> Does any one have an opinion on Junipers STRM-boxes? I'm looking for way > to > handle traffic-logging for SRX-firewall but the STRM feels is very > expensive > and the smallest box only handles 500 evens/s, according to my sales > person > one connection is one logg event...? > > Is there perhaps better solutions out there?
STRM is basically a rebranded Q1 Labs box - it's a decent solution for log collection and event correlation, but if you strictly need something for log collection it's probably a bit overkill. I believe Q1 Labs is rated as the #2 vendor in the SIEM market, right behind Arcsight. While Arcsight is a good solution and might appear to be the cheaper solution initially, it's *REALLY* difficult to get set up and you'll likely end up blowing your OpEx budget just to get it up and running and constantly fine-tuned. If you just need logging and are on a tighter budget, and have any moderate coding experience, why not take a look at Splunk - http://www.splunk.com/ Stefan Fouant www.shortestpathfirst.net _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
