TO SIEM OR NOT TO SIEM
Now that is the question, isn’t it? Whether it is nobler to deploy a SIEM now or focus on your log consolidation and reporting. What the heck is SIEM anyway these days? The entire marketplace is confused. Vendors and analysis groups are not making it any easier either. I hope this paper will clarify some of the misconceptions and confusion that is rampant. First let’s deal with the alphabet soup. SEM (Security Event Management), SIM (Security Information Management) and SIEM (Security Information Event Management) are all pronounced the same and that used to be okay, since they used to mean essentially the same thing. For the ease of writing and simplification, we will use the acronym SIEM.
Read the entire paper on the value of SEIM and explore why total event correlation is an essential element in successful network and application control, growth and analysis.
About the Author: Ray Sprong is the president of ITAT Partners, an independent reseller of networktools and test equipment that enhance the way IT staffs work toward compliance, security, and daily operational efficiencies. Ray has been involved in security event and log management sales andeducation since 2002. His career has included international and domestic field and center operations insatellite and telecommunications where his focus was on operational efficiencies and streamlining methodologies.