LogLogic LX 2010 v4.2
May 01, 2008
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Powerful network forensic tool that doubles up as a very capable SIEM
- Weaknesses: A bit pricey
- Verdict: If you need a tool that offers a lot of support for both network forensics and security event management this one is a good bet
Another strong feature is LogLogic’s LogReplay technology, which allows users to configure new rules sets for previously analysed logs and reanalyse the data to further the investigative process. The speed and accuracy with which the LX 2010 captures, records logs, drill-down data searches and reports is excellent.
The product is straightforward to set up and use. Installation is done from a set of forms on the web user interface. Since it normally would be in use as a log aggregator and correlator, it is probably capturing all relevant data that might be needed in a forensic investigation. Here, its strength becomes the ease with which data can be analysed down to the source log.
The LX 2010 is a very good performer. It can handle most network traffic loads, and its analysis displays and reports are first rate. All reports are selected from the user dashboard, which is accessible via the web interface from anywhere on the network.
The product comes with various guides. The administrator and user manuals describe a streamlined deployment and configuration of the device. within an existing multi-vendor architecture. The manuals and reference documentation are contained on a single CD and are well-structured, so information retrieval is quick and easy.
LogLogic’s technical support includes email, phone and web assistance. The company’s
website has a robust support portal open to registered customers that contains a complete knowledge database and other technical support related information. Support offerings come in two tiers: gold with office-hour support or platinum for 24/7 assistance.
At nearly £34,000, this can be a big bite, but the real payoff is that this product not only provides a robust security information and event management (SIEM) system, it offers all the features you will need to perform a forensic analysis of network data after an incident.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry