I wonder if McCrappy will destroy them since McCrappy is really Intel now. I too was a fan although only used it for a 90 day eval. On Thu, Jan 26, 2012 at 10:11 AM, Andrew S. Baker <[email protected]> wrote:
> Splunk is powerful, but hideously expensive. > > Start by looking at AlienVault or TriGeo... I was a fan of NitroSecurity, > but now that they've been purchased by McCrappy, expect deterioration and > needless complexity and high cost to become major factors. > > Encryption of everything causes significant burdens, many of which can > only be *eased* by money. > > You're going to need really good key management, or else the whole system > will be burdensome and yet easily undermined. > > Just make sure you log data is being saved to a location that has very > limited access by anyone else, and lock it down. > > Or, price out encryption to the fullest and have your management team > faint. > > Then, show them this thread and get them to manage their risks in a more > balanced way. > > > * * > > *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of > Technology for the SMB market… > > * > > > > On Thu, Jan 26, 2012 at 9:12 AM, [email protected] <[email protected]>wrote: > >> I do that with my Kiwi Syslog software, Routers, Switches, Firewalls, >> Windows NT events, Printer events, and IP camera logs but that wasn't good >> enough because it doesn't encrypt the logs as well.**** >> >> #1 I hadn't heard that term before. I was called it Log monitoring and >> management. #2 They are keying of the RSA log hacking to enforce the >> encryption of the logs while in transit and at rest.**** >> >> Blah Blah Blah.**** >> >> Thanks. Anyone have a good SIEM product or appliance they use? I am >> looking at LogRythm or SPLUNK???**** >> >> ** ** >> >> *From:* Erik Goldoff [mailto:[email protected]] >> *Posted At:* Wednesday, January 25, 2012 3:42 PM >> >> *Posted To:* [email protected] >> *Conversation:* FW: SIEM >> *Subject:* Re: FW: SIEM**** >> >> ** ** >> >> Security Event Information Management ... security event log/alerting ?** >> ** >> >> On Wed, Jan 25, 2012 at 2:14 PM, [email protected] <[email protected]> >> wrote:**** >> >> **** >> >> **** >> >> This is new to me. What is SIEM and what do I do with it?**** >> >> **** >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
