Security Basics mailing list archives
Re: Picking a SIEM: How's envision compared with Arcsight?
From: "Sandeep Cheema " <51l3n7 () live in>
Date: Fri, 3 Feb 2012 05:26:31 +0000
Arcsight's definitely the best with it's smartconnector's for pulling the logs. Flexconnector's are there for devices that are not supported and these have to be custom developed. Arcsight charges a lot for this part. They also provide a Flexconnector training, which would be the way to go if you are looking at lot of devices and long run. You do not have to purchase lot of logger appliances, rather go for like 2 primary and 2 backup with a NAS environment. The loggers can talk to NAS. Support should not be an issue for large enterprise who have a dedicated or shared TAM. RSA Envision is expensive. Much more than Arcsight. Also, it just supports syslog and you cannot pull logs. For devices that have UDP syslog capability only, the packets are bound to be lost. RSA supports NAS too. Sorry, I haven't evaluated QRadar. My 0.02$ for Arcsight Regards, Sandeep Sent from my BlackBerry® smartphone -----Original Message----- From: xxuuyyong () gmail com Date: Thu, 2 Feb 2012 21:45:26 To: <security-basics () securityfocus com> Subject: Picking a SIEM: How's envision compared with Arcsight? We are looking for a new SIEM for a very large enterprise environment. ArcSight's sales people are always like you must be idiots if you are not using our product. But my concern is that they got acquired by HP, and our past experience dealing with HP's customer support hasn't been very pleasant. There are also rumors that ArcSight has been losing its talents after acquired by HP. I also looked at QRadar and it's a wonderful product. However, it's acquired by IBM. Is it a good idea to invest a lot of money and effort on a product that's bound to be discontinued and unsupported in a short couple of years in order to be replaced by a re-branded product? Then there's the RSA envision. It's been under RSA's product line-up for many years and EMC got it integrated with its archer and netwitness products. This makes it a more stable pick to me. Can anyone comment on the performance, support, and the maintenance complexity of the envision compared to the ArcSight? TIA Ian ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Picking a SIEM: How's envision compared with Arcsight? xxuuyyong (Feb 02)
- <Possible follow-ups>
- Re: Picking a SIEM: How's envision compared with Arcsight? Sandeep Cheema (Feb 03)
- Re: Re: Picking a SIEM: How's envision compared with Arcsight? roys81 (Feb 05)
- Re: Re: Picking a SIEM: How's envision compared with Arcsight? bit1976 (Feb 13)
- RE: Re: Picking a SIEM: How's envision compared with Arcsight? Mikhail A. Utin (Feb 14)
- Message not available
- RE: Re: Picking a SIEM: How's envision compared with Arcsight? Mikhail A. Utin (Feb 14)
- Re: Re: Picking a SIEM: How's envision compared with Arcsight? bit1976 (Feb 13)