Log Management Industry Takes Shape

Known as log management, solutions in this nascent industry consolidate data from traditional core infrastructure nodes such as routers and switches and correlate it with data from more traditional security provisions such as firewalls.

Solution providers said this could translate into big bucks in add-on solutions to more conventional security information management rollouts. "We see this as the next big thing," said Greg Flatt, CEO of Flat Earth, Nashville, Tenn. "It's important to be able to take log information and correlate that with your other events so you can have a more complete understanding of how these events are impacting the network."

Many solution providers deploy log management solutions for customers that need to comply with federal regulations. Flat Earth, for instance, sells the LX and ST appliances from LogLogic, Sunnyvale, Calif., to health-care and financial services customers.

LogLogic recently debuted its Premiere Certified Partner Program, part of its plan to push 100 percent of all sales through the channel. "We are looking to [the channel] to spark all of our growth," said Christopher Allen, vice president of channel development at LogLogic.

id
unit-1659132512259
type
Sponsored post

TriGeo, Post Falls, Idaho, and eIQnetworks, Acton, Mass., also have entered the log management market, incorporating the capabilities with broader security information tools.

The TriGeo SIM appliance sits inside a corporate firewall and uses sensors to collect and log data from a variety of points on the network. Dean Putnam, sales engineer at SDN Communications, a solution provider in Sioux Falls, S.D., said he adds value to the vendor's technology by building security assessment and monitoring services around it. "Intrusion detection is great to get a sense of what is happening at the perimeter, but the notion of recording that information into a log that can be used for audits is entirely something else," Putnam said.

Meanwhile, Network Security Analyzer and System Analyzer from eIQnetworks combine log and security information managers into one. Michael Bruck, president of BAI Security, said the Naperville, Ill.-based company uses the tools to fulfill the client-reporting portion of its managed security services offering. "This helps us offer a single, cost-effective and scalable log management solution to help customers deal with everything from one central point," he said.