Loading ...
Sorry, an error occurred while loading the content.

Bounce Rate vs Single Page Access [in Omniture]

Expand Messages
  • eurolana
    Hi again, I am wondering how everyone out there distinguishes these two. I have been trying to push the bounce rate but it has been a bit of pain. I get it,
    Message 1 of 14 , Nov 28, 2007
    • 0 Attachment
      Hi again,
      I am wondering how everyone out there distinguishes these two. I have
      been trying to push the "bounce rate" but it has been a bit of pain.
      I get it, but am having a hard time explaining the true difference
      between them, even when presented with the actual equation/formula I
      still get confused faces and questions that lead back to "but isn't
      that one and the same thing...bounce rate doesn't make sense".

      Help? Can you give me any tips how to explain the difference between
      bounce rate and single page access to your clients/superiors? And why
      it makes sense to look at the bounce rate?

      many thanks!
      Lana
    • hvet125
      Hi Lana, My understanding between the two metrics is that Single Access is a count whereas Bounce Rate is a rate--Single Access/Entries. The rate will
      Message 2 of 14 , Nov 28, 2007
      • 0 Attachment
        Hi Lana,

        My understanding between the two metrics is that Single Access is a
        count whereas Bounce Rate is a rate--Single Access/Entries. The rate
        will indicate the amount of people who entered on that page and left
        compared to the amount of people who entered on that page and clicked
        to other pages. The count alone doesn't really tell me the page's
        full performance in relation to those visitors who stayed, because it
        only focuses on those who didn't stay.

        Say if there is a 40% bounce rate on your home page. I know that 60%
        continued to click through the website. If I just had a single
        access count, I really can't determine what that means in relation to
        other visitors who entered.

        Concerning strategy, you can easily institute a goal when using a
        rate: decrease bounce rate by 20% which effectively increases the
        rate of those who click through by 20%. Yet if I use Single Access as
        my goal, just because I decrease that count doesn't mean I increase
        the amount of those who click through (which is what you care about).

        Thoughts?

        ~helen
        www.crameronline.com

        --- In webanalytics@yahoogroups.com, "eurolana" <eurolana@...> wrote:
        >
        > Hi again,
        > I am wondering how everyone out there distinguishes these two. I
        have
        > been trying to push the "bounce rate" but it has been a bit of
        pain.
        > I get it, but am having a hard time explaining the true difference
        > between them, even when presented with the actual equation/formula I
        > still get confused faces and questions that lead back to "but isn't
        > that one and the same thing...bounce rate doesn't make sense".
        >
        > Help? Can you give me any tips how to explain the difference between
        > bounce rate and single page access to your clients/superiors? And
        why
        > it makes sense to look at the bounce rate?
        >
        > many thanks!
        > Lana
        >
      • kschlu
        Helen, You are correct. Using the single access metric alone will not help you as much as Bounce Rate in measuring or making descisions. Example: If Page A
        Message 3 of 14 , Nov 29, 2007
        • 0 Attachment
          Helen,

          You are correct. Using the "single access" metric alone will not
          help you as much as Bounce Rate in measuring or making descisions.

          Example: If Page A is showing 150 for "single access" and Page B is
          showing 15 for "single access" that doesn't mean page B is a better
          landing page. Because Page A could have 5,000 "entries" while page B
          only had 100 entires. Bounce Rate would show you that page A is
          better with a 3% bounce rate compared to page B with a 15% bounce
          rate, but looking at "single access" alone would not show you this.

          --- In webanalytics@yahoogroups.com, "hvet125" <hvetrano@...> wrote:
          >
          > Hi Lana,
          >
          > My understanding between the two metrics is that Single Access is
          a
          > count whereas Bounce Rate is a rate--Single Access/Entries. The
          rate
          > will indicate the amount of people who entered on that page and
          left
          > compared to the amount of people who entered on that page and
          clicked
          > to other pages. The count alone doesn't really tell me the page's
          > full performance in relation to those visitors who stayed, because
          it
          > only focuses on those who didn't stay.
          >
          > Say if there is a 40% bounce rate on your home page. I know that
          60%
          > continued to click through the website. If I just had a single
          > access count, I really can't determine what that means in relation
          to
          > other visitors who entered.
          >
          > Concerning strategy, you can easily institute a goal when using a
          > rate: decrease bounce rate by 20% which effectively increases the
          > rate of those who click through by 20%. Yet if I use Single Access
          as
          > my goal, just because I decrease that count doesn't mean I
          increase
          > the amount of those who click through (which is what you care
          about).
          >
          > Thoughts?
          >
          > ~helen
          > www.crameronline.com
          >
          > --- In webanalytics@yahoogroups.com, "eurolana" <eurolana@> wrote:
          > >
          > > Hi again,
          > > I am wondering how everyone out there distinguishes these two. I
          > have
          > > been trying to push the "bounce rate" but it has been a bit of
          > pain.
          > > I get it, but am having a hard time explaining the true
          difference
          > > between them, even when presented with the actual
          equation/formula I
          > > still get confused faces and questions that lead back to "but
          isn't
          > > that one and the same thing...bounce rate doesn't make sense".
          > >
          > > Help? Can you give me any tips how to explain the difference
          between
          > > bounce rate and single page access to your clients/superiors?
          And
          > why
          > > it makes sense to look at the bounce rate?
          > >
          > > many thanks!
          > > Lana
          > >
          >
        • eurolana
          When you guys defined it, in calc metrics did you use single access/entries or single access/total entries? I m wondering because I can make sense of it both
          Message 4 of 14 , Nov 29, 2007
          • 0 Attachment
            When you guys defined it, in calc metrics did you use
            single access/entries or single access/total entries?
            I'm wondering because I can make sense of it both ways...

