Lippis Report 163: A Multi-Vendor Security Management Approach via a Cisco SIEM Ecosystem

December 13th, 2010

nicklippis.jpgIn an effort to offer a multi-vendor SIEM (Security Information and Event Management) solution, Cisco is placing its SIEM product, CS-MARS, in end-of-life and in its place, offering the industry its first SIEM ecosystem. Cisco acquired MARS six years ago in December 2004. MARS provided traditional event management and security monitoring along with limited forensic capabilities and compliance reporting. But the market demanded a broader cross-vendor SIEM solution rather than a SIEM focused primarily on Cisco products. In response Cisco has launched a SIEM ecosystem to support deep event monitoring, forensics and compliance reporting across a heterogeneous enterprise network. IT has also expanded the role of its Cisco Security Manager or CSM to support policy management and troubleshooting across a wider range of Cisco products. In this Lippis Report Research Note, we examine the new distribution of security responsibilities that now stretch across Cisco CSM and its new SIEM ecosystem with an eye toward stronger defense of IT assets.

Read the rest of this entry »

Splunk Security Information and Event Management (SIEM) Deployment Guide

Get the White Paper

December 13th, 2010

By Cisco Systems and Splunk

This document is for the reader who:

-Has read the Cisco Security Information and Event Management and Borderless Networks Enterprise Deployment Guide
-Wants to connect Borderless Networks to a Splunk SIEM solution
-Wants to gain a general understanding of the Splunk SIEM solution
-Has a level of understanding equivalent to a CCNA® certification
-Wants to solve compliance and regulatory reporting problems
-Wants to enhance network security and operations
-Wants to improve IT operational efficiency
-Wants the assurance of a validated solution

RSA Security Information and Event Management (SIEM) Deployment Guide

Get the White Paper

December 13th, 2010

By Cisco Systems and RSA

This document is for the reader who:

-Has read the Cisco Security Information and Event Management and Borderless Networks Enterprise Deployment Guide
-Wants to connect Borderless Networks to a RSA SIEM solution
-Wants to gain a general understanding of the RSA SIEM solution
-Has a level of understanding equivalent to a CCNA® certification
-Wants to solve compliance and regulatory reporting problems
-Wants to enhance network security and operations
-Wants to improve IT operational efficiency
-Wants the assurance of a validated solution

nFX Cinxi One Security Information and Event Management Deployment Guide

Get the White Paper

December 13th, 2010

By Cisco Systems and nFX Cinxi One

This document is for the reader who:

-Has read the Cisco Security Information and Event Management and Borderless Networks Enterprise Deployment -Guide
-Wants to connect Borderless Networks to a nFX Cinxi One SIEM solution
-Wants to gain a general understanding of the nFX Cinxi One SIEM solution
-Has a level of understanding equivalent to a CCNA® certification
-Wants to solve compliance and regulatory reporting problems
-Wants to enhance network security and operations
-Wants to improve IT operational efficiency
-Wants the assurance of a validated solution

LogLogic Security Information and Event Management (SIEM) Deployment Guide

Get the White Paper

December 13th, 2010

By Cisco Systems and LogLogic

This document is for the reader who:

-Has read the Cisco Security Information and Event Management and Borderless Networks Enterprise Deployment Guide
-Wants to connect Borderless Networks to a LogLogic SIEM solution
-Wants to gain a general understanding of the LogLogic SIEM solution
-Has a level of understanding equivalent to a CCNA® certification
-Wants to solve compliance and regulatory reporting problems
-Wants to enhance network security and operations
-Wants to improve IT operational efficiency
-Wants the assurance of a validated solution

ArcSight Security Information and Event Management (SIEM) Deployment Guide

Get the White Paper

December 13th, 2010

By Cisco Systems and ArcSight

This document is for the reader who:

-Has read the Cisco Security Information and Event Management and Borderless Networks Enterprise Deployment Guide
-Wants to connect Borderless Networks to the ArcSight SIEM solution
-Wants to gain a general understanding of the ArcSight SIEM solution
-Has a level of understanding equivalent to a CCNA® certification
-Wants to solve compliance and regulatory reporting problems
-Wants to enhance network security and operations
-Wants to improve IT operational efficiency
-Wants the assurance of a validated solution

Download this deployment guide here: