ManageEngine EventLog Analyzer: SIEM for the Masses
ManageEngine, a division of Zoho Corp. is entering the Security Information and Event Management (SIEM) market, which is currently dominated by the likes of HP/ArcSight, IBM/QRadar, McAfee/NitroSecurity, RSA/EMC and Symantec. The company, best-known for its EventLog Analyzer used by both SMBs and Fortune 500 companies, is no stranger to entering competitive markets, said Zoho President Raj Sabhlok.
“We are very familiar with entering into crowded market categories like SIEM.” When they started the ManageEngine rollout in the early 2000s, there were around 600 competitors, he said. The competition had very complex products, and that’s where we came in… taking complexity away.
“To fast forward to SIEM, that’s the same approach we’re advocating.” Customers can get 90% of the functionality at 10% of the price, said Sabhlok.
The company is upgrading its EventLog Analyzer (v8.0), previously dedicated to log analytics and compliance reporting duties, with SIEM features such as IT data indexing, universal log parsing and search, as well as a new user interface that combines intuitive, Web-based interface with robust functionality and usability, it said. Initially, Sabhlok expects the SIEM functionality will draw interest from SMBs who were either priced out of the market, or deterred by the complexity. Pricing starts at $3395 for 10 hosts, and a fully functional, 30-day trial version is also available for download.
According to the May 2012 Gartner Magic Quadrant for Security Information and Event Management report, the SIEM market grew 15% in 2011 to $1.1 billion. TechNavio predicts the SIEM market will continue doing well, with a compound annual growth rate of 14.06% during the period 2011-2015.
The growing interest in SIEM should come as no surprise. The 2011 Verizon Data Breach Report found that 86% of breached organizations failed to detect that their networks were hacked. At Gartner’s June Security and Risk Management Summit, SIEM was called out during the opening keynote as “no longer nice to have but fundamental.”
SIEM is becoming an important tool to help stop cyber attacks, as well as comply with internal and third-party regulations, said Sabhlok. In addition to its 70,000 existing customers, including 60% of the F500,who will have access to this capability as part of their maintenance agreement, he expects initial interest will come from SMBs, with larger enterprises looking to ManageEngine as an alternative shortly afterward.
SIEM joins Big Data and mobility as key focus areas in 2013 and beyond, said Sabhlok. “Mobile is key for us from two standpoints – it really gives IT organizations a real opportunity to be 24×7. They’ve always been counted on that but mobility really gives them the tools to do that.” The other aspect is the management of mobile devices, MDM. “We have an offering but customers told us they don’t want another interface.” The company has integrated its solution at the desktop and server levels, but still has a way to go.
“Integrated IT management is something we’re trying to do a much more focused approach to…our offering is IT360.”