Educause Security Discussion mailing list archives
Re: SIEM
From: "King, Ronald A." <raking () NSU EDU>
Date: Fri, 29 Apr 2011 13:38:05 -0400
I concur with this and Nitro. In addition, they have been very responsive in adding support for devices not initially included in their rule-set and addressing support requests. They are also very willing to do demos/trials on site. Ronald King Security Engineer Norfolk State University Marie V. McDemmond Center for Applied Research Suite 401 700 Park Ave. Norfolk, Virginia 23504 Phone: 757-823-3918 Fax: 757-823-2128 Email: raking () nsu edu http://security.nsu.edu From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ferris, Joe Sent: Friday, April 29, 2011 11:11 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] SIEM We have been using NitroSecurity (ESM) for a few years and have been very satisfied with our deployment. The direction of their product aligns well with what we are trying to protect, monitor and log for compliance. The console is powerful and built with Flash so it is incredibly customizable... the downside of Flash is that it takes Windows users about two weeks before they stop trying to "right click" everything. We are currently logging flows, IDS, IPS, firewalls, access logs, multiple Server Logs, NeXpose and more into one SIEM. Also, the underlying database has always been very fast and reliable for us. If you are evaluating SIEM solutions, I would suggest adding them to the mix. Joe Ferris Information Security Florida State University On 4/28/11 5:23 PM, "Rob Milman" <rob.milman () SAIT CA> wrote: Hi all, I've been asked to evaluate products in order to implement a SIEM solution for our core infrastructure. What, if any, SIEM solutions are working for you? Is anyone using OSSIM by alienvault? Thanks, Rob Security and Compliance Analyst, Information Systems, SAIT Polytechnic 1301 - 16 Avenue NW, Calgary, Alberta, Canada T2M 0L4 Ph (403) 210.4229, Cell (403) 606.3173, Fax (403) 284-8811 http://www.sait.ca <http://www.sait.ca/> <http://www.sait.ca/>
Attachment:
smime.p7s
Description:
Current thread:
- SIEM Rob Milman (Apr 28)