Cloud Computing on Ulitzer
Last time we saw the difficulty in Predictive Rightsizing, a
frustrating exercize based on "guesstimation" aimed at predicting
future SLA in an everchanging business environment...
So what's the answer?
The solution is a truly dynamic, elastic, real-time on-demand SLA with a
provisioning that is transparent to the users.
Provided that you stay within some reasonable boundaries, you can use as many
resources as you need, or as few as required, ramping up and slowing down
resource usage, without having to provision SLA in advance of usage.
This is the ultimate enabler for your business, because services are
delivered at the exact level required, whenever needed, and without
preoccupation of advanced provisioning.
This is called "pay per use", or "usage-based cost".
You pay for every network packet sent, generated or consumed, or for every
Another hack attack hits the headlines http://tinyurl.com/yebvj8p
Big deal. This stuff happens every day now right? Wrong. Not on this scale
it doesn’t. The Kneber Bot has penetrated 75,000 systems, 2,500 companies
across in 196 countries. This is not a straightforward Trojan - a simple
smash and grab. This one’s a game changer.
Systems compromised by this botnet provide the attackers with not only user
credentials and confidential information, but remote access inside the
compromised network. Just some of the data stolen includes:
68,000 corporate log-in credentials Access to ... (more)
Log Collection and Reporting requirements
So far in this series we have addressed:
Trust, visibility, transparency. SLA reports and service usage measurement.
Daisy chaining clouds. Transitive Trust.
Intelligent reports that don't give away confidential information.
Logs. Log Management.
Now, not all Log Management solutions are created equal, so what are some
high-level Log Collection and Reporting requirements that apply to Log
A sound Log Management solution needs to be flexible to collect logs from a
wide variety of log sources, including b... (more)
Not all Log Management solutions are created equal... Trusting your logs.
Log Integrity is at the core of using logs for such purpose as building
Trust, providing non-repudiation and indisputable proof in business
relationships between Customers and Providers, but also to provide for
evidence admissible in a court of law. We saw that not all Log Management
solutions are created equal, and we saw some high-level requirements in terms
of log collection and log reporting. We need a solution that is simple to
deploy - we want an enabler, not a disabler - and a solution that allows a ... (more)
Rule-based log correlation is almost a good idea.
It sounds like a good idea, it appears to be a good idea and many people will
tell you it's a good idea, but in fact it is not.
Rule-based log correlation is very complex, limited in use and applicability,
and boasts a terrible ROI.
It will give you a false sense of security, which is a bad thing.
We'll look at the reasons why this is not a good idea, and some ways to
augment the use of logs to improve your security through pragmatic Risk
History of Logs
What is rule-based log correlation and how did it come about?