Networking

08:00 AM
Connect Directly
RSS
E-Mail
50%
50%

AlienVault Unified SIEM Bundles Security Tools For MSPs And Enterprises

AlienVault Unified SIEM 3.0 is an integrated package of tools presented as an attractive way for managed service providers to extend their security capabilities, including a full enterprise security information and event management offering. The latest version of Unified SIEM, announced at the RSA Conference, provides tight integration of the company's Open Source SIEM (OSSIM) with a fistful of security tools available for deployment, making it well-suited for MSPs.

AlienVault Unified SIEM 3.0 is an integrated package of tools presented as an attractive way for managed service providers to extend their security capabilities, including a full enterprise security information and event management offering. The latest version of Unified SIEM, announced at the RSA Conference, provides tight integration of the company's Open Source SIEM (OSSIM) with a fistful of security tools available for deployment, making it well-suited for MSPs.

Unified SIEM 3.0 is also promoted as a multitenanted MSSP architecture, and AlienVault is pitching it to that market as well as to enterprises. SIEM is a $1billion-plus market. SIEM services can take a variety of forms, starting with essential log management for compliance, probably the most common use case, to around-the-clock monitoring, analysis and incident management.

There are several potential deployment models. If the customer already owns the SIEM product, it may choose to outsource some or all of the management, easing staffing issues. Increasingly, the MSSP often owns the appliance and deploys it on-premise as part of the service. This relieves customers of capital expenses and allows them to implement SIEM as a managed service funded as an operating expense, which is generally easier to budget and offers a more flexible long-term commitment. Unified SIEM is also a cost-effective way for companies to deploy SIEM and other key security tools, including vulnerability assessment and host- and network-based intrusion detection.

Brian Cao, system programmer for the City of Los Angeles, is one of an IT department of two, knocked down from a half-dozen when it was formed several years ago to help city agencies meet Payment Card Industry Data Security Standards (PCI DSS) and local and state privacy requirements, as well as comply with ISO standards.

"We deployed ArcSight for security management, but because of budget constraints, we couldn't cover all the devices we needed to monitor. We started to look for a less expensive option." Cao says he began using OSSIM as a cheap alternative, but found that it didn't scale to meet his requirements.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Hot Topics
15
White-Box Switches: Are You Ready?
Tom Hollingsworth 7/28/2014
13
Fall IT Events: On The Road Again With 10 Top Picks
James M. Connolly, Editor in Chief, The Enterprise Cloud Site,  7/29/2014
8
Cisco Certifications Confront Changing Skills Needs
Ethan Banks, Senior Network Architect,  7/30/2014
White Papers
Register for Network Computing Newsletters
Cartoon
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Slideshows
Twitter Feed