Reviews

LogRhythm LR-500-XM review

Compliancy with data protection regulations is not to be taken lightly and LogRhythm offers the means to stay on the right side of the law.

Price
£15,900

There are plenty of standards designed to protect personal and sensitive data and businesses that don't take regulatory compliance seriously are finding this can be a costly mistake. Log data management and analysis are important parts of the process and LogRhythm combines these functions into an appliance based solution and augments them with detailed log and event analysis.

LogRhythm is deployed as an appliance running Windows Server 2003 R2 and it offers a number of hardware solutions. On review we have the entry-level LR-500-XM, which is delivered as a good quality Dell PowerEdge 1950 1U rack server. The price shown includes support for 100 log sources but this can be upgraded as required.

We deployed our appliance as an all-in-one solution running the Log Manager and Event Manager components but you can distribute functions such as log gathering across multiple servers running LogRhythm agents. LogRhythm offers Log Manager agents for Windows, Unix and Solaris host systems and these don't need to be dedicated to this task.

LogRhythm accepts log data from a wide range of sources and support includes syslog, syslog-ng, Windows drive mapping and Event Logs, ODBC connectors for database logs, flat files such as ASCII text, Cisco NetFlow and CheckPoint OPSEC/LEA collections.

The software is managed locally or remotely with a dedicated console, which we found easy to get to grips with. The console can be installed on any remote system and supports all versions of Windows. Deployment is simple enough as you tell your source devices where to send their log data to and LogRhythm will automatically collect this traffic.

Devices such as Windows servers can be automatically identified by their traffic so the appliance can add information such as the OS and version, hostname, associated IP address and Windows Event Logs. Other devices such as security appliances and routers that may be sending syslog data will need to be updated manually to specify the device type. LogRhythm does this as part of its customer deployment service so no user intervention is required.

Logs stored on the appliance are all digitally signed on receipt so it can be proved they haven't been subsequently tampered with and archives are also digitally signed to ensure their integrity. Archive locations can be any type of storage device such as DAS, NAS, IP SAN and FC SAN.

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

Watch now

A buyer’s guide to board management software

How the right software can improve your board’s performance

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

Download now

Recommended

Dell EMC PowerEdge R650 review: A slim and mighty server
Server & storage

Dell EMC PowerEdge R650 review: A slim and mighty server

27 Oct 2021
Supermicro A+ Server 1114S-WN10RT review: EPYC power, but poorly presented
Server & storage

Supermicro A+ Server 1114S-WN10RT review: EPYC power, but poorly presented

14 Apr 2021
Broadberry CyberServe Xeon E-RS100-E10 review: A cracking specification at a great price
Server & storage

Broadberry CyberServe Xeon E-RS100-E10 review: A cracking specification at a great price

8 Mar 2021
Dell EMC PowerEdge R340 review: A sound investment for small businesses
Server & storage

Dell EMC PowerEdge R340 review: A sound investment for small businesses

1 Mar 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
How to speed up Windows 11
Microsoft Windows

How to speed up Windows 11

7 Jan 2022
Dell XPS 15 (2021) review: The best just got better
Laptops

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022