SIEM-as-a-Service

The BCNET SIEM-as-a-Service, fully hosted in a secure, Educloud environment, is designed to strengthen your institution's security posture by simplifying the management and monitoring of your business-critical systems and applications.

Security Information Event Management (SIEM)-as-a-Service offers members all the benefits of a SIEM solution without the challenges of securing capital investment. BCNET manages the infrastructure, maintenance, upgrades, patches, capacity planning, backups and security of the entire system.

Leverage our experience in implementing and managing SIEM environments. BCNET together with 12 provincial, territorial and federal partners of the National Research and Education Network (NREN) acquired and developed security expertise to support the effective deployment of SIEM infrastructure for the NREN. Today, our national cohort of SIEM professionals continually collaborate for ongoing learning and knowledge sharing.
 

What is SIEM?

Security Information Event Management (SIEM) software collects data to provide a holistic view on an organization's security posture. The software collects data from the different technologies within your system, monitors and analyzes that data for deviations and possible security risks, and then takes the appropriate action against those threats.

It works by combining two technologies:

  • security information management (SIM), which collects data from log files for analysis and reports on security threats and events
  • security event management (SEM), which conducts real-time system monitoring, notifies network admins about important issues and establishes correlations between security events.
SIEM-as-a-Service 

BCNET will provide the following services focused on each member’s identified use case(s):

  • Analyze collected security events and validate parsed event types
  • Set notifications on rules of interest
  • Create and deliver customized scheduled reports
  • Create customized dashboard for incident insights 
  • Training and Knowledge transfer to member resources
Benefits
  • Reduce complexity and costs by using a managing solution
  • Simplify deployment
  • Strengthen your institution's security posture
  • Fully customizable to meet your institutional needs
Features
  • Hosted and managed SIEM platform in the BCNET Educloud environment
  • Customizable solution
  • Event log consolidation and management
  • Configuration change management
  • Compliance reporting
  • Solution setup and device onboarding
  • Weekly device discovery validation
  • Out of the box and customized rules for your institution
  • Ongoing rule tuning and false positive reduction
  • Customized, enriched notifications including response guidance
  • Integrated 3rd party threat feeds
  • Automated alerts and notifications
  • Custom report creation and scheduling
  • Audit support
  • On-demand, security event monitoring services with automated alerting, security event notifications, dashboards and reporting in a cloud-based model
  • Receive real-time analytics on threats and security alerts that are created by business-critical devices and applications
  • A correlation of events gathered from different logs or sources

  • Automatic security event notifications and dashboards

  • Utilizes high-fidelity rules to minimize false positives

 

How to purchase

For more information about purchasing, please contact Client Services.


Learn more

View the contract, pricing, and more.

This page is for members only. A wiki log-in is required to access this page.

VISIT SITE