Siem Integration

Is your SIEM living in the past?

Bring your SIEM up to speed with real-time logs from Zscaler.

Request A Demo

Is your SIEM living in the past?

Zscaler’s patented Nanolog Streaming Service delivers web and cloud firewall logs from all users in all locations. In real time.

With Zscaler, your SIEM can help you get a picture of what is happening across your entire network, instead of limiting your visibility to what has already happened. Zscaler’s global cloud platform continuously collects and streams logs to you, across racks of gateways and thousands of users. So you have the power of true threat correlation—in real time.

Request A Demo

How can you counter real-time threats with day-old data?

Security Information and Event Management (SIEM) systems offer a means to correlate the appliance logs throughout your business, such as web gateways, firewalls, switches, and more. SIEMs have been the only way to get a true picture of what’s happening across your business. The only problem is that it can take so long to get the logs of web and firewall transactions—which often require batch imports from your racks of security appliances in each of your gateways—that any event has long since happened. Even worse, the logs coming from different security appliances are often specific to each appliance, which means the real picture is even more difficult to see.

Zscaler was designed to deliver logs for all users and all locations in near real time, with the Zscaler Nanolog Streaming Service (NSS). We can handle preprocessing based on your criteria, and deliver logs to the SIEM of your choice, with no need for batch reporting. This enables you to correlate logs across multiple devices, comply with regulatory mandates for local log archival, and conduct historical analysis. You can choose the format that works best for you and your solution, and send up to eight streams of logs—each with different filters and formats—to different SIEMs. NSS, like everything at Zscaler, is fully cloud-based, scalable, and elastic. NSS operates seamlessly with all of the leading SIEM vendors, including Splunk, ArcSight, QRadar, LogRhythm, Symantec, and RSA Security

Request A Demo

Our simple, user-friendly solution requires only outbound connections to the cloud

It can be deployed behind NAT or firewall. Remote assistance is available for advanced troubleshooting without punching a hole in the firewall.

By time

Supports ASCII log format

Out of the box compatibilitye

By user/data/event type

Request A Demo

Benefits

  • Make the most of your SIEM with real-time web and cloud firewall logs.
  • Get an understanding of activities in time to take action.

The Zscaler Difference

  • No issue of batched or delayed logs getting to your SIEM.
Request A Demo

Zscaler’s integrated security functions work together in real time, providing comprehensive protection

Get traffic shaping, bandwidth management, and security at the same time.

ACCESS CONTROL

  • CLOUD FIREWALL

  • URL FILTERING

  • BANDWIDTH CONTROL

  • DNS FILTERING

THREAT PREVENTION

  • ADVANCED PROTECTION

  • CLOUD SANDBOX

  • ANTI-VIRUS

  • DNS SECURITY

DATA PROTECTION

  • DATA LOSS PREVENTION

  • CLOUD APPS (CASB)

  • FILE TYPE CONTROLS

POWERED BY PATENTED TECHNOLOGIES

SSMATM

All security engines fire with each content scan – only microsecond delay

ByteScanTM

Each outbound/inboud byte scanned, native SSL scanning

PageRiskTM

Risk of each object computed inline, dynamically

NanologTM

50:1 compression, real time global log consolidation

PolicyNowTM

Polices follow the user for same on-premise, off-premise protection
Learn How Zscaler Can Project Your Organization Request A Demo