As a wholly owned subsidiary, I expect McCrappy to be as crappy as ever * *
*ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… * On Thu, Jan 26, 2012 at 1:10 PM, Kevin Lundy <klu...@gmail.com> wrote: > I wonder if McCrappy will destroy them since McCrappy is really Intel > now. I too was a fan although only used it for a 90 day eval. > On Thu, Jan 26, 2012 at 10:11 AM, Andrew S. Baker <asbz...@gmail.com>wrote: > >> Splunk is powerful, but hideously expensive. >> >> Start by looking at AlienVault or TriGeo... I was a fan of >> NitroSecurity, but now that they've been purchased by McCrappy, expect >> deterioration and needless complexity and high cost to become major factors. >> >> Encryption of everything causes significant burdens, many of which can >> only be *eased* by money. >> >> You're going to need really good key management, or else the whole system >> will be burdensome and yet easily undermined. >> >> Just make sure you log data is being saved to a location that has very >> limited access by anyone else, and lock it down. >> >> Or, price out encryption to the fullest and have your management team >> faint. >> >> Then, show them this thread and get them to manage their risks in a more >> balanced way. >> >> >> * * >> >> *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of >> Technology for the SMB market… >> >> * >> >> >> >> On Thu, Jan 26, 2012 at 9:12 AM, itli...@imcu.com <itli...@imcu.com>wrote: >> >>> I do that with my Kiwi Syslog software, Routers, Switches, Firewalls, >>> Windows NT events, Printer events, and IP camera logs but that wasn't good >>> enough because it doesn't encrypt the logs as well.**** >>> >>> #1 I hadn't heard that term before. I was called it Log monitoring and >>> management. #2 They are keying of the RSA log hacking to enforce the >>> encryption of the logs while in transit and at rest.**** >>> >>> Blah Blah Blah.**** >>> >>> Thanks. Anyone have a good SIEM product or appliance they use? I am >>> looking at LogRythm or SPLUNK???**** >>> >>> ** ** >>> >>> *From:* Erik Goldoff [mailto:egold...@gmail.com] >>> *Posted At:* Wednesday, January 25, 2012 3:42 PM >>> >>> *Posted To:* itli...@imcu.com >>> *Conversation:* FW: SIEM >>> *Subject:* Re: FW: SIEM**** >>> >>> ** ** >>> >>> Security Event Information Management ... security event log/alerting ?* >>> *** >>> >>> On Wed, Jan 25, 2012 at 2:14 PM, itli...@imcu.com <itli...@imcu.com> >>> wrote:**** >>> >>> **** >>> >>> **** >>> >>> This is new to me. What is SIEM and what do I do with it?**** >>> >>> **** >>> >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin