EventTracker Enterprise v7.5
April 01, 2014
Starts at £1,208 (EventTracker Log Manager, 50 log sources).
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: The attention to quality and the company’s creativity.
- Weaknesses: No weaknesses found.
- Verdict: EventTracker has hit a homerun with this product. We make it our Best Buy
EventTracker Enterprise v7.5 is a remarkable product. This feature-rich tool is designed to meet the needs of organisations of all sizes. It hits all the marks for an enterprise SIEM.
EventTracker can be deployed in a manner that is highly scalable enabling multiple collection points and central consoles (physical or virtual). Its risk-based prioritisation of incident identification and automatic or manual remediation solutions are provided out of the box. Too, it provides a large attack signature information source of 2,000 log sources to enhance log parsing and escalation. Threat Intelligence Feeds display IP addresses, URLs, malware, etc. that can be managed for use in alerting, reporting and automated remedial actions. Scripted scheduling provides scripts that can be scheduled with output that are presented in the reports console or other location. This feature is often used to generate reports on Active Directory accounts with expiring passwords, update threat intelligence feeds, geo-locate top/new IP addresses to country of origin, etc.
The EventTracker installation resources came in a USB device. Provided were a virtual machine, an install guide, application installer, license certificate and a user guide. The product requires Win 7 Pro SP1 or higher, Server 2003/2008/2008R2/2012 (Standard or Enterprise, 32- or 64-bit), SQL Express (2008R2) or SQL Enterprise IIS Express 7.5 or higher or IIS 6 or higher and ASP.Net 3.5 SP1.
From start to finish, it took us a half-hour to prepare the server to be used (Windows Server 2008R2) using the documents provided. The actual installation took 10 minutes, including setting up the configuration items. Enrollment of agents took a few minutes from within the EventTracker v7.5 server. Tools were enabled that were used to perform remediation tasks (like USB install prevented, application installed, and more). Syslog network devices, Ubuntu and Linux servers were enrolled. Adding users to the system was easy by putting user IDs in an Active Directory group. Admin rights were initially set up in a separate group. The system had an enormous set of reports and alerts and was a playground of features and functions, including scripted and prepared tools.
Navigating the system was a refreshing treat. The graphic interface was intuitive, with anything we wanted to do completed in a short time. User-defined dashboards were easy to set up. We took only minutes to create a number of ad-hoc alerts. Basically, if you can imagine it, you can create it.
Support options were plain. The annual license renewal includes the technical support, new releases, updates and product enhancements. The company defined three fee structures, including: EventTracker Log Manager, 50 log sources at £740/year; EventTracker Security Centre, 250 log sources at £7,546/year; and EventTracker Security Centre, unlimited log sources, single console at £18,108/year. Further, while the company indicates it provides a call-in support service, it did not indicate hours available.
On top of the maintenance fees, EventTracker provides an excellent knowledge base and FAQ list. The value for the money spent is excellent.
Prices are US-based, thus indicative only.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- Same fate befalls Post Office broadband as hit DT?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Former Expedia IT employee admits to hacking execs from the inside
- Cyber-insurance: What will you be able to claim for and is it worth it?
- Levelling the playing field against targeted attacks
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime
- IoTSF conference: EU should become de facto regulator