Feature

SIMs maturing and suitable for mid-market

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: How to tell if you need the help of security integrators and consultants."

Download it now to read this article plus other related content.

Innovative Analytics Tools
As multifunction systems, SIMs can help compliance officers, network managers and security analysts. However, while their traditional Web-based tools work well in the world of reporting, they may be limiting for a security analyst who wants to navigate and understand what the SIM has to say.

Particularly in areas where a SIM is tasked as an "IDS superconsole," additional visual analytics tools can be very helpful. This was evident in 2004 when testing High Tower's visualization tool. But visualizing security information is a difficult job to do well; High Tower put aside its visualization technology and chose instead to focus on correlation and analytics tools.

Sourcefire's Defense Center, a mini-SIM limited to intrusion detection and network discovery based on Sourcefire's own products, comes with a visualization tool that shows promise. Further along is NitroSecurity's advanced SIM console for security event visualization and analytics. Although Nitro-Security's console has limited usefulness when looking at non-IDS data, it's an outstanding example of what can be done with advanced GUI toolkits. NitroSecurity uses Flash for its snazzy visualizations, which allow the security analyst to easily navigate through streams of IDS alerts, summarize events and drill down into items of interest.

Security information has become critical to safe and reliable networking, so security managers can no longer afford piecemeal

    Requires Free Membership to View

solutions to analyzing and integrating the fire hose of information. As the world of SIMs fills out to low-end and mid-range products, we are seeing significant innovation and welcome enhancements at all levels.

Far from the expensive and clumsy tools of the past, SIMs now deserve a place in every enterprise network.

This was first published in June 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: