August 01, 2010
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Easy to manage web-based server with a good amount of features
- Weaknesses: Documentation could be more in-depth and provide more configuration examples
- Verdict: User-friendly product with lots of features but could use a bit more documentation
CorreLog Server is a web-based system that contains a multitude of SIEM capabilities. It includes a high-speed message collector, indexed search engine, extensible dashboard facility, reporting and ticket facilities and a correlation engine, all packed into an easy-to-use web application.
Installation is simple and it takes only a few minutes to get the application up and running. After this is complete all configuration and management is done through the web-based management console. We found this console to be easy to navigate and intuitive to use. It has a tab-top navigation structure that allows users to easily find data, manage devices and view reports.
This product includes some powerful tools for correlating and analysing system event logs, syslogs and SNMP trap data against built-in rules and alerts that can be easily customised to meet individual needs. CorreLog Server also has a well-indexed search capability that provides quick browsing of data to locate information by device, facility, severity or message keywords. Also included are many security compliance tools.
Documentation provided included several PDF manuals. The installation guide details how to get the server software itself up and running and how to integrate the product with devices to start collecting data. There is a user manual that provides an explanation of the features and screens. However, we found this manual to be more of a basic outline due to the lack of step-by-step instructions and the focus on brief explanations in bullet points. There are also several other guides that provide detailed customisation and advanced tool set information.
CorreLog provides 24/7 phone and email technical support as a part of a licensing agreement and an online support portal. This contains many resources, including access to training videos, extra documentation and software add-ons.
At a price of £4,000 we find CorreLog Server to be good value for the money. It can provide a good amount of log and data correlation, as well as compliance and security alerting all in one easy to manage product.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry