Strengths: Up, running, collecting and analyzing logs almost instantly right out of the box.
Weaknesses: None that we found.
Verdict: A venerable log manager with solid SIEM capabilities.
SummaryThe MX3020 from LogLogic encompasses the high-grade SIEM functionality of the company's larger offerings in a single appliance for smaller to midsize environments. This product features powerful tools for managing and maintaining compliance, tracking system changes, and viewing overall health of the network infrastructure.
The initial setup and configuration can be done in one of two ways. The first is by linking up to the appliance through a serial connection and manually entering the initial network and IP settings. However, if graphical installation is more your speed, you can connect to the appliance through a web browser and login to the appliance's web GUI to set the unit. After the initial configuration is complete, all ongoing configuration and management is done through the web GUI. This GUI has been redesigned this year to be easier and more intuitive to navigate.
This appliance provides some real out-of-the-box functionality already loaded and ready to go. Once this product is installed, it can begin automatically discovering most log sources in the environment and reporting on them immediately. Other proprietary sources, such as Check Point, can be configured in the appliance with very little effort.
Documentation included a quick-start, as well as user and administrator guides. All documentation was well-organized and easy to follow.
LogLogic provides technical support at two levels as part of an agreement. These provide either 24/7 or eight-hours-a-day/five-days-a-week phone and email assistance, as well as access to a customer portal.
With a price tag of $35,000 this appliance may seem quite expensive, but this cost also includes a year of support, as well as a compliance reporting suite. A virtual appliance also is available starting at $3,000. We find this product to be a great value for the money based on its solid functionality and plug-and-play design.