I'm wondering if there is a single Untangle NG deployment that is actually sending log data to a SIEM which in turn is processing that data in a meaningful and useful way.
We have multiple clients who have to have SIEM. SIEM by nature wants to correlate events from multiple points/systems on your network to help identify anomalies/concerns, and in identifying a breach and even researching it after-the-fact.
If Untangle NG can't be easily integrated into a SIEM solution, it hurts the positioning of UT NG in scenarios requiring SIEM.
There are popular commercial SIEM solutions with out-of-the-box support for other firewalls. But not UT.
We are really happy with UT and would prefer to use it for 99% of customer networks. But if we can't get a SIEM solution that works well with UT NG, we may have to start to use a different firewall when SIEM is required.
This topic has been touched on only lightly in the forums over the years with @hitman probably showing the most effort (but without any sign of him showing any successes here).
So I ask the question, is anyone actually using a SIEM solution with Untangle NG?
Thanks,
-
Doug
We have multiple clients who have to have SIEM. SIEM by nature wants to correlate events from multiple points/systems on your network to help identify anomalies/concerns, and in identifying a breach and even researching it after-the-fact.
If Untangle NG can't be easily integrated into a SIEM solution, it hurts the positioning of UT NG in scenarios requiring SIEM.
There are popular commercial SIEM solutions with out-of-the-box support for other firewalls. But not UT.
We are really happy with UT and would prefer to use it for 99% of customer networks. But if we can't get a SIEM solution that works well with UT NG, we may have to start to use a different firewall when SIEM is required.
This topic has been touched on only lightly in the forums over the years with @hitman probably showing the most effort (but without any sign of him showing any successes here).
So I ask the question, is anyone actually using a SIEM solution with Untangle NG?
Thanks,
-
Doug