Security Log Management

Considering a Cisco MARS Replacement?

Go Beyond SIEM – Evolve to AccelOps.

Cisco MARS pioneered real-time security information management (also known as SIEM) by combining network and security analysis in an easy-to-use, high performance hardware appliance.

AccelOps not only offers complete SIEM functionality, it also provides the next logical evolution – a plug and play, scalable virtual appliance solution that gives IT managers a single pane of glass for monitoring all aspects of datacenter and IT operations in the context of business services.

Download AccelOps
30 Day Free Trial

What’s Next After Cisco MARS?

Cisco MARS pioneered the security information management market with an easy to use, network-aware security appliance. However user needs have evolved to require:

  • Comprehensive parsing of an expanding set of event attributes
  • Ability to quickly support new devices and applications
  • The flexibility to easily generate complex reports for both operational and compliance purposes
  • Classification of assets by business service, facilitating threat analysis by severity or business service impact
  • Long-term, online event data retention to expand the reach of analysis, and to satisfy compliance requirements
  • Ongoing support for third party vendors and custom applications.

In addition, Cisco has officially announced end-of-life for the Cisco MARS product and has made it clear that they will not be providing a replacement for their Security Monitoring, Analysis, and Response System.

Please see our SIEM FAQ for more information about key technical differences between AccelOps SIEM, Cisco MARS, and other SIEM solutions.

10 Reasons to Migrate from Cisco MARS to AccelOps

AccelOps is an integrated datacenter monitoring solution that not only addresses all of the security information management concerns above, but also provides holistic best-of-breed security, performance, change and availability monitoring, and presents the analysis in the context of business services. This holistic analysis enables true root-cause detection and provides rich context while the business service perspective enables organizations to prioritize workload and achieve better efficiency.

AccelOps redefines the next generation SIEM. Key technical advancements include:

Event Management

Flexible, High Performance Event Parsing

Using a patent-pending XML based event-parsing framework, AccelOps provides flexibility in device support without sacrificing event processing performance. Custom device and application support can be added by simply writing XML-based parser files, which are pre-compiled to give the same performance as custom code. AccelOps ships with over 340 built-in parsable event attributes.

Log Management

One Solution for Real Time & Long Term Log Analysis

Our optimized file-based event database coupled with parallel data management and analysis enables AccelOps customers to have a single solution for analyzing both real-time data and historical data. Computing and storage can be incrementally added without service disruption. In contrast, most SIEM vendors must purge and archive long term data to avoid overwhelming their real-time relation databases, necessitating the use of a completely different set of log management tools to access historical data.

Business Service Management - BSM

Business Service-Based Prioritization

AccelOps provides a platform for quickly mapping IT infrastructure elements to business services, then analyzing performance, availability and security for each business service. This enables better incident prioritization, faster problem diagnosis and greater uptime for the services that matter to your business.

Adobe Flex User-Interface

Adobe Flex, Web 2.0 GUI

Our user interface is built with the Web 2.0 Adobe Flex RIA framework, allowing for a more engaging desktop application experience, while still running within any browser, offering anywhere, anytime accessibility.

VMWare Virtual Appliance

Virtualized Solution

AccelOps is offered as a VMware virtual appliance that provides the locked down advantages of a hardware appliance, with the flexibility, cost savings, failover and other advantages of virtualization.

Innovative Identity and Location Binding

Combining Active Directory, DHCP, VPN and Wireless LAN logs with layer 2 network discovery, AccelOps provides real-time user identity and location information for each IP seen in a network. The users behind shared accounts (secondary logons) can be identified. And by tracking IP address associations over time, AccelOps can create an automated audit trail for security compliance purposes.

Role Based Access Control

AccelOps provides customizable, fine-grained Role Based Access Control enabling the application to be effectively used by a diverse set of users with different functional roles in a large enterprise or service provider.

Network Monitoring

Agent-less Multi-vendor Discovery and Monitoring

By discovering all aspects of an IT infrastructure – networks, servers, storage, users and applications and by monitoring availability, performance, change and security, AccelOps pinpoints the root cause of an incident and provide rich context regarding what may have led to the incident and who it may affect.

SIEM Analytics

Powerful Analytics Engine with Flexible Reporting

AccelOps features an advanced SQL-like search and cross-correlation engine with advanced filtering and aggregation capabilities that can be computed in a distributed manner. This enables IT infrastructure availability, performance, change and security scenarios as well as compliance requirements to be handled in a unified way. AccelOps ships with over 1000 reports and 150 rules to cover various scenarios.

Event Storage Retention

Hybrid Database with Scale-out Redundant Architecture

Our hybrid database, stores events in indexed flat-files, and device configuration in a relational database. With a patent-pending multi-tiered, clustered architecture, computing and storage are seamlessly added to the cluster to increase performance and event storage capacity. This pairing of a proprietary database and parallel processing gives AccelOps the dual advantage of unlimited low cost storage and high event analysis performance.

Why Now?

The AccelOps Competitive Upgrade Package for Cisco MARS Customers (and Partners) offers greater security information management functionality, interoperability and investment protection.

Current Cisco users can upgrade their MARS appliance to the equivalent AccelOps virtual appliance model.

The package includes MARS migration assessment to assure an accurate and simple transition process.

A channel program is also available to qualified system integrators to participate in the Competitive Upgrade Package with significant incentives.

Download AccelOps
30 Day Free Trial