Skip Links

A big SIEM solution designed for small companies

TriGeo Network Security's SIEM appliance for smaller organizations

IT Best Practices Alert By Linda Musthaler, Network World
August 04, 2008 08:17 AM ET
Linda Musthaler
Sign up for this newsletter now!

The CIO-level business angle on the latest tech

In this day and age of escalating complexity of IT solutions and skyrocketing tech support costs, it's unusual to find a vendor that truly caters to the needs of small and midsized companies. But George Krupica, Director of Information Technology for Main Street Bank of Wheeling, West Virginia, has met the IT vendor of his dreams.

Krupica readily sings the praises of TriGeo Network Security, maker of a security information and event management (SIEM) appliance that is specifically designed for smaller organizations that don’t have a 24-hours-a-day operations center or a large IT staff. Main Street Bank, with its three branches and small IT department, fits the TriGeo customer profile perfectly.

Krupica installed a TriGeo intrusion detection system back in 2004 because he needed visibility into what was going on with his network. He chose TriGeo because the product was affordable and manageable, and because the vendor offered great service and support. After four years of use, he’s still delighted with the solution he chose. He says there’s nothing he doesn’t like about the product, and TriGeo support “is second to none.”

The SIEM appliance allows Krupica to monitor what’s happening inside as well as outside his network. Being an IT Professional that is very busy, Krupica states that he doesn’t have time to sit in front of a monitor all day to view the various activities and events on his network, so he uses alerts from the SIEM application to let him know when a situation requires his attention. The alert conditions are based on rules and policies that were largely customized and pre-configured for the bank by TriGeo.

This customization service is one reason for Krupica’s big praise for TriGeo. “The Rule Builder tool is easy to use if you have time to sit down and learn it,” he says. “I rarely have the time, so TriGeo sets up my rules if I ask them. They have banking experts on staff, so they understand my business needs. They’re always willing to help me when I need help.” Krupica says that, in his opinion, TriGeo is the “gold standard” for vendor support for small businesses.

When the appliance was initially installed four years ago, TriGeo pre-configured the software based on a series of survey questions Krupica had to answer. TriGeo shipped him the appliance and it took less than two hours to install. He says it was a very seamless setup. He took online training to learn how to use the features and make the tool useful for his environment.

Krupica especially likes the reports that the security application generates. He simply prints some of the reports and hands them to the bank auditors to fulfill regulatory requirements.

Despite the focus on smaller businesses, TriGeo’s appliance has enterprise-class features and functionality. For example, it can be used to proactively protect a network. There’s an in-memory log analysis tool that works at network speed to correlate events coming from various log sources and put them into context. Those events can trigger not just alerts, but real-time responses, such as removing a rogue PC from the network or locking a user out of an application. The appliance has about 40 actions that can be assigned to policies as needed, although none of them are enabled out of the box. In addition, there are about 650 pre-configured rules, with a Rule Builder module for companies to create their own rules.

Linda Musthaler is a principal analyst with Essential Solutions Corporation.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News