            thanks again for all your help!

            --- In webanalytics@yahoogroups.com, "kschlu" <kschlu@...> wrote:
            >
            > Helen,
            >
            > You are correct. Using the "single access" metric alone will not
            > help you as much as Bounce Rate in measuring or making descisions.
            >
            > Example: If Page A is showing 150 for "single access" and Page B is
            > showing 15 for "single access" that doesn't mean page B is a better
            > landing page. Because Page A could have 5,000 "entries" while page B
            > only had 100 entires. Bounce Rate would show you that page A is
            > better with a 3% bounce rate compared to page B with a 15% bounce
            > rate, but looking at "single access" alone would not show you this.
            >
            > --- In webanalytics@yahoogroups.com, "hvet125" <hvetrano@> wrote:
            > >
            > > Hi Lana,
            > >
            > > My understanding between the two metrics is that Single Access is
            > a
            > > count whereas Bounce Rate is a rate--Single Access/Entries. The
            > rate
            > > will indicate the amount of people who entered on that page and
            > left
            > > compared to the amount of people who entered on that page and
            > clicked
            > > to other pages. The count alone doesn't really tell me the page's
            > > full performance in relation to those visitors who stayed, because
            > it
            > > only focuses on those who didn't stay.
            > >
            > > Say if there is a 40% bounce rate on your home page. I know that
            > 60%
            > > continued to click through the website. If I just had a single
            > > access count, I really can't determine what that means in relation
            > to
            > > other visitors who entered.
            > >
            > > Concerning strategy, you can easily institute a goal when using a
            > > rate: decrease bounce rate by 20% which effectively increases the
            > > rate of those who click through by 20%. Yet if I use Single Access
            > as
            > > my goal, just because I decrease that count doesn't mean I
            > increase
            > > the amount of those who click through (which is what you care
            > about).
            > >
            > > Thoughts?
            > >
            > > ~helen
            > > www.crameronline.com
            > >
            > > --- In webanalytics@yahoogroups.com, "eurolana" <eurolana@> wrote:
            > > >
            > > > Hi again,
            > > > I am wondering how everyone out there distinguishes these two. I
            > > have
            > > > been trying to push the "bounce rate" but it has been a bit of
            > > pain.
            > > > I get it, but am having a hard time explaining the true
            > difference
            > > > between them, even when presented with the actual
            > equation/formula I
            > > > still get confused faces and questions that lead back to "but
            > isn't
            > > > that one and the same thing...bounce rate doesn't make sense".
            > > >
            > > > Help? Can you give me any tips how to explain the difference
            > between
            > > > bounce rate and single page access to your clients/superiors?
            > And
            > > why
            > > > it makes sense to look at the bounce rate?
            > > >
            > > > many thanks!
            > > > Lana
            > > >
            > >
            >
          • dhs1986@comcast.net
            IMO they re equally important because the single access rate (single access visits / total visits) will tell you how important the bounce rate for that page
            Message 5 of 14 , Nov 29, 2007
            • 0 Attachment
              IMO they're equally important because the single access rate (single access visits / total visits) will tell you how important the bounce rate for that page is. For example, if you have a page that has a bounce rate of 70% but has a single access rate of only 5%, it's not as critical as a page that has a 50% bounce rate and a 50% single access rate.


