Q1 Labs has launched a free version of its enterprise log management appliance to offer IT managers a limited set of log collection and compliance capabilities.
QRadar SLIM Free Edition (SLIM FE) enables IT managers to collect, analyse, report and store network, host, server, application and security event logs via syslog from routers, switches, security devices and servers. It is a scaled-back version of the Q1 Labs SLIM (Simple Log and Information Management) product, which is packaged as an appliance and is capable of collecting more than 75,000 events per second. SLIM FE is equipped with similar capabilities, but is available as software and collects about 50 events per second coming from distributed devices in an environment.
"Regardless of the size of the company, everyone faces similar security intelligence problems," says Tom Turner, vice president of marketing at Q1 Labs. "This product will help companies bring in large amounts of data and make people more operationally efficient."
SLIM FE can be downloaded to a server or high-powered laptop (hardware specifics will be posted on Q1 Labs download site) and begins collecting syslog data from specified devices. Company officials said that the information captured via logs could help enterprise IT departments, smaller organisations and business units gain a better understanding of their security posture. The security information and event management vendor considers the free software application an opportunity for potential customers to get started with log management and begin to see the benefits of a broader SIEM strategy.
"It has the building blocks of collecting and representing information that isn't our full product, but people who use this will be exposed to some of the capabilities of Q1 Labs and can begin taking a bite by bite approach to better understanding their security posture," Turner said.
Q1 Labs competes with SIEM vendors, many of which have added log management capabilities to their security management product suites. And companies such as LogRhythm and LogLogic focus their products squarely on log collection, analysis and storage.
"Organizations are under increasing pressure from auditors, partners and upper management to demonstrate that they are protecting information and infrastructure appropriately," wrote Forrester Research principal analyst Paul Stamp in a report. "Some regulations, like PCI DSS, for example, specifically mandate log management."