• As IT infrastructure becomes more distributed and vulnerable to attack, security information and event management (SIEM) technology becomes more essential for real-time alerting, analysis and auditing. Trustwave SIEM Enterprise provides the critical insight and information needed for organizations to proactively respond and manage security risk and compliance in easy-to-understand ways.

    Need security, forensic and compliance experts in your corner?
    Explore SIEM as a Managed Service

Overview

  • SIEM Enterprise enables organizations to quickly address their compliance requirements and take a proactive approach to their security risk management strategy.

    Purpose-built with a focus on simplified management, SIEM Enterprise's intuitive, browser-based user interface makes it easy to centrally configure, update and operationally maintain across your environment. SIEM Enterprise is the go-to solution for organizations that need to sort through disparate logs from security products and devices to detect threats and manage risk and compliance requirements.

    Why do customers choose Trustwave SIEM Enterprise to detect, understand and respond to security incidents, and ensure they don’t happen again?

    • Supports 230 devices out of the box
    • Powerful correlation engine
    • Advanced filtering and searching
    • Full breadth of compliance controls
    • Big data security analytics
  • Demo: SIEM Log Management (29 mins)

Features

    • Security

      Advanced Correlation and Threat Management Assessment

      Our industry-leading correlation engine offers flexibility and configurability to meet your evolving needs. Functionality includes rule, vulnerability, statistical, historical, heuristic, threat, asset, behavior and risk-based support.

      Deep Forensics

      Boolean logic filtering enables you to search data for in-depth insights, threats and root causes. You can easily save, share and reuse searches, filters, lists and reports through an easy-to-use wizard-like interface.

      Big Data

      SIEM Enterprise incorporates advancements that address bigger data and analytics challenges. The product contains highly scalable, distributed architecture capable of collecting, normalizing, correlating and reporting on more data than ever before.

    • Compliance

      Audit Ready

      SIEM Enterprise lets you effectively meet your audit needs with consistent controls based on best practice frameworks and regulatory and industry requirements. Real-time control monitoring, compliance reporting, automated compliance alerting, notification and scheduling capabilities ensure your organization stays ahead of the threat curve.

      Mandate Friendly

      SIEM Enterprise employs a consistent set of controls from best practice frameworks and regulatory, industry, and GRC requirements - and then monitors control performance in real time. Compliance control coverage is included at no additional cost.

      Enhanced Reporting

      More than 600 compliance-focused reports, with more than 2,600 overall reports, are available. The reports can be scheduled or run ad-hoc against alerts, events and trend data. Configurable dashboards, correlations and filters let you quickly gain value and reduce risk.

    • Operations

      User Experience

      SIEM Enterprise includes a familiar browser-based UI design with workflow support for analyst threat monitoring and incident response tasks. A 'Finder' function significantly enhances the ability to quickly identify events and activities of interest.

      Practical Maintenance

      Easy-to-install data modules enable standard and customized log acquisition from almost any audit source - all complemented by automated updates and centralized management. This enables collaboration among various departments.

      Blended Architecture Support

      SIEM Enterprise complements existing investments in Trustwave Log Management Appliances to help simplify large and complex deployments.

How It Works

  • application screenshot

    Configurable dashboards, correlations and filters let you quickly gain value and reduce risk.

    application screenshot

    Quickly choose and search relevant data.

    application screenshot

    Easy-to-analyze dashboards, reports and workflow provide critical data at your fingerprints.

    application screenshot

    Learn what is impacting your organization so you can mitigate threats and meet requirements.

Specifications

  •  

    TS-250

    TS-500

    TS-750

    TS-500

    SIEM Models SIEM-E-50, SIEM-SE1-DA
    SIEM-LME-50
    SIEM-E-100, SIEM-E-250
    SIEM-LME-100, SIEM-LME-250
    SIEM-E-500, SIEM-E-750
    SIEM-LME-500
    SIEM-E-100-SAN
    CPU Intel E5-2620 6 cores 2X Intel E5-2630v2 6 core 2X Intel E5-2658v2 10 core 2X Intel E5-2650v2 6 core
    RAM 32GB 32GB 96GB 64GB
    Disk 4X4TB Nearline SAS
    200GB SSD
    4X4TB SAS
    200GB SSD
    8X4TB SAS
    400GB SSD
    2X1TB SATA
    400GB SSD
    RAID 5 5 5 0
    HBA no no no Qlogic 16GB Dual Port Fiber
    Certifications UL, CUL, TUV, CE UL, CSA, CE UL, CSA, CE UL, CSA, CE
    Online Retention * 5 years 2.5 years (at 100m epd)
    1 year (at 250m epd)
    15 months (at 500m epd)
    10 months (at 750m epd)
    SAN dependent

    * Retention capacity will depend on many factors including source devices and data profile