Forrester Research analyzes the past, present and future of security information vendors and products.

Security information management (SIM) technologies experienced a pretty rocky ride since emerging earlier this decade, industry watchers says, and the ride isn’t over yet for those ready to adapt to customers’ changing needs.

According to Forrester Research, SIM technology drew in enterprise security managers looking to reduce the noise among multiple security devices distributed in large environments, but lost some ground when IDS and IPS technology gained intelligence. SIM products initially used data aggregation and event correlation features similar to those of network management software and applied them to event logs generated from security devices such as firewalls, proxy servers, IDS and IPS devices, and antivirus software. SIM products also normalized data — that is, they translated Cisco and Check Point Software alerts, for example, into a common format so the data could be correlated with one system. Like network management software, SIM tools generally consist of server software, agents installed either on servers or security devices, and a central management console.

Read full story