Netresults and Scorecard: Security Information and Event Management

Clear Choice Test

Security Information and Event Management

Introduction|Are SIEM and log management the same thing?|How we did it|Slideshow|Test archive

Product	QRadar	TriGeo SIM	Cinxi
Vendor	Q1 Labs	TriGeo Network Security	High Tower Software
Price	$19,000	$19,000	$18,000
Pros	Well-rounded product; mature correlation engine; includes geographical lookups.	Easy to use; has such additional functions as built-in intrusion detection; good for small businesses.	Very easy to use; has built-in ticketing system; good user interface.
Cons	User interface and feature organization still a bit rough.	Expensive once you start adding extra features.	Reporting and ad hoc querying remain quite weak.
Score	3.3	2.9	2.9

Product	Security Manager	Eventia	SecureVue
Vendor	NetIQ	Check Point Software	eIQ Networks
Price*	$850 per device monitored*	$16,000	$50,000
Pros	Useful data-manipulation tools; integrates with performance-and availability-monitoring tools.	Natural addition for existing Check Point customers; provides essential features.	Capable of importing performance and change-control information; unique visualization tool; excellent parser toolkit.
Cons	Complex; installation is taxing; immature syslog listener, poor ad-hoc-query functions.	DoesnÕt support as many devices as others do; no grouping mechanisms.	User interface is painful; limited access to correlation logic.
Score	2.7	2.5	2.5

Category	Weight	Q1 Labs QRadar	HighTower Cinxi	TriGeo TriGeo SIM	NetIQ Security Manager	Check Point Eventia	eIQ SecureVue
Event reduction	20%	4.0	3.0	2.0	3.0	2.0	2.0
Ad hoc querying	20%	3.0	2.0	4.0	2.0	2.0	2.0
Reporting	20%	3.0	2.0	3.0	3.0	2.0	2.0
User interface	20%	3.0	4.0	2.5	3.0	3.0	2.0
Installation	10%	3.0	3.0	3.0	3.0	3.0	3.0
Device support	10%	4.0	4.0	3.0	2.0	4.0	4.0
Total score		3.3	2.9	2.9	2.7	2.5	2.5

Scoring key: 5: Exceptional; 4: Very good; 3: Average; 2: Below average; 1: Subpar or not available.

Rackspace: The True Value of a Hosting Provider- Rackspace Managed Hosting
Learn how the new Quad-Core AMD Opteron(tm) processor improves performance - AMD
Brocade HBAs are the smarter way to connect servers to storage. Learn more.- Brocade
Slash costs and simplify - See how at CDC Live!- Citrix Systems
Secure, Aesthetic, Convenient wireless LAN access point enclosures.- Oberon Inc.
Replacing your scheduling solution is easier than you think. BMC Control-M.- BMC
Enter now to win a Xerox Phaser(TM) 6360 network color printer!- Xerox
YOUR MACHINES ARE VIRTUAL, YOUR GREAT PERFORMANCE IS REAL.- Intel Corporation
See What Internet Applications are Running Wild on Today's Enterprise Networks- Palo Alto Networks
Think your data is safe? Think again. It's time to Outthink the Threat. Get eBook now.- Trend Micro

Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.

Download the white paper.

Applications: taking back control

Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.

Learn more today.