Tuesday, August 21, 2007

SIEM - A Closer Look

As committed, here is my article on SIEM (Security Information and Event Management).

SIEM is a software/firmware based solution for managing the finite set of multiple vendor network and network security devices with a common platform to analyze/store data in real-time/historical.

Based on the necessities and product availabilities, we can sort the SIEM in to following cases.

1)Collect and analyze all log data and basic event management.
2)Collect and analyze all log data with full-function event management.
3)Simple deployment and support.
4)Full-featured SIEM products designed to deliver a broad set of capabilities, including security operations center console functions for large, complex environments.
5)SIEM integrated with network behavior analysis.
6)User and access oriented-analysis.
7)SIEM products that are integrated with an incumbent vendor’s vulnerability management and systems management products.

I have listed few main vendors of SIEM Solutions.
1)EMC
2)Symantec
3)Arcsight
4)Netforensics
5)Cisco Systems
6)IBM
7)CA
8)Intellitactics
9)Q1 Labs
10)TriGeo
11)Loglogic
12)LogRhythm
13)NetIQ

Letz talk about businez…..
SIEM Market is undergoing a rapid transformation due to following four reasons;
1)The emergence of user and access monitoring as the primary customer problem to be solved.
2)Demand for the technology from a broader set of customers.
3)The availability of the technology from large vendors that also sell related products or services.
4)Regulatory implication for compliance and logs analysis.

Based on the above four demands, the SIEM vendors launch their software/firmware solutions which will fall-on any of the seven cases listed at the top.

Who are the market leaders and why ….?

1)Arc sight – Function-rich Enterprise Security Management paves way for large-scale deployments.
2)EMC (RSA) – Unique combination of SIM, SEM & log management function that is easy to deploy.
3)Symantec – For large-scale real-time management and compliance reporting with various data sources.
4)Log logic – Provides greater deal in Log Management solution with data-analysis and real-time alerting.

Dear Friends,
This article is just an introduction and basics. If you have any specific queries, pl feel free to send an email @ bala18679@gmail.com/+919940674141

Love,
Bala
Posted by at

1 comment:

Unknown said...

:(

http://chuvakin.blogspot.com/2007/09/nobody-is-that-dumb-oh-wait-vi.html

September 4, 2007 at 2:14 PM

Post a Comment

Subscribe to: Post Comments (Atom)