ArcSight, Q1Labs, NitroSecurity, AlienVault, RSA, eiQNetworks, LogRhythm, Tenable Security, etc. The list of major vendors in approximately 15 names.
I would not recommend ArcSight by people's opinion, my personal review of SIEN vendors, and possible price of implementation. AlienVault could cost $25K, when ArcSight goes for more than $110K. It is HP/ArcSight though.

Mikhail Utin, CISSP
Information Security Analyst

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Anwar Khan
Sent: Thursday, May 03, 2012 8:17 AM
To: Daniel Gil
Cc: security-basics (at) securityfocus (dot) com [email concealed]
Subject: Re: Centralized firewall management and log analysis tools

Hi Daniel,

Check out the tool called ArcSight (arcsight.com) instead of Splunk.
It does log analysis and real time monitoring with Correlation to identify APT and many many more things which we can't even imagine.
And gives you a robust job profile as well if you work on this tool.

It integrate with all product in the market and gives you one console to do complete deep analysis of the security posture of an org.

This is for Log analysis and Real time monitoring and Correlation, not for Administration for any product.

Hope this will help you.

On Thu, May 3, 2012 at 4:00 PM, Daniel Gil <the900 (at) gmail (dot) com [email concealed]> wrote:
> Hi list!
>
> Recently I've been tasked with designing a solution for a company that
> has multiple offices, each with a database server and firewall,
> connected to the central headquarters through vpn. They administer
> each of these offices individually and would like a centralized server
> for firewall administration, log analysis and possibly IDS/vpn
> administration.
>
> I've been thinking about splunk+snort+a firewall that provides
> centralized management. Is there a better set of tools for the job? Or
> even better, a single tool that integrates all features?
>
> I'd love to hear from you people with experience in implementing
> similar solutions which tools worked best for you.
>
> Best regards,
> Dan
>

CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential
and privileged information for the use of the designated recipients named above. If you are
not the intended recipient, you are hereby notified that you have received this communication
in error and that any review, disclosure, dissemination, distribution or copying of it or its
contents is prohibited. If you have received this communication in error, please reply to the
sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication
and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy,
please visit our Internet web site at http://www.commonwealthcare.org.

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]