Yeah, I would say Splunk would need to be on that shortlist a well. Stu
From: Andrew S. Baker [mailto:[email protected]] Sent: Thursday, November 10, 2011 12:04 AM To: NT System Admin Issues Subject: Re: SIEM solutions I've played with Nitro a little bit, and I'm familiar with LogRythm, although I've never deployed it. Also consider TriGeo, Splunk Enterprise, and http://alienvault.com/products/unified-siem/siem This is not a cheap category of product... ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... On Wed, Nov 9, 2011 at 1:34 PM, David Lum <[email protected]<mailto:[email protected]>> wrote: We are looking at some SIEM (Security Information and Event Management) solutions and are looking at products from the following vendors - does anyone here have a SIEM solution or experience and have anything to say about any of these? ArcSight RSA LogRhythm NitroSecurity netForensics elQnetworks Prism Microsystems Virtela David Lum Systems Engineer // NWEATM Office 503.548.5229<tel:503.548.5229> // Cell (voice/text) 503.267.9764<tel:503.267.9764> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