              -------------- Original message ----------------------
              From: "kschlu" <kschlu@...>
              > Helen,
              >
              > You are correct. Using the "single access" metric alone will not
              > help you as much as Bounce Rate in measuring or making descisions.
              >
              > Example: If Page A is showing 150 for "single access" and Page B is
              > showing 15 for "single access" that doesn't mean page B is a better
              > landing page. Because Page A could have 5,000 "entries" while page B
              > only had 100 entires. Bounce Rate would show you that page A is
              > better with a 3% bounce rate compared to page B with a 15% bounce
              > rate, but looking at "single access" alone would not show you this.
              >
              > --- In webanalytics@yahoogroups.com, "hvet125" <hvetrano@...> wrote:
              > >
              > > Hi Lana,
              > >
              > > My understanding between the two metrics is that Single Access is
              > a
              > > count whereas Bounce Rate is a rate--Single Access/Entries. The
              > rate
              > > will indicate the amount of people who entered on that page and
              > left
              > > compared to the amount of people who entered on that page and
              > clicked
              > > to other pages. The count alone doesn't really tell me the page's
              > > full performance in relation to those visitors who stayed, because
              > it
              > > only focuses on those who didn't stay.
              > >
              > > Say if there is a 40% bounce rate on your home page. I know that
              > 60%
              > > continued to click through the website. If I just had a single
              > > access count, I really can't determine what that means in relation
              > to
              > > other visitors who entered.
              > >
              > > Concerning strategy, you can easily institute a goal when using a
              > > rate: decrease bounce rate by 20% which effectively increases the
              > > rate of those who click through by 20%. Yet if I use Single Access
              > as
              > > my goal, just because I decrease that count doesn't mean I
              > increase
              > > the amount of those who click through (which is what you care
              > about).
              > >
              > > Thoughts?
              > >
              > > ~helen
              > > www.crameronline.com
              > >
              > > --- In webanalytics@yahoogroups.com, "eurolana" <eurolana@> wrote:
              > > >
              > > > Hi again,
              > > > I am wondering how everyone out there distinguishes these two. I
              > > have
              > > > been trying to push the "bounce rate" but it has been a bit of
              > > pain.
              > > > I get it, but am having a hard time explaining the true
              > difference
              > > > between them, even when presented with the actual
              > equation/formula I
              > > > still get confused faces and questions that lead back to "but
              > isn't
              > > > that one and the same thing...bounce rate doesn't make sense".
              > > >
              > > > Help? Can you give me any tips how to explain the difference
              > between
              > > > bounce rate and single page access to your clients/superiors?
              > And
              > > why
              > > > it makes sense to look at the bounce rate?
              > > >
              > > > many thanks!
              > > > Lana
              > > >
              > >
              >
              >
              >




              [Non-text portions of this message have been removed]
            • hvet125
              Hi again, I would use single access/entries instead of the total as the former limits the perspective to the performance of the specific page instead of in
              Message 6 of 14 , Nov 29, 2007
              • 0 Attachment
                Hi again,

                I would use single access/entries instead of the total as the former
                limits the perspective to the performance of the specific page
                instead of in relation to the entire site. Otherwise, optimization of
                that particular page is difficult as the metric includes the
                performance of other pages too.

                ~helen
                www.crameronline.com


                --- In webanalytics@yahoogroups.com, "eurolana" <eurolana@...> wrote:
                >
                > When you guys defined it, in calc metrics did you use
                > single access/entries or single access/total entries?
                > I'm wondering because I can make sense of it both ways...
                >
                > thanks again for all your help!
                >
                > --- In webanalytics@yahoogroups.com, "kschlu" <kschlu@> wrote:
                > >
                > > Helen,
                > >
                > > You are correct. Using the "single access" metric alone will not
                > > help you as much as Bounce Rate in measuring or making
                descisions.
                > >
                > > Example: If Page A is showing 150 for "single access" and Page B
                is
                > > showing 15 for "single access" that doesn't mean page B is a
                better
                > > landing page. Because Page A could have 5,000 "entries" while
                page B
                > > only had 100 entires. Bounce Rate would show you that page A is
                > > better with a 3% bounce rate compared to page B with a 15% bounce
                > > rate, but looking at "single access" alone would not show you
                this.
                > >
                > > --- In webanalytics@yahoogroups.com, "hvet125" <hvetrano@> wrote:
                > > >
                > > > Hi Lana,
                > > >
                > > > My understanding between the two metrics is that Single Access
                is
                > > a
                > > > count whereas Bounce Rate is a rate--Single Access/Entries.
                The
                > > rate
                > > > will indicate the amount of people who entered on that page and
                > > left
                > > > compared to the amount of people who entered on that page and
                > > clicked
                > > > to other pages. The count alone doesn't really tell me the
                page's
                > > > full performance in relation to those visitors who stayed,
                because
                > > it
                > > > only focuses on those who didn't stay.
                > > >
                > > > Say if there is a 40% bounce rate on your home page. I know
                that
                > > 60%
                > > > continued to click through the website. If I just had a single
                > > > access count, I really can't determine what that means in
                relation
                > > to
                > > > other visitors who entered.
                > > >
                > > > Concerning strategy, you can easily institute a goal when using
                a
                > > > rate: decrease bounce rate by 20% which effectively increases
                the
                > > > rate of those who click through by 20%. Yet if I use Single
                Access
                > > as
                > > > my goal, just because I decrease that count doesn't mean I
                > > increase
                > > > the amount of those who click through (which is what you care
                > > about).
                > > >
                > > > Thoughts?
                > > >
                > > > ~helen
                > > > www.crameronline.com
                > > >
                > > > --- In webanalytics@yahoogroups.com, "eurolana" <eurolana@>
                wrote:
                > > > >
                > > > > Hi again,
                > > > > I am wondering how everyone out there distinguishes these
                two. I
                > > > have
                > > > > been trying to push the "bounce rate" but it has been a bit
                of
                > > > pain.
                > > > > I get it, but am having a hard time explaining the true
                > > difference
                > > > > between them, even when presented with the actual
                > > equation/formula I
                > > > > still get confused faces and questions that lead back to "but
                > > isn't
                > > > > that one and the same thing...bounce rate doesn't make sense".
                > > > >
                > > > > Help? Can you give me any tips how to explain the difference
                > > between
                > > > > bounce rate and single page access to your clients/superiors?
                > > And
                > > > why
                > > > > it makes sense to look at the bounce rate?
                > > > >
                > > > > many thanks!
                > > > > Lana
                > > > >
                > > >
                > >
                >
              • Seby Kallarakkal
                Hi, One of our customers is using WebTrends enteprise version and they are moving from normal web server log files to SDC. This customer is extremely sensitive
                Message 7 of 14 , Nov 30, 2007
                • 0 Attachment
                  Hi,



