[unisog] any experience with Q1Labs?
James D. Perry II
jperry1 at utk.edu
Mon Jun 13 11:40:57 GMT 2005
We recently completed an evaluation of several SEM systems here at the
University of Tennessee. Although there are several vendors who provide
very similar capabilities, only a couple meet our specific needs for
integration with third-party applications like HP OpenView and ARS Remedy.
I would suggest that you take a look at ArcSight (if you want comprehensive
analysis and correlation capabilities - and aren't concerned with disk
storage - does use an Oracle database) or Network Intelligence (fast system
with minimal disk requirements - proprietary database).
IT Team Lead, Information Security Office
University of Tennessee
Jperry1 at utk.edu
From: unisog-bounces at lists.sans.org [mailto:unisog-bounces at lists.sans.org]
On Behalf Of sunia
Sent: Friday, June 10, 2005 7:22 PM
To: unisog at lists.sans.org
Subject: [unisog] any experience with Q1Labs?
We're just beginning to evaluate SEM/SIMs. Q1Labs came to talk to us
and seemed to understand networking. Just wondering if anyone had any
experience with them.
We're also looking at NetForensics and Protego - getting eval units.
sunia.yang at stanford.edu
unisog mailing list
unisog at lists.sans.org
More information about the unisog