On the application of log management tools in a corporate networks

OData support
Supervisor:
Dr. Félegyházi Márk
Department of Networked Systems and Services

IT infrastructures of financial institutions are heterogonous in many cases, where different distributors’ products have to work together. The variety of the components and lack of uniform solutions can became sources of serious security risks, so it is necessary to follow-up and manage them. In Hungary, the technical requirements for these system are defined by Pénzügyi Szervezetek Állami Felügyelete, who was merged in Hungarian Financial Supervisory Authority, in accordance with the Hungarian law. The PSZÁF issued a recommendation in order to assist the compliance with the requirements in question, which is based on several international standard: COBIT, ISO 27000, Common Criteria and PCI DSS.

In the first part of my thesis, I give an overview of the relevant international standards and recommendations in order to explore the requirements for log management and to develop a criteria system for a comparison test. In addition, I provide an insight about collecting logs and their potential usage and about issues arising during the implantation of such a system. Then I compare the RSA enVision business solution and the Logstash+Elasticsearch+Kibana free solution according to the complex requirement system introduced before and the developed evaluation method. For the evaluation, I prepare the system to perform its tasks as closely as possible to the requirements. Finally, I make recommendations regarding the applicability of industry and free log management solutions in the financial sector.

Downloads

Please sign in to download the files of this thesis.