How to define SIEM strategy, management and success in the enterprise
A comprehensive collection of articles, videos and more, hand-picked by our editors
Generally speaking, a SIM/SEM/SIEM network intrusion monitoring system is an enhancement to an existing IDS. It...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
will store and further process the logs generated by the IDS and allow you to correlate IDS entries with other security events, such as vulnerabilities detected by a network scanner. The use of a SIM/SEM/SIEM can greatly reduce the amount of time spent reviewing log records by automating the task.
That said, SIM/SEM/SIEM devices are expensive. If you don't have the budget to purchase a good SIM/SEM/SIEM, you're probably better off doing network intrusion monitoring yourself than installing a marginal quality SIM/SEM/SIEM. Less sophisticated systems integrate with fewer of your security devices, require more extensive configuration and maintenance and will probably increase the total cost of ownership.
You shouldn't lose any data between your IDS and your SIM, but it's always a good idea to monitor log data and keep IDS logs as a backup in the event the SIM malfunctions or becomes unavailable.
For more information:
- Learn how to mine enterprise SIM logs for relevant security event data.
- Don't have a SIM? Find out how to check for attack data on network logs without SIMs
Related Q&A from Mike Chapple
Data center cleaning may not be mandated, but it's still a good idea to do. Some best practices include using HEPA technology and specific cleaning ...continue reading
Physical point-of-sale security is covered in PCI DSS. Expert Mike Chapple explains how to use good security practices and understand PCI ...continue reading
Here are some important criteria for hiring a partner to review your information security program, with a focus on HIPAA and HITECH compliance.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.