Domain: sensage.com
Stories and comments across the archive that link to sensage.com.
Comments · 9
-
Re:Go with SenSage
You'll never roll-your-own for cheaper than SenSage/EMC-Centera.
SenSage is a commercial log storage product/archiver design for Linux clusters and built on open source software (backend: C++/Perl; GUI-client: Java; CLI: Perl; Agents: Perl). Not only can you store gigabytes of log data every day, you can run queries over billions of rows in a minute -- your roll-your-own won't allow that. Any PCI compliance solution must not only store log info but also let you analyze it -- analysis also will lead to better operational monitoring, and better security (if you're worried about being hacked from outside, worry much more about an inside job! -- only archival/analysis will give you proof of past wrongdoing for inside jobs). And when it comes to figuring how best to satisfy specific compliance issues (beyond just storing the log data), they've done all the hard work for you for HIPAA, PCI, SOX, etc. Tracking down and complying with your particular regulations would take a long time on your own.
Added benefit: the back end archives log data to a huge write-once read-many EMC Centera device. You can keep your log data around for ten+ years.
- Financial compliance: http://www.sensage.com/English/Solutions/complian
c e-commerce-privacy.htm - Example of SenSage solution employing EMC Centera (a call-data-record system that stores info about every phone call made in large telcos or every web site visit/network connection by ISP customers): http://www.sensage.com/English/Products/CDR_Wareh
o use.html
SenSage is such a good DB for log archival, it's been incorporated into offerings by EMC, IBM, HP. See, for example the "HP Compliance Log Warehouse appliance" ( http://compliancehome.com/news/FISMA/10902.html ) -- it's HP's version of SenSage.
- Financial compliance: http://www.sensage.com/English/Solutions/complian
-
Re:Go with SenSage
You'll never roll-your-own for cheaper than SenSage/EMC-Centera.
SenSage is a commercial log storage product/archiver design for Linux clusters and built on open source software (backend: C++/Perl; GUI-client: Java; CLI: Perl; Agents: Perl). Not only can you store gigabytes of log data every day, you can run queries over billions of rows in a minute -- your roll-your-own won't allow that. Any PCI compliance solution must not only store log info but also let you analyze it -- analysis also will lead to better operational monitoring, and better security (if you're worried about being hacked from outside, worry much more about an inside job! -- only archival/analysis will give you proof of past wrongdoing for inside jobs). And when it comes to figuring how best to satisfy specific compliance issues (beyond just storing the log data), they've done all the hard work for you for HIPAA, PCI, SOX, etc. Tracking down and complying with your particular regulations would take a long time on your own.
Added benefit: the back end archives log data to a huge write-once read-many EMC Centera device. You can keep your log data around for ten+ years.
- Financial compliance: http://www.sensage.com/English/Solutions/complian
c e-commerce-privacy.htm - Example of SenSage solution employing EMC Centera (a call-data-record system that stores info about every phone call made in large telcos or every web site visit/network connection by ISP customers): http://www.sensage.com/English/Products/CDR_Wareh
o use.html
SenSage is such a good DB for log archival, it's been incorporated into offerings by EMC, IBM, HP. See, for example the "HP Compliance Log Warehouse appliance" ( http://compliancehome.com/news/FISMA/10902.html ) -- it's HP's version of SenSage.
- Financial compliance: http://www.sensage.com/English/Solutions/complian
-
There's no excuse any more
You can lock down your servers, your network, etc. But as you imply, insiders are the big threat.
To avoid insider abuse at hospitals, doctors' offices, etc., you need to let insiders you're watching everything they do. This isn't "big brother", it's common sense. You can't necessarily lock everyone out of everything, but if they know you're looking they'll more likely play by the rules.
An article about the Michigan health system (they use the P2 Sentinel product from Cerner and SenSage) was informative, a useful case study. They monitor insiders, and everybody's happier.
-
No shill here
No shilling here. I like the iRiver device and the Napster service, and Microsoft happens to make it possible.
And I like Linux too. I worked three years developing a Linux-based software product at SenSage and appreciated Linux for what it provided. In like vein I appreciate Microsoft's DRM.
-
Who Watches The Watchmen?GringoGoiano wrote:
There are products out there like Sensage (http://www.sensage.com/) that can collect, centralize, and make available years of log data for an IT organization.
I volunteer to be the Sensage system administrator!!! :-)Quis custodiet ipsos custodies -- Juvenal
-
Insiders ARE threats! (remember iBill last week?)
Insiders can be real threats, the BIGGEST threats. An insider can steal much more than a hacker ever can. And many insiders think they can get away with it. Just look at the porn-billing iBill incident made public last week.
The best policy is to log everything that happens in an enterprise, to a level required to reconstruct past bad behavior. You can't keep your insiders away from information they need to do their jobs. Trust, but also verify! There are products out there like Sensage (http://www.sensage.com/ ) that can collect, centralize, and make available years of log data for an IT organization. While this might not prevent the theft in the first place, a company can crack down on and prosecute current/former misbehaving insiders. Sensage will do very well, as will many other companies in this space (including recent Slashdot heavy banner-advertiser Splunk (http://www.splunk.com/ ) ).
I look forward to seeing how well these products do. It's time one of them went public so we can gauge interest.
-
Log record consolidation from SenSage
You need to check out products from SenSage Inc. They specialize in collecting log data from all levels of the network and consolidating it in a central log repository, queryable by SQL. This is the best technology for recording legal audit trails of electronic networks, and is a big deal for forensics, compliance,
Sensage ... -
And when you inevitably fail ...
... you still need recourse. You can't expect that all IT solutions will be 100% secure -- some engineer/administrator along the way will make a mistake. And worse, there's still the human element: even if you plug all the holes, those on the inside can still steal or misuse information stored on the very secure platforms.
So what's the backup, that recourse? Log all events on your network: TCP/IP connections, transfer statistics, event logs, syslogs, web server logs, mail logs, DB logs, etc. Make sure you store those events in a central location and constantly analyze that information, in real-time, and historically. When you uncover a new possible exploit, build a rule to catch future occurrences, but even more important, look at the past to see who has used that exploit and prosecute their ass.Inevitably, this log centralization/aggregation costs money (how many GB/TB a day will a big corporation generate daily in logs?). A good solution: SenSage has a sophisticated log aggregator with compressed storage, blazing query speed, great real-time/historical analysis, and customers the likes of Yahoo, Goldman Sachs, Lehman Brothers, Rockwell, Lockheed Martin, Fannie Mae, Australian DoD, US Census, etc.
-
"it can be as simple as looking at logging output"
Looking at logging output in an enterprise environment can be very difficult. To make this really useful you need to aggregate information in a central repository, from all different servers/apps running on many machines. For true heavy duty log analysis you need to resort to tools such as SenSage's log storage/analysis tool.
Any other tool will choke on the volume of information you'll be chugging through in an enterprise environment, unless you pay for a multi-million-dollar Oracle deployment.
A Linux-based product used by Blue Cross/Blue Shield, Yahoo, Lehman Brothers, etc. For true enterprise security you need something like this.