« December 2005 | Main | February 2006 »
EMC Smarts Gets LogLogic Powered
Last week we announced that for the first time, enterprise-wide intelligence based on log data is available through EMC Smarts. If you are using Smarts, you can now use LogLogic's monitoring, alerting and reporting for security and compliance.
In InfoWorld, information security analyst Jon Oltsik of Enterprise Strategy Group said, "It certainly makes sense for LogLogic to team with Smarts. Security and network operations are merging in many companies so security visibility is essential."
While InfoWorld’s story highlights the growing value of log data as "an important resource for companies to access so they can better monitor their systems' behavior and watch for anomalies,” eWeek sees the news as "enabling organizations to bolster their internal log discovery and log administration processes to help simplify and streamline overworked risk management and compliance efforts."
All right on the mark.
If you want to read more, take a look at SecurityPark, ComputerWorld, SearchStorage, and eBizQ.
Posted January 25, 2006 in LogLogic News | Permalink | TrackBack (0)
« December 2005 | Main | February 2006 »
Data Quality Is As Important As What You Do With It
Catching-up on a stack of reading this week I came across an interesting piece in DMReview on the importance of data quality and another in Datamation on compliance being threatened buy archiving failures. While neither piece speaks directly to infrastructure data, the principles they advocate are as applicable here as elsewhere.
Homegrown solutions typically change data when capturing, storing and processing it. So do most security event management solutions. All the more reason to run you SIEM or homegrown scripts (not that you’ll really need to use them anymore) on a log management platform. An effective LMI architecture will deliver failover, buffering, encryption, hashing, TCP transport, complete unaltered storage, analysis on a copy of the data (not the original) and such. It will protect the data, whether from networking devices, servers, applications or operating systems.
As Jane says: “The value that can be delivered to the company by improved DQ is enormous. Access to timely, accurate, reliable information provides the same answers to the same questions, no matter where in the company those questions arise. Improved DQ can also lead to enhanced ROI on IT investments, revenue growth fueled by better customer service (thus less churn), and easier regulatory compliance and sustainment. Really, who wouldn't want that kind of value for their money? “
Any effective LMI solution will deliver a single, irrevocable view of the truth.
Posted January 24, 2006 in Log Management & Intelligence | Permalink | TrackBack (0)
« December 2005 | Main | February 2006 »
Hot News From LogLogic
Loglogic's strategic reseller partnership with information security company Patriot Technologies, Inc puts our award -winning Log Management appliances on Patriot’s GSA Schedule for simplified purchasing by federal, state and local government agencies.
We also released SANS testing of the LogLogic series 3, LX 2000 with all kinds of new 'landspeed records' - and we announced that we have secured two finalist nominations – one for “Best Computer Forensics” and the other for “Best Security Audit” - in the SC Magazine Awards for 2006 (more than 1300 products and services were considered by a panel of network security industry experts). This is the second year in a row that LogLogic has been named as a finalist by SC Magazine. Thanks for voting and all your support!
Posted January 09, 2006 in LogLogic News | Permalink | TrackBack (0)
« December 2005 | Main | February 2006 »
Logging In the New Year – Six Resolutions for 2006
2006 is going to be a big year for Log Management and Intelligence (LMI) as compliance, security, and operations continue to drive new projects and the expansion of existing efforts. Here are some resolutions you might like to think about in order to get ahead of the pack.
Resolution #1: Turn on logging from ALL critical devices, applications, servers and operating systems. Start by mapping devices critical to compliance and security efforts – and then, make sure you are logging from them. Plan on capturing 100% of the logs, 100% of the time, unfiltered and unaltered. If you plan to meet audit/compliance requirements and mitigate risk, you cannot pick and choose what log data to keep. SIEM and homegrown solutions typically only allow insight to a small portion of log data. Your LMI solution needs to be able to collect 100% of all log messages from every critical device, server, application and OS - not just from your firewall. This is especially important when considering that internal and external threats are coming from an ever-broadening range of sources. It will also greatly improve the value of your LMI efforts: the more log data you capture, the more relevant they are to the entire enterprise – from the security folks to the people managing servers, network devices and applications. This is the year that you should be routing, automatically, critical “operational information” based on log data to other tools such as EMC Smarts and IBM Tivoli.
Resolution #2: Write homegrown scripts less – A lot less. Homegrown scripts are typically inadequate for sifting through the terabytes of data that gets logged in enterprise networks every day. Where they are useful is for very isolated troubleshooting on an extremely limited range of log data. It’s completely unrealistic to expect these same scripts – and the folks that need to write them - to keep pace with your compliance and security demands. Without LMI, finding specific information in the terabytes of data that enterprises generate is like trying to search the web without Google, and the resources devoted to the tedious tasks of maintaining scripts and organizing log data are better spent elsewhere.
Resolution #3: Automate log management processes and reporting. Keeping pace with growing forensics, business and audit requests requires that alerting and reporting is automated – and fast. Automation should take place at a variety of levels: Automate the data capture; automate reporting and alerting; automate storage policies. An often neglected aspect of compliance management is auditing of log activities. You need to prove that you are doing what you said you would do. An LMI platform will get this done on schedule, without human intervention, to the satisfaction of your auditors.
