## Bounce Rate vs Single Page Access [in Omniture]

Expand Messages
• Hi again, I am wondering how everyone out there distinguishes these two. I have been trying to push the bounce rate but it has been a bit of pain. I get it,
Message 1 of 14 , Nov 28 7:56 AM
Hi again,
I am wondering how everyone out there distinguishes these two. I have
been trying to push the "bounce rate" but it has been a bit of pain.
I get it, but am having a hard time explaining the true difference
between them, even when presented with the actual equation/formula I
still get confused faces and questions that lead back to "but isn't
that one and the same thing...bounce rate doesn't make sense".

Help? Can you give me any tips how to explain the difference between
it makes sense to look at the bounce rate?

many thanks!
Lana
• Hi Lana, My understanding between the two metrics is that Single Access is a count whereas Bounce Rate is a rate--Single Access/Entries. The rate will
Message 2 of 14 , Nov 28 10:31 AM
Hi Lana,

My understanding between the two metrics is that Single Access is a
count whereas Bounce Rate is a rate--Single Access/Entries. The rate
will indicate the amount of people who entered on that page and left
compared to the amount of people who entered on that page and clicked
to other pages. The count alone doesn't really tell me the page's
full performance in relation to those visitors who stayed, because it
only focuses on those who didn't stay.

continued to click through the website. If I just had a single
access count, I really can't determine what that means in relation to
other visitors who entered.

Concerning strategy, you can easily institute a goal when using a
rate: decrease bounce rate by 20% which effectively increases the
rate of those who click through by 20%. Yet if I use Single Access as
my goal, just because I decrease that count doesn't mean I increase
the amount of those who click through (which is what you care about).

Thoughts?

~helen
www.crameronline.com

--- In webanalytics@yahoogroups.com, "eurolana" <eurolana@...> wrote:
>
> Hi again,
> I am wondering how everyone out there distinguishes these two. I
have
> been trying to push the "bounce rate" but it has been a bit of
pain.
> I get it, but am having a hard time explaining the true difference
> between them, even when presented with the actual equation/formula I
> still get confused faces and questions that lead back to "but isn't
> that one and the same thing...bounce rate doesn't make sense".
>
> Help? Can you give me any tips how to explain the difference between
why
> it makes sense to look at the bounce rate?
>
> many thanks!
> Lana
>
• Helen, You are correct. Using the single access metric alone will not help you as much as Bounce Rate in measuring or making descisions. Example: If Page A
Message 3 of 14 , Nov 29 7:19 AM
Helen,

You are correct. Using the "single access" metric alone will not
help you as much as Bounce Rate in measuring or making descisions.

Example: If Page A is showing 150 for "single access" and Page B is
showing 15 for "single access" that doesn't mean page B is a better
landing page. Because Page A could have 5,000 "entries" while page B
only had 100 entires. Bounce Rate would show you that page A is
better with a 3% bounce rate compared to page B with a 15% bounce
rate, but looking at "single access" alone would not show you this.

