Re: SIEM Solution Recommendation

["Everett, Alex D" <alex.everett () UNC EDU>]

You may want to consider Splunk, it has some nice features.
However, it does lack in the reporting sections when compared to some of the below products.

Sincerely,

Alex Everett
University of North Carolina

On Oct 26, 2011, at 11:38 AM, Burton, Abigail F wrote:

> Greetings All:
>
> We are in the process of doing dog and pony shows for SIEM solutions and I would like to get a general perspective of 
> what you have experienced in-house and those that belong in the out-house :-) 
>
> We are looking at:
> ArcSight
> RSA
> NitroSecurity
> NetIQ
>
> to just name a few. Any thoughts would be very helpful. Please feel free to contact me directly.
>
> Best regards,
> --
> Abigail Burton
> Sr. Information Security Analyst
> Enterprise IT Security and Compliance
> Baylor College Of Medicine
> http://www.bcm.edu
>
> Voice: 713.798.4559     afburton () bcm edu
> Main:  713.798.3900     itsc () bcm edu
> Fax:   713.798.1205
>
> This email and any files transmitted with it are confidential and are intended solely for the use of the individual 
> or entity to which they are addressed.  
> This communication may contain material that is privileged and legally protected from disclosure by federal law, 
> including the Health Insurance Portability and Accountability Act (HIPAA).  If you are not the intended recipient or 
> the person responsible for delivering the email to the intended recipient, be advised that you have received this 
> email in error and that any use, dissemination, forwarding, printing, or copying of this email is strictly 
> prohibited.  
> If you have received this email in error, please immediately notify the sender and delete this message.

Sincerely,

Alex Everett, CISSP, CCNA
Information Security Office
University of North Carolina at Chapel Hill
919.445.9393