New Release of Logpoint Agent

337

Introducing the latest release of the LogPoint Agent.

By Christian Have, VP of product management in LogPoint - March 2017

After a long period of development, we are now ready with the largest feature release of the LogPoint agent in the history of LogPoint.
 
With this release the agent will be faster, more stable and offer more features. Combined with the recent changes in LogPoint 5.6 (Policy Based Routing), the new agent can make drastic cuts in resource consumption!

New Features 

  • File Integrity Monitoring and Windows Registry Scanning is now supported.
  • The agent now supports localized environments (non-English Windows).
  • The agent now processes logs more than 300% faster than in the previous version.
  • Centralized management of agents in large deployments is now supported.
  • The Agent can now operate in either encrypted and clear-text modes.


With our new release, we introduce FIM and Registry monitoring as fundamental new features. Additionally, we now support distributed environments for LogPoint Agents to exist in. That is; if you have multiple back-ends and collectors, the Agents will be manageable from a single location.
Also with this release we have released a new compiled normalizer for Windows. This compiled normalizer extracts data from the Windows eventlog in XML and uses the LPA to translate it to JSON before sending it in. JSON being faster to parse and more efficient to store compared to XML and the raw eventlog data, we achieve a substantial performance improvement.

NOTE: The LPA_Windows normalizer can be used by our NXLog Enterprise customers too, they need to add a simple  to_json();, to the existing XML based eventlog collection.

Enhancements 

  • Major upgrade of the underlying agent code
  • A memory leak and performance degradation scenario has been resolved
  • More robust communication with the management API

Over the coming days we will publish some use-cases and examples where the LPA is used with Policy Based Routing and Threat Intel so stay tuned!
 
Find the Agent here.

More Information?

You are always welcome to get in touch if you have any questions! Find your local LogPoint office here.

Why LogPoint?

With LogPoint, you will discover a full enterprise SIEM solution. 

LogPoint is EAL 3+ certified and the solution is tailored to solve the specific security management challenges of your business - whether the goal is compliance, forensics or operational insight.

And the best part..? We have the most predictable licensing model in the industry.