byrona ✭✭✭✭✭

I totally agree with pseudocyber‌ and have seen this problem time and time again with our clients. They build up their app in their own in-house development environment and then when they move it to the production infrastructure we build for them it doesn't run the same and they wonder why. Your dev environment should be a…

We are facing an interesting problem when it comes to SaaS and cloud in general. Many new solutions that are coming out have their management consoles in the cloud and older solutions that have been around for some time are also moving to this model Take Anti-Virus for example; many of the Next Gen AV solutions have done…

We are a Microsoft Partner to resell 0365 and we have helped clients make the migration and I would completely agree with everything pointed out here. If you are considering making the move it's definitely worth your time and money to partner with somebody that has experience and can help you through the process. We have…

I take your point on how DPI is specifically designed to look for signatures that deviate from a known good. SIEM is still probably much better situated to perform anomaly detection.

The big challenge I am having is getting the necessary performance data out of PaaS database solutions such as the PaaS SQL in Azure. I would love to have the ability to apply AppInsight for SQL to those in the same way I do other SQL servers.

We have run into this same problem and haven't found a good solution.

I am really looking forward to testing the new DPI capabilities in NPM. I have used it from time to time with applications such as Wireshark but nothing like what is being done in NPM.

Hrm, maybe SolarWinds needs to have one of those leg lamps as a prize at some point! 

One of the shortfalls I most often see when it comes to optimization is folks that fully understand the ecosystems and how all of the different inter-dependencies. As you pointed out, without understanding these things what you think may be optimization on one hand may only be a bottleneck on the other.

While GDPR may be a big PITA, I think it's great to see their government taking steps to protect their people. Our government spends all of their time and money fighting amongst themselves versus actually doing anything useful for the people. 

I don't think it eliminates Kiwi. Kiwi still has several use cases; Kiwi can be used as log aggregation nodes to be placed in different environments and DMZ's, Kiwi would also still be a really good solution for somebody where LEM would be overkill.

That's awesome! If you were to come here when it snowed or even the mention of snow you would think we were all crazy.... and you would be right.

Jfrazier​ when you say "don't see how a cloud provider is workable in a full restore situation", I am curious what you are referencing? Are you talking about cloud based backup solutions or just cloud providers in general? We are a cloud provider and we focus on designing and building hybrid cloud solutions that meet…

D&D (and other like tabletop games) teach so many good life skills many of which you guys have already mentioned: * Problem solving * Big picture thinking * Team work * Social skills * Strategy * Planning

I can certainly see the value in NetFlow. We have NetFlow tools in place and have used them during active troubleshooting scenarios. With that being said I find myself split on what to think of it. The data it provides when needed is always incredibly valuable; however, we have not found a significant number of situations…

As I have mentioned before, Cloud options are just another set of tools in our tool belts; it's not the silver bullet solution for everything like many think it is. Cloud solves some problems and creates others, at the end of the day it's still managing systems and/or compute resources in much the same way we always have.

Thanks for the info. Is there anywhere in LEM where configurations can be managed with regard to the IP Reputation feed or is this something completely hidden on the back-end of the product?

The first question which seems to impact everything else that follows is confusing to me? What do you mean by "in connection to your home computing"?

While I agree this is a great post, I think it may be more well suited for a White Paper or How-To doc as it doesn't lend itself to much discussion.

Of course some of the reporting I suggest above would also likely require or at least benefit from better reporting as I had requested HERE.

We use combinations of both; however, I am not a storage guy so I tend to lean toward application or hypervisor based replication.

That's typically how it goes with log data. We are in a position of building out a new logging architecture to help handle some of these challenges so I am very interested to hear what others are doing to solve these problems.

To expand on this a bit more, the idea is to have a feed that is constantly updated to help capture or provide awareness of the "unknown unknown" as threats emerge and change much like Anti-Virus products do with their constantly updated virus definitions. Another take on this would be to have an optional connector that…

Here is the more recent SIEM MQ:

I am curious how this functionality compares to that of NPM? I also feel that this functionality should be included as part of Network Atlas and get sold as a stand alone product only to customers that don't already have NPM.

We certainly need a better way to track down and prosecute these people, the problem is government (and therefore law enforcement) moves at a glacial pace versus the technology world that moves at the speed of light. To make this successful I think a whole new division or type of law enforcement would need to be created…

Like everything security related, you definitely need a layered approach; don't just rely on one system or application to keep you safe!

praveenmanohar‌, this is a great overview! Where does something like a more classic EMC or NetApp fit into this?

This one really is a challenge. One of the challenges I have seen is that non-technical departments tend to not take this stuff as seriously as they think it's just stuff for the geeks to worry about. This is why my non-technical departments are also the most common people to end up with viruses on their systems. Changing…

done!