Has anyone had any experience setting one of these up? Any ideas on who the vendors are in this space?
|
0
|
|
|
|
|
0
|
I've never actually had to set up one of these systems before but I had researched it and found the following vendors: Commercial SEM products include EventTracker by Prism Microsystems, RSA enVision, TriGeo, Q1Labs QRadar, ArcSight, SenSage, Cisco Security MARS, Snare and others. Open Source SEM products include OSSIM, and Prelude. Personaly, I think the tools given with the OS is sufficient enough if you create the correct security audits and logs. But, I guess that depends on your network infrastructure. |
||
|
|
|
0
|
Envision and ArcSite are the best. You can use an open tool like Snare if you wish. You will need to understand what you want to capture and configure the devices accordingly. I believe ArcSite and Envision have out of the box reporting. |
||
|
|
Not the answer you're looking for? Browse other questions tagged sem logging event managment or ask your own question.
Welcome to SecurityCRunch
A place to ask questions and get real answers about IT Security process, products and technologies .
tagged
asked
11 months ago
viewed
24 times
latest activity
today
