SolarWinds Security Event Manager

Affordable enterprise SIEM solution

From log management to active response

SolarWinds SEM standard dashboard

SolarWinds SEM - What is it?

SolarWinds Security Event Manager (SEM) is an affordable enterprise SIEM solution. With SEM you have a range of options to actively and effectively secure your ICT network. The tool is easy to configure to quickly and effectively secure your IT network at Enterprise level.

SolarWinds SEM combines log management, threat detection (threads), normalization and correlation, reporting, file integrity monitoring, user activity monitoring, USB detection and prevention, threat intelligence and active response in a virtual appliance that is easy to deploy, manage and use.

Affordable, scalable licensing based on log resources (nodes), not log volume.

SolarWinds SEM collects, consolidates, normalizes and visualizes logs and events from firewalls, IDS/IPS, switches, routers, servers, operating systems and other applications.

Continuously up-to-date ‘Feeds’ – threat identification and response
Hundreds of out-of-the-box connectors

Fast configuration through a wide choice of templates

Real-time correlation and Active Response

  • Performs real-time correlation of machine data to identify threats and attack patterns

  • Automatically responds to suspicious activity with Active Response, including blocking USB devices, shutting down malicious processes, and logging out users

Compliance reporting and audits

  • SolarWinds SEM simplifies compliance reporting and auditing with out-of-the-box reports and filters for HIPAA, PCI, DSS, SOX, ISO, DISA STIGs, FISMA, FERPA, NERC CIP, GLBA, and more

  • With an intuitive interface and a wide choice of ready-to-use content, you don't need to be a security or compliance expert to get value from SEM

Convinced? Get started today!

Features of SolarWinds SEM

SolarWinds SEM check

Easily collect and normalize logs from network and servers to workplaces

SolarWinds Security Event Manager comes with hundreds of out-of-the-box connectors to easily collect, standardize, and categorize log and event data generated across your network. SolarWinds' industry-leading log file compression technology reduces the amount of disk space required to store data.

SolarWinds SEM check

Customizable widgets and dashboard

Easily customizable widgets can quickly identify important or suspicious patterns.
With one click you can then view the complete list of related logs.

SolarWinds SEM check

Powerful and simple search for forensic analysis and troubleshooting

SolarWinds SEM is designed to allow users to quickly find important events using simple keyword searches in both real-time and historical data in predefined or custom time slots.
Ready-made and user-defined filters also allow for quick data refinement.

SolarWinds SEM check

Real-time event correlation

By normalizing log data before writing it to the database, SEM can provide true real-time log and event correlation.
Predefined and customized correlation rules enable SEM to automatically warn off potential attacks and other critical issues.

SolarWinds SEM check

Out-of-the-Box reporting templates for security and compliance

SEM makes it easy to quickly generate compliance reports using more than 300 templates.
These reports can be tailored to the specific needs of your organization.

SolarWinds SEM check

‘Threat intelligence feed’ and groups

A fully integrated, regularly updated Threat intelligence feed automatically identifies and flags malicious activity from known suspicious IP addresses. Information relevant to your environment, such as user and computer names, sensitive file locations, and approved USB devices, can be easily organized into groups. These groups can be automatically populated via correlation rules, simplifying searching and reporting.

SolarWinds SEM check

Built-in active response

SEM is designed to immediately respond to security and operational events using predefined actions, such as quarantining infected machines, blocking IP addresses, shutting down processes, and adjusting Active Directory settings.

SolarWinds SEM check

Real-time file integrity monitoring

Embedded File Integrity Monitoring (FIM) is designed to provide broader compliance support and deeper security intelligence for insider threats, zero-day malware and other advanced attacks. Advanced filter options ensure fine tuning of detection and significantly reduce 'noise' (false positives).

SolarWinds SEM check

Forward and export logs

If desired, SEM can forward raw log data via syslog to other applications for further use. Additionally, users can export logs to a CSV file.

This allows data to be shared with other teams and third-party vendors, uploaded to other tools, or linked to helpdesk tickets.

SolarWinds SEM check

USB detection and prevention

SEM can help prevent data loss and protect sensitive information with real-time notifications when USB devices are connected.

The use of unauthorized USB equipment can be automatically blocked.

SolarWinds SEM check

Analysis of historical data

Key trends within historical data can be analyzed through simple searches.
The intuitive query builder provides tips and suggestions as you enter search parameters. You can then use the event histogram and custom time picker to zoom in on specific results in a specific time slot.

Convinced? Get started today!

SolarWinds SEM - System Requirements

'Hardened' virtual appliance

SEM is delivered in the form of a hardened virtual appliance on-premise or cloud.

This appliance can easily be installed on VMware, Hyper-V, or Cloud infrastructure such as Azure and AWS.

SolarWinds SEM
Two license types:

1- Universal License

The basic license

2- Workstation Edition License

Specific to desktops

SolarWinds SEM - Universal license

The Universal license of SEM is the license based on:

- nodes that do not have an agent such as routers, switches, firewalls, etc. and
- nodes that act as a server (with agent).

Affordable, scalable license based on log resources (nodes), not based on log volume.

The SEM Universal is the basic license of SolarWinds SEM.

SolarWinds SEM -Workstation Edition license

The Workstation Edition license of the SEM is specific to Windows desktops.

Assuming you are using VDI's Windows desktop, the required number of these licenses can be added to the 'main' Universal license.

The workstation licenses are a lot cheaper than the Universal license.

Convinced? Get started today!