Resolution #4: Secure your log data. Most log data is scattered across the enterprise. Securing the data, and centralizing storage reduces IT costs and allows for faster access to data from any log source. Set it up so that your log solution pulls data from all connected devices - both local and remote - and puts it in one safe place. Secure transmission over the WAN to storage is critical to protect the data. Also, data must be encrypted at rest so that it cannot be tampered with. Is your infrastructure data as secure as your customer information? If not, 2006 is the year to make it so.
Resolution #5: Understand your infrastructure data obligations – and meet them. Most security best practices, regulations and audit processes have a direct impact on what you should be doing with your logs. Develop a clear, enterprise-wide log management policy and then automate the management and enforcement of it. (We can help here!) Smart network and IT operators are also looking beyond their own organizations to understand that any log management solution has broad application across the datacenter and enterprise. This reflects the increasing convergence of systems and security. An LMI platform enables you to avoid getting locked into a SIEM tool that is designed to deal only with security information and events. Deploy LMI first.
Resolution #6: Make Log-ED a priority. There will be a raft of new technologies and solutions over the next year. If you are really serious about improving the management of critical infrastructure data – logs of all and any kind - in 2006, attend a live demo of LogLogic solutions in action.
And, give us your thoughts on what log management priorities we can address for you in the coming year.
Posted January 06, 2006 in Log Management & Intelligence | Permalink | TrackBack (0)
« December 2005 | Main | February 2006 »
Welcome to 2006!
Looking back at 2005 for a minute I want to thank all our customers and partners for the support and insights you’ve provided. It was a big year for LogLogic. We released LogLogic 3, the third-generation of our award-winning log management and intelligence solution. We saw incredible growth in, and validation of, the log management and intelligence market (LMI) driven by compliance and a focus on automating controls and processes. And we had major wins in every market segment - which we supported by expanding our channels and global footprint.
LogLogic 3 is a major evolution for our product, providing compliance and risk mitigation capabilities never before thought possible. After being burdened for far too long by the cost and complexity of security and log management tasks, our customers can now take advantage of automated, enterprise-class log intelligence, including real-time alerting and reporting, lightening-fast search and scalable, secure storage. The distinction between LMI and security event management/ homegrown scripts has never been clearer.
Our alliances with companies such as Counterpane and EMC underscore this progress. Counterpane aggregates decades of security expertise and 100,000 of rules with our intelligent LMI platform – together we deliver compliance on demand. And, we successfully completed the integration of our capabilities with EMC Smarts, enabling critical log data to be presented through a single management interface. Coupled with our unique log routing capabilities and simple integration with leading Systems Management solutions, we are truly unlocking the knowledge contained in the unstructured information and making it actionable and secure through our data management platform approach.
One interesting dynamic we observed over the past year was the number of customers extending their LMI solution across the Enterprise. What started as a project in the security team is now being deployed in support of key operational and management priorities. Data that was once used exclusively in a security or SOX report, is now routed to solutions such as EMC Smarts and IBM Tivoli. Trends like these reflect the blurring of lines between security and other functions within IT. They also reflect the growing priority of log data from a broad and diverse range of sources. LMI is no longer just about security event management.
And, while compliance was a major driver, Forrester is right in suggesting that approaches here are maturing. We are entering a new phase in the market for compliance solutions – one focused on automating the underlying processes such as COBIT and ISO17799, all with the intent of dramatically improving service level agreements, security and operations.
We will continue to exceed your expectations as you look to address these priorities and more. In support of this we are expanding our – if you know someone that loves logs and is looking, we’re hiring! We’re innovating at a faster pace than ever. And we’re listening to our customers more closely than ever. Let us know how we can best serve your needs in 2006.
Keep logging on. Best - Christopher Brennen
President and CEO, LogLogic
Posted January 05, 2006 in LogLogic News | Permalink | TrackBack (0)
« December 2005 | Main | February 2006 »
LogLogic Career Fair
Not your everyday blog entry but if you are into logs and looking for a new gig with a hot company we definitely want to meet you.
Attend LogLogic’s Career Fair Wednesday, January 11th 4pm-8pmLogLogic Headquarters
3061-B Zanker Road, San Jose, CA 95134
Bring your resume or paste your resume into an email with “POSITION – YOUR NAME” in the subject line to: careers@loglogic.com, Attn: V. Golub. For more information on the jobs we have open, visit LogLogic.com.
Posted January 05, 2006 in LogMatters | Permalink | TrackBack (0)
« December 2005 | Main | February 2006 »
SOX Moving To The Next Level
Forrester says SOX is moving to the next level:
The Sarbanes-Oxley Act of 2002 (SOX) is regarded by most as an onerous and expensive compliance requirement. But, an emerging view embraces it as a program to drive business integrity and operational efficiency. The first round of Section 404 compliance to evaluate internal controls was a hectic learning experience. In 2006, more mature compliance efforts will leverage technology to support internal controls evaluation and controls automation and monitoring. In addition, many companies will make significant investments for overdue improvements in their core accounting and reporting systems. Meanwhile, the software market for SOX-related solutions is about to undergo a significant consolidation.
We're seeing a maturing of approaches to SOX in spades. Log management solutions go well beyond SEM or SIM - they reach deep into supporting critical operational processes; automating and monitoring controls.
Posted January 03, 2006 in Risk Management | Permalink | TrackBack (0)
November 2007
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | 30 |
Categories
Archives
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005