Author: Joyce Buda


Case Study #4: Technology & Product Review for an SIEM ReplacementCase Scenario:A client company has asked you to research and recommend a product which will allow themto upgrade or replace their first generation Security Information and Event Management (SIEM)product with a unified solution that combines real-time monitoring, threat analytics, and eventmanagement / reporting. The company currently relies upon host-based anti-virus applications, hostbased firewalls, and firewall capabilities provided by the premises router to provide protection for itsinternal networks, servers, and workstations.The IT Manager set up this security architecture and believes that it is sufficient for the firm’sneeds. But, the firm’s insurance company has threatened a significant increase in its business insurancepremiums if the company doesn’t implement stronger protection against network-based threats. Theinsurance company’s risk assessment also identified email attachments and uncontrolled web browsingas additional high risk areas, which need to be addressed and mitigated. The client wants a product thatis comprehensive but doesn’t require a great deal of training before it can be used. A quick Internetsearch revealed two product categories that fit this description:Security Information and Event Management (SIEM)Unified Threat Management (UTM)Research:1. Readings on SIEM and UTM products.2. Choose one of the SIEM or UTM products from the Gartner Magic Quadrant analyses.3. Research your chosen product using the vendor’s website and product information brochures.(Vendors for highly rated products will provide a copy of Gartner’s most recent Magic Quadrantreport on their websites but, registration is required.)4. Find three or more additional sources which provide reviews for (a) your chosen product or (b)general information about SIEM / UTM technologies and solutions.Write:Write a two to three page summary of your research. At a minimum, your summary mustinclude the following:1. An introduction or overview for the security technology category (SIEM or UTM, not both).2. A review of the features, capabilities, and deficiencies for your selected vendor and product3. Discussion of how the selected product could be used by your client to support itscybersecurity objectives by reducing risk, increasing resistance to threats/attacks, decreasingvulnerabilities, etc.4. Address security issues using standard terms (e.g. 5 Pillars IA, 5 Pillars Information Security).See the resources listed under Course Resources > Cybersecurity Concepts Review fordefinitions and terminology.

See More
Try a College Course Free

Sophia’s self-paced online courses are a great way to save time and money as you earn credits eligible for transfer to over 2,000 colleges and universities.*

Begin Free Trial
No credit card required

26 Sophia partners guarantee credit transfer.

226 Institutions have accepted or given pre-approval for credit transfer.

* The American Council on Education's College Credit Recommendation Service (ACE Credit®) has evaluated and recommended college credit for 21 of Sophia’s online courses. More than 2,000 colleges and universities consider ACE CREDIT recommendations in determining the applicability to their course and degree programs.