                  One of our customers is using WebTrends enteprise version and they are
                  moving from normal web server log files to SDC. This customer is extremely
                  sensitive to any software that is installed in their data center. Since SDC
                  server is required to be on the public network, their security team wants to
                  know

                  a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
                  threat?
                  b. If there has been any instance of SDC installation being exploited
                  in the past?



                  We tried searching on the Internet, but found only old articles on
                  securityfocus.com. Perhaps there is nothing online because there are no
                  issues whatsoever in terms of security. But would be good to know. Thanks
                  for any input that you might have.



                  Regards,



                  Seby Kallarakkal

                  seby@...

                  +91-80-25423566 Ext.207

                  www.nabler.com



                  [Non-text portions of this message have been removed]
                • Steve
                  ... By definition it can t pose a threat, but can expose a weakness or vulnerability that could be exploited by a threat. /pedantic. ... *known* would be the
                  Message 8 of 14 , Nov 30, 2007
                  • 0 Attachment
                    On Dec 1, 2007 12:52 AM, Seby Kallarakkal <seby@...> wrote:
                    > One of our customers is using WebTrends enteprise version and they are
                    > moving from normal web server log files to SDC. This customer is extremely
                    > sensitive to any software that is installed in their data center. Since SDC
                    > server is required to be on the public network, their security team wants to
                    > know
                    >
                    > a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
                    > threat?

                    By definition it can't pose a threat, but can expose a weakness or
                    vulnerability that could be exploited by a threat.
                    /pedantic.


                    > b. If there has been any instance of SDC installation being exploited
                    > in the past?

                    *known* would be the key word.


                    > We tried searching on the Internet, but found only old articles on
                    > securityfocus.com. Perhaps there is nothing online because there are no
                    > issues whatsoever in terms of security. But would be good to know. Thanks

                    No. What that means is that there have been none exposed, or publicly
                    announced. It does not mean they don't or haven't existed.
                    It doesn't mean they have been exposed or exist either. This silence
                    cuts both ways.


                    But I am highly curious as to why you're being asked to provide this
                    information to the customer to their Security team?
                    With all due respect to your customer, this information gathering
                    exercise is one of the key tasks of their security team. THEY are the
                    ones that should have hooks into CERT, AUSCERT and so on. THEY are the
                    ones who trawl bugtraq.

                    They're the experts in this area, why are they abrogating one of their
                    primary duties?

                    After all, you're trying to sell a service to them. How can they
                    possibly know that you're not lying through your teeth to (a) sell
                    something and (b) use the weakness info to onsell elsewhere and make
                    an even bigger profit!

                    No offence meant or implied! :-)


                    Putting on my highly_opinionated_hat, this sounds like a team that
                    issues edicts from on high and that has no clue what they are really
                    there for. Namely: to help the business manage a particular style of
                    risk in the most cost effective way possible. Anything else is window
                    dressing to that core task.

                    How you politely tell them to their job themselves? Politics. Oh joy....


                    HTH?
                    Cheers!
                    - Steve
                  • Seby Kallarakkal
                    Hi Steve, Thanks for the reply. Don t worry, no offense taken :). Actually there are answers to your question. But it might mean offending people and would not
                    Message 9 of 14 , Dec 1, 2007
                    • 0 Attachment
                      Hi Steve,

                      Thanks for the reply.

                      Don't worry, no offense taken :). Actually there are answers to your question. But it might mean offending people and would not get us to the solution :)

                      Thanks for your thoughts.


                      Regards,

                      Seby Kallarakkal

                      Sent from BlackBerry® on Airtel

                      -----Original Message-----
                      From: Steve <nuilvows@...>

                      Date: Sat, 1 Dec 2007 16:22:00
                      To:webanalytics@yahoogroups.com
                      Subject: Re: [webanalytics] Security aspect of SDC


                      On Dec 1, 2007 12:52 AM, Seby Kallarakkal <seby@nabler. <mailto:seby%40nabler.com> com> wrote:
                      > One of our customers is using WebTrends enteprise version and they are
                      > moving from normal web server log files to SDC. This customer is extremely
                      > sensitive to any software that is installed in their data center. Since SDC
                      > server is required to be on the public network, their security team wants to
                      > know
                      >
                      > a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
                      > threat?

                      By definition it can't pose a threat, but can expose a weakness or
                      vulnerability that could be exploited by a threat.
                      /pedantic.

                      > b. If there has been any instance of SDC installation being exploited
                      > in the past?

                      *known* would be the key word.

                      > We tried searching on the Internet, but found only old articles on
                      > securityfocus.com. Perhaps there is nothing online because there are no
                      > issues whatsoever in terms of security. But would be good to know. Thanks

                      No. What that means is that there have been none exposed, or publicly
                      announced. It does not mean they don't or haven't existed.
                      It doesn't mean they have been exposed or exist either. This silence
                      cuts both ways.

                      But I am highly curious as to why you're being asked to provide this
                      information to the customer to their Security team?
                      With all due respect to your customer, this information gathering
                      exercise is one of the key tasks of their security team. THEY are the
                      ones that should have hooks into CERT, AUSCERT and so on. THEY are the
                      ones who trawl bugtraq.

                      They're the experts in this area, why are they abrogating one of their
                      primary duties?

                      After all, you're trying to sell a service to them. How can they
                      possibly know that you're not lying through your teeth to (a) sell
                      something and (b) use the weakness info to onsell elsewhere and make
                      an even bigger profit!

                      No offence meant or implied! :-)

                      Putting on my highly_opinionated_hat, this sounds like a team that
                      issues edicts from on high and that has no clue what they are really
                      there for. Namely: to help the business manage a particular style of
                      risk in the most cost effective way possible. Anything else is window
                      dressing to that core task.

                      How you politely tell them to their job themselves? Politics. Oh joy....

                      HTH?
                      Cheers!
                      - Steve
                    • Sergio Maldonado
                      Hi Seby, I have gone through the same experience so many times (and in so many different places!), it comes as no surprise! System Administrators on the client
                      Message 10 of 14 , Dec 4, 2007
                      • 0 Attachment
                        Hi Seby,

                        I have gone through the same experience so many times (and in so many
                        different places!), it comes as no surprise!

                        System Administrators on the client side are paid to be they way they are:
                        Extremely suspicious of anything you plan to plant on their servers. They
                        just can't help. No matter where you are, you will be cross-examined on the
                        same points.

                        Then, of course, as Steve rightly says, they end up being so much better
                        informed than any of us in the WA world! :)

                        So, the only way you can help them now is by putting together your
                        experience with ours and saying: Neither I nor those guys at the forum
                        (confirmed, this end) have ever experienced a security breach that is
                        associated to the SDC installation. Of course, we always deal with competent
                        people on the IIS or Apache side :)

                        Good luck!


                        Sergio Maldonado
                        Spanish Web Analytics Association
                        www.aeaw.es







                        On Nov 30, 2007 2:52 PM, Seby Kallarakkal <seby@...> wrote:

                        > Hi,
                        >
                        > One of our customers is using WebTrends enteprise version and they are
                        > moving from normal web server log files to SDC. This customer is extremely
                        > sensitive to any software that is installed in their data center. Since
                        > SDC
                        > server is required to be on the public network, their security team wants
                        > to
                        > know
                        >
                        > a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
                        > threat?
                        > b. If there has been any instance of SDC installation being exploited
                        > in the past?
                        >
                        > We tried searching on the Internet, but found only old articles on
                        > securityfocus.com. Perhaps there is nothing online because there are no
                        > issues whatsoever in terms of security. But would be good to know. Thanks
                        > for any input that you might have.
                        >
                        > Regards,
                        >
                        > Seby Kallarakkal
                        >
                        > seby@... <seby%40nabler.com>
                        >
                        > +91-80-25423566 Ext.207
                        >
                        > www.nabler.com
                        >
                        > [Non-text portions of this message have been removed]
                        >
                        >
                        >


                        [Non-text portions of this message have been removed]
                      • Lothaire Ruellan
                        Webtrends also proposes an hybrid solution in which they would host the SDC, collect the data, and deliver a daily log via FTP. On your side, you would only
                        Message 11 of 14 , Dec 7, 2007
                        • 0 Attachment
                          Webtrends also proposes an hybrid solution in which they would host
                          the SDC, collect the data, and deliver a daily log via FTP. On your
                          side, you would only have the Webtrends software and process the log
                          on a daily basis. This way, you would have the flexibility that comes
                          with the Webtrends software, without the hassle of hosting the SDC.
                          Maybe that would alleviate your team's concerns.

