Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

SC Magazine SIM Evaluation

Scmag Tenable's Security Center and Log Correlation Engine were reviewed in the September 2006 print issue of SC Magazine in a section named "Group Test: Event Management". The article about Tenable leads off with a great quote, "The Tenable Security Center has massive capability wrapped in a single, easy-to-navigate interface". The article makes several really good comments about our product's features. However, the only draw-back the article points out was that we were priced more expensive than the other products evaluated. The article comments: "Priced at the high end of the spectrum, the Tenable Security Center offers a powerful tool with a price tag that is higher than that of some full appliances."

As tested, our overall price was $74,000 because we included our fully licensed Log Correlation Engine at a cost of $50,000. The SC Magazine evaluation didn't really stress a large number of total log entires for evaluation and we could have easily submitted our 5 million event LCE license at a cost of $9995. This would of placed our total cost around $34,000, which is much more competitive with the other products tested.

I encourage everyone to read through the article and specific products tested. As you do this, please keep in mind:

  • Although the article was focused on SIM and log analysis, our products as tested included full vulnerability and compliance auditing features. This provides a great deal more value for customers who don't want to run separate products or train users in multiple vendors.
  • Tenable's Log Correlation Engine licensing doesn't penalize you for the number of agents used, the maximum number of events per second or require you to purchase or obtain a separate SQL database
  • We felt there were many other vendors that aggregate logs and do intelligent things with them missing from the evaluation. We would have very much liked to have seen ArcSight, Cisco MARS or LogLogic for example.
  • We would have also liked the testing to include log sources beyond IDS/IPS and firewalls. Tenable has made great efforts to include support for anti-virus, honeypot, netflow and dozens of other categories with hundreds of different supported solutions.

Note: this review is now available online.