Current Filter: Network>>>>>Opinion>

   

Amongst IT and networking professionals there is a lot of discussion about how much of an organisation's IT and networking estate should reside in the cloud. Could it be that this is not being given as much focus and consideration as it deserves, and is there evidence that organisations are already sleepwalking into the perceived comfort of the cloud?

The IT sector like any other is ripe with acronyms, -isms and other vectors of wisdom, and for some time many reinvented solutions have been described as next-generation with the attendant implication that, if yours isn't, it's out of date. Actually it's very difficult to separate the creative, realigned marketing of a new or repurposed solution, based on a new understanding and incremental development, against the re-packaging of a tired and out of date solution with a glossy new exterior.

It's not that long ago that I came across a then little known vendor who claimed to be involved in Log Management. In short it offered a level of automation around managing the information contained in diverse and numerous system logs across a network estate. It was very much focused on the use of syslog's as a data source, where any means to automate the diagnosis and alerting around this rich data source would aid the troubleshooting of performance problems across the network infrastructure. Since then the number of syslog's running in a typical network has increased enormously and many such vendors have broadened their scope of operations, essentially creating a new market segmentation known as SIEM (Security Information and Event Management).

For some IT operations, automating syslog analysis is all that is required, but for others a detailed understanding of what a modern and effective SIEM solution can offer has revealed an impressive range of network management possibilities, not least of which is the effective atypical management of network security.

This leads me to something new that I have recently noticed; cloud based next-generation SIEM. In my view, in implementation terms alone, there is a massive difference between implementing a Log Management solution and a modern, dare I say, next-generation SIEM solution. While typically the order of complexity between the two is quite different, a network and security management tool should spend most of its life delivering the benefits that can reasonably be expected of such a tool, and not in and of itself become another IT management overhead.

This does not make the case though for outsourcing core network management services. I feel quite strongly that it is only the intimate knowledge of a seasoned and employed networking professional that can do this job. It does though shine a strong light and for some make it a slam-dunk to acquire SIEM services from a cloud based service provider: the best of both worlds perhaps.

For an organisation with multiple sites, especially if they are internationally dispersed, I would contend that cloud based SIEM makes more sense as the centralised cloud based service can be pointed at all or any instances that require its monitoring and analysis.

Naturally, and as with all deployment decisions, there are a wide range of variables to be considered for each organisation, but the removal of the overhead of installing, managing, securing and updating appliances, the application and servers, is not to be sniffed at.

The benefits of a cloud deployment are not universal and no cloud deployment should be embarked upon simply because of its current popularity. Cloud is a delivery service that can for some organisations transform their deployment of specific solutions in a favourable way - and without the firm sound of a closed door at any point if professionally approached. NC