Security Basics mailing list archives
Re: Searching for a product that aggregates logs and can generate alerts
From: Rob Barrett <barrett.security () gmail com>
Date: Mon, 5 Dec 2005 11:29:43 -0800
We are in the middle of this eval. All the products we have considered have there plus's and minus's Arcsight - everyone we spoke with said don't even consider it Network Intelligence - very fast database, very small database, pull reports fast, but is lacking in the Vulnerability assessment area, correlating IDS data with VA scan data from different products, ie: ISS NIDS with Nessus data. Esecurity - product looked very good and flexible but our rep was very secretive about how to setup....well...most everything in the product. NetForensics - this one deserves a serious look. has too many functions to list but is confusing as hell at first. has very good VA functionality, lots of canned reports. each user has there own desktop with 4 virtual desktops to setup your session. as said before all of them $100k+. I did not look at the open source product mentioned. Hope this helps. please share your experiences =)
Current thread:
- Re: Searching for a product that aggregates logs and can generate alerts vachanta (Dec 05)
- Re: Searching for a product that aggregates logs and can generate alerts Pranav Lal (Dec 06)
- <Possible follow-ups>
- Re: Searching for a product that aggregates logs and can generate alerts Rob Barrett (Dec 06)
- RE: Searching for a product that aggregates logs and can generate alerts Spyro Malaspinas (Dec 07)