Security Basics mailing list archives
Re: Security Information Management
From: "Chris Berry" <compjma () hotmail com>
Date: Fri, 11 Oct 2002 17:09:18 -0700
<ancient oriental advisor mode>You must become strong in the ways of Perl my son, only when your code is pure will you master the way of having vision without looking.
</ancient oriental advisor mode>Seriously though, nearly all of the systems you mentioned produce text based log files, a combination of perl scripts to harvest the data and crystal reports to present it, is probably what you're looking for, unless you want an "integrated" solution where the management is built in to some sort of centralized command console, in which case I can't help you.
From: "netsec novice" <netsec9 () hotmail com> To: security-basics () securityfocus com Subject: Security Information Management Date: Fri, 11 Oct 2002 19:18:03 +0000I'm going through a somewhat overwhelming evaluation for a SIM solution for our company. We have several UNIX (AIX) servers, 35+ NT/2000 servers, SNORT IDS, possible commercial IDS in the future, Command anti-virus, CheckpointFW, CISCO basic router IDS, Cisco VPN concentrator, 8 cisco routers and 10 cisco switches. NetForensics looks pretty strong but all of them have a pretty hefty price tag. I'm looking for any of you out there who could recommend solutions based on your experience. I will need to provide management with reports of incidents and activity(justify my job and other security expenditures). I'm looking for something that makes managing all of these sets of information somewhat less daunting and that is somewhat intuitive to use.Thanks _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com
Chris Berry compjma () hotmail com Systems Administrator JM Associates "I have found the way, and the way is Perl." _________________________________________________________________MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
Current thread:
- Re: Security Information Management Chris Berry (Oct 15)
- RE: Security Information Management Panth3r (Oct 16)