All-in-One (XM): Performs the work of a PM, DP, DX, and AI Engine, all on a single appliance. Many deployments begin with an XM appliance and are expanded over time to include additional components to increase fault tolerance, capacity, and performance.
LogRhythm Distributed Appliances
Platform Manager (PM):
Performs centralized event management and administration for a LogRhythm deployment, including alarming, case management and APIs, workflow automation, and more. Each LogRhythm deployment has a single Platform Manager.
Data Processor (DP):
Receives machine and forensic data from Data Collectors and SysMon agents and then
performs distributed processing. Processors archive data and distribute both original and structured copies to platform components that perform indexing, machine-based security analytics, and alarming.
Data Indexer (DX):
Performs distributed and highly scalable indexing of machine and forensic data. Multiple DXs can be clustered to improve performance
and availability.
Warm Node Data Indexer (DXW):
Extends time to live (TTL) to over 365 days and is a powerful and cost-effective alternative to adding Data Indexers when seeking
additional storage. This appliance is an Elasticsearch node with a closed index.
AI Engine (AIE):
Delivers highly scalable, patented machine analytics for advanced correlation and behavioral analysis. AI Engine scales horizontally to perform distributed analysis of massive workloads.
Add-on Appliances
Data Collector (DC):
Collects log, flow, and machine data. It encrypts, compresses, and transports data from
remote locations to LogRhythm DPs, either in real time or on a schedule.
NetMon (NM):
Offers full visibility into network traffic, identifying applications and providing real-time
unstructured search access. NetMon can also forward Layer 7 SmartFlow™ to the SIEM and third-party solutions for further analysis.
Web Services (WS):
Supports concurrent analysts and administrators accessing the user interfaces
of the LogRhythm platform. Disaster Recovery and High Availability Options
LogRhythm’s flexible Disaster Recovery and High Availability solutions can be tailored to meet the specific requirements of your organization. LogRhythm appliances are built with onboard redundancy for maximum faulttolerance, and our active/active architectures maximize the return on your investment.
For more information please contact AlJammaz Technologies or download the datasheet:
01-_logrhythm_datasheet.pdf |