FISMA

The Federal Information Security Management Act (FISMA) requires federal agencies to develop, document, and implement agency-wide programs to secure data and information systems supporting agency operations and assets, including those managed by other agencies or contractors. FISMA has an impact on federal agencies, state, local, and tribal governments, as well as private sector organizations composing the critical infrastructure of the United States. Detailed FISMA guidance is provided in NIST documents NIST 800-53, NIST 800-61 and NIST 800-92. For example, NIST 800-52 specifically requires log management in AU 2/3 where it specifies auditable events and the content of audit records. The rest of the AU controls expand the requirements with specific guidelines for audit monitoring and reporting. Log data can also be used as evidence that other FISMA requirements have been met, such as rules in account and access enforcement (AC 2/3/6/7/13) and configuration change control (CM 3/4).

The benefits of LogLogic’s solutions for FISMA:

• The LogLogic Open Log Management platform builds the foundation to monitor activity and security monitoring.
• The LogLogic Compliance Suite: FISMA Edition add-on makes preparing reports for an audit trouble-free.
• LogLogic Security Event Manager can help prioritize the daily stream of attacks and automate incident management follow-up.
• LogLogic Database Security Manager adds specialized monitoring for your databases, including real-time blocking of suspicious activities.

While LogLogic can provide you with the tools to enable you to achieve compliance, LogLogic cannot determine if you have met your compliance objectives. For any such determinations, you are advised to consult with a qualified advisor.