Will LogRhythm's new SIEM solution be able to compete with the big boys?

By Dave Bailey
12 Oct 2011 View Comments
Concept image of a cyber criminal

One of the last independent Security Information and Event Management (SIEM) vendors, LogRhythm, today launched the latest version of its event and log management system, LogRhythm v6.0.

The firm claims the product has seen major enhancements that should increase take-up of the product.

Further reading

The three new features include accelerated protection of threats and breaches; automated and intelligent response to those threats and breaches; and an expansion of the embedded expertise in the intelligence engine.

This launch follows a flurry of activity within the SIEM market recently: last week, IT giant IBM acquired Q1 Labs, and McAfee, owned by Intel, acquired Nitro Security.

Last autumn, HP shelled out $1.5bn (£950m) for another top independent SIEM vendor, ArcSight.

LogRhythm's managing director, Ross Brewer, explained why SIEM systems play such an important role within the enterprise: "They help with compliance, including protective monitoring, PCI-DSS and GPG 13. More broadly, our systems help with security and IT operations analysis," he said.

Ovum principal analyst Graham Titterington agreed regarding SIEM's importance: "SIEM has become a primary security tool and this has taken precendence over its historical role as a compliance tool," he said.

However, unfortunately for LogRhythm, Titterington argues that larger organisations are more likely to buy a SIEM solution from one of the bigger vendors (such as IBM or McAfee) as part of a broader purchasing decision. "They are trying to reduce the number of suppliers they buy from," he said.

"They are keen to reduce contractual relationships and improve the integration of such systems into their infrastructures," added Titterington.

"In addition, the larger vendors should be able to put more investment into their [SIEM] purchases.

"Remember there's a big R&D element in SIEM, so the bigger vendors with deeper pockets should be able to – theoretically – outpace the smaller vendors," he concluded.

LogRhythm's system can be deployed as a hardware appliance, software running on industry standard servers, or a virtual instance for Amazon EC2, Citrix XenServer, Microsoft Hyper-V or VMware ESX.

Users can also choose a high-availability system with automatic failover, or deploy it as a managed service through MSSPs.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

35 %
31 %
14 %
20 %