LogLogic MX 3020
Strengths: Log management, compliance and log analysis features in one device.
Weaknesses: None that we found.
Verdict: A venerable product with an excellent pedigree that it lives up to.
Showing its long pedigree as one of the top log management tools available, the LogLogic MX 3020 appliance has many log correlation and management features. This appliance offers four modules that are integrated together to provide an in-depth look into compliance, security events, log management and database security. This tool also features enough onboard storage to meet the log collection needs of most small- to medium-sized businesses so there is no extra cost of additional storage.
Installation and setup of this appliance is quite straightforward. Once it is in connected to the network, it is ready to start receiving logs from devices immediately. The LogLogic solution can natively receive logs from most network devices, but there is also an easy-to-deploy agent included with the product for collecting logs from Windows-based machines. All management is done from the web GUI. We found this GUI to be easy and comfortable to navigate with many configuration tasks taking only a few clicks of the mouse.
This appliance is pretty much plug and play. After log sources are identified, the tool begins automatically populating pre-defined compliance and audit reports, as well as extensive log drill drown capabilities. With the LogLogic SIEM platform powered by the correlation engine, it is easy to drill down to log data for search and forensic analysis.
Documentation included administrator and quick-start guides, as well as a few other pieces of supplemental documentation. The quick-start guide provided in clear step-by-step instructions the steps to get the appliance up and running in the environment. The administrator guide covers the rest of using the product and configuring the features. This guide included many screen shots, configuration examples and step-by-step instructions in a well-organized format.
At additional cost, LogLogic offers both eight-hours-a-day/five-days-a-week and 24/7 phone and email support as part of its support programs. These programs also offer access to product updates and a web-based support portal with various support resources. Customers can also access an online support forum, community forum and developer network.
At a price of $15,000, we find this product to be an excellent value for the money. The LogLogic appliance offers a multitude of reporting and compliance tools along with drill down and log analysis capabilities.