When I initially wrote the Dragon IDS, I had a lot of customers tell me about how much they hated to have to fire up MS-SQL or some other database that was outside a product they were using, especially if it was a security product.
For the Tenable Security Center and Log Correlation Engine, there are no traditional databases involved. Everything is written to the disk and indexed for performance. If you loose power, you have minimal corruption and it works real well in a VM type of environment. Ron Gula Tenable Network Security Neils Christoffersen wrote: > Q1 also uses ariel in its QRadar product (not sure about the free version). > > > On 4/9/09, Dan McGinn-Combs <[email protected]> wrote: >> Has anyone tried Juniper's STRM set of products? >> I had a pitch by them the other day touting their use of a proprietary >> database called Ariel (yeah... under the sea. I know) which solves not only >> your alerting, reporting and forensics issues but also world hunger and >> peace in the Middle East. >> >> After having used MySQL back ends before, I'm a little less than thrilled by >> products that incorporate that as a repository for XXX log items per second. >> >> Dan >> >> On Wed, Apr 8, 2009 at 10:02 PM, airwolf airwolf <[email protected] >>> wrote: >>> I would recommend at looking at: Splunk and Snare. Both tools combined >>> give >>> you great flexibility, not audit nirvana but close. >>> >>> On Tue, Apr 7, 2009 at 8:55 PM, Jim Manley <[email protected]> wrote: >>> >>>> I'm looking for a security event management tool (log correlation, >>>> auditing, etc.) that would be suitable for small/medium size business >>>> environment. The environments in which it would be deployed into are >>>> primarily MS Windows with a smattering of Linux. >>>> >>>> It doesn't need a lot of bells and whistles and it needs to be fairly >>>> easy to set up and operate (the people doing the work are primarily >>>> physical security types with the average user's knowledge). Ideally it >>>> needs to trigger on Windows event manager and security manager codes for >>>> things like failed logins, etc. >>>> >> -- >> Dan McGinn-Combs, Security+, GSEC, CISSP, CISA >> [email protected] >> Grand Central: +1 404 492 7532 >> Peachtree City, Georgia USA >> > > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
