NetWitness Cloud SIEM delivers log management, retention, and analytics services in a simplified cloud form. It aims t o eliminate traditional deployment and administration requirements with a simple throughput-based licensing model, to make high-quality SIEM quick and easy to acquire without sacrificing capability or power.
N/A
SolarWinds Security Event Manager (SEM)
Score 8.0 out of 10
N/A
SolarWinds LEM is security information and event management (SIEM) software.
N/A
Pricing
NetWitness Cloud SIEM
SolarWinds Security Event Manager (SEM)
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
NetWitness Cloud SIEM
SolarWinds Security Event Manager (SEM)
Free Trial
No
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
NetWitness Cloud SIEM
SolarWinds Security Event Manager (SEM)
Features
NetWitness Cloud SIEM
SolarWinds Security Event Manager (SEM)
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
NetWitness Cloud SIEM
7.6
Ratings
2% below category average
SolarWinds Security Event Manager (SEM)
8.9
Ratings
14% above category average
Centralized event and log data collection
8.00 Ratings
9.00 Ratings
Correlation
10.00 Ratings
8.00 Ratings
Event and log normalization/management
8.00 Ratings
8.00 Ratings
Deployment flexibility
10.00 Ratings
10.00 Ratings
Integration with Identity and Access Management Tools
It is really a robust platform that can be heavily customized to suit requirements. Good for advanced hunting and forensics. Robust automation features.
Solarwinds SEM is great for generating reports for investigation purposes. Once you set up the connectors you can walk away and the product runs without needing maintenance. It was however pretty difficult to create the reports and alerts when now starting out and it can be very intimidating for new users.
SolarWinds easily provides the much needed visibily into changes in an Active Directory (AD) environment. Email alerting can be configured to alert a team if an account is locked out, disabled by another users, or if users and/or computers accounts are created.
SolarWinds allowed a searchable audit feature. Microsoft Windows can be configured to log many different parts of a system, but search those logs can be difficult. SEM allows you to search for specific users or events.
Compared to other SIEMs, there are features that are missing. Machine learning, automatic event correlation, ability to correlate multiple sources together.
The UI is clunky, and the *New* event log analyzer page felt really disjointed from the rest of the product.
In my experience, the dashboards were almost unusable. They persisted across login per device, and even then they sometimes would reset and go back to the ''Getting Started'' look.
It is pretty likely that we will renew SEM when the time comes up. It is easy to use and maintain so there isn't much of a need to replace this product. It is also a pretty fair price for the capabilities provided by the SEM
It is very good - but you get what you pay for. The intent is not for a Fortune 500 that needs more "heavy lifting" with SolarWinds Security Event Manager & for whom the price tag is not (much of) a consideration.
The quality of support can vary depending on whom you end up speaking with. I was fortunate enough to work with a support representative who was very familiar with the product. He had even authored some of the support documentation on the website. On the flip side, I had two other experiences where I was simply directed to online training material.
The compare well against the others - the pricing models for all but Splunk (free version) are based on EPS/TB consumed... the problem they pose is guesstimating the price tag per month. SolarWinds Security Event Manager gets around that.
It saves a lot of time when we had issues trying to figure out where the user account lockout was coming from.
With it being an affordable SIEM, we are able to have the ability to do the actions associated with a SIEM and the advantages of not “breaking the bank account”.
