Educause Security Discussion mailing list archives
SIM/SIM-like usage poll
From: Brian Smith-Sweeney <bsmithsweeney () NYU EDU>
Date: Thu, 21 Apr 2005 17:10:33 -0400
Greetings all, I apologize to those that get this twice, as I'm cross-posting Unisog and Educause. I know this was mentioned briefly on Unisog recently, but I'd like to take a quick poll of the group to find out who's using a SIM product right now. We're just starting to look at SIMs, but so far I've seen two open-source solutions (OSSIM and OPENSIM) and some commercial products as well (ArcSight,NetForensics,OPEN,NetMon2, Cisco) that seem promising. My questions are: 1) What, if any, SIM are you using, and would you recommend it? 2) Are you using it to handle incidents all across the network, just monitor core systems, or some other subset of your network security infrastructure? 3) What was the biggest draw to the solution you're using? Any other thoughts, experiences, etc. are certainly appreciated. Please send replies to any or all of the above off-list to bsmithsweeney () nyu edu, and I'll summarize the results and post. Cheers, Brian -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Brian Smith-Sweeney Sr. Network Security Analyst ITS Technology Security Services, New York University bsmithsweeney () nyu edu http://www.nyu.edu/its/security ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- SIM/SIM-like usage poll Brian Smith-Sweeney (Apr 21)