EiQ Networks SecureVue v3.6.6
April 01, 2014
$14,172 (appliance), $7,872 (software).
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Automated assessments, extremely scalable, easy to use interface.
- Weaknesses: None apparent.
- Verdict: A solid SIEM product. This one is our Recommended product.
SecureVue from EiQ Networks provides log gathering, correlation and analysis services for numerous operating systems, network and security devices, combining these services into a solid SIEM platform that offers vulnerability and compliance monitoring, incident management and configuration auditing in one easy-to-use package.
The setup was straightforward. We received a server preinstalled with the components, so after the normal physical installation of that device we only needed to configure our log sources. This was easy, as we only had to input our test network range into a form field and click the Scan button. Within just a few moments, all our networked devices appeared in a list of hosts, and after a few clicks they were managed by the system. We ran into a slight problem getting the collection agent to associate with the server, likely due to the fact that the review server we received had been on other networks before coming to our labs. A quick back and forth with the excellent EiQ support team remedied the issue.
SecureVue is comprised of two main components: the Central Server and the Data Collectors. The Central Server hosts the management console and performs all correlation and analytic functions and handles alerting and data archiving. The Data Collector component handles the log collection duties. It can also gather data to enable reporting on system vulnerabilities, configuration, asset information, system performance and network flow data through protocols like Netflow or sFlow. For larger deployments, the optional Data Processor component offloads some of the correlation and other work from the central server, allowing for load balancing while enabling the system to scale to support tens of thousands of devices. Analysis tools, auditing functions and forensic tools are available through the web-based console.
A large number of preconfigured dashboards are present, tailored toward monitoring performance, compliance, vulnerabilities, flow data and other metrics. Custom dashboards are easily created through a simple drag-and-drop interface, giving users access to report, compliance and monitor data at a glance. User accounts can be created locally or the system can integrate with Active Directory or RADIUS servers. Syslog, Windows Event logs, database logs and file-level monitoring is all handled seamlessly.
EiQ provides excellent documentation for SecureVue. Deployment, upgrade and user guides were all available through the product's support site, downloadable as PDF files.
The company offers two tiers of support: The standard package provides eight-hours-a-day/five-days-a-week phone, email and web support, and the premium expands those hours to 24/7.
SecureVue starts at $7,872 for the software, or $14,172 for the hardware appliance. Twenty-five device licenses are included in the base price, as well as one year of standard support. After the first year, standard support will cost 20 percent of the product's base price, and premium is 27 percent of base.
SC Magazine Articles
- Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak
- USAA members hit with multiple phishing attacks
- Trust exercise: Symantec's new website security expert is reaching out to hacker community
- WikiLeaks postings of Turkish emails included active links to malware
- U.S. government extends offer to protect states from electoral cyberthreats
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- The media becomes the story as hackers focus efforts on news organizations
- Researchers quell Wildfire ransomware with decryption key
- M&A deals bring added cybersecurity risks
- Twitoor first Android malware known to leverage Twitter for command and control
- Juniper confirms leaked "NSA exploits" affect its firewalls, no patch released yet