LogRhythm LR1000 XM
May 01, 2009
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Easy to use with strong reporting capabilities
- Weaknesses: None that we found in this group test
- Verdict: Powerful product with plenty of easy-to-use features, this one is our Best Buy
LogRhythm's LR1000 XM system is a powerful log aggregation tool available in hardware or software platforms, although the appliance is the most common deployment and the one we tested. It can collect information off a number of open and closed platforms including Unix system logs, Windows event logs and Cisco logs. Its search capabilities make it a powerful network forensic tool.
Collection can be done using customised agents on the monitored systems, giving an impressive range of systems it can monitor. It also has built-in features to assist with regulatory compliance. LogRhythm is capable of displaying an array of reports, from a general aggregated overview down to the individual events collected from logs. Many of the features are readily available and easy to use in a very clear and easy-to-analyse format.
The LogRhythm console starts up in a customisable interface with three main zones of focus: operational, security and audit events. The tail tool provides the ability to scan logs in near real-time for suspicious changes and the product features a digital fingerprinting system for authenticity verification. It can also analyse long-term trends with the one year of log data it stores by default. From almost any tool in the suite, you can quickly drill down to individual events.
The LR1000 XM appliance features dual quad-core Xeon CPUs and a Raid array stocked with drives to deliver top performance, even when handling large data sets. Setup was relatively painless.
Locating the documentation was a bit of a challenge, as it is solely available from LogRhythm's support site and covers all its products. The documentation itself is well-written and clear on what procedures need to occur for proper use and customisation.
The support system is top-notch, with setup assistance options and personable staff. LogRhythm can be easily reached on the phone, by email or using its help forum system. Starting at £12,600, depending upon which LR model you select, this product is very good value, especially considering its powerful network forensic capabilities.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- Same fate befalls Post Office broadband as hit DT?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Former Expedia IT employee admits to hacking execs from the inside
- Cyber-insurance: What will you be able to claim for and is it worth it?
- Levelling the playing field against targeted attacks
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime
- IoTSF conference: EU should become de facto regulator