 360, unify your securities

Based on these observations and supported by its experience in the field, CS has been working for several years on the convergence of these two tools. The two solutions remain autonomous and independent but we have built the necessary framework for their simultaneous use within the Unity 360 pack.

pyramid unity360 steps notification aggregation correlation correlation standardization centralization detection

Among the features offered by Unity 360, you will find:

  • Use of a common portal for both applications.
  • Use of alert and alarm tracking interfaces sharing the same techniques, look and feel.
  • Availability of transversal modules: inventory management, ticket management, reporting tools.
  • Ability of the two applications to communicate with each other to notify each other.
  • etc.

In the end, you have the same application to manage your two needs while succeeding in combining economy and efficiency!

By opting for our convergence offer, you enjoy:

  • A rationalization of your costs, in terms of product license, with interesting shared offers.
  • Rationalization of your operating costs with common modules, possibilities to share level 1 teams,
  • Increased efficiency of the entire system: by sharing rationalization, tools and methods, you reduce your overall operating costs, while improving efficiency. Global information is directly available to improve the contextualization of incidents, interpretation errors are no longer possible, the entire processing chain is better controlled, etc.