EiQ Networks SecureVue
Strengths: Powerful features.
Weaknesses: Price, steep learning curve.
Verdict: Great for organizations needing advanced insight.
The EiQ Networks SecureVue software suite is a comprehensive log and asset management system that lets network administrators quickly get the full picture of what is going on in their network. It is an extremely robust and powerful tool which takes some time to master, but after getting acquainted it becomes easy to navigate and provides a deeper level of log management and analysis than is usually found.
We received the SecureVue system as a preconfigured hardware appliance. We did the usual: removed it from the box, racked it up and connected power. We connected the keyboard, mouse and monitor before powering it on and then waited for it to boot up. After that, we configured the network settings through the Windows server GUI and then followed EiQ's steps to reconfigure the software suite's IP. The setup was rather involved, but went smoothly and without incident. EiQ loaded our licenses for us, and the time was already correct, so after logging in with the built in administrator account we changed the password to finish setup.
After setup was done, we used an SC Lab PC to connect to the SecureVue's web interface. We were greeted with a slew of graphs and charts, but it took us a considerable amount of time to get the whole system running. Because it is so powerful, it takes a lot of configuration to leverage the advanced feature set of this device. Once it is configured, SecureVue is capable of correlating logs from basically every networkable device available. Once the logs are collected, they can be forensically investigated by easily searching the system for triggers, assets or events. SecureVue is even capable of integrating with popular vulnerability assessment systems for single-screen vulnerability and threat analysis capability for managed assets. Out of the box, SecureVue comes with templates to view alerts from devices, templates to check those alerts against compliance mandates, and even more templates to customize how they are displayed to the user. Once it is set up, SecureVue is a powerhouse for prioritizing security response.
All of the documentation was well written, easy to understand and contained pictures and screen shots where appropriate.
EiQ includes one year of standard support with the purchase of the SecureVue system. Standard support includes eight-hours-a-day/five-days-a-week telephone, email and web support. This can be extended for the price of 20 percent of the product. Premium support is also available.
Even though it is pricier than other alternatives, we find EiQ Networks SecureVue to be a good value for the money. It is highly customizable and combines traditional SIEM functionality with advanced passive vulnerability scanning to give administrators more control over their network. - SP