Zen 2.0

Scott Gordon, VP of Marketing for SenSage (I used to work there), has written an interesting article on how most of the SIM products are not ready for compliance prime time.

Most of the points are valid, however, Scott seems to have forgotten to mention that archival of unaltered raw logs is a crucial requirement for compliance.

Scott did mention that “companies simply gathered all raw event data and stored it” will not meet compliance. However, without the archival of raw logs, these companies also won’t meet compliance.

Compliance is a combination of alerting, reporting and archiving. All three processes have to be in place in order to meet compliance.

My company, LogLogic, has officially launched LogLogic 3. Along with the new product launch, we also luanched
a new loglogic.com web site and a new blog, LogBlog.

The new web site looks awesome!! Hate to say this but it’s much better than the old one.

The blog is also a great resource for information on LogLogic as well as tips and hints on how to manage the enterprise log data.

Check’em out..

So as I was going back through this month’s news, it seemed that one of the biggest news is that Google is bidding to provide free wi-fi service to the city of San Francisco. The proposal is to blanket 49 square miles with up to 30 access points per square mile and will server over 800,000 users.

So what is up with Google? I mean, their mission is to organize the world’s information, not to build telecom infrastructures. Many of the reports out there seem to think this is an obvious and logical step for Google to take. Their rationale, since Google’s organizing the world’s information, it makes sense that they provide users free access to the information as well.

Well, it seems logical. But that just doesn’t seem like a good enough reason to spend tens of millions of dollars to build a free wi-fi network.

But if you buy into the thinking that “the network is your computer” thinking, this may actually make sense. All of the applications that Google’s developing, Gmail, Google Reader, etc, are web-based (fully ajaxed, web 2.0, name the term you want to use) applications. With the recent deal with Sun, there’s a lot of rumors going around that says Google will provide a web-based version of OpenOffice.

Even if Google can provide all these applications, how does Google get users to go use it? Majority of the users when they start their browser, they will go to msn.com by default. That’s not to say these users won’t just type in google.com in their browser, but Microsoft gets a lot of their traffic due to IE’s default home page being msn.com.

In order for Google to get majority of the users to use their web-ased applications, they have to change the default destination on these users’ browsers. The first step Google took was to introduce Google Desktop. It’s a great tool that allows you to search your computer as well as the web. However, the problem with Google Desktop is that users still have to go to Google, download the tool and install it. So Google Desktop alone just won’t do the job.

So what better way to take control of the desktop and change the default destination of all users than to give them free access? Free access will make sure their first web page is Google instead of MSN.

As they all say, free is good. Free access will pretty much guarantee that majority of the 800,000 users will use ite, even if it’s only 300Kbits. Google says they will work with other providers to provide fee-based higher speed connection.

Some estimate says that the cost to build such a network is around $10 million. That’s approximately $13 per user, which is an extremely low price for acquiring users.

So is Google’s wi-fi ambition really a step in competing with Microsoft for the control of the desktop? I really think so.

Oh my gawd, 3 posts in 1 day and no real content…wassup with that. I promise, when I get a chance one of these days, I will start generating some real content…

On to official business…

Now here is the catch. I can’t tell you to vote as according to the rules, no agent, employee, shareholder holding more than 5 per cent of a company’s stock, director or affiliate of the Nominee may vote for the Nominee’s products or services. But we do want to win!

So, you can really help by getting the word out! LogLogic is starting a grass-roots web effort to support our “Log Vote 2006″ campaign. LogLogic is nominated for the 2006 SC Magazine Awards in two categories. Tell your friends, family and customers. Get people to vote for LogLogic.

Best Security Audit

Best Computer Forensics

My company, LogLogic, is looking to fill a “log analyst” position. We are looking for someone who can

- understanding the log formats and transport mechanisms
- researching different log formats to identify common categories (to help design the back end)
- parsing and normalizing the logs for the necessary information, based on requirements
- mapping the reports to parsed information or vice versa
- identifying useful reports and alerts based on the log information

If you know of anyone who might fit the bill, please let them know and have them forward their resume to zhenjl(at)gmail.com

Log Article on Secure Convergence Journal.

Today’s enterprise networks are at risk — threatened by privacy breaches, information leakage, security attacks, policy violations and network downtime. Incidents are increasingly associated with hard dollar losses that go beyond the damage to a company’s reputation. About 95 percent of these financial losses are attributable to intentional or unintentional actions by insiders. Security issues — such as worms and viruses, internal or external fraud and policy violations — result in an average of 22 hours of downtime per year. Human error, system failures and natural disasters account for an additional 87 hours per year of downtime, the cost of which can be up to $6.5 million per hour. More disturbingly, the financial losses from IP theft are rising; already totaling an average of $1.3 million per company each year.