RE: Searching for a product that aggregates logs and can generate alerts


If you have access to the Gartner Magic Quadrant reviews for 2005, some of
the names you will see in the leaders quadrant include:

Sentinel - eSecurity's product - top notch.. I have heard nothing but
positive reviews.

Arcsight - though I have heard more bad than good review on their product
suite

GuardedNet - their first revision was a bit slow, but version 2.0 is
considerably faster and offers some great reporting and correlating
features.

Intellitactics - haven't seen this product in action

Open - I have had reasonably good experience with this product. Their
engineering staff is very willing to help shape and mold additional
products/logging devices into the console where necessary.

-spyro malaspinas

-----Original Message-----
From: Rob Barrett [mailto:barrett.security@xxxxxxxxx]
Sent: Monday, December 05, 2005 12:30 PM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: Searching for a product that aggregates logs and can generate
alerts

We are in the middle of this eval. All the products we have considered
have there plus's and minus's

Arcsight - everyone we spoke with said don't even consider it

Network Intelligence - very fast database, very small database, pull
reports fast, but is lacking in the Vulnerability assessment area,
correlating IDS data with VA scan data from different products, ie:
ISS NIDS with Nessus data.

Esecurity - product looked very good and flexible but our rep was very
secretive about how to setup....well...most everything in the product.

NetForensics - this one deserves a serious look. has too many
functions to list but is confusing as hell at first. has very good VA
functionality, lots of canned reports. each user has there own desktop
with 4 virtual desktops to setup your session.

as said before all of them $100k+. I did not look at the open source
product mentioned. Hope this helps.

please share your experiences =)

Relevant Pages

  • Re: JSH: Attacking the conclusion
    ... jstevh@msn.com (James Harris) writes: ... > chief editor of that journal, it had favorable reviews and was to be ... did you receive copies of the referee reports? ... > Now when it's revealed that he yanked a correct paper and did so after ...
    (sci.math)
  • Re: Too neat to waste...
    ... But people can read the detailed reports I am referring ... Alas, in general, the UK consumer magazines don't make any mention ... measurements which might shed light on the matter are omitted. ... This is one of the persistent problems with the UK reviews. ...
    (uk.rec.audio)
  • Re: Objective reviews & ratings of dishwashers?
    ... Are there any legit online sources of ratings and reviews? ... Is Consumer Reports still held in high regard in this area? ... I've seen comments that Bosch has improved its reliability in recent ... I guess you Googled diswasher reviews or reports? ...
    (misc.consumers.house)
  • Re: 2009 7DRLPC Thread - Reviews, YAVPs, Bug Reports
    ... (Reviews should be constructive writeups of at least 25 words, ... I've already done reviews, victory reports and bug reports for about ...
    (rec.games.roguelike.misc)
  • Re: Meade LXD75, out yet?
    ... >Any reviews? ... Initial reports are favorable. ... Author of _Choosing and Using a Schmidt Cassegrain Telescope_ ... Like SCTs and MCTs? ...
    (sci.astro.amateur)