risk management
Review: LogRhythm
The LogRhythm appliance goes way beyond traditional security event monitoring and management. This appliance features log and event management functions as with any SIEM, but beyond that it includes advanced correlation and pattern recognition driven by its onboard Advanced Intelligence Engine, with host activity and file integrity monitoring, and drill-down capabilities to get to the raw log data for analysis and forensics.
May 9 2013 3:50PM
Security
Review: McAfee Enterprise Security Manager
The McAfee Enterprise Security Manager is back this year after a full transformation from its former self, the NitroView ESM. Many of the obvious differences are skin deep, and much of the robustness of the previous product remain intact, including the familiar management console, but more on that shortly. For those who do not know this product, the Enterprise Security Manager is the ultimate high-powered SIEM. This tool uses a proprietary backend database that allows it to collect more than 18,000 events per second from a single receiver and feed them through an advanced correlation engine for deep analysis.
May 9 2013 3:44PM
Security
Review: NetIQ Sentinel
Sentinel from NetIQ offers a lot of robust SIEM features and functions. This product features log collection, aggregation, correlation and analysis and reporting - all from one single point that is easy to use and manage. Administrators and security personnel can use this tool to gain a great amount of insight into security events, as well as prevent threats that may be unseen without the use of Sentinel's powerful log correlation engine.
May 9 2013 3:41PM
Security
Review: SolarWinds Log & Event Manager
The SolarWinds Log & Event Manager, also known as the LEM, is a virtual appliance capable of collecting logs and events from almost any network-connected device and then correlating that data for further analysis. The LEM virtual appliance can be deployed in either a VMware ESX or Microsoft Hyper-V virtual environment and can provide insight into security events, as well as help with performance monitoring and compliance management.
May 9 2013 3:37PM
Security
Review: Panda GateDefender Integra eSeries eSB
Panda Security's GateDefender Integra eSeries eSB is both easy to set up and offers a rich feature set, with a great deal of flexibility. To get the most out of the product however, administrators should be familiar with a number of open-source technologies.
May 7 2013 10:52AM
Security
Review: Sophos UTM 220
Perhaps best known for its anti-virus products, Sophos has produced a stellar UTM with its 220. Targeting small to mid-sized offices with up to 150 users, it combines standard UTM offerings with a few features we did not expect, making it something definitely worth looking at.
May 7 2013 10:47AM
Security
Review: aXsGuard Gatekeeper
Administrators of smaller environments on a fixed budget could do very well by the aXsGuard Gatekeeper by Vasco. While a little more complicated to use than some of the more expensive products, a little attention to detail and the device performs well.
May 7 2013 10:45AM
Security
Review: WatchGuard XTM 830
While best known for its firewalls, WatchGuard is no slouch in the UTM space. As we detail below, its XTM 830, while somewhat pricey, provides an excellent enterprise-grade perimeter defence against viruses, spam and other unwelcome traffic - and includes a number of other features all in one easy-to-administer device.
May 7 2013 10:42AM
Security
Review: Bitdefender GravityZone
This sounds a bit like one of those inflatable toys at local fairs inside of which children bounce around, or perhaps some science fiction environment that surrounds a planet. Actually, although it is neither, it has some similar characteristics.
May 3 2013 12:13PM
Security
Review: Symantec Critical System Protection
The notion of wrappers has been with us for a long time. Back in the early days of Unix and Linux, we used wrappers to provide security to not-so-secure applications, such as telnet. Today that concept has matured and we see it popping up in modern apps. Symantec CSP is a good example. One might characterise CSP as a security wrapper for mission-critical environments. That means that if it is a crucial piece of the computing infrastructure - such as a Scada system or a medical device controller - it gets the security protection it needs.
May 2 2013 2:08PM
Security
Review: Nexpose v 5.5
Rapid7's Nexpose assists clients through the entire vulnerability management lifecycle - spanning discovery, vulnerability detection, risk classification, impact analysis, reporting, vulnerability verification and risk mitigation. Organisations can use it to gain insight into their security posture and IT environment.
May 2 2013 12:38PM
Security
Review: GFI LanGuard 2012
GFI LanGuard 2012 offers a full set of vulnerability scanning and management features. It brings together vulnerability scanning, remediation and patch management, as well as network and software auditing, all under one roof. LanGuard is software-based and can be installed on almost any Microsoft Windows machine in the enterprise environment and can scan Windows, Linux/Unix and Mac OS targets on the network.
May 2 2013 12:18PM
Security
Review: Core Impact Professional
The people at Core Security are at it again. We found this version of the product to contain more automation, more wizards and more options than previous versions we have tested. For those that are unfamiliar with this tool, Core Impact is quickly becoming the standard in penetration testing and vulnerability scanning. It features many types of penetration tests, including network-based and remote host-based, as well as many other tools, including Wi-Fi network and web-based penetration tests.
May 2 2013 12:16PM
Security
Review: Critical Watch FusionVM
FusionVM from Critical Watch offers both vulnerability management and configuration policy auditing in either a physical or virtual appliance or as a full, cloud-based SaaS option. If the SaaS option is chosen, customers can receive external scanning without any additional hardware or software needed. If scanning internally, the customer must install an appliance that connects to the cloud service for scanning.
May 2 2013 12:14PM
Security
