TriGeo Security Information Management (SIM) is very powerful and can provide a deep look into network events and system logs, with granular controls. It incorporates log management and event correlation with some added functions, such as an onboard intrusion detection system and instant active response to potential threats or suspicious activity.
We found this appliance quite easy to install and configure and it takes just a few minutes to get connected to the network with an IP address. Once it is up and running it can be accessed through the management console application. This is well organised and has a very clean layout that was easy to navigate around in.
TriGeo SIM is a true powerhouse when it comes to looking into events and event interaction. Most of the heavy work is done by the correlation engine that can provide real-time event correlation and processes these against several hundred pre-built rules for an active response, with almost no need for user interaction. The appliance also includes an easy-to-use rule builder just in case there is need for customisation.
Documentation provided included an installation guide that covers how to install the appliance itself and also how to install the management console and deploy agents. A PDF user guide includes a great amount of detail on configuring and managing the appliance and using advanced features. We found both of these guides to be well organised, with many screenshots and step-by-step examples.
TriGeo provides the first year of technical support as part of the purchase price of the product, with an ongoing cost of 20 per cent of the purchase price per year. Support includes 12/5 phone and email technical assistance, as well as product updates and upgrades. Users also have access to an online support portal containing a knowledgebase and many other resources.
At a price of £13,665 we find TriGeo SIM to be excellent value for the money. It provides a lot of easy-to-use power right out of the box at a reasonable price.