Re: NitroSecurity SIEM platform

[Erik Decker <edecker () LUC EDU>]

Howdy! 

Loyola University Chicago recently went through an involved RFP and evaluation process on SIEM.  We looked at 4 
competitors:  RSA, Novell, NitroSecurity and QRadar.  In the end, NitroSecurity won.  In fact, the boxes just shipped 
to us yesterday. 

It was certainly not an easy choice.  All of the vendors had their own 'spin' on SIEM that was impressive.  In the end, 
however, NItroSecurity won Loyola's business based on the following criteria:  Upfront cost, long term cost (the won 
here hands down), functionality, overhead, management, product development and vendor relations.   

My analysis went over a span of several months.  It included scoring RFP responses, vendor meetings, cost negotiations, 
training negotiations, enterprise architecture, technical resource 'draw' and "fit" for the culture.  It's hard to say 
that on SIEM is better than any other.  I can say, however, that I was in the exact same comparison between RSA and 
Nitro and struggled with the same choice.  They are both very good products, and I would be proud to maintain either of 
them.  However, due to the size of Loyola and the deployment plan for an enterprise installation, RSA was extremely 
expensive.   

I will put in one other plug about NitroSecurity - everyone in their organization, including their leadership, is very 
involved with their customers.  That means a lot to us.  At one point during our product demo we had the CEO, VP of 
Sales and VP of Engineering on the phone.  We didn't get that kind of attention from RSA. :) 

Hope that helps!  Again, if you would like to see our methodology I could throw it out to you off-list.  I'm pretty 
proud of it. 

Thanks, 




----
Erik Decker
Security Administrator
Information Technology Services

> > > Anand S Malwade <Anand.Malwade () SHU EDU> 07/24/09 10:26 AM >>>


Hi, 


Curious to know if other Universities have deployed or compared RSA Envision to Nitro or other SIEM solutions. 


Thanks, 


Anand 


  


Anand Malwade, 


Information Security Officer, 


Seton Hall University, 


Anand.Malwade () shu edu 


973 275 2209 


  


  


  


From: 

The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Dexter Caldwell
Sent: Friday, July 24, 2009 11:23 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] NitroSecurity SIEM platform 

  

Hi Charles, 



        We use the NitroSecurity SIEM. We recently purchased and have been using it for a few short months now.   I had 
the same impression as you did from the demo and after a vigorous eval we decided it was the best system for our needs. 
 Those needs centered around the following:  analysis capabilities, 3rd party platform logging support, scalabillity, 
performance, technical support, storage, short-term value ($$$) and long-term dollar cost, management overhead, and 
possible integration with other tools we have or might be looking to in the future .  We evaluated a few other products 
all of which had their strenghths, weaknesses, but NitroSecurity came out on top for us.  If you'd like details I feel 
free to contact me off-list. 


  

Thanks, 


  

Dexter Caldwell 



Information Security Administrator 



Computing & Information Services 



Furman University 



3300 Poinsett Hwy 



Greenville, SC 29613 



email: dexter.caldwell () furman edu 



office: 864-294-3566 



facsimile: 864-294.3001 


  

The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> writes: 



Does anyone on this list use the NitroSecurity SIEM platform who would care to share their experiences? We saw a demo 
of it yesterday, and to say the least, I was impressed. It appears to be far beyond what our current solution is 
capable of in terms of speed and functionality, but of course the proof is in the pudding, so to speak. 


  

Thanks, 


  

Charlie 






Charles A. Seitz 



Senior Security Analyst 



University of Tennessee Information Security Office 



Martin Campus 



cseitz () tennessee edu 



(731) 881-7966