PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
November 2004

Simplify with SIM: Evaluating security information management systems

Security devices overwhelm us with information: Firewalls log permits and denies; routers supply traffic information; servers note break-in attempts and user activity; and intrusion detection systems (IDSes) strafe us with alerts. All accumulate voluminous logs that are difficult and time-consuming to interpret, and offer too little benefit for the effort. Security information management (SIM) systems give enterprises control over this swirl of data. They simplify and normalize information from disparate security and network devices, reducing noise to a relative hum of useful alerts and presenting useful trend and event reporting that an enterprise can access through a unified console. Feed a SIM 10,000 events and let it pick out those that matter-the router that failed to reboot or someone on the inside very slowly trying to guess passwords all over the network. Do they work as advertised? We put that question to the test in our lab, feeding data from a variety of security and network devices to five leading enterprise-class ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue

  • SSO benefits: Security booster or improving end user experience?

    by  Lawrence M. Walsh

    Enterprise single sign-on all about simplicity and improving end user experience, security is just a side benefit. Learn why this is true, as well as other technologies that both reduce complexity and improve security.

  • Hot Pick: Sentivist IPS

    by  James Foster

    Learn how NFR Security's Sentivist IPS detects attacks with few false positives and automated response features that won't break mission-critical apps.

  • Spycatcher Enterprise 3.2

    by  Ryan Guzal

    Learn if Tenebril's Spycatcher Enterprise 3.2 can help those looking to win the war on spyware.