Lexicon Enterprise Product Architecture Overview

Overview of Honeycomb Lexicon’s enterprise product architecture.

Lexicon Enterprise Product
Architecture Overview
What is Honeycomb Lexicon?
Honeycomb Lexicon is a suite of technologies that help
businesses monitor behavioural patterns on their internal
network, while offering highly scalable collection, search and
integration. Why? To protect your internal Private Cloud.
Distributed Indexing, Storage,
Distributed Data Management and
Connect AD, FIM and all disparate data
Behaviour Analysis with Full
Behaviour Monitoring
into IBM QRadar and SIEM tools
Reporting and Alerting
Centralized Management
Protect Your Private Cloud
AD, User and Machine Behaviour
© Copyright 2015 Honeycomb Technologies Ltd. All Rights Reserved.
Data Collection With LexCollect
LexCollect handles the tasks associated with gathering data across large numbers of disparate systems, locations and
technologies. LexCollect includes comprehensive management of data collection through Policy-based objects, deployment of
services and distributed administration, vastly simplifying and automating the tasks of gathering data from numerous endpoints.
LexCollect can gather any kind of data, and includes a large range of pre-packaged collectors, including:
• LexFileMonitor (Honeycomb’s real-time File Integrity Monitor)
• Windows Event Logs (agent or agentless)
• DNS, DHCP, system logs
• Apache, IIS, Exchange logs including Message Tracking
• Custom logfiles
•Script, http, REST APIs
Data Indexing,Storage & Search With LexiconEnterprise
Honeycomb’s LexiconEnterprise is a hugely scalable,fully distributed indexing search engine for storing and retrieving truly vast
amounts of data. The flexible and extensible nature of LexiconEnterprise allows hundreds of millions, even billions of events to be
easily and logically organized in a fashion that suits your business needs. Search results and reports analyze and return data
independently of where the underlying data is actually stored, so you can concentrate on the data important to your business.
LexiconEnterprise intrinsically correlates your ‘Big Data’ so you can discover connections and patterns without needing to know
and define them beforehand.
Reporting & Remediation With LexReporter
LexReporter is a fully distributed, automated reporting engine that generates and delivers reports, graphs, tables, summaries and
statistics to any number of stakeholders. Personnel from different areas of your organisation can receive reports relevant to their
role. LexReporter includes all required reports for all the main compliance and regulatory authorities including PCI-DSS,
GovConnect, GPG13, ISO27001, SOX etc.
Real-Time Alerting
The Lexicon suite includes a fully distributed alerting engine, capable of alerting on changing and emerging patterns of data
occurring within your enterprise environment, including serious system errors, user access breaches, stealth attacks, baseline trend
deviations – delivering a huge range of pattern detection alerts. The Alerting engine includes built-in masking and baseline
detection, so you get alerts only when you need them, and lets you get on with your work when things are running normally.
Working alongside your existing environment and software assets is at the heart of Honeycomb’s philosophy.
Honeycomb has teamed up with many popular vendors such as IBM, Microsoft, Palo Alto Networks, Cisco and many others to
bring together the vast array of data types and formats into a cohesive and correlated information view that your business can
actually use and benefit from.
Full Lifecycle Coverage
File Integrity Monitoring
User and Machine Behaviour
Full SIEM Integration
Compliance Reports
Distributed Data Collection
Big Data Management
© Copyright 2015 Honeycomb Technologies Ltd. All Rights Reserved.