Educause Security Discussion mailing list archives

Re: SIEM Solution Recommendation

From: "Foerst, Daniel P." <FOERST () CUA EDU>
Date: Sun, 30 Oct 2011 22:47:21 +0000

We implemented LogRhythm last year and have been using it to collect,
Windows, Linux, Cisco and other syslogs.
While I myself haven't delved into the depths, what I have used was rather
straight-forward and when I was confused, support has been top notch.

It helps that SC Magazine highly rated them in 2009 & 2011.

http://www.scmagazineus.com/logrhythm-v40/review/2389/
http://www.scmagazineus.com/logrhythm/review/3477/

Here's a link from LogRhythm's website.
http://ecrm.logrhythm.com/WebSCLabsRecommendedDownload2011.html

-dan

On 10/26/11 11:38 AM, "Burton, Abigail F" <afburton () BCM EDU> wrote:

Greetings All:

We are in the process of doing dog and pony shows for SIEM solutions and
I would like to get a general perspective of what you have experienced
in-house and those that belong in the out-house :-)

We are looking at:
ArcSight
RSA
NitroSecurity
NetIQ

to just name a few. Any thoughts would be very helpful. Please feel free
to contact me directly.

Best regards,
--
Abigail Burton
Sr. Information Security Analyst
Enterprise IT Security and Compliance
Baylor College Of Medicine
http://www.bcm.edu

Voice: 713.798.4559     afburton () bcm edu
Main:  713.798.3900     itsc () bcm edu
Fax:   713.798.1205

This email and any files transmitted with it are confidential and are
intended solely for the use of the individual or entity to which they are
addressed.  
This communication may contain material that is privileged and legally
protected from disclosure by federal law, including the Health Insurance
Portability and Accountability Act (HIPAA).  If you are not the intended
recipient or the person responsible for delivering the email to the
intended recipient, be advised that you have received this email in error
and that any use, dissemination, forwarding, printing, or copying of this
email is strictly prohibited.
If you have received this email in error, please immediately notify the
sender and delete this message.

Current thread:

Re: SIEM Solution Recommendation, (continued)
- - - Re: SIEM Solution Recommendation David Escalante (Oct 26)
    - Re: SIEM Solution Recommendation Greene, Chip (Oct 26)
    - Re: SIEM Solution Recommendation Brad Judy (Oct 27)
    - Re: SIEM Solution Recommendation Burton, Abigail F (Oct 27)
    - Re: SIEM Solution Recommendation Mike Lococo (Oct 26)
    - Re: SIEM Solution Recommendation Everett, Alex D (Oct 26)
    - Re: SIEM Solution Recommendation King, Ronald A. (Oct 26)
    - Re: SIEM Solution Recommendation Will Froning (Oct 29)
    - Re: SIEM Solution Recommendation John Kaftan (Oct 30)
    - Re: SIEM Solution Recommendation Basgen, Brian (Oct 30)
    - Re: SIEM Solution Recommendation Foerst, Daniel P. (Oct 30)