We have established that log management is the key to visibility in the cloud. It can help IT departments to understand what is happening inside their cloud infrastructure, drawing back the veil normally associated with cloud deployments. But integrating log management properly into the cloud requires some specific capabilities, because the private cloud has some extra layers.
Virtualisation is the cornerstone to any effective private cloud deployment. VMware is a leading provider of virtualisation solutions, and it drives many private cloud environments. Like many other virtualisation platforms, VMware has spent the past few years building up its own ‘stack’ of virtualisation management tools that handle everything from dynamic load balancing, through to automatic security updating of offline virtual machines.
Log management products should integrate directly with VMware so that they can provide a detailed picture of what a cloud infrastructure managed by the system is doing. Specific instances of a virtual machine should be able to communicate directly with the log management system, to keep it abreast of what’s happening.
These rules will ideally be linked to alerts, so that in the event of a serious violation, the log management system can immediately alert the right person in the organisation about an infraction. This infraction can then be taken care of manually with a phone call or meeting if necessary.
This is where integration with security information and event management (SIEM) systems comes into play. Log management platforms sit at a critical juncture between cloud infrastructure and SIEM products, which in turn provide real-time analysis of security events.
When all of these are pulled together, the cloud can rain security alerts. Although hopefully, if the IT department has followed security guidelines during the design and deployment phase, we can look forward to little more than a light shower.
Guy Churchward is President & CEO at LogLogic. He joined the company from NetApp, following senior positions at Sun Microsystems, Santa Cruz Operations, Accenture and Olivetti.