Considering Cisco MARS replacement?  Go Beyond SIEM – Evolve to AccelOps.

Security Log Management

Cisco MARS pioneered real-time security information management (also known as SIEM) by combining network and security analysis in an easy-to-use, high performance hardware appliance.

AccelOps not only offers complete SIEM functionality, it also provides the next logical evolution – a plug and play, scalable virtual appliance solution that gives IT managers a single pane of glass for monitoring all aspects of datacenter and IT operations in the context of business services. Learn why now is the right time to upgrade from Cisco MARS to AccelOps. Register here.

Network World CA Casualty
Network World - California Casualty

California Casualty Moves to AccelOps, by Ellen Messmer

"AccelOps unified, service-oriented approach to data center monitoring allows us to gain broader oversight and make operational decisions with greater clarity, efficiency and teamwork," said Skip Moon, AVP of Network Development and Engineering at California Casualty.   More...


What have you been missing?

Cisco MARS pioneered the security information management market with an easy to use, network-aware security appliance - but user requirements have evolved.

  • Users need broader parsing of event attributes and the means to readily support new devices and applications in a timely fashion without having to wait for extended development cycles.
  • Users want reporting flexibility with the means to quickly and easily write complex reports for operational and compliance purposes.
  • Users require long-term, online event data retention. As a result of event data being stored in a relational database of fixed storage capacity and without direct support for external storage, users can only retain and analyze data for a limited number of days and months which impacts investigation and most compliance requirements.
  • Users benefit from asset and business service prioritization. A lack of asset importance weight and business service intelligence leads to events and incidents being classified according to threat severity as opposed to business impact.
  • User must have ongoing support for third party vendors and custom applications.

Please see the SIEM FAQ section on some key technical differences between AccelOps SIEM vs Cisco MARS/Other SIEM solutions.

Read the latest review by MARSblog and learn about AccelOps SIEM capabilities and comparison to Cisco MARS.

Top

Why AccelOps?

AccelOps is an integrated datacenter monitoring solution that not only addresses all of the security information management concerns above, but also provides holistic best-of-breed security, performance, change and availability monitoring, and presents the analysis in the context of business services. This holistic analysis enables true root-cause detection and provides rich context while the business service perspective enables organizations to prioritize workload and achieve better efficiency.

In other words, AccelOps redefines the next generation SIEM. Key technical advancements include:

Event Management

Flexible and high performance event parsing

Using a patent-pending XML based event-parsing framework, AccelOps provides flexibility in device support without sacrificing event processing performance. Custom device and application support can be added by simply writing XML-based parser files, which are pre-compiled to give the same performance as custom code. AccelOps ships with over 340 built-in parsable event attributes.

Log Management

Single solution for real time log analysis and long term log management

Our optimized file-based event database coupled with parallel data management and analysis enables AccelOps customers to have a single solution for analyzing both real-time data and historical data. Computing and storage can be incrementally added without service disruption. In contrast, most SIEM vendors must purge and archive long term data to avoid overwhelming their real-time relation databases, necessitating the use of a completely different set of log management tools to access historical data.

Business Service Management - BSM

Business service based prioritization

AccelOps provides a platform for quickly mapping IT infrastructure elements to business services, then analyzing performance, availability and security for each business service. This enables better incident prioritization, faster problem diagnosis and greater uptime for the services that matter to your business.

Event Storage Retention

Hybrid database and scale-out redundant architecture

AccelOps uses a hybrid database, storing events in indexed flat-files, and storing device configuration in a relational database. AccelOps has a patent-pending multi-tiered, clustered architecture, where computing and storage can be seamlessly added to the cluster to increase performance and event storage capacity. This combination of proprietary database and parallel processing gives AccelOps the dual advantage of unlimited low cost storage and high event analysis performance that other monitoring solutions strive for.

VMWare Virtual Appliance

Virtualized solution

AccelOps is offered as a VMware virtual appliance that provides the locked down advantages of a hardware appliance, in addition to the flexibility, cost savings, failover and other advantages of virtualization.

Location Management

Innovative identity and location binding

By judiciously combining Active Directory, DHCP, VPN and Wireless LAN logs with layer 2 network discovery in an in-memory database, AccelOps provides real-time user identity and location information for each IP seen in a network. Real users behind shared accounts (secondary logons) can be identified. By keeping tracking of IP address associations over time, AccelOps can create a completely automated and readily available IP address audit trail for security compliance purposes.

Network Monitoring

Rich agent-less multivendor IT infrastructure discovery and monitoring

By discovering all aspects of an IT infrastructure – networks, servers, storage, users and applications and by monitoring availability, performance, change and security in an holistic manner, AccelOps is able to pinpoint the root cause of an incident and provide rich context regarding what may have led to the incident and who may be affected by it.

SIEM Analytics

Powerful unified analytics engine with flexible reporting

AccelOps features an advanced SQL-like search and cross-correlation engine with multiple patterns and advanced filtering and aggregation capabilities that can be computed in a distibuted manner. This enables all IT infrastructure availability, performance, change and security scenarios as well as compliance requirements to be handled in a unified manner. AccelOps ships with more than 600 reports and 250 rules to cover various scenarios.

Adobe Flex User-Interface

Dynamic, Adobe Flex-based Web 2.0 GUI

AccelOps' user interface is built using a Web 2.0 Adobe Flex RIA framework allowing for a more engaging desktop application experience, while still running within any browser, offering anywhere, anytime accessibility.

Event Management
Learn more about the Next Generation of SIEM...
Next Generation SIEM
Top

Why Now?

The AccelOps Competitive Upgrade Package for Cisco MARS Customers (and Partners) offers greater security information management functionality, interoperability and investment protection.

Current Cisco users can upgrade their MARS appliance to the equivalent AccelOps virtual appliance model.

AccelOps will apply the customer's current MARS maintenance fee against the AccelOps license which includes a year of maintenance and support. Multi-year discounts are also available.

The package includes MARS migration assessment to assure an accurate and simple transition process.

A channel program is also available to qualified system integrators to participate in the Competitive Upgrade Package with significant incentives.


Do More. Control More. Save More.

Gain productivity, and reduce business risk with the next generation in Security Information Management.

Top