SecureVue NGS is a comprehensive SIEM for small and midsize businesses

eIQnetworks SecureVue NGS is a SIEM solution aimed at small to mid-size companies. This powerful and purpose-built solution is worth a long hard look by any mid market organization that has been grappling with the steep barriers to entry normally associated with this technology (read: large budget and capital expense with a hefty total cost of ownership)…
From accusations of Chinese spies to debilitating attacks on American banks, IT security has been front and center in the news of late. CEOs are looking at their security professionals for an answer, and these folks are struggling to mitigate these and numerous other types of threats effectively with the resources they have. Visibility into what’s going on within the entire organization is often a problem.

ANALYSIS: Getting forensics data off smartphones, tablets can be tough, experts say

A recent ESG Research survey looked at the primary inhibitors preventing organizations from having real-time and comprehensive security monitoring. The survey shows organizations need:

• Appropriate budgets

• Tighter integration between security intelligence and IT operations tools (i.e., asset management, configuration management, network performance management, etc.)

• Better security analysis and forensics skills at their organization

• Automated security analytics from their security intelligence tools

• Better visibility into network traffic and behavior

• Better understanding of end user behavior

• Better understanding of baseline behavior so they can better detect anomalies

What the survey respondents are looking for is a cost-effective way to continuously monitor everything — assets, configurations, network traffic, application behavior, user activity and so on — and to be alerted when some specific activity looks suspicious.

Security Information and Event Managers (SIEMs) came on to the scene to address this very need. A SIEM is intended to cut across all of the information silos that exist within an IT organization. This type of tool is purpose-built to provide real-time insight into an organization’s security posture by providing detailed analysis of audit, compliance and security related data gathered from numerous data silos, such as operating systems, applications, network devices, etc. Analyzed data is presented in the form of alerts and reports for threat management and regulatory compliance purposes.

However, the initial capital cost, coupled with high implementation and operational costs, make SIEM systems a tough pill to swallow for many organizations.

One of the difficulties organizations face is the complexity involved in handling data sources. To say it another way, companies often need the help of professional services to design and install the adapters needed to source data from disparate and/or proprietary applications and processes. Then once a SIEM system is installed and operational, there is the ongoing cost of operations, which includes everything from training to tuning the alerts to eliminate false positives and realigning adapters when there are changes to custom audit/compliance reporting.

In the end, the promise of real-time visibility often comes with the requirement for a large budget and capital expense with a hefty total cost of ownership. It’s no surprise that only large enterprises can afford this kind of investment.

An out-of-the-box SIEM for small and midsize businesses

Recently eIQnetworks rolled out a SIEM solution aimed at small to midsize companies, which have similar visibility needs but not similar budgets as their larger counterparts. The product is SecureVue NGS, where NGS means “next generation SIEM.” While enterprise SIEM solutions can be complex and costly and require subject matter expertise to both implement and operate, SecureVue NGS looks to turn that paradigm on its head with out-of-the-box functionality.

The SecureVue NGS solution is purpose-built to reduce the complexity, effort and operational overhead required to manage security and compliance, while reducing root cause analysis times and reducing operational costs, the company says.

SecureVue NGS is an agentless solution that consolidates, correlates and analyzes input from firewalls, intrusion prevention systems, servers, antivirus, vulnerability scanners and routers, including NetFlow data, performance data and more. The solution is said to provide companies with a real-time picture of network activity — not just threats but also server availability and user and resource usage profiling.

Try SecureVue NGS free for 30-days!

The new offering is designed to help customers address complex security and compliance challenges, such as:

• Being able to centralize log management, including the ability to normalize, categorize and encrypt all security related logs and events. This should help smaller companies comply with key regulations and standards including PCI, HIPAA, FISMA SOX, GLBA and others.

• Conducting proactive security monitoring and aiding in the discovery of current information security threats with simple, straightforward analysis and correlation of billions of logs and events per day. This would result in immediate notification to appropriate personnel in the event of an incident or abnormality.

• Being able to detect advanced persistent threats ( APTs), rogue insiders, zero-day malware and other cyberthreats in real-time.

• Conducting an intelligent security search, which allows security analysts and information assurance professionals to quickly identify the underlying root causes of incidents and issues.

• And perhaps most important of all, being able to quickly deploy and setup the centralized log management and SIEM solution without the need for professional services or dedicated security teams.

There’s no doubt that SIEMs are good tools that provide comprehensive security insight across an enterprise. SecureVue NGS might just make it possible for smaller organizations to get the same benefits without having to have a large staff and an even larger budget.

IT Best Practices Alert By Brian Musthaler, Network World
October 12, 2012 09:49 AM ET

SecureVue NGS is a comprehensive SIEM for small and midsize businesses.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of the author. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided "as-is". The author shall not be liable for any damages whatsoever arising out of the content or use of this blog.
%d bloggers like this: