Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Calpine Corp. Powers Up Data Logging


The HA appliance logs everything from each connection a firewall denies to the logons and logoffs on a Unix server. Calpine can't afford an attack on the control applications that run its 21 natural gas-fired and geothermal power plants around the United States, Canada and the United Kingdom, nor to its Structure Group nMarket energy-management system, which handles its energy transactions with trading partners. For Calpine, detailed log data also means higher uptime.

Too Much Information

The San Jose, Calif., company began its logging frenzy last year by collecting its firewall data. Then, early this year, it added logging for IDSs, network devices, and Unix and Windows servers and workstations to the mix. But it wasn't easy to configure a method for capturing server logs (see "Lessons Learned").

Calpine discovered that religiously logging each and every event on your firewall or server is not enough: You also must organize and analyze the data. The power company nearly drowned in its own firewall event logs early last year, as its six Cisco PIX firewalls were sending about 60 GB worth of log data per day to Calpine's Unix syslog server. The IT team had to compress the data and then spin it off to tape weekly, which made it difficult to generate accurate SOX compliance reports on the effectiveness of the firewall's rules, for example. "We weren't capturing the events [auditors] wanted to see," Curry says.

  • 1