At Novell, our engineers constantly innovate to find more efficient ways for our customers to collect, search and report on the overwhelmingly massive amount of data IT organization must manage on a daily basis. Can log management ever become a harmonious experience? We think so.

To reduce IT deployment and management costs, improve visibility into IT infrastructure activities and relieve regulatory compliance headaches, Novell recently announced Novell Sentinel Log Manager software appliance. Built on the industry-leading Sentinel architecture and SUSE Studio, this log management software appliance provides customers with a complete log management solution that is ready-to-run within minutes of deployment on any hypervisor. Software Appliances eliminate the timely process of loading an OS prior to loading an application. Additionally, Novell Sentinel Log Manager includes an embedded update service, making it easy for customers to collect, normalize, search and report on IT infrastructure activities.

The harmony Novell uniquely brings to the table is Log Manager’s ability to forward event data to Novell Sentinel, which provides event correlation capabilities as well as user activity monitoring when integrated with the Novell Identity Management Suite. When used together, Novell Sentinel and Sentinel Log Manager provide the network visibility required to more efficiently manage security, compliance, technology and unpredictable human behavior. This helps our customers continuously enforce security and access-related policies, making it easier to manage risk and also prove compliance.

Click here to learn more about the new release of Novell Sentinel Log Manager 1.1. This is also the industry's first log management solution available as a software appliance. In my next post, I'll go into more detail about why this is another uniquely harmonious quality that sets Novell apart from our competitors.

A recently published analyst report on Security Information Event Management (SIEM) placed Novell in the upper-right quadrant. This placement is the culmination of a rabid focus we’ve had on security over the past year. Some of our accomplishments in security have included:

• Launching two new products, Sentinel Log Manager and Sentinel Rapid Deployment, and achieving rapid success with these products
• Growing our security customer base over 70%
• The creation of a security management solution to highlight Novell’s security capabilities
• Recruiting many new security-focused partners

Gartner also recognized Novell for the scalability of the Sentinel solution, the integration between Sentinel and Novell’s Identity and Access Management products, and for the efforts we’ve made to expand our channel. Thank you to the customers who continue to support Novell, and to all of partners who see the unique value proposition that Novell’s Security Management solution delivers!

After long days and late nights, many attendees typically spend the last portion of Interop sleeping in, catching up on the crazy schedule and pace of the week’s events. Not so this year. Rather than sawing logs, a standing room-only crowd was discussing logs at my session titled Preventing the Next Data Breach through Log Management. Here are some highlights:

Securing your IT infrastructure has never been tougher. One of the unfortunate side effect of a down economy leads to an increase in crime of all kinds —cybercrime is no exception. One of the newest and most dangerous cyber attacks, Advanced Persistent Threats (APTs) are on the rise. As you may know, APTs are a new breed of sophisticated cyber attack, which are being used by both professional hackers and nation-states. These sophisticated and persistent attacks target governments as well as companies. The Operation Aurora attack on Google is a prime example of an APT.  This article in Wired is a good write-up explaining the incident.

As if the criminal element didn’t expose your organization to enough risk. Social networking, cloud computing, virtualization, enterprise mobility and other current IT trends open up your network and make it that much tougher to protect your data.

As it stands, the situation is simply unsustainable. Security organizations are underfunded. And business managers don’t understand the risks. As such, it’s hard for them to justify current expenses—let alone add budget for enhancing security. Businesses have no choice but to focus on compliance. However, compliance does not equal security and therefore only protects your organization against fines—not cyber criminals or inadvertent data loss and resulting brand and monitory damages.

To do your job effectively, you’ve got to fight for budget like never before. So how can you justify a security investment to your boss? First, let’s just face facts. No endpoint is truly secure. And as a result your network will inevitably be breached, if it hasn’t been already. The question is just how bad will the breach be?

One answer to limiting the damage from a breach is to adopt log management as an essential layer of your network security. Verizon Business, in their 2008 Data Breach Investigations Report said: “Evidence of events leading up to 82 percent of data breaches was available to the organization prior to actual compromise.”

Log management provides a tool for collecting and storing large amounts of security information that you can then search and generate reports from. Using log management, you can reduce risk, detect attacks, and inspect and remediate security issues.

So what do you look for in a log management solution? Flexibility, scalability and a good user interface. Flexibility gives you the ability to deploy in a virtual or cloud environment. Scalability helps you effectively manage the current and future growth of security events you needs to process. And finally, choose a  good user interface that is simple and intuitive. Nobody likes a kludgy interface…. that could put you to sleep and have you sawing logs instead of managing them.

Click here to get a copy of my Interop presentation: Preventing the Next Data Breach through Log Management.

In this podcast, Brian Singer of Novell talks to Hardin about the challenges of PCI DSS in a university environment. Hardin discusses how he and his team can more efficiently meet PCI DSS requirements, while also securing the university’s many payment systems with Sentinel Log Manager.

One of the trends we noticed when we started developing Novell Sentinel Log Manager is that when organizations realize they need a compliance strategy, the first place they look is log management. A log management tool can take care of a good portion of your PCI-DSS, SOX, and HIPPA requirements right out of the box. If you look at what's actually deployed and used today, you will see a lot of organizations trying to fulfill all their compliance needs only using a log management tool.

The problem with this approach is while you may be able to meet the bare minimum in terms of compliance, that's not good enough anymore. Compliance mandates from government and industry bodies try to mitigate overall risk. However, in this world, simply being compliant is not enough – just read this story in Bank InfoSecurity about a recent data breach of a company that was PCI-compliant.  As Ben Goodman mentions in this ZDNet article, information that could have prevented a data breach is often available prior to the breach, but not acted upon.

Organizations are beginning to realize they need to do more with their data than just report to auditors where its stored and archived every quarter. This presents a problem.  Most log management tools were originally built for the singular purpose of collecting and archiving logs. Providing the capability to analyze the data was an afterthought, and was shoehorned in by most vendors. They store log files in proprietary formats, and don't provide a way to access the data using outside analytic tools. You know the information to stop a breach is in your log files, but you can only get at that data with tools provided by your inflexible log management vendor! That's the problem we set out to solve. Sentinel Log Manager stores data in an open flat-file format, which means you can get access to the data with any tool from any vendor you choose. It's also extremely easy to forward event monitoring feeds, which gives you flexibility as your security needs grow and change.

Log Management is the starting point on the path to compliance and security, but it is clearly not the destination. If your log management tool isn't giving you control over your data, it's not too late to express your inner control freak and take back what is yours.