When it comes to log management today, CSOs have been left in the lurch. According to a new IDG Research Services survey, organizations are poised to "rip and replace" legacy technology to get a better handle on compliance and security. This paper includes key research findings and strategies to overcome this legacy challenge.
Market Pulse
Pulling the Plug on
Legacy Log Management
IDG survey reveals pent-up demand for next-gen solutions to nix complexity and high costs in log management.
When it comes to log management today, CSOs have been left in the lurch. According to this IDG Research Services survey, organizations are poised to "rip and replace" legacy technology to get a better handle on compliance and security.
Key research findings include: stronghold in this space. "It's unlike anything I've seen n A majority of respondents demonstrate waning in any other industry," says Zonca. loyalty to their incumbent log management solution. n Strong importance is placed on simplified manage- The Status Quo ment, real-time threat response, and reduced costs. Today's business climate demands log management in one form or another; it is obviously a priority in IT n Respondents overwhelmingly realize the value in organizations. According to an IDG Research Services integrating log management and security information 2010 online study of a cross-section of 100 respondents and event management. with management titles across a range of different Log management has been a staple in IT environments industries, 74 percent of organizations have or plan for years, amassing volumes of data in the name of to implement log management solutions. Security security and compliance. But a recent IDG Research and business continuity are of critical importance Services survey reveals serious concerns around the to the respondents: 82 percent say the establishment prevailing status quo. Key findings indicate that plat- and enforcement of policy is critical or very important to form, performance and price are all up for heated de- their organization and 74 percent point to maintaining bate as organizations ready themselves for something compliance as a top priority. But 65 percent have expe-better. A full 69 percent of respondents are willing-if rienced some security event in the past 18 months. not already planning-to pull the plug on their legacy Put simply, log management is an approach to dealing log management solutions. with large volumes of computer-generated log mes-Something is definitely amiss and CSOs are on the sages (e.g., audit records, event logs, etc.). "Log man-warpath. "Needs have evolved and organizations are agement tries to log everything without evaluating the no longer seeing the value in the systems they've actual value," explains Paul VanAmerongen, manager of implemented," declares Tim Zonca, product marketing information security services at MultiCare, a not-for-manager for Tripwire Inc., a global provider of IT security profit health organization based in Tacoma, Wash. It and compliance automation solutions based in Portland, typically includes basic functions such as log collection, Ore. Whether they're fed up with the needless complex- centralized aggregation and long-term retention. It also ity or the overwhelming costs, CSOs appear to want more from log management. And they're tired of trying to get it by clumsily patching together the necessary Custom Solutions Groupcomponents. A "rip and replace" mentality has taken a
Tripwire4pgMktPulse310.indd 1 3/5/10 2:40:30 PMMarket Pulse
creates, says Dwayne Melançon, vice president of be a costly and complex endeavor involving incompat-log management at Tripwire, "virtual landfills of data." ible black boxes that require multiple management consoles. Too often organizations end up sacrificing intelligence or performance."A rip and replace mentality has taken a More important, CSOs lack "a snapshot of what is stronghold in this space. 'It's unlike any- going on in the information environment," notes thing I've seen in any other industry.' " VanAmerongen. Indeed, the majority of respondents in-dicate that a dashboard display of alerts and event data - Tim Zonca, Tripwire is important to them. "Organizations should be able to dance across disciplines," says Zonca, to correlate data CSOs don't want landfills of data; they want something and create audit trails-whether logs, security-related that's much more refined. So when CSOs talk about events or configuration changes. But today CSOs are log management today, they're really thinking about doing without that "snapshot" because it's just too hard a broader, more intelligent view of IT happenings, to bring those point solutions together. encom... [download for more]
