SolarWinds Log & Event Manager vs Splunk. What's the Difference?


Published on

Are you looking for an enterprise security solution and event log analyzer that's powerful, affordable, and easy to use? Learn how SolarWinds Log & Event Manager is different from Splunk and why it may be the better choice for your organization.

Published in: Technology
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

SolarWinds Log & Event Manager vs Splunk. What's the Difference?

  1. 1. SolarWinds Log & Event Manager vs. Splunk September 2012 1
  2. 2. Agenda» Top Reasons – LEM Over Splunk» LEM vs. Splunk Comparison» LEM Features» What IT Pros say about SolarWinds LEM» Helpful Resources 2
  3. 3. Top Reasons to Choose LEM Over Splunk» Node-based licensing model» In-memory event correlation» Advanced visual IT Search» Active Response technology» End-point data loss protection with USB Defender» No consultant do-it-yourself deployment 3
  4. 4. License Model IMAGE COURTESY OF HTTP://GOV.AOL.COM/2012/06/13/BIG-DATA-VOLUME-AND-VALUE-REALLY-MATTER/» LEM is licensed based on » Splunk licenses based on the number of nodes that log volume you are monitoring offering indexed/generated. This greater predictability leads to a risk of exceeding your license limit. 4
  5. 5. In-Memory Correlation » LEM performs in-memory event correlation allowing you to analyze millions of events across your infrastructure in real-time. » With Splunk, you need to wait until the data has been indexed and written to the database prior to any analysis 5
  6. 6. Advanced IT Search» LEM uses a drag-and-drop » Splunk provides a 367 page interface employing visual search manual of syntax search tools such as word descriptions and usage clouds, tree maps, bubble examples charts, and histograms 6
  7. 7. Active Response» LEM includes a library of » Splunk requires that you built-in active responses manually respond to that automatically responds actions and incidents to operational issues and taking actions 7
  8. 8. USB Defender» LEM protects against end-point data loss with a built-in USB Defender Technology that tracks unauthorized USB activity and allows you to take immediate action. 8
  9. 9. Do-it-Yourself Deployment » LEM allows you to be up and running in no time using a virtual appliance deployment model, easy- to-use web based console and intuitive interface. Consultants » Splunk offers “Splunk Professional Services” to deliver deployment and advisory services. 9
  10. 10. LEM FeaturesLog Collection, Analysis & Management Compliance Templates and ReportsAutomatically indexes data from dozens Generate and schedule complianceof security appliances, firewalls, and reports quickly with 300+ audit-provenintrusion detection systems then templates and a console that enables younormalizes log data into common formats to customize reports for yourto identify problems. organization’s specific needs. 10
  11. 11. LEM FeaturesActive Response & Threat Mitigation Real-Time, In-Memory Event CorrelationProactively defend and mitigate security Analyze millions of events across yourthreats with continuous real-time infrastructure with real-time, in-memory,intrusion detection from multiple non-linear, cross-domain, and multi-domains and systems. dimensional correlation. 11
  12. 12. LEM FeaturesAdvanced IT Search USB Detection & PreventionExplore data with drag-and-drop Protect sensitive data with real-timesimplicity and visual search tools to notification of USB devices and the abilityperform forensic analysis on events to to block their usage, as well as built-indetermine what really happened. reporting to audit USB usage over time. 12
  13. 13. LEM FeaturesIntuitive Drag & Drop Interface High Compression Data StorageAn easy to use interface with drag and Store log data in a high compression datadrop builders, clickable graphs and charts, store without worrying aboutand tons of time saving features maintenance and administration and satisfy your retention requirements. 13
  14. 14. What IT Pros are Saying SolarWinds Log & Event Manager, Best Security Information/Event Management (SIEM) Appliance “We would need three or four experienced network administrators working around the clock to manage the same workload that SolarWinds LEM does. Even if we had the money to staff an IT department like that, we still wouldn’t get the same value and results that SolarWinds LEM delivers day in and day out.” - Ted Carmack, IS Manager, Energy Federal Credit Union "With SolarWinds Log & Event Manager, we’re exposing potential threats and preventing them from damaging our business." – Alan McHugh, Manager of Information Technology USPS FCU 14
  15. 15. Helpful Resources Download a Free SolarWinds Log & Even Fully Functional 30- day Trial Compliance & Security Test Drive the Demo Navigating the LEM Con Ask The Community 15