Three New Log Apps Rolled Out By LogLogic
February 17, 2009 Alex Woodie
“No log left behind.” That’s the motto that LogLogic lives by as it seeks to build its business around the management and monitoring of corporate log data. The company came three steps closer to reaching that goal this week when it unveiled three new applications that each address one element of the log management puzzle, including a security information and event management (SIEM) offering, a graphical compliance dashboard, and a database activity monitoring solution.
Thousands of terabytes of log data are generated every day by servers, PCs, network gear, printers, and anything else that keeps a record of its activities. The information contained in these logs can be useful for all sorts of activities, including proving compliance with regulations like PCI or HIPAA and detecting fraudulent activities. However, the different log formats presented by platforms such as IBM System i and Microsoft Windows Server demands a dedicated system. That’s where LogLogic comes in.
The San Jose, California, company used to sell three primary log management appliances, including the MX line for midmarket companies, and the LX and ST lines for enterprises with higher log volumes. All of these appliances are rack-mountable X86-based appliances that can tuck inside of a data center. This week, LogLogic unveiled three new special-purpose appliances aimed at helping customers to uncover little gems of information residing deep within the logs.
The first new appliance is the LogLogic Security Event Manager, which is based on the SIEM developed by the French software firm Exaprotect. This product provides real-time security event correlation analysis for logs generated by any of the platforms supported by LogLogic, including i5/OS and OS/390.
“Our approach since the beginning was we see a lot more use cases than just security,” says Jian Zhenz, vice president of emerging technologies for LogLogic. “We haven’t really focused on the security correlation piece, but it’s definitely one of the use cases. This new product is going to allow us to get into that space.”
Customers deploying a traditional LogLogic appliance with the Exaprotect solution will benefit from the integration the companies have built between the two products. LogLogic can filter out much of the unnecessary logs before sending the data to Exaprotect for security event correlation, thereby speeding the throughput.
The second new appliance is the LogLogic Compliance Manager. This offering will tackle several tasks by delivering a dashboard that gives executives an at-a-glance score of their organization’s compliance posture, mapping compliance reports to specific regulatory control objectives, and tracking compliance reports and workflows.
“LogLogic has always had a complete suite of report packages for SOX, PCI, and HIPAA,” Zhenz says. “What we’ve found is that a lot of customs are taking these reports, printing them out, signing them, then putting them in three-ring binders. What we try to do with this product is automate this process so they can better use the reports, and at the same time provide CIOs and CFOs with a dashboard to see their compliance posture.”
The Database Security Manager is the third new appliance. This offering is deigned to monitor privileged user activities and protect data stored within database systems. That means critical data like credit card numbers and Social Security numbers will have a dedicated security guard watching their every move.
“It monitors every activity happening inside a database,” Zhenz says. “Whether it’s a local connection, or coming in over a network, stored procedures or triggers inside a database–we can capture all those activities.” And because Database Security Manager is delivered on its own appliance, it won’t drag down the databases performance. Similar software-based monitoring offerings can lop off up to 20 percent of the database’s performance, according to Zhenz.
LogLogic developed these three new appliances (or partnered, in the case of the Security Event Manager) as a result of feedback by customers, Zhenz says. “We’re seeing more and more our customers want to go to a one-stop shop and acquire all these different capabilities at once,” he says.
LogLogic’s Security Event Manager appliance starts at $25,000 and is available today. Its Compliance Manager has been released to select beta customers and will be generally available in March 2009 at a starting price of $37,500. The Database Security Manager will be generally available in the second quarter of 2009 at a starting price of $45,000. For more information, visit www.loglogic.com.