Among the main features available in the SolarWinds LEM offering are:
- Real time event collection and correlation for immediate threat detection
- Integrated Active Responses for automated remediation
- Advanced search and data visualisation for forensic analysis
- USB Defender for endpoint data protection
- Workstation and user activity monitoring for internal threat protection
- Built-in templates for regulatory compliance reporting
The primary differentiators of SolarWinds’ LEM product are that it provides an easy-to-use yet comprehensive SIEM and log management solution aimed at the needs of mid-market organisations that often lack the IT and security resources of their larger counterparts, often leaving what resources they do have over-stretched. Such organisations have many of the same needs as larger enterprises—especially with regard to complying with regulations such as data protection and with managing the overall security of their networks. The distribution and implementation model espoused by SolarWinds makes the product easy to evaluate and buy, with a 30-day evaluation period offered for all products, and easy to deploy and maintain.
However, LEM is also popular with and widely used by a large number of enterprise customers, including more than 425 of the Fortune 500, which is helped by its proven scalability and ability to store massive amounts of data. As well as being deployed across such organisations, it is highly suited to the needs of departments, business units and branches within such organisations.
A particular differentiator is the value for money that is offered by the LEM product. With LEM, organisations get the core capabilities they need to improve their security posture and help ensure continuous compliance, but at a fraction of the cost of competing solutions. This core functionality includes real time collection, correlation and analysis of log and event data from a wide variety of sources throughout the IT infrastructure, along with the ability to normalise, store, search, and report on log data to help meet security and compliance objectives. On top of this core functionality, LEM offers a set of features that set it apart from its competitors, including in-memory event correlation, built-in automated responses, USB defence technology and data visualisation tools.
Another prime differentiator of SolarWinds’ LEM product is its ease of deployment and use. Downloadable from the internet, it can generally be deployed without outside help either from the vendor or from consultants. LEM offers many features that make it extremely easy to use right out of the box without the need for security expertise, including hundreds of built-in rules, filters, searches and reports, with everything governed by a centralised management console with a drag-and-drop interface.
Where support is required, 24/7 phone and email support is included in the purchase price. Plus, there is a dedicated support site, thwack, which has more than 100,000 IT professional community members. Directly accessible from inside the product, it functions as an online community for sharing and solving problems, tips and tricks, discussing best practices, downloading extra tools, requesting additional features be added to the product, and for sharing custom applications and plug-ins. It provides extensive support documentation and tutorials, and provides information regarding new features and capabilities.