SolarWinds Log & Event Manager
April 01, 2013
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Reasonably priced full-feature SIEM virtual appliance
- Weaknesses: Nothing that we found
- Verdict: Excellent offering from a mature, well-respected company
SolarWinds Log & Event Manager (LEM) is a virtual appliance capable of collecting logs and events from almost any network-connected device and then correlating that data for further analysis. This can be deployed in either a VMware ESX or Microsoft Hyper-V virtual environment and can provide insight into security events, as well as help with performance monitoring and compliance management.
For our evaluation we chose to install the VMware virtual appliance. We found the installation process to be quite easy and straightforward. To get started, we simply had to download the executable from the SolarWinds support site. Following this, we ran it and it expanded into a folder containing the open virtual appliance (OVA) file, along with installation instructions and the desktop software for additional management capabilities.
To get the appliance up and running, we simply had to import it into our ESX installation and turn it on. It was able to acquire a DHCP address and we were able to log into the web-based management console within minutes.
From a management perspective, SolarWinds LEM has a lot to offer. The first thing we saw when logging into the interface was a full dashboard with many helpful charts, graphs and lists, along with access to help and support. The dashboard can be customised to fit the needs of a specific user type or group, but the default setup is a good place to start.
As for reporting, this appliance features a plethora of compliance-based report templates, including PCI, HIPAA, FISMA, and SOX already built in and ready to go. Furthermore, it can take data from other SolarWinds products and provide an extra level of analysis to ensure better security.
Documentation included quick-start and full user guides. The quick-start manual detailed the steps necessary to download and install the virtual appliance, as well as some other basic information. The user guide takes over and details configuration and management of the appliance, as well as use of the features. We found both of these to be clear and easy to follow, and contained full step-by-step instructions and screenshots.
SolarWinds includes the first year of technical support as part of the purchase price. Customers have access to 24/7 unlimited phone- and email-based technical help, as well as a large support area on the website, which includes documentation, product downloads, video tutorials, training materials and access to a full knowledgebase and user forum.
At a price of £2,965 for the virtual appliance, we find this product to be excellent value for the money. SolarWinds LEM offers a solid feature set with an `easy to navigate interface in a virtual appliance that is simple to deploy and manage at a reasonable price. It can be used in almost any environment and is a good starting point for SIEM deployment.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry