August 01, 2010
£15,000 for 600 devices
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: A SIEM with some bonus features such as USB device monitoring and remediation capabilities
- Weaknesses: High cost
- Verdict: A very capable SIEM with lots of useful features
EventTracker Enterprise from Prism Microsystems combines a lot of features. It can not only provide SIEM functions such as log monitoring, collection and analysis, but also USB device monitoring, system change management and automatic remediation by taking action to shutdown or restart systems or services based on policy.
Installation and configuration is quite straightforward. The product comes as a software package and once some prerequisites are met it basically installs itself. We found the installation wizard to be quite helpful in meeting the prerequisites by informing us if a component such as the .Net Framework was not installed and where we could download it from with a link. All further configuration and management is done through the web-based GUI, which was well organised with an intuitive design and layout.
EventTracker Enterprise provides a wealth of analysis features that make getting information on events and alerts quick and easy. All events are stored in their entirety to be easily searchable and an integrated EventTracker knowledgebase provides users with in-depth information on events.
Documentation includes an installation guide that illustrates all of the steps necessary to get the product installed and up and running in the environment. A user manual provides in-depth and detailed information on customising the product and how to configure the functions to get the most out of the software. Both of these manuals included many screenshots, diagrams, configuration examples and clear step-by-step instructions.
Prism Microsystems includes the first year of 24/5 phone and email support as part of the purchase price of the product. Support is then renewable on an annual basis as part of a 20 per cent fee. Customers also have access to an online portal with a knowledgebase and other resources.
EventTracker Enterprise is licensed per device. A mid-sized deployment of 600 devices (including 50-150 servers and 200 workstations) would cost £15,000, which makes it quite pricey but we find it to be good value for money based on its ability to integrate SIEM type features and analysis with some other extra bonus functions.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry