Any security analysts will tell you that monitoring your network for anomalous traffic, excessive access requests and other general weirdness is an essential cog in your overall security machine. They'll also tell you all those server and firewall logs constitute an incredible volume of information, particularly on large or complicated networks. Manually monitoring it all ceases to be a viable option, at some point.
Security Information and Event Management (SIEM) platforms have emerged as a key tool to compile and distill security information from the whole scope of your security backbone - from security appliances to operating systems to AV software, as well as external sources that scan the Internet at large for trouble. SIEM systems promise near real-time alerts when your network is under attack, which depending on your company's risk profile may be well worth the substantial investment that comes with this technology.
Our partners at Info-Tech Research Group have compiled their extensive review of the SIEM space in the report Vendor Landscape Plus: Security Information & Event Management, which is available free to IT Business Edge members here in the IT Downloads library. The 58-page Powerpoint presentation is a wealth of information, from an overview of the near- and long-term impact of SIEM to implementation advice to a detailed review of leading vendors in the space.
A key element of any tech investment, including SIEM, is projecting the timeline in which it will make a real impact on the business. The Info~Tech team lays out this benefit map in the image below.
The timestamps in the image reflect different impact points for SIEM. As Info~Tech reports:
That's just one slide's worth of valuable insight in this comprehensive presentation. You'll also find a wide range of tips on implementation and budgeting (be sure to evaluate the regulation and compliance profile as you evaluate ongoing staffing costs for your risk management profile) along with the vendor plus/minus review, with detailed and classic quadrant ratings of 10 SIEM vendors.
This presentation is a must for any shop considering a serious investment in security monitoring. Be sure to check it out.