BalaBit Blog

•     BalaBit unveiled Reliable Log Transfer Protocol (RLTP)^TM technology to help companies achieve “Zero Message Loss” and comply with even the most stringent regulations  
•    The syslog-ng trusted logging solution became the de-facto industry standard for logging within the last decade and is now used by 650 000 companies world-wide

New York, February 29, 2012 – BalaBit IT Security – also known as the “syslog-ng company” – today announced its Reliable Log Transfer Protocol (RLTP)^TM technology as part of the  latest version of syslog-ng Premium Edition 4 F2 log server. The new version builds on the previously released High-Speed Reliable Logging (HSRL)^TM syslog-ng software, the logging tool with the highest performance ever measured and documented. The syslog-ng log server collects and classifies log messages from a wide variety of devices and applications and can transfer them to a high-performance log server in an encrypted and reliable channel where messages can be processed further and stored in secure, encrypted files or databases. The new transport protocol prevents message loss during connection breaks, ensuring companies can comply with even the most stringent regulations such as PCI-DSS or HIPAA.

Organizations spend a huge part of their budgets on IT security solutions (SIEM, ISD, IPS, IDM, DLP) to be secure and compliant, so they are motivated to protect their investment by optimizing these IT tools. The basis for evaluating and analyzing their IT security operations are the logs containing the details about what is happening in the IT system.  For instance, banks need to do forensics on a daily basis for fraud detection purposes, as security incidents, initiated from both external and internal sources, should be investigated. Telco companies also cannot afford losing any evidence kept in log files. In addition, most compliance regulations require the collection of logs in a closed system.

Supporting Quote
”As IT security analysis are only as good as the data collected from network devices and applications, the importance of accurate collection and storage of log messages cannot be overemphasized. There are many cases in which log messages could be lost, such as an application crash, restart, the disk where we store logs is full or not available, or during a network failure. The new syslog-ng Premium Edition 4 F2 ensures Zero Message Loss through the Reliable Log Transfer Protocol (RLTP)^TM technology so that valuable information is protected” – said Zoltán Györkő, Business Development Director at BalaBit IT Security.

Key new features of syslog-ng Premium Edition 4 F2
-    Ensures Zero Message Loss
o    By using Reliable Log Transfer Protocol (RLTP)^TM on client, relay and server side it prevents message loss during connection breaks. The new RLTP^TM transfer protocol detects the last received message on the receiving end and than starts resending messages from that point.
o    The Reliable Disk-based Buffering prevents log message loss when unexpected events happen causing extended connection breakdown. It is capable of storing a copy of log messages as a backup until the destination computer has acknowledged receipt of messages. It provides a slower, but reliable disk-buffer option.
o    Flow control is be used to control and optimize the log traffic from end to end. Flow control dynamically handles the peak message rate and together with RLTP^TM ensures that all log messages sent by the client arrive to the server.
-    Native collection and processing of log messages from SQL databases enabling users to easily manage log messages from a wide variety of enterprise software and custom applications.
-    AIX 7.1 platform is now supported

About syslog-ng log server
BalaBit has been developing the open source syslog-ng trusted logging tool for more than 14 years. During this time it became the de facto industry standard for logging and is used by 650 000 companies world-wide, such as Boeing, Credigen Bank, Data Path, Fiducia IT AG, NASA and Svenska Handelsbanken. The syslog-ng project is a continuous community effort to create the best system logging and log processing tool. The project is an advocate and early adopter of open standards, including the syslog RFCs developed by the IETF and the Common Event Expression (CEE) message-description standard of the MITRE Corporation.

The syslog-ng Premium Edition application builds on the core of the popular open source version, offering advanced features like encrypted and time stamped log files, disk-based buffering, direct database access, and agents for the Microsoft Windows and IBM System i platforms. It allows system administrators and security experts to build a trusted, centralized logging infrastructure for reviewing and auditing the log messages of over 40 platforms. The syslog-ng solution incorporates the functions of clients, relays, and servers into a trusted, multi-platform logging infrastructure. It collects and classifies the log messages of operating systems and applications and transfers them to the high-performance log server in an encrypted and reliable channel where the messages can be processed further and stored in secure, encrypted files or databases. Supporting reliable transport protocols, message buffering, and client-side failover, syslog-ng minimizes the risk of message loss, thus suiting compliance requirements, such as PCI-DSS.

Supporting materials
•    Secure, Encrypted Log Transfer and Storage – syslog-ng Product Sheet
•    Figure: Zero Message Loss with syslog-ng Premium Edition 4 F2
•    What is New in syslog-ng Premium Edition 4 F2
•    The syslog-ng Premium Edition 4 F2 Administrator Guide
•    Return of Investment Calculator: Compare the TCO of syslog-ng Premium Edition and syslog-ng Open Source Edition

Trademarks
The syslog-ng, Reliable Log Transfer Protocol (RLTP) and High-Speed Reliable Logging (HSRL) are trademarks of BalaBit IT Security. Other names may be trademarks of their respective owners.

About BalaBit
BalaBit IT Security is an innovative information security company, a global leader in development of privileged activity monitoring, trusted logging and proxy-based gateway technologies to help protect customers against internal and external threats and meet security and compliance regulations. As an active member of the open source community, we provide solutions to a uniquely wide range of both open source and proprietary platforms, even for the most complex and heterogeneous IT systems across physical, virtual and cloud environments.

BalaBit is also known as “the syslog-ng company”, based on the company’s flagship product, the open source log server application, which is used by more than 650 000 companies worldwide and became the globally acknowledged de-facto industry standard.

BalaBit, the second fastest-growing IT Security company in the Central European region according to Deloitte Technology Fast 50 (2010) list, has local offices in France, Germany, Italy, Russia, and in the USA, and cooperates with partners worldwide. Our R&D and global support centers are located in Hungary, Europe.
For more information visit www.balabit.com.

Press contact

Andrea Ipolyi
PR manager
BalaBit IT Security
phone: +36 20 390 4139
e-mail: andrea.ipolyi@balabit.com
blog: http://andrea.blogs.balabit.com/

Walter Caon
BalaBit USA
410 Park Avenue 15th Floor Suite 1500
New York, 10022
phone: +1 917 546 6715
e-mail: walterc@us.balabit.com