Tuesday, July 27, 2010

New Cisco SIEM Deployment Guide

Cisco have released, the Security Information Event Management (SIEM) Deployment Guide, as part of the Smart Business Architecture, Borderless Networks for Enterprise Organizations.

Personally this looks like a first step, Cisco is making to work with other SIEM vendors, to handle non Cisco and Cisco devices.

"This guide is for security operations personnel in enterprise organizations who want to understand the benefits of deploying Cisco infrastructure with security information and event management (SIEM) products, and learn how Cisco infra- structure helps deliver those benefits."

"Customers have a major investment in Cisco technology, and they rely on Cisco to provide secure, robust, scalable, and interoperable solutions. Cisco is partnering with best-in-class companies through the Cisco® Developer Network to deliver a security information and event management system that enhances the diverse security and reporting needs of our mutual customers. This integration enables customers to take advantage of Cisco’s infrastructure intelligence using the operational tools that are best suited to their environment."

"If CS-MARS is already deployed for monitoring and correlating events from Cisco devices, organisations can archive data from CS-MARS and import it into third-party SIEM solutions for consolidating events into a single dashboard. In a heterogeneous environment, it is recommended using third-party SIEM solutions."

Well worth a quick read , especially if you are new to SIEM.

No comments: