The Sightline Solution for Performance and Security Monitoring

At Sightline we’ve specialized in performance data management. We realize, though, that with performance data you can do so much more than just monitor the performance of your infrastructure. With that in mind, we’ve developed the Sightline Knowledge Quadrant.

There are four main areas in the Knowledge Quadrant:

  1. Things you know. You know these things are going to happen in your environment. These are things that can be monitored, and you can stay on top of them by following documented best practices.
  2. Things you know that you don’t know. These are things you are concerned about, because you know things will happen but you don’t know what or when. Something like a network issue or a hardware problem. You feel that you have a pretty good handle on them, though, when and if they do occur, because you can monitor your network and servers for specific items.
  3. Things you know you don’t know. Traditionally, you can monitor for unknown occurrences by looking at logs, data from applications, etc., which gives you a good idea what’s going on so you can look for irregularities.
  4. Things you don’t know that you don’t know. This is by far the most dangerous category, because these are the things that can hurt you the most, such as an attack from an inside source or a malicious attack that can happen right under your nose. You need to monitor for these, but you’re not entirely sure what to watch for. We feel that Sightline can help here the most.

At Sightline, we have established a process to forecast and trend real-time and historical data to create the baseline for normal processing.

You can then monitor and set alerts, so if an event occurs you can be aware of it very quickly. You have the data and tools for automated Root Cause Analysis. You can diagnose and alert the proper group, to stop the activity and return to the established baseline.

By integrating traditional security practices with real-time performance monitoring, you can establish a baseline for normal utilization, and therefore unlock the potential to be aware of all threats known and most importantly unknown. Being able to receive data quickly on potential threats from irregular activity throughout your infrastructure adds an extra layer of protection that was previously unavailable.

There are several categories of key security metrics that you might deal with on a day to day basis. Sightline can provide real-time insight into unknown vulnerabilities. Using Sightline, you can identify unusual behavior by establishing the baseline of activity on your system and by providing a list of active processes on the system. Incident management becomes easier using alerts, where information is provided about processes that are using more system resources than expected. Sightline alerts are tracked and reported, and provide an entry point to deeper analysis.

Sightline provides vulnerability management by showing the percent of systems without known severe vulnerabilities, as well as the number of known vulnerability instances that you’ve seen in the environment.

Sightline ACE provides configuration management through continuous scans for configuration changes, and offers real-time insight into the effects of configuration change. By integrating ACE with Clairvor, Sightline provides real-time drill down into incident occurrences.

From the Clairvor report of an alert, you can see the dashboard of not only the event data on the alerting system (process level information), but correlation results from other systems in the environment and the top five configuration changes that the issue might be related to.

In a nutshell, the Sightline solution for continuous monitoring tells you both what you know and what you don’t know. To wrap up, we can help with the things you know are going to happen, and help you guard against the things that you don’t know that you don’t know.
Ask John

Questions? Comments? Suggestions? Ask John! If we use your input in a future newsletter, we’ll send you a $10 Amazon gift card!