Educause Security Discussion mailing list archives
Re: SIEM
From: "Ferris, Joe" <JFerris () ADMIN FSU EDU>
Date: Fri, 29 Apr 2011 11:11:13 -0400
We have been using NitroSecurity (ESM) for a few years and have been very satisfied with our deployment. The direction of their product aligns well with what we are trying to protect, monitor and log for compliance. The console is powerful and built with Flash so it is incredibly customizable... the downside of Flash is that it takes Windows users about two weeks before they stop trying to ³right click² everything. We are currently logging flows, IDS, IPS, firewalls, access logs, multiple Server Logs, NeXpose and more into one SIEM. Also, the underlying database has always been very fast and reliable for us. If you are evaluating SIEM solutions, I would suggest adding them to the mix. Joe Ferris Information Security Florida State University On 4/28/11 5:23 PM, "Rob Milman" <rob.milman () SAIT CA> wrote:
Hi all, I¹ve been asked to evaluate products in order to implement a SIEM solution for our core infrastructure. What, if any, SIEM solutions are working for you? Is anyone using OSSIM by alienvault? Thanks, Rob Security and Compliance Analyst, Information Systems, SAIT Polytechnic 1301 - 16 Avenue NW, Calgary, Alberta, Canada T2M 0L4 Ph (403) 210.4229, Cell (403) 606.3173, Fax (403) 284-8811 http://www.sait.ca <http://www.sait.ca/>
Current thread:
- SIEM Rob Milman (Apr 28)