Monday, November 29, 2010

Cisco SIEM Deployment Guide

November updates, a mixture of old and new news.

Cisco has made a few SIEM partner announcements in their efforts to bolster their Secure Borderless Network initiative as deftly referenced by Sean Martin in CIO Insight.


The new rather flashy SIEM Deployment Guide  also references how Cisco is working with some other SIEM vendors.

Also see how others are working with SIEMS such as NetWitness .

And I have updated my part II assessment of the AccelOps SIEM as per their recent announcements.

Friday, November 12, 2010

Where on Earth is MARS?

Found this interesting article in a new infosecurity magazine, on the demise of Cisco MARS, entitled "Where on Earth is MARS?"

The article references MARS past, and surmises on the demise of Cisco MARS, and continues to relay some of the negative sentiment from a handful of analysts in the past year.

I have to say that many people though appreciate and still utilize the many innovations and capabilities that MARS offers.

While a few SIEM vendors have incorporated some of MARS features, MARS is still quite a capable Cisco-centric monitoring solution.

That being said, I also do agree that if you have outgrown your MARS appliance, need to upgrade, require broader device support, and want newer features etc, then it makes sense to look beyond MARS and kick the tires of SIEM alternatives.