Vendor Landscape: Security Information & Event Management
Vendor Landscape: Security Information & Event Management
Vendor Landscape: Security Information & Event Management
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Consider the available SIEM deployment options<br />
Each SIEM appliance model has its own merits and faults.<br />
Platform Pros Cons<br />
Hardware Appliance<br />
Virtual Appliance<br />
Simplified management maximizes focus<br />
on SIEM operations.<br />
Simplified support – no vendor concerns<br />
about underlying hardware.<br />
Leverages existing server virtualization<br />
and shared storage (SAN) investments.<br />
Dedicated onboard storage is unavailable<br />
for other uses.<br />
Scalability limited by appliance<br />
capabilities.<br />
High-performance requirements consume<br />
virtual server resources.<br />
Scalability and resiliency limited only by<br />
those environments.<br />
Requires additional virtual server<br />
management.<br />
Software-only Solutions Allows wider choice of hardware. Requires dedicated server hardware and<br />
ongoing server management.<br />
Elevates risk of HW vs. SW fingerpointing<br />
during support calls.<br />
Regardless of the choice – or mix – of platforms, don’t forget to plan for log data backup to meet regulatory and internal policy<br />
requirements.<br />
Info-Tech Research Group<br />
52