                          Lothaire


                          --- In webanalytics@yahoogroups.com, "Sergio Maldonado"
                          <sergio.maldonado.elvira@...> wrote:
                          >
                          > Hi Seby,
                          >
                          > I have gone through the same experience so many times (and in so many
                          > different places!), it comes as no surprise!
                          >
                          > System Administrators on the client side are paid to be they way
                          they are:
                          > Extremely suspicious of anything you plan to plant on their servers.
                          They
                          > just can't help. No matter where you are, you will be cross-examined
                          on the
                          > same points.
                          >
                          > Then, of course, as Steve rightly says, they end up being so much better
                          > informed than any of us in the WA world! :)
                          >
                          > So, the only way you can help them now is by putting together your
                          > experience with ours and saying: Neither I nor those guys at the forum
                          > (confirmed, this end) have ever experienced a security breach that is
                          > associated to the SDC installation. Of course, we always deal with
                          competent
                          > people on the IIS or Apache side :)
                          >
                          > Good luck!
                          >
                          >
                          > Sergio Maldonado
                          > Spanish Web Analytics Association
                          > www.aeaw.es
                          >
                          >
                          >
                          >
                          >
                          >
                          >
                          > On Nov 30, 2007 2:52 PM, Seby Kallarakkal <seby@...> wrote:
                          >
                          > > Hi,
                          > >
                          > > One of our customers is using WebTrends enteprise version and they are
                          > > moving from normal web server log files to SDC. This customer is
                          extremely
                          > > sensitive to any software that is installed in their data center.
                          Since
                          > > SDC
                          > > server is required to be on the public network, their security
                          team wants
                          > > to
                          > > know
                          > >
                          > > a. Since SDC uses ISAPI filter on IIS, does it pose any
                          vulnerability /
                          > > threat?
                          > > b. If there has been any instance of SDC installation being exploited
                          > > in the past?
                          > >
                          > > We tried searching on the Internet, but found only old articles on
                          > > securityfocus.com. Perhaps there is nothing online because there
                          are no
                          > > issues whatsoever in terms of security. But would be good to know.
                          Thanks
                          > > for any input that you might have.
                          > >
                          > > Regards,
                          > >
                          > > Seby Kallarakkal
                          > >
                          > > seby@... <seby%40nabler.com>
                          > >
                          > > +91-80-25423566 Ext.207
                          > >
                          > > www.nabler.com
                          > >
                          > > [Non-text portions of this message have been removed]
                          > >
                          > >
                          > >
                          >
                          >
                          > [Non-text portions of this message have been removed]
                          >
                        • Seby Kallarakkal
                          Hi Sergio, Thanks for sharing your thoughts and my apologies for the delay. You are so right about sys administrators. I ve taken the feedback from this forum
                          Message 12 of 14 , Dec 14, 2007
                          • 0 Attachment
                            Hi Sergio,



                            Thanks for sharing your thoughts and my apologies for the delay. You are so
                            right about sys administrators.



                            I've taken the feedback from this forum to the customers and they are of
                            course, convinced. The trouble is with the systems team.



                            The customer is almost ready to go live now. We have given them alternatives
                            on what happens if the SDC server is not online :-)



                            Regards,



                            Seby Kallarakkal

                            seby@...

                            +91-80-25423566 Ext.207

                            www.nabler.com

                            _____

                            From: webanalytics@yahoogroups.com [mailto:webanalytics@yahoogroups.com] On
                            Behalf Of Sergio Maldonado
                            Sent: Tuesday, December 04, 2007 1:51 PM
                            To: webanalytics@yahoogroups.com
                            Subject: Re: [webanalytics] Security aspect of SDC



                            Hi Seby,

                            I have gone through the same experience so many times (and in so many
                            different places!), it comes as no surprise!

                            System Administrators on the client side are paid to be they way they are:
                            Extremely suspicious of anything you plan to plant on their servers. They
                            just can't help. No matter where you are, you will be cross-examined on the
                            same points.

                            Then, of course, as Steve rightly says, they end up being so much better
                            informed than any of us in the WA world! :)

                            So, the only way you can help them now is by putting together your
                            experience with ours and saying: Neither I nor those guys at the forum
                            (confirmed, this end) have ever experienced a security breach that is
                            associated to the SDC installation. Of course, we always deal with competent
                            people on the IIS or Apache side :)

                            Good luck!

