Netsurion EventTracker Scalability

Chief Information Security Officer at Samford University
We haven't had any big problem with scalability. When I got here, we were keeping a year's worth of data. The reason we're now only keeping six months instead of a year is our own backup speeds and/or how much disk space it's taking up. We talked to our CIO and several senior leaders. Everyone was comfortable, as long as we could go back and investigate within the same semester. We felt that reducing from a year to six months was acceptable. That also fixed our backup times which were taking so long and how much total disk it was taking up. It had zero to do with the product. It was strictly a matter that storing so much data was taking that much space and that long to back up. Today, in our organization, it's used as needed. We may have five security incidents a month. The server admins use it for operational needs once a month or every other month. So we don't have super-heavy use here. Most of my investigations come out of those weekly reports or things that come up within the environment in real-time. There's not a tremendous need to be able to use it more often, because of the real-time alerting and those timely, weekly reports. A lot of those were custom reports that we asked them to build for us. We really get visibility right into what we want to see all the time. So we're able to address situations very quickly and not have to hunt around and figure things out. View full review »
Richard Teegarden
Network Manager at a energy/utilities company with 51-200 employees
We're small. I'm assuming that the scalability would be no problem given all the other feature sets. When we've brought things on board, we've never had an issue. I don't know how large this scales or of any limitations to it. The backend data might be just what you have available. I've never been too concerned with it because we don't scale up really large. We're pretty stable as far as the number of devices goes, internally for us. I don't see that really changing much. Most of the devices or products that we've talked to folks out there about have syslogs of some sort that we can point back. That's what we plan to do. I don't even know where that's going to go at this point, but I know that as we move into the cloud space, but I want to continue to tie that into EventTracker. I want to make sure I've got eyes on everything that we're communicating with. View full review »
Senior Director, Information Security at a pharma/biotech company with 1,001-5,000 employees
We've done searches going back in the archives all the way to February when we first started, and it surprised me as far as the performance goes. We're not enormous. We're taking in about 3 million events a day. We're about 3,000 employees, worldwide. I don't know that I can give a good analysis on scaling. It's meeting our needs really well from a scale perspective. We haven't seen a performance issue associated with the volumes we're running with, and we're almost fully deployed. Of the 300 servers, there are only about 10 now that don't have it. All of the 2,500 end-stations have it. It's taking all of that. We're 90 percent where we want it to be with the log sources and it hasn't changed its performance or behavior at all. It has scaled very well so far for us. Our plans to increase usage are only as we grow. The company has growth plans associated with it, and as new staff comes on and the machines get provisioned, it continues to increase the systems that are feeding to it. We don't have any plans at this point to be putting in any other log sources, other than those we've already identified. I'm thinking of either homegrown applications or unique applications that might generate log files. We don't have anything on the roadmap today for that. View full review »
Learn what your peers think about Netsurion EventTracker. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
418,901 professionals have used our research since 2012.
Director of Application Development and Architecture at South Central Power Company
We did have a few concerns with the scalability in the beginning. Our initial concerns were about scaling it and, if we blew it out, were we going to run into performance issues with their agent piece using too many resources on the client or running out of space on the server? But those concerns proved to be unfounded. We have 700 or 800 endpoints streaming data into it without any noticeable performance or any other issues. We're using it almost to its full extent at this point. We're in that 90 percent range. We currently don't have any plans to move away from it. We're utilizing the features that pertain to us. Anytime that there's a patch or release, we look at the new features to see if they're applicable for us. View full review »
Sr. Information Technology Security Engineer at a university with 1,001-5,000 employees
I know it's been working well for all the different log sources and stuff that we've been throwing at it. The big thing is we just have it on one big virtualized box. So, we haven't really had any instance or need to scale it beyond that. I'm mainly the only user. My boss will occasionally use it when I'm out of the office, or something like that, but it's either going to be him or me. We have it pretty much on all of our servers, firewalls, and routers. The big thing is we have a 500 license count. So, we have a number of different other switches and stuff which would be nice to be able to get logs and stuff from. At the same time, we are getting close to hitting up our 500 license count. Therefore, we're trying to figure out where we need to go as far as what systems are a must-have and what systems are a nice-to-have type of thing. View full review »
Geremy Farmer
Information Technology Coordinator at Magnolia Bank, Incorporated
It's definitely scalable. You can get all the way down to endpoints. They support multiple devices, applications, different firewalls, desktop, laptop. You have the ability to add in those logs. We have chosen not to do that at this time because we're mainly concerned about our servers and our domain, and it captures a lot of those logs. We have some offices that don't have a domain. For them, we just get their firewall logs because we are not too concerned about their individual workstation logs. View full review »
Bryan Caporlette
Chief Technology Officer at G&G Outfitters Inc
It has accomplished what I wanted it to accomplish. If anything, I'm downsizing servers by moving it to the cloud. So, I'm not really adding more to what it needs to manage. A network engineer and I are the two users for this solution. It is currently deployed across all of our desktops, servers, and VMs. I don't have any expectations to expand it, except for if I hire a new employee and put a new desktop in, but I doubt we are going to be putting new servers in. We are getting on average 1.6 to 1.7 millions events a day. View full review »
Sean Sheil
Information Technology - Business Process Analyst at a financial services firm with 51-200 employees
In our environment, it works perfectly fine. View full review »
Consulting Engineer at a tech vendor with 10,001+ employees
I have not seen any issues with it scaling. We have close to 40 users in our organization: security administration, help desk, and sysadmins. View full review »
Learn what your peers think about Netsurion EventTracker. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
418,901 professionals have used our research since 2012.