LogLogic MX 3020
August 02, 2010
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Log management, compliance and log analysis features in one device.
- Weaknesses: None that we found.
- Verdict: A venerable product with an excellent pedigree that it lives up to.
Showing its long pedigree as one of the top log management tools available, the LogLogic MX 3020 appliance has many log correlation and management features. This appliance offers four modules that are integrated together to provide an in-depth look into compliance, security events, log management and database security. This tool also features enough onboard storage to meet the log collection needs of most small- to medium-sized businesses so there is no extra cost of additional storage.
Installation and setup of this appliance is quite straightforward. Once it is in connected to the network, it is ready to start receiving logs from devices immediately. The LogLogic solution can natively receive logs from most network devices, but there is also an easy-to-deploy agent included with the product for collecting logs from Windows-based machines. All management is done from the web GUI. We found this GUI to be easy and comfortable to navigate with many configuration tasks taking only a few clicks of the mouse.
This appliance is pretty much plug and play. After log sources are identified, the tool begins automatically populating pre-defined compliance and audit reports, as well as extensive log drill drown capabilities. With the LogLogic SIEM platform powered by the correlation engine, it is easy to drill down to log data for search and forensic analysis.
Documentation included administrator and quick-start guides, as well as a few other pieces of supplemental documentation. The quick-start guide provided in clear step-by-step instructions the steps to get the appliance up and running in the environment. The administrator guide covers the rest of using the product and configuring the features. This guide included many screen shots, configuration examples and step-by-step instructions in a well-organized format.
At additional cost, LogLogic offers both eight-hours-a-day/five-days-a-week and 24/7 phone and email support as part of its support programs. These programs also offer access to product updates and a web-based support portal with various support resources. Customers can also access an online support forum, community forum and developer network.
At a price of $15,000, we find this product to be an excellent value for the money. The LogLogic appliance offers a multitude of reporting and compliance tools along with drill down and log analysis capabilities.
Sign up to our newsletters
SC Magazine Articles
- RSA Conference 2015: Prepare for the IoT before it's too late, Sorebo warns
- Study: Open Source Software use increasing in enterprises but without vulnerability monitoring
- 'Aaron's Law' returns to Congress
- RSA 2015: Tension continues to grow between govt, cryptographers
- CozyDuke APT group believed to have targeted White House and State Department
- Study: Conficker declared top threat of 2014, but N. America targeted mainly by AnglerEK
- RSA 2015: Straight talk about encryption, bulk surveillance and IoT
- RSA 2015: In the healthcare industry, security must innovate with business
- RSA 2015: Unintended use of aircraft systems next challenge for counterterrorism community
- RSA 2015: Bug hunting and responsible vulnerability disclosure