                            Sergio Maldonado
                            Spanish Web Analytics Association
                            www.aeaw.es

                            On Nov 30, 2007 2:52 PM, Seby Kallarakkal <seby@nabler.
                            <mailto:seby%40nabler.com> com> wrote:

                            > Hi,
                            >
                            > One of our customers is using WebTrends enteprise version and they are
                            > moving from normal web server log files to SDC. This customer is extremely
                            > sensitive to any software that is installed in their data center. Since
                            > SDC
                            > server is required to be on the public network, their security team wants
                            > to
                            > know
                            >
                            > a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
                            > threat?
                            > b. If there has been any instance of SDC installation being exploited
                            > in the past?
                            >
                            > We tried searching on the Internet, but found only old articles on
                            > securityfocus.com. Perhaps there is nothing online because there are no
                            > issues whatsoever in terms of security. But would be good to know. Thanks
                            > for any input that you might have.
                            >
                            > Regards,
                            >
                            > Seby Kallarakkal
                            >
                            > seby@nabler. <mailto:seby%40nabler.com> com <seby%40nabler.com>
                            >
                            > +91-80-25423566 Ext.207
                            >
                            > www.nabler.com
                            >
                            > [Non-text portions of this message have been removed]
                            >
                            >
                            >

                            [Non-text portions of this message have been removed]





                            [Non-text portions of this message have been removed]
                          • Seby Kallarakkal
                            Hi Lothaire, Thanks for the information. I m sorry for the delay in replying. Unfortunately, this customer has a corporate policy of not allowing their data to
                            Message 13 of 14 , Dec 14, 2007
                            • 0 Attachment
                              Hi Lothaire,



                              Thanks for the information. I'm sorry for the delay in replying.



                              Unfortunately, this customer has a corporate policy of not allowing their
                              data to go outside their network. So hosting SDC with WT is not going to be
                              an option. But like I said in my earlier email to Sergio, the customer is
                              almost done with all kinds of audit and in all probability might go live in
                              the next few days.



                              As we move from using web server log files to SDC log files, I'm curious to
                              see what happens to the data. Traffic should go up because it's a
                              page-tagged solution. But then machine traffic would not be counted (which
                              is a good thing) and the traffic would go down. So I'm really, really
                              curious to see what happens!



                              Regards,



                              Seby Kallarakkal

                              seby@...

                              +91-80-25423566 Ext.207

                              www.nabler.com

                              _____

                              From: webanalytics@yahoogroups.com [mailto:webanalytics@yahoogroups.com] On
                              Behalf Of Lothaire Ruellan
                              Sent: Friday, December 07, 2007 10:59 PM
                              To: webanalytics@yahoogroups.com
                              Subject: [webanalytics] Re: Security aspect of SDC



                              Webtrends also proposes an hybrid solution in which they would host
                              the SDC, collect the data, and deliver a daily log via FTP. On your
                              side, you would only have the Webtrends software and process the log
                              on a daily basis. This way, you would have the flexibility that comes
                              with the Webtrends software, without the hassle of hosting the SDC.
                              Maybe that would alleviate your team's concerns.

                              Lothaire

                              --- In webanalytics@ <mailto:webanalytics%40yahoogroups.com>
                              yahoogroups.com, "Sergio Maldonado"
                              <sergio.maldonado.elvira@...> wrote:
                              >
                              > Hi Seby,
                              >
                              > I have gone through the same experience so many times (and in so many
                              > different places!), it comes as no surprise!
                              >
                              > System Administrators on the client side are paid to be they way
                              they are:
                              > Extremely suspicious of anything you plan to plant on their servers.
                              They
                              > just can't help. No matter where you are, you will be cross-examined
                              on the
                              > same points.
                              >
                              > Then, of course, as Steve rightly says, they end up being so much better
                              > informed than any of us in the WA world! :)
                              >
                              > So, the only way you can help them now is by putting together your
                              > experience with ours and saying: Neither I nor those guys at the forum
                              > (confirmed, this end) have ever experienced a security breach that is
                              > associated to the SDC installation. Of course, we always deal with
                              competent
                              > people on the IIS or Apache side :)
                              >
                              > Good luck!
                              >
                              >
                              > Sergio Maldonado
                              > Spanish Web Analytics Association
                              > www.aeaw.es
                              >
                              >
                              >
                              >
                              >
                              >
                              >
                              > On Nov 30, 2007 2:52 PM, Seby Kallarakkal <seby@...> wrote:
                              >
                              > > Hi,
                              > >
                              > > One of our customers is using WebTrends enteprise version and they are
                              > > moving from normal web server log files to SDC. This customer is
                              extremely
                              > > sensitive to any software that is installed in their data center.
                              Since
                              > > SDC
                              > > server is required to be on the public network, their security
                              team wants
                              > > to
                              > > know
                              > >
                              > > a. Since SDC uses ISAPI filter on IIS, does it pose any
                              vulnerability /
                              > > threat?
                              > > b. If there has been any instance of SDC installation being exploited
                              > > in the past?
                              > >
                              > > We tried searching on the Internet, but found only old articles on
                              > > securityfocus.com. Perhaps there is nothing online because there
                              are no
                              > > issues whatsoever in terms of security. But would be good to know.
                              Thanks
                              > > for any input that you might have.
                              > >
                              > > Regards,
                              > >
                              > > Seby Kallarakkal
                              > >
                              > > seby@... <seby%40nabler.com>
                              > >
                              > > +91-80-25423566 Ext.207
                              > >
                              > > www.nabler.com
                              > >
                              > > [Non-text portions of this message have been removed]
                              > >
                              > >
                              > >
                              >
                              >
                              > [Non-text portions of this message have been removed]
                              >





