HI all
what would be the MARS replacement solution?
what Cisco tool, I need to correlate the different security alarms?
regards.
There are a number of third party products out there. Juniper strm, rsa envision and splunk to name a few.
Sent from Cisco Technical Support iPad App
A couple of notes:
There is no CS-MARS replacement product offered by Cisco directly. They left that market segment when they killed MARS off. What they do instead is publish a list of "Technology Partners" that offer SIEM solutions recommended for use in Cisco environments.
The design guides for the partner products are posted in Cisco's "Design Zone" portion of their site, found here:
http://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns744/ns1090/landing_siem.html
One of the linked documents linked, the "Lippis Report", explains the philosophy they've adopted now.
The program's "Cisco Developer Network" section also includes additional information on each of the partner products.
Cisco Developer Network: Security Management Partners
For reference, these are the 6 recommended partners/products:
There are other options that aren't mentioned here, but this would be a decent place to start.
Message was edited by: Michael Crowe (better CDN link)
Anyone have any opinions on the various third party SIEMs? I still have MARS and haven't cared for the few I've looked at, so I'm clinging to MARS for now.
Sent from Cisco Technical Support iPad App
IBM's QRadar solution has a very similar user interface layout and user experience to what MARS used to have, while providing a modern, up-to-date SIEM solution.
Are there any experiences available with this Solarwinds Product...
Wehad a deep look for example at Arcsight, very good but this it's price (sure twice the MARS Costs)..