Product Information

LogLogic LX 2010 v4.2

starstarstarstar

by Peter Stephenson May 01, 2008
Vendor:

LogLogic

Product:

LogLogic LX 2010 v4.2

Website:

http://www.loglogic.com

Price

£33,984

RATING BREAKDOWN

  • Features:
    starstarstarstar
  • Ease of Use:
    starstarstarstar
  • Performance:
    starstarstarstarstar
  • Documentation:
    starstarstarstarstar
  • Support:
    starstarstarstarstar
  • Value for Money:
    starstarstarstar
  • Overall Rating:
    starstarstarstar

QUICK READ

  • Strengths: Powerful network forensic tool that doubles up as a very capable SIEM
  • Weaknesses: A bit pricey
  • Verdict: If you need a tool that offers a lot of support for both network forensics and security event management this one is a good bet
LogLogic’s LX 2010 provides customers with a good feature set for network forensic investigations. One of its strengths is the ability to retain all logs in a tamper-proof environment, which, combined with complete management of the collected information, provides users with a solid and admissible chain of custody.

Another strong feature is LogLogic’s LogReplay technology, which allows users to configure new rules sets for previously analysed logs and reanalyse the data to further the investigative process. The speed and accuracy with which the LX 2010 captures, records logs, drill-down data searches and reports is excellent.

The product is straightforward to set up and use. Installation is done from a set of forms on the web user interface. Since it normally would be in use as a log aggregator and correlator, it is probably capturing all relevant data that might be needed in a forensic investigation. Here, its strength becomes the ease with which data can be analysed down to the source log.

The LX 2010 is a very good performer. It can handle most network traffic loads, and its analysis displays and reports are first rate. All reports are selected from the user dashboard, which is accessible via the web interface from anywhere on the network.

The product comes with various guides. The administrator and user manuals describe a streamlined deployment and configuration of the device. within an existing multi-vendor architecture. The manuals and reference documentation are contained on a single CD and are well-structured, so information retrieval is quick and easy.

LogLogic’s technical support includes email, phone and web assistance. The company’s
website has a robust support portal open to registered customers that contains a complete knowledge database and other technical support related information. Support offerings come in two tiers: gold with office-hour support or platinum for 24/7 assistance.

At nearly £34,000, this can be a big bite, but the real payoff is that this product not only provides a robust security information and event management (SIEM) system, it offers all the features you will need to perform a forensic analysis of network data after an incident.  

Related Group Test

SC Webcasts UK

Sign up to our newsletters

FOLLOW US