The SpyLogix architecture was designed as a state-of-the-art information security middleware solution with these technical tenets: 1) continuous security data (identities, roles, entitlements, objects/permissions and activity) intelligence, 2) automatic data management, and 3) real-time data actualization. The first tenet seeks to harvest security data directly from multiple disparate sources continuously, employing optimum combinations of object/attribute baseline, native (API based) resource monitoring, and messaging technologies, marketed as a resource specific SpyLogix module, to enable any enterprise data source to be eligible for efficient and effective management by SpyLogix. Messages may be communicated to one or more local or remote, say to enable cloud managed security services, SpyLogix Platform servers. SpyLogix Platform provides automatic data management and real-time data actualization services that eliminate IT support complexities and improve the effectiveness of people, IT service processes and other applications. Real-time data actualization encompasses: (i) ActionLogix™ policies to trigger actions, generate alerts, synthesize events, or forward messages (to other SpyLogix Platform servers); (ii) persistently stored security data may be shared via Web Services with programs supporting other IT services; (iii) an interactive console is included for data query, analysis and reporting; and (iv) reports or assessment programs (producing periodic output managed by SpyLogix) may be scheduled to run in the background.
IdentityLogix’s patent pending SpyLogix designs for continuous security intelligence and real-time data actualization enable cost efficiencies and staff effectiveness. SpyLogix uses a standardized message based design for attaining optimum end-to-end automation and leverage of enterprise access control and activity data. With this approach, modern technologies may be applied that elevate abilities to achieve governance, risk control, and compliance easily and with better quality. The SpyLogix architecture affords flexibility to deploy platform components to meet organizational and scalability wants or needs, including new “cloud computing” security demands. Lastly, SpyLogix’s innovative approach to “data actualization,” or the ability to make data actionable and shareable with other programs, enables organizations to do more with less (time, money and resources) for optimal business outcomes.
SpyLogix components are designed for enterprise scalability. Components can be deployed on physical or virtual servers. SpyLogix Data Management uses a Windows embedded database, which can use local, SAN disk, or network attached storage. SpyLogix components (Data Access, Communications Services, Message Services, Data Management or Data Actualization) may be split across servers for scalability; separated components use Communications Services and TCP/IP (by configuring IP address and port) to communicate.
A practical distribution of components would include Data Access, Message Services and Data Management (with an embedded database) on a server, Data Actualization on its own server, and optionally for MSPs or Cloud providers, another SpyLogix server to receive forwarded messages. Data Access is positioned to harvest data from desired enterprise sources, and then components downstream from Data Access would be configured to support its security data feeds.