This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA enVision® Discussions

Browse the RSA enVision discussion board to get product help and collaborate with other users of RSA enVision.
RSAAdmin
Beginner
Beginner
‎2011-04-08 06:55 AM

Architecture design

Hi team,

 

I am in a situation,

I need to design and inplement the SIEM for client network

client have 3 Decanter, can some one help me to design and implement. That howmay D srv, LC and RCS are required.

i have a design if i get any better solution I will update my design

 

me placing a Dsrv and LC @ DC1 and DC2 and DC3 with 2 RC.these 2 RC will report to  DC1 D srv.

the A srv is at different location. can anyone suggest me other solution

 

I have DC1 with 6000 EPS

DC21500EPS

DC3500EPS

 

regards

shridhar

 

 

 

 

0 Likes
Reply
6 Replies
DavidBruskin
Beginner
Beginner
‎2011-04-08 09:54 AM

What are the business requirements? Acceptable log loss? Acceptable network loss? VISIO or JPG of the proposed architecture? How many devices, EPS? DR/BC requirements? All of those factors go into designing a SIEM architecture.

 

/db

Reply
RSAAdmin
Beginner
Beginner
In response to DavidBruskin
‎2011-04-08 08:00 PM

hi 

 

they have about 35k devices 660 stores. but we need to log only data center devices.

3 data center

datacenter 1 with 6k logs

datacenter 2 with 2k logs

data center with 1k logs

i  need reduendency too 

less cost

tha A srv are in my place

 

0 Likes
Reply
RobertWengewicz
Beginner
Beginner
In response to RSAAdmin
‎2011-04-11 04:01 PM

to know how many collectors you need to know EPS, as I just went through this with SCOM servers. even though only 3 scom servers I need 2 extra collectors due to the EPS. That is important so you don't overload the collector.

 

Bob

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RobertWengewicz
‎2011-04-12 12:21 AM

could you please provide me the link to refer this

 

 

0 Likes
Reply
RSAAdmin
Beginner
Beginner
‎2011-04-12 04:34 AM

Hi Shridhar,

 

Is this a managed SIEM environment with the ASRV at Cognizant and the DSRV's at the customer site?

I am attaching an architecture doc for MSSP's that might be helpful but you should probably also engage and RSA engineer to assist you with this. You can contact David Sauer who is the RSA Alliances Account Manager for Cognizant.

 

Dan

dan.breslin@rsa.com 

 

Preview file
173 KB
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2011-04-21 07:17 AM

hi

 

thanks for the information.could you please share more such kind of documents for this request

 

thanks in advance

 

regards

shridhar

0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.