LogLogic MX 3020
August 02, 2010
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Log management, compliance and log analysis features in one device.
- Weaknesses: None that we found.
- Verdict: A venerable product with an excellent pedigree that it lives up to.
Showing its long pedigree as one of the top log management tools available, the LogLogic MX 3020 appliance has many log correlation and management features. This appliance offers four modules that are integrated together to provide an in-depth look into compliance, security events, log management and database security. This tool also features enough onboard storage to meet the log collection needs of most small- to medium-sized businesses so there is no extra cost of additional storage.
Installation and setup of this appliance is quite straightforward. Once it is in connected to the network, it is ready to start receiving logs from devices immediately. The LogLogic solution can natively receive logs from most network devices, but there is also an easy-to-deploy agent included with the product for collecting logs from Windows-based machines. All management is done from the web GUI. We found this GUI to be easy and comfortable to navigate with many configuration tasks taking only a few clicks of the mouse.
This appliance is pretty much plug and play. After log sources are identified, the tool begins automatically populating pre-defined compliance and audit reports, as well as extensive log drill drown capabilities. With the LogLogic SIEM platform powered by the correlation engine, it is easy to drill down to log data for search and forensic analysis.
Documentation included administrator and quick-start guides, as well as a few other pieces of supplemental documentation. The quick-start guide provided in clear step-by-step instructions the steps to get the appliance up and running in the environment. The administrator guide covers the rest of using the product and configuring the features. This guide included many screen shots, configuration examples and step-by-step instructions in a well-organized format.
At additional cost, LogLogic offers both eight-hours-a-day/five-days-a-week and 24/7 phone and email support as part of its support programs. These programs also offer access to product updates and a web-based support portal with various support resources. Customers can also access an online support forum, community forum and developer network.
At a price of $15,000, we find this product to be an excellent value for the money. The LogLogic appliance offers a multitude of reporting and compliance tools along with drill down and log analysis capabilities.
SC Magazine Articles
- Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak
- USAA members hit with multiple phishing attacks
- Trust exercise: Symantec's new website security expert is reaching out to hacker community
- WikiLeaks postings of Turkish emails included active links to malware
- U.S. government extends offer to protect states from electoral cyberthreats
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- The media becomes the story as hackers focus efforts on news organizations
- Researchers quell Wildfire ransomware with decryption key
- M&A deals bring added cybersecurity risks
- Twitoor first Android malware known to leverage Twitter for command and control
- Juniper confirms leaked "NSA exploits" affect its firewalls, no patch released yet