PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

SMB Security Event Management Tool

From: neils.christoffersen at gmail.com (Neils Christoffersen)
Date: Thu, 9 Apr 2009 10:35:20 -0500
Q1 also uses ariel in its QRadar product (not sure about the free version).


On 4/9/09, Dan McGinn-Combs <dgcombs at gmail.com> wrote:

Has anyone tried Juniper's STRM set of products?
I had a pitch by them the other day touting their use of a proprietary
database called Ariel (yeah... under the sea. I know) which solves not only
your alerting, reporting and forensics issues but also world hunger and
peace in the Middle East.

After having used MySQL back ends before, I'm a little less than thrilled by
products that incorporate that as a repository for XXX log items per second.

Dan

On Wed, Apr 8, 2009 at 10:02 PM, airwolf airwolf <airwolf.security at gmail.com

wrote:



I would recommend at looking at: Splunk and Snare. Both tools combined
give
you great flexibility, not audit nirvana but close.

On Tue, Apr 7, 2009 at 8:55 PM, Jim Manley <jmanley at aledobb.com> wrote:


I'm looking for a security event management tool (log correlation,
auditing, etc.) that would be suitable for small/medium size business
environment.  The environments in which it would be deployed into are
primarily MS Windows with a smattering of Linux.

It doesn't need a lot of bells and whistles and it needs to be fairly
easy to set up and operate (the people doing the work are primarily
physical security types with the average user's knowledge).  Ideally it
needs to trigger on Windows event manager and security manager codes for
things like failed logins, etc.




--
Dan McGinn-Combs, Security+, GSEC, CISSP, CISA
dgcombs at gmail.com
Grand Central: +1 404 492 7532
Peachtree City, Georgia USA




-- 
Neils Christoffersen
http://judogeek.wordpress.com
http://www.linkedin.com/in/neilschristoffersen
Previous By Date Next
Previous By Thread Next

Current thread: