SolarWinds Log & Event Manager
April 01, 2013
$4,495, including license and one-year of maintenance.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Reasonably priced, full-feature SIEM virtual appliance.
- Weaknesses: None that we found.
- Verdict: Excellent offering from a mature, well-respected company.
The SolarWinds Log & Event Manager, also known as the LEM, is a virtual appliance capable of collecting logs and events from almost any network-connected device and then correlating that data for further analysis. The LEM virtual appliance can be deployed in either a VMware ESX or Microsoft Hyper-V virtual environment and can provide insight into security events, as well as help with performance monitoring and compliance management.
For our evaluation we chose to install the VMware virtual appliance. We found the installation process to be quite easy and straightforward. To get started, we simply had to download the executable from the SolarWinds support site. After the executable was downloaded, we ran it and it expanded into a folder containing the open virtual appliance (OVA) file along with installation instructions and the desktop software for additional management capabilities. To get the appliance up and running, we simply had to import it into our ESX installation and turn it on. The appliance was able to acquire a Dynamic Host Configuration Protocol (DHCP) address and we were able to log into the web-based management console within minutes of turning the appliance on.
From a management perspective, this appliance has a lot to offer. The first thing we saw when logging into the interface was a full dashboard with many helpful charts, graphs and lists, along with access to help and support. The dashboard can be customized to fit the needs of a specific user type or group, but the default setup is a good place to start. As for reporting, this appliance features a plethora of compliance-based report templates already built in and ready to go. Furthermore, this tool can take data from other SolarWinds products and provide an extra level of analysis to ensure better security.
Documentation included a quick-start guide, along with a full user guide. The quick-start guide detailed the steps necessary to download and install the virtual appliance, as well as some other basic information. The user guide takes over where the quick-start leaves off and details configuration and management of the appliance, as well as use of product features. We found both of these to be clear and easy to follow. They each also included full step-by-step instructions and screen shots.
SolarWinds includes the first year of technical support as part of the purchase price. Customers have access to 24/7 unlimited phone- and email-based technical support, as well as a large aid area on the website. The customer support area includes documentation, product downloads, video tutorials and training materials, and access to a full knowledge base and user forum.
At a price just shy of $4,500 for the virtual appliance and one year of support, we find this offering to be an excellent value for the money. The SolarWinds LEM offers a solid feature set with an easy to navigate interface in a virtual appliance that is simple to deploy and manage at a reasonable price. This solution can be used in almost any environment and is good starting point for SIEM deployment.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Website observed serving 83 executable files, more than 50 percent malware
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- TeslaCrypt used to extort over $76K in recent months
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes