Security Information Manager - Architecture
I am working on updating an old architecture diagram for our current Security configuration. We are using Critical System Protection as well as a few other Security products. Is there a way to tell how and where SIM is collecting the events? Does the SIM event collector look directly to the CSP Database, or CSP Management Server, OR does SIM have it's own database and is perhaps similar to CSP and have agents which forward events to that Database?
Any clarification on this would be great.