Security Basics mailing list archives

Re: SIM Suggestions

From: Glenn <ve6rsx () gmail com>
Date: Sun, 3 Aug 2008 21:27:32 -0600

I concur that SIM's are maintenance headaches.

I have been using Intellitactics ISM for 5 years now, and the product
has matured considerably over that time span; it is best used in a
situation where realtime monitoring is important. Unfortunately they
dropped support for an Oracle backend database, and now use MySQL; my
experience is that when large ammounts of data are maintained online
(e.g. more that a couple of weeks) Oracle is far far superior in
performance.  This makes long term trending more difficult, as you are
constantly maintaing rollup summaries - in Oracle this is  easily
managed using materialized views, and date partitioned tables -
neither of which is supported in MySQL.

We looked at MARS recently and it does not come anywhere close to the
functionality that we get from ISM; I suggest you start with a very
detailed requirements definition, listing the exact details of each
device, how much data is generated per day, peak event generation
rates, etc.   Also, be very clear on the reports you require, and how
fast you expect the reports to be generated.

Glenn

Current thread:

Re: SIM Suggestions R Buena (Aug 03)
- Re: SIM Suggestions Glenn (Aug 05)
- <Possible follow-ups>
- Re: SIM Suggestions pelletier . norbert (Aug 08)
- Re: Re: SIM Suggestions sgonzalez (Aug 08)
  - Re: Re: SIM Suggestions ॐ aditya mukadam ॐ (Aug 11)
- Re: SIM Suggestions Albert Gonzalez (Aug 11)