Planning

The BMC Defender Server provides a method of collecting security information contained in log messages generated by network devices and applications. These messages are then correlated into understandable threads, alerts, and actions and reduced to actionable tickets that are sent to you.

Using this functionality, BMC Defender Server system provides special application in security monitoring of an enterprise and furnishes a variety of special features to support this critical role, including data encryption, ready-to-run correlation rules, and TCP tunneling software. Other roles of BMC Defender, including performance management, analysis of business information, and log file analysis, are also supported within the product.

This particular space, presented here, provides information useful for estimating workloads for various types of BMC Defender configurations, as a beginning point for small, medium, or large-scale deployments of the system. This information is intended for use by BMC administrators, project managers, and personnel responsible for implementing the BMC Defender Server software with an enterprise.

In addition to serving as the basis for deployment, this space includes best-practices information. Although an enterprise might not fit any of the precise deployment strategies listed in this section, easy synthesis of a strategy can be made through a combination of the several typical methodologies referenced here.

This section provides information about the following topics: