August 01, 2010
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Excellent visual analysis capability
- Weaknesses: A little pricey
- Verdict: Feature-rich and strong on analysis
Trustwave SIEM uses a large set of listeners and services to gather logs from several network devices and hosts and once gathered the appliance saves the logs in their native format. From here it continually parses and correlates these logs for further analysis. All results are displayed on the dashboard in several visual formats to make analysis of events quick and easy.
Installation and configuration of this product is quite straightforward. Once the appliance is connected to the network the web-based management GUI is accessible from any network machine's web browser. The web GUI itself is well organised and has an intuitive layout. This console can also be customised in several ways and organised to meet the needs of the user quickly and easily.
We found the main focus of Trustwave SIEM to be very visual. It has a wide array of visual charts and diagrams that make analysing events and data easy. These, combined with the Event Explorer to drill down into log data, give this product some fairly decent investigative power.
Documentation provided with this appliance included: an administrator guide that provides a lot of in-depth detail on configuring and managing the appliance; a user guide that takes more of a perspective on how to navigate around and use the features; and a notifications guide, which illustrates the many ways that the device can be set to notify users of suspicious activity, as well as how to design custom notifications. All of these guides included many step-by-step instructions and screenshots in an easy to follow format.
Trustwave offers 24/7 phone and email technical support, as well as access to an online portal that includes access to a knowledgebase and other resources as part of a contract. Customers can also receive other services such as setup, training, custom reports, remote health and patch management at an additional cost.
At a price of £18,500 we find Trustwave SIEM to be of average value for money. While it does have some decent features it is a little pricey for some environments.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Senior Network Security Engineer, London, £68-85k + package
Infosec People - England, London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Report: Mirai 'is just the tip of the iceberg'
- Data centres are on the move - where will they end up?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- 400% increase in POS malware variants across US Thanksgiving weekend
- Only 25% of businesses can effectively detect and respond to data breaches
- Is BYOD your company's norm? Beware the ghosts of data past this Christmas
- Over 400,000 phishing sites have been detected each month in 2016
- TalkTalk customers urged to get routers swapped over hacker fears