Educause Security Discussion mailing list archives

Re: SIEM

From: "Ferris, Joe" <JFerris () ADMIN FSU EDU>
Date: Fri, 29 Apr 2011 11:11:13 -0400

We have been using NitroSecurity (ESM) for a few years and have been very
satisfied with our deployment.  The direction of their product aligns well
with what we are trying to protect, monitor and log for compliance.  The
console is powerful and built with Flash so it is incredibly customizable...
the downside of Flash is that it takes Windows users about two weeks before
they stop trying to ³right click² everything.  We are currently logging
flows, IDS, IPS, firewalls, access logs, multiple Server Logs, NeXpose and
more into one SIEM.  Also, the underlying database has always been very fast
and reliable for us.  If you are evaluating SIEM solutions, I would suggest
adding them to the mix.

Joe Ferris  
Information Security
Florida State University


On 4/28/11 5:23 PM, "Rob Milman" <rob.milman () SAIT CA> wrote:

Hi all,
 
I¹ve been asked to evaluate products in order to implement a SIEM solution for
our core infrastructure. What, if any, SIEM solutions are working for you? Is
anyone using OSSIM by alienvault?
 
Thanks,
 
Rob
 
Security and Compliance Analyst, Information Systems, SAIT Polytechnic
1301 - 16 Avenue NW, Calgary, Alberta, Canada  T2M 0L4
Ph (403) 210.4229, Cell (403) 606.3173, Fax (403) 284-8811
http://www.sait.ca <http://www.sait.ca/>

Current thread:

SIEM Rob Milman (Apr 28)
- Re: SIEM Matthew Gracie (Apr 28)
- Re: SIEM Pratt, Benjamin E. (Apr 29)
  - Re: SIEM Aaron Sigmon (Apr 29)
    - Re: SIEM James R. Pardonek (Apr 29)
  - Re: SIEM Chris Vakhordjian (Apr 29)
- Re: SIEM Ferris, Joe (Apr 29)
  - Re: SIEM King, Ronald A. (Apr 29)
- Re: SIEM Gibson, Nathan J. (HSC) (Apr 29)