netForensics nFX Cinxi One
Strengths: Real-time monitoring with advanced correlation functions and integrated incident response capability.
Weaknesses: None that we found.
Verdict: Lots of nice features with a pay-as-you-go pricing model.
SummaryThe nFX Cinxi One appliance from netForensics provides powerful tools to manage and correlate logs for real-time threat analysis and identification. This product includes the ability to use an on-board correlation engine that automatically analyzes events and identifies potential patterns of attack while filtering out possible false positives and prioritizing the most critical events.
We found this tool to be fairly straightforward to set up and configure. The initial install takes just a few minutes and can be done either by connecting a monitor and keyboard to the appliance or by hooking in through an SSH terminal on another computer. After connecting to the appliance, a short setup wizard defines the steps to set network and IP settings, and the appliance is ready to be connected to the network. From here, the rest of the configuration is done via the client application, which can be launched from any network computer. We also found the client application to be easy to navigate and quite intuitive to use.
Documentation included quick-start, installation and administrator guides. The installation guide provides the initial setup steps, while the quick-start guide details the initial configuration using the administration client. The administrator guide provides advanced configuration information of product functions and features. We found all these to be well-organized with many screen shots, step-by-step instructions and configuration examples.
There are several support options available from netForensics, including standard, gold and premium. All of these offer various options for phone technical support, but all include access to updates and help managing security incidents. Customers also can access an online portal that includes a knowledge base and other support resources.
At a subscription price of $1,200 per quarter, we find this product to be a good value for the money. The Cinxi One offers some solid correlation and analysis functionality at a reasonable price.