Hi folks, Has anyone already experiences with a security-information-tool like ArcSight/Open Service or similar ? We plan to evaluate systems, which are able to read different logfiles ( ids, firewall, ..... ) to extract possible relations to find possible intrusion-trials. At the moment i see tons of logfiles, which can not be checked anymore and i cannot imagine that a tool is able to check these files AND is able to find valuable informations and relations. Maybe someone of you already has positive or negative experiences. Or there are important points, which should be checked in an evaluation.
Klaus ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
