Educause Security Discussion mailing list archives
Re: SIEM Solution Recommendation
From: "Greene, Chip" <cgreene2 () RICHMOND EDU>
Date: Wed, 26 Oct 2011 18:07:25 -0400
Thanks David. We should also bear in mind that some vendors could be monitoring these discussions. I have already received a phone call from a vendor mentioned in this email chain wondering if we had any projects. Ironic....... ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of David Escalante [david.escalante () BC EDU] Sent: Wednesday, October 26, 2011 5:31 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] SIEM Solution Recommendation It depends upon what you're getting them for. I don't view them as interchangeable solutions, and they cost a lot of money, plus the monitoring one does once they're installed. Can you share more detailed requirements as to what the SIEM is expected to do, how big an environment it has to scale to, what number of FTEs you intend to have tend it once installed, etc...? Also, people replying to this message should bear in mind that this mailing list is archived and made available to the entire Internet essentially forever, so endorsements or disparagements of specific products will be public for a long time, and when you say "we use X at school Y" that is also available to any bad guy trying to penetrate you assuming they do some research on Google on hit upon any information your message(s) reveal in this mailing list.... -- David Escalante Boston College We are in the process of doing dog and pony shows for SIEM solutions and I would like to get a general perspective of what you have experienced in-house and those that belong in the out-house :-) We are looking at: ArcSight RSA NitroSecurity NetIQ to just name a few. Any thoughts would be very helpful. Please feel free to contact me directly. ________________________________ Information Services (including the HelpDesk) will NEVER ask for your password or other personal data via email. Messages requesting such details are fraudulent. DELETE THEM WITHOUT REPLY.
Current thread:
- Re: are you getting spam from "Ray", (continued)
- Re: are you getting spam from "Ray" Bob Bayn (Oct 26)
- Re: are you getting spam from "Ray" Tim Faircloth (Oct 26)
- SIEM Solution Recommendation Burton, Abigail F (Oct 26)
- Re: SIEM Solution Recommendation Basgen, Brian (Oct 26)
- Re: SIEM Solution Recommendation Dexter Caldwell (Oct 26)
- Re: SIEM Solution Recommendation Mayne, Jim (Oct 26)
- Re: SIEM Solution Recommendation Greene, Chip (Oct 26)
- Re: SIEM Solution Recommendation Burton, Abigail F (Oct 26)
- Re: SIEM Solution Recommendation Basgen, Brian (Oct 26)
- Re: SIEM Solution Recommendation David Escalante (Oct 26)
- Re: SIEM Solution Recommendation Greene, Chip (Oct 26)
- Re: SIEM Solution Recommendation Brad Judy (Oct 27)
- Re: SIEM Solution Recommendation Burton, Abigail F (Oct 27)
- Re: are you getting spam from "Ray" Bob Bayn (Oct 26)
- Re: SIEM Solution Recommendation Mike Lococo (Oct 26)
- Re: SIEM Solution Recommendation Everett, Alex D (Oct 26)
- Re: SIEM Solution Recommendation King, Ronald A. (Oct 26)
- Re: SIEM Solution Recommendation Will Froning (Oct 29)
- Re: SIEM Solution Recommendation John Kaftan (Oct 30)
- Re: SIEM Solution Recommendation Basgen, Brian (Oct 30)
- Re: SIEM Solution Recommendation Foerst, Daniel P. (Oct 30)