There is quite a bit of convergence between the two areas. It sounds
obvious to say, but it is important to note exactly what you are trying
to achieve when weighing the pros/cons of solutions in each category.
We have been quite successful in blending the two disciplines into an
area that we call "Information Evidence". As a matter of fact, we have
built a successful business on that model. It is our belief that the
industry will increasingly look to view overall data assurance as a
requirement with multiple subcategories such as security. This will
increase as security gets proactively architected into networking
environments on the front end, as opposed to being "retrofitted" into
existing environments. I don't want to be "salesy" as this is not the
area for that. There is a long, detailed conversation that can be
distilled when speaking to this topic overall, but if you are
interested, I am happy to discuss it further with you.
Best Regards,
Ty Mellon
Evigi Technologies
"Evidence is Everything"
www.evigi.com
512-482-9533 (o)
512-233-2610 (f)
tmellon@evigi.com
"Making your Network Performance and Security Evident"
-----Original Message-----
From: Mark Teicher [mailto:mht3@earthlink.net]
Sent: Friday, January 07, 2005 3:45 PM
To: firewalls@securityfocus.com
Subject: Security Information Management versus Security Network
Management applications
Is there a big difference between Security Information Management
applications versus Security Network Management applications? How do
they work in live environments versus development environments ? What
is the price point per end device? Resiliency and Persistence??
A Security Information Management application is an application that can
extract logs from various commercial/non-commercial applications via
SNMP, syslog or some proprietary format, do some basic correlation and
produce nice pretty graphs.
A Security Network Management application allows entities to manage
their security applications from one unified front end. Some Security
Network Management applications sometimes include a vulnerability or
security policy engine to ensure the managed devices are secure or
something in the policy is compliant with the various compliance
policies that entities must adhere too.
/thx
/mht
At 06:47 AM 1/3/2005, Shabbar Arsiwala wrote:
Hi,
We are looking to purchase a VPN Device. We are currently evaluating
the CISCO VPN 3000 SERIES CONCENTRATORS. Could anyone suggest any other
brands which work equally or better or any other pros/cons etc.
We are looking at
Approx 100 IPSec Remote Access Users
Approx 100 Simultaneous WebVPN (Clientless) Access and a
redundant/expandable solution.
Thanks,
Shabbar
This email and any files transmitted with it may contain PRIVILEGED or
CONFIDENTIAL information, including CONFIDENTIAL MEDICAL RECORDS OR
INFORMATION, and may be read or used only by the intended recipient.
If you are not the intended recipient of the email or any of its
attachments, please be advised that you have received the same in error
and that any use, dissemination, distribution, forwarding, printing, or
copying of this email or any attached files is strictly prohibited. If
you have received this email in error, please immediately destroy it
and all attachments and notify the sender (by phone or reply email) and
the O'Bleness Memorial Hospital Security Officer (740/592-9380 or
security@obleness.org). Thank you.
