Security Basics mailing list archives
RE: Centralized firewall management and log analysis tools
From: "Mikhail A. Utin" <mutin () commonwealthcare org>
Date: Thu, 3 May 2012 16:36:48 -0400
ArcSight, Q1Labs, NitroSecurity, AlienVault, RSA, eiQNetworks, LogRhythm, Tenable Security, etc. The list of major vendors in approximately 15 names. I would not recommend ArcSight by people's opinion, my personal review of SIEN vendors, and possible price of implementation. AlienVault could cost $25K, when ArcSight goes for more than $110K. It is HP/ArcSight though. Mikhail Utin, CISSP Information Security Analyst -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Anwar Khan Sent: Thursday, May 03, 2012 8:17 AM To: Daniel Gil Cc: security-basics () securityfocus com Subject: Re: Centralized firewall management and log analysis tools Hi Daniel, Check out the tool called ArcSight (arcsight.com) instead of Splunk. It does log analysis and real time monitoring with Correlation to identify APT and many many more things which we can't even imagine. And gives you a robust job profile as well if you work on this tool. It integrate with all product in the market and gives you one console to do complete deep analysis of the security posture of an org. This is for Log analysis and Real time monitoring and Correlation, not for Administration for any product. Hope this will help you. On Thu, May 3, 2012 at 4:00 PM, Daniel Gil <the900 () gmail com> wrote:
Hi list! Recently I've been tasked with designing a solution for a company that has multiple offices, each with a database server and firewall, connected to the central headquarters through vpn. They administer each of these offices individually and would like a centralized server for firewall administration, log analysis and possibly IDS/vpn administration. I've been thinking about splunk+snort+a firewall that provides centralized management. Is there a better set of tools for the job? Or even better, a single tool that integrates all features? I'd love to hear from you people with experience in implementing similar solutions which tools worked best for you. Best regards, Dan
CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please reply to the sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy, please visit our Internet web site at http://www.commonwealthcare.org. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Centralized firewall management and log analysis tools Daniel Gil (May 03)
- Re: Centralized firewall management and log analysis tools Anwar Khan (May 03)
- RE: Centralized firewall management and log analysis tools Mikhail A. Utin (May 03)
- Re: Centralized firewall management and log analysis tools Nightshade (May 03)
- RE: Centralized firewall management and log analysis tools David Gillett (May 03)
- Re: Centralized firewall management and log analysis tools john dow (May 03)
- Re: Centralized firewall management and log analysis tools Andy Smith (May 04)
- RE: Centralized firewall management and log analysis tools Marian Paun (May 04)
- RE: Centralized firewall management and log analysis tools Mikhail A. Utin (May 04)
- Re: Centralized firewall management and log analysis tools Ron McKown (May 04)
- Re: Centralized firewall management and log analysis tools Anwar Khan (May 08)
- RE: Centralized firewall management and log analysis tools Mikhail A. Utin (May 08)
- Re: Centralized firewall management and log analysis tools Andy Smith (May 04)
- Re: Centralized firewall management and log analysis tools Anwar Khan (May 03)