Avoiding Pitfalls in Log Management Planning

Over the past decade cyber security has emerged as an important concern for organizations of all sizes. The increase in digitized corporate records, coupled with the rise in cyber crime, is driving organizations in the public and private sectors to invest in more protection for sensitive data and regulated or other critical assets. In just the first two months this year, the Privacy Rights Clearinghouse has noted data breaches at several financial, healthcare and educational institutions as well at federal, state and local governmental agencies.

By Ansh Patnaik

PAGE 2

Scale in log management has several dimensions. For example, expanding a log management investment from perimeter threat monitoring to regulatory compliance will increase the number and type of assets that need to be monitored significantly. In turn, the total event volume that must be supported also rises. Given the long term retention requirements that accompany regulations, capacity also now becomes a challenge. Depending on how distributed regulated assets are, geographic scalability becomes a must have. Finally, each use case adds additional load in terms of analysis and all these dimensions of log management scalability should be considered as part of the planning process.

Evaluation Phase

When planning is done right, short-listing vendors for evaluation becomes much easier since the test requirements are well defined and aligned with long term goals. However, as part of this process, evaluation of many factors such as vendor independence, viability, evaluation of support and services, and relevant reference accounts is often overlooked.

Across use cases, any organization will need to monitor devices all the way from the physical layer up through custom applications; this infrastructure will rarely come from a single or even a handful of vendors. Yet several log management vendors have very limited out of the box support for a broad range of devices. Larger vendors may offer breadth in collection capabilities, but it is often limited to sources from their own portfolio. When you look across layers of the OS stack, the infrastructure at most organizations will be heterogeneous so support for the entire range of vendor and device logs in the environment (not just the immediate use case) is an important evaluation criterion.

Technology is only one aspect of any IT investment. With the downturn in the economy, many vendors are hard hit financially. Before making any investment, it is important to evaluate the viability of the vendor, independent of their technology. Along the same lines, the quality of support, services and partnerships should be evaluated. Don't assume that a larger vendor can meet your needs best. A more accurate metric would be the size of the support and services staff dedicated to log management. Otherwise you may end up having to go through three tiers of escalation before actually speaking with a specialist in log management.

Finally, organizations in different verticals may differ in the type of devices they have. References from deployments of equal scale are invaluable in ensuring that solutions under consideration can in fact meet your needs in terms of technology, support, and services.

Software
Loading...
Security MarketSpace
Practical Approaches for Securing Web Applications
Enterprises understand the importance of securing web applications to protect critical corporate and customer data. What many don't understand, is how to implement a robust process for integrating security and risk management throughout the web application software development lifecycle. Learn more »
Smart techniques for application security: whitebox + blackbox security testing.
An Executive's Guide to Web Application Security
Since so many Web sites contain vulnerabilities, hackers can leverage a relatively simple exploit to gain access to a wealth of sensitive information, such as credit card data, social security numbers and health records. It's more important than ever to examine your Web application security, assess your vulnerability and take action to protect your business. Learn more »
Web Application Vulnerabilities
Security managers may work for midsize or large organizations; they may operate from anywhere on the globe. But inevitably, they share a common goal: to better manage the risks associated with their business infrastructure. Increasingly, Web application security plays a significant role in achieving that goal. Learn more »
Lower the Cost and Complexity of a Mobile Workforce through Automation
 Lower the Cost and Complexity of a Mobile Workforce Learn more »
Retooling IT for a Mobile Workforce
Check out this research note from IDC for guidance. Learn more »
Today's Risky Data Environment
This paper explains how an IT and security service provider can provide a practical, manageable and reliable solution. Learn more »
Business Continuity - Are You Always Open for Business?
This Oracle business brief explains how mid-sized can improve performance by creating an IT infrastructure that makes working faster, easier and more effective. Learn more »
 
SPONSORED LINKS
 

Making Consumer Two-Factor Authentication Simple and Cost-Effective

Mining the Cloud to Ease the Enterprise Compliance Burden

Solve Five Key IT Security Challenges with Cloud-Based Authentication

White Paper: Managed Security for a Not-So-Secure World

Secure Email and Web-Based Communication from Evolving Attacks

WagerWorks Takes Fraudsters Out of the Game using iovation

White Paper: A Security Blueprint Delivered From within the Network

Return on Information: Google Enterprise Search pays you back

Cut Costs & Green Your IT Operations with PC Power Management

White Paper: 4 Customer Service Myths

White Paper: Improve Agility with Operational Responsiveness

White Paper: Legacy Tools: Not Built for the Helpdesk

Taking a Seat at the Executive Table: The Reality of Virtualization

White Paper: Next Generation Remote Infrastructure Management

Seven Design Requirements for Web 2.0 Threat Protection

Increase UPS efficiency without sacrificing protection.

Learn how advanced forecasting tools can deliver significant business results for global corporations.

Lower IT Costs with Oracle Database 11g Release 2

White Paper: Visibility and the New Normal of Mobile Work

Taking the Service Desk to the Next Level

Learn about The Information Technology Infrastructure Library.

Return on Information: Google Enterprise Search pays you back. Get the facts.

VMware. The source for Business Infrastructure Virtualization.

ShoreTel tells businesses to untangle from competitors' complexity and turn to its brilliantly simple UC solution

Top Five CIO Challenges

Authentication as a Service by Forrester Research

Cloud-Based Authentication for Next-Generation Extranets

Mobile Security: The Essential Ingredient for Today's Enterprise

IDC White Paper: CCM for IT Compliance and Risk Management

Keeping Your Members Safe from Online Scams and Predators

Learn about the growing threat of insider data theft.

Upgrading to VMware vSphere with vWire

Maximizing website Return on Information with high-quality search

See how AT&T can help protect your network.

Webcast: Unleashing the Power of Customer Data

White Paper: 5 Best Practices for Smartphone Support

Global Research: CIOs Weigh In On Virtualization

5 Key Virtualization Management Challenges

The Total Economic Impact of Network Security Intrusion Prevention

Generation Remote Infrastructure Management - Changing the Paradigm

Cloud-Based Email Management: Opinion Shifts In Favor

eBook: How Can You Make Your People Productive Anywhere?

Achieving Business Agility with Application Grid

Ready to virtualize tier one applications? Check your virtualization maturity.

Seven Ways ITIL Can Help You in an Economic Downturn

Tips for successful virtualization management.

AT&T Synaptic Storage as a Service. Expand on demand

Trend Micro ranked #1 against real-world malware. Read more.

Webinar: Jump-start your in-house e-discovery with Ringtail QuickCull from FTI Technology

Streamline IT Costs. Boost Performance with WAN Optimization.

 
 
RESOURCE CENTER
 
buy a link »
Ads by TechWords