Re: NitroSecurity SIEM platform

[ClarkJK <clarkjk () COFC EDU>]

We have been using Nitrosecurity for 2 1/2 years. Some of the problems we
have encountered are some outside venders logs not being searchable. It
would not put the appropriate tag on a field. You could see the IP in the
Log on the main screen, but could not search for that IP and it come up in
the results. This may have been fixed as we ended up moving a lot of our
external logs to Splunk. We are now mainly using Nitro to report and log on
our IPS infrastructure which it has been working great at.

Thanks,
Joseph Clark
Senior Network Engineer
College of Charleston
clarkjk () cofc edu


On 7/24/09 10:24 AM, "Charles Seitz" <cseitz () UTM EDU> wrote:

> Does anyone on this list use the NitroSecurity SIEM platform who would care to
> share their experiences? We saw a demo of it yesterday, and to say the least,
> I was impressed. It appears to be far beyond what our current solution is
> capable of in terms of speed and functionality, but of course the proof is in
> the pudding, so to speak.
>
> Thanks,
>
> Charlie
>
> Charles A. Seitz
> Senior Security Analyst
> University of Tennessee Information Security Office
> Martin Campus
> cseitz () tennessee edu
> (731) 881-7966