Re: Network flow log consolidation

[David Grisham <DGrisham () SALUD UNM EDU>]

The Cerner company purchased a log analyzer company and is putting out a
product called P2 sentinel.  For any of those of you in the healthcare
industry, have you used or evaluated this product?
It does patient record auditing & the log analyzer looks pretty good
for a lot of network devices & OS log files which we have to have for
HIPAA "technical security mechanism auditing ".

Cheers. -grish
David D. Grisham, Ph.D., CISM, CHS, CHSP
Manager, IT Security, UNM Hospitals, Information Technology
1650 University Blvd, S.500, Albuquerque, NM 87102
Ph: (505) 272-5657 FAX 272-3305
Work email: dgrisham () salud unm edu

> > > On 4/27/2006 at 8:11 am, in message
<13C6AAE71C512F4E9DC7970DF41BCF8E0560D4EE () XMAIL sooner net ou edu>,
"Ensz, Sean A." <ensz () OU EDU> wrote:
You might consider looking at QRadar by Q1Labs (www.q1labs.com). We
have been
using it for almost a year new and we have happy with the product. It
does a
good job of analyzing Netflow, sFlow, JFlow, et al... You can also
place a
collector on a SPAN port or tap to get full layer-7 analysis. They
recently
added SEM capability in their latest release that supports a whole
smorgasbord
of security logs that correlates with the flow data.

---
Sean Ensz
CISSP, GSEC, EnCE
IT Security Analyst
University of Oklahoma


-----Original Message-----
From: Logan Browne [mailto:lcb () UCSD EDU]
Sent: Tuesday, April 25, 2006 2:18 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Network flow log consolidation

Tangential to the discussion of syslog parsing, are any others on the
list evaluating or implementing products to consolidate network flow
logs? This would be a precursor to trend analysis and perhaps some
security event correlation processes.

I have looked at some products in a past position and am wondering
which
products or systems you find valuable.

--
Logan Browne, CISSP, CISM
Network Security Manager
University of California, San Diego
<lcb () ucsd edu>
(858)822-5343