Using SIM tools to protect your networks

Finding problems in network logs is a great way to monitor network activity, but it's next to impossible in large corporations that are capturing as many as 50,000 logged events per second. SIM (Security Incident Management) technologies can help. Many consist of software that gathers logs throughout the network and sends them first to a collection point, then on to a correlation engine, where the data is analyzed. The results are then sent on to a console so that IT managers can assess any potential or actual threats that have been found. This can be a very effective way of collecting log information from a wide variety of sources. The technology is also used by many larger companies to prove they are complying with regulations. SIM systems, from vendors like ArcSight, Network Intelligence, netForensics and eIQnetworks, range from $15,000 to $200,000.

Learn more about SIM systems:
- read the article at TechTarget