                              [Non-text portions of this message have been removed]
                            • Sergio Maldonado
                              Happy to hear that, Seby! Good luck with that last milestone... ... [Non-text portions of this message have been removed]
                              Message 14 of 14 , Dec 17, 2007
                              • 0 Attachment
                                Happy to hear that, Seby!

                                Good luck with that last milestone...

                                On Dec 14, 2007 7:55 PM, Seby Kallarakkal <seby@...> wrote:

                                > Hi Sergio,
                                >
                                > Thanks for sharing your thoughts and my apologies for the delay. You are
                                > so
                                > right about sys administrators.
                                >
                                > I've taken the feedback from this forum to the customers and they are of
                                > course, convinced. The trouble is with the systems team.
                                >
                                > The customer is almost ready to go live now. We have given them
                                > alternatives
                                > on what happens if the SDC server is not online :-)
                                >
                                >
                                > Regards,
                                >
                                > Seby Kallarakkal
                                >
                                > seby@... <seby%40nabler.com>
                                >
                                > +91-80-25423566 Ext.207
                                >
                                > www.nabler.com
                                >
                                > _____
                                >
                                > From: webanalytics@yahoogroups.com <webanalytics%40yahoogroups.com>[mailto:
                                > webanalytics@yahoogroups.com <webanalytics%40yahoogroups.com>] On
                                > Behalf Of Sergio Maldonado
                                > Sent: Tuesday, December 04, 2007 1:51 PM
                                > To: webanalytics@yahoogroups.com <webanalytics%40yahoogroups.com>
                                > Subject: Re: [webanalytics] Security aspect of SDC
                                >
                                > Hi Seby,
                                >
                                > I have gone through the same experience so many times (and in so many
                                > different places!), it comes as no surprise!
                                >
                                > System Administrators on the client side are paid to be they way they are:
                                > Extremely suspicious of anything you plan to plant on their servers. They
                                > just can't help. No matter where you are, you will be cross-examined on
                                > the
                                > same points.
                                >
                                > Then, of course, as Steve rightly says, they end up being so much better
                                > informed than any of us in the WA world! :)
                                >
                                > So, the only way you can help them now is by putting together your
                                > experience with ours and saying: Neither I nor those guys at the forum
                                > (confirmed, this end) have ever experienced a security breach that is
                                > associated to the SDC installation. Of course, we always deal with
                                > competent
                                > people on the IIS or Apache side :)
                                >
                                > Good luck!
                                >
                                > Sergio Maldonado
                                > Spanish Web Analytics Association
                                > www.aeaw.es
                                >
                                > On Nov 30, 2007 2:52 PM, Seby Kallarakkal <seby@nabler.
                                > <mailto:seby%40nabler.com> com> wrote:
                                >
                                > > Hi,
                                > >
                                > > One of our customers is using WebTrends enteprise version and they are
                                > > moving from normal web server log files to SDC. This customer is
                                > extremely
                                > > sensitive to any software that is installed in their data center. Since
                                > > SDC
                                > > server is required to be on the public network, their security team
                                > wants
                                > > to
                                > > know
                                > >
                                > > a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
                                > > threat?
                                > > b. If there has been any instance of SDC installation being exploited
                                > > in the past?
                                > >
                                > > We tried searching on the Internet, but found only old articles on
                                > > securityfocus.com. Perhaps there is nothing online because there are no
                                > > issues whatsoever in terms of security. But would be good to know.
                                > Thanks
                                > > for any input that you might have.
                                > >
                                > > Regards,
                                > >
                                > > Seby Kallarakkal
                                > >
                                > > seby@nabler. <mailto:seby%40nabler.com> com <seby%40nabler.com>
                                > >
                                > > +91-80-25423566 Ext.207
                                > >
                                > > www.nabler.com
                                > >
                                > > [Non-text portions of this message have been removed]
                                > >
                                > >
                                > >
                                >
                                > [Non-text portions of this message have been removed]
                                >
                                > [Non-text portions of this message have been removed]
                                >
                                >
                                >


                                [Non-text portions of this message have been removed]
                              Your message has been successfully submitted and would be delivered to recipients shortly.