For me, it's simply log aggregation and alerting. The bigger goal is a stuff way out of my scope as it's being driven from our product side (I am employee-facing, not product facing). I've been included on this project just for my technical input and am much more a passenger than a driver on this project.
The vendor list I sent out was narrowed down from a bigger selection. I was simply looking for anyone who has deployed or evaluated SIEM products from the listed vendors is all. Dave From: Michael B. Smith [mailto:[email protected]] Sent: Wednesday, November 09, 2011 10:44 AM To: NT System Admin Issues Subject: RE: SIEM solutions What is the goal? On the low end, you are leaving out NetWrix, in the middle you are leaving out ConfigMgr, and on the upper end you are leaving out various Quest solutions. But it all depends on what you are trying to do. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: David Lum [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Wednesday, November 09, 2011 1:35 PM To: NT System Admin Issues Subject: SIEM solutions We are looking at some SIEM (Security Information and Event Management) solutions and are looking at products from the following vendors - does anyone here have a SIEM solution or experience and have anything to say about any of these? ArcSight RSA LogRhythm NitroSecurity netForensics elQnetworks Prism Microsystems Virtela David Lum Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
