Log management is often built into many of the compliance frameworks, such as ISO 27002, HIPAA/HITECH, PCI DSS, and COBIT. Enterprise subscribers not only need visibility into their private vCloud instances, but they also demand that providers give them visibility into their VMware Powered Public Cloud environments. For example, enterprise subscribers must collect and archive logs and reports related to user activities and access controls, such as firewalls.

To meet the requirements of being compliant with the controls, providers must enable reasonable visibility and transparency into their VMware Powered Public Cloud service architecture for subscribers. To accomplish this, collect and maintain logs for periods of 6 and 12 months for relevant components of the hybrid cloud service and provide pertinent logs back to individual cloud subscribers on an as-needed basis.

Also, maintain and archive logs for the underlying multi-tenant hosting infrastructure, based on the same 6-month and 12-month periods. In the event of an audit, service providers must be able and willing to provide these logs to an auditor and/or individual subscriber.

In general, cloud service providers typically have logs covering the following components of a subscriber’s environment and keep them readily available for subscriber access for periods of up to 6 and 12 months:

vCloud Suite and vRealize Suite are based on a set of products that have been used in many secure environments. Products such as vCloud Director and NSX for vSphere generate a set of logs that give subscribers visibility into all user activities and firewall connections. VMware provides the necessary blueprints and best practices so that providers can best standardize and capture these sets of logs and provide subscribers with the capability to access them. VMware vRealize Log Insight™ can be leveraged to support log generation and reporting for customer requirements.

In addition to logs, provide basic compliance reports to subscribers so that they understand all the activities and risks in their cloud environment. VMware provides design guidelines in this area so that VMware Powered Public Cloud service providers can meet common enterprise subscriber requirements. Service providers are responsible for logging their cloud services as well as their subscriber environments. Implement and validate these capabilities before any cloud service is made generally available.