Re: SIEM device?

["Rich Borroff" <rich_borroff () harvard edu>]

I recently sat through a presentation for the Qradar SLIM, an appliance
with the SIEM and log archiving features approriate for an SMB.  I really
liked it:  I asked Santa for one.

Rich Borroff
Network and Server Manager
Harvard University - DCE



security-basics-return-46945 () securityfocus com on Thursday, December 20,
2007 at 7:34 AM -0500 wrote:
> You may want to add ArcSight (www.arcsight.com) to the list of SIEM's to
> evaluate.
>
> Frank
>
> ----- Original Message ----
> From: "Eggleston, Mark" <meggleston () healthpart com>
> To: security-basics () securityfocus com
> Sent: Wednesday, December 19, 2007 12:44:05 PM
> Subject: SIEM device?
>
>
> Any of you fine folks using RSA’s Envision?  Or TriGeo?  We use GFI
> EventsManager and appreciate it simplicity but not its lack of stability
> and scaling issues.  Looking for something more robust w/ an easy GUI.
>
>
> Any suggestions?  I am concerned with envisions GUI and find it
> cumbersome; however would like to hear if other folks use envision with
> ease
> or use other products.  
>
> Thanks, 
>
> Mark Eggleston
> Manager, Security and Business Continuity
>
> -----------------------------------------
> All the information contained in this electronic communication and
> any attachments is intended only for the use of the individual or
> entity to which it is addressed. If you are not the intended
> recipient, you are hereby notified that you should not disseminate,
> distribute or copy any portion of this electronic communication. If
> you have received this message in error, please notify the sender
> by replying to this email and immediately deleting any and all
> copies you may have inadvertently made.
>
>
>
>
>     
> ____________________________________________________________________________________
> Never miss a thing.  Make Yahoo your home page. 
> http://www.yahoo.com/r/hs