Free tool collects logs, manages security and compliance

Q1 Labs Tuesday made available a free version of its enterprise log management appliance that provides a limited set of capabilities to IT managers starting out with log collection and compliance management.

QRadar SLIM Free Edition (SLIM FE) enables IT managers to collect, analyze, report and store network, host, server, application and security event logs via syslog from routers, switches, security devices and servers. Available free for download, SLIM FE is a scaled-back version of the Q1 Labs SLIM (Simple Log and Information Management) product, which is packaged as an appliance and is capable of collecting more than 75,000 events per second. SLIM FE is equipped with similar capabilities, but is available as software and collects about 50 events per second coming from distributed devices in an environment.

"Regardless of the size of the company, everyone faces similar security intelligence problems," says Tom Turner, vice president of marketing at Q1 Labs. "This product will help companies bring in large amounts of data and make people more operationally efficient."

SLIM FE can be downloaded to a server or high-powered laptop (hardware specifics will be posted on Q1 Labs download site) and begins collecting syslog data from specified devices. Company officials say the information captured via logs can help enterprise IT departments, smaller organizations and business units gain a better understanding of their security posture. The security information and event management vendor considers the free software application an opportunity for potential customers to get started with log management and begin to see the benefits of a broader SIEM strategy.  

"It has the building blocks of collecting and representing information that isn’t our full product, but people who use this will be exposed to some of the capabilities of Q1 Labs and can begin taking a bite by bite approach to better understanding their security posture," Turner says.(Compare Security Information Management products.)

Q1 Labs competes with SIEM vendors, many of which have added log management capabilities to their security management product suites. And companies such as LogRhythm and LogLogic focus their products squarely on log collection, analysis and storage.

"Organizations are under increasing pressure from auditors, partners and upper management to demonstrate that they are protecting information and infrastructure appropriately," wrote Forrester Research principal analyst Paul Stamp in a report. "Some regulations, like PCI DSS, for example, specifically mandate log management."

SLIM FE is available free for download now.

http://www.networkworld.com/reviews/2008/063008-test-siem-q1-labs.html
Q1 Labs QRadar provides effective security event correlation
06/30/2008

http://www.networkworld.com/columnists/2008/052708insider.html
Log management as a tool against insider threats
05/27/2008

http://www.networkworld.com/newsletters/nsm/2008/081808nsm1.html
Network behavior analysis secures Wayne State University
08/18/2008

http://www.networkworld.com/slideshows/2008/041608-20-free-software-favorites.html
20 free software favorites
04/16/2008

http://www.networkworld.com/news/2007/103007-q1-labs-management-appliance.html
Q1 Labs offers log management appliance
10/30/2007

http://www.networkworld.com/news/2007/091207-specialfocus-management-software-side.html
10 IT management companies still worth watching
09/12/2007

http://www.networkworld.com/news/2007/030907-q1-labs-matches-user-ids-security-events.html
Q1 Labs matchers user IDs with security events
03/09/07