--- In webanalytics@yahoogroups.com, "hvet125" <hvetrano@...> wrote:
>
> Hi Lana,
>
> My understanding between the two metrics is that Single Access is
a
> count whereas Bounce Rate is a rate--Single Access/Entries. The
rate
> will indicate the amount of people who entered on that page and
left
> compared to the amount of people who entered on that page and
clicked
> to other pages. The count alone doesn't really tell me the page's
> full performance in relation to those visitors who stayed, because
it
> only focuses on those who didn't stay.
>
60%
> continued to click through the website. If I just had a single
> access count, I really can't determine what that means in relation
to
> other visitors who entered.
>
> Concerning strategy, you can easily institute a goal when using a
> rate: decrease bounce rate by 20% which effectively increases the
> rate of those who click through by 20%. Yet if I use Single Access
as
> my goal, just because I decrease that count doesn't mean I
increase
> the amount of those who click through (which is what you care
>
> Thoughts?
>
> ~helen
> www.crameronline.com
>
> --- In webanalytics@yahoogroups.com, "eurolana" <eurolana@> wrote:
> >
> > Hi again,
> > I am wondering how everyone out there distinguishes these two. I
> have
> > been trying to push the "bounce rate" but it has been a bit of
> pain.
> > I get it, but am having a hard time explaining the true
difference
> > between them, even when presented with the actual
equation/formula I
> > still get confused faces and questions that lead back to "but
isn't
> > that one and the same thing...bounce rate doesn't make sense".
> >
> > Help? Can you give me any tips how to explain the difference
between
And
> why
> > it makes sense to look at the bounce rate?
> >
> > many thanks!
> > Lana
> >
>
• When you guys defined it, in calc metrics did you use single access/entries or single access/total entries? I m wondering because I can make sense of it both
Message 4 of 14 , Nov 29 7:52 AM
When you guys defined it, in calc metrics did you use
single access/entries or single access/total entries?
I'm wondering because I can make sense of it both ways...

thanks again for all your help!

--- In webanalytics@yahoogroups.com, "kschlu" <kschlu@...> wrote:
>
> Helen,
>
> You are correct. Using the "single access" metric alone will not
> help you as much as Bounce Rate in measuring or making descisions.
>
> Example: If Page A is showing 150 for "single access" and Page B is
> showing 15 for "single access" that doesn't mean page B is a better
> landing page. Because Page A could have 5,000 "entries" while page B
> only had 100 entires. Bounce Rate would show you that page A is
> better with a 3% bounce rate compared to page B with a 15% bounce
> rate, but looking at "single access" alone would not show you this.
>
> --- In webanalytics@yahoogroups.com, "hvet125" <hvetrano@> wrote:
> >
> > Hi Lana,
> >
> > My understanding between the two metrics is that Single Access is
> a
> > count whereas Bounce Rate is a rate--Single Access/Entries. The
> rate
> > will indicate the amount of people who entered on that page and
> left
> > compared to the amount of people who entered on that page and
> clicked
> > to other pages. The count alone doesn't really tell me the page's
> > full performance in relation to those visitors who stayed, because
> it
> > only focuses on those who didn't stay.
> >
> > Say if there is a 40% bounce rate on your home page. I know that
> 60%
> > continued to click through the website. If I just had a single
> > access count, I really can't determine what that means in relation
> to
> > other visitors who entered.
> >
> > Concerning strategy, you can easily institute a goal when using a
> > rate: decrease bounce rate by 20% which effectively increases the
> > rate of those who click through by 20%. Yet if I use Single Access
> as
> > my goal, just because I decrease that count doesn't mean I
> increase
> > the amount of those who click through (which is what you care
> >
> > Thoughts?
> >
> > ~helen
> > www.crameronline.com
> >
> > --- In webanalytics@yahoogroups.com, "eurolana" <eurolana@> wrote:
> > >
> > > Hi again,
> > > I am wondering how everyone out there distinguishes these two. I
> > have
> > > been trying to push the "bounce rate" but it has been a bit of
> > pain.
> > > I get it, but am having a hard time explaining the true
> difference
> > > between them, even when presented with the actual
> equation/formula I
> > > still get confused faces and questions that lead back to "but
> isn't
> > > that one and the same thing...bounce rate doesn't make sense".
> > >
> > > Help? Can you give me any tips how to explain the difference
> between
> And
> > why
> > > it makes sense to look at the bounce rate?
> > >
> > > many thanks!
> > > Lana
> > >
> >
>
• IMO they re equally important because the single access rate (single access visits / total visits) will tell you how important the bounce rate for that page
Message 5 of 14 , Nov 29 8:45 AM
IMO they're equally important because the single access rate (single access visits / total visits) will tell you how important the bounce rate for that page is. For example, if you have a page that has a bounce rate of 70% but has a single access rate of only 5%, it's not as critical as a page that has a 50% bounce rate and a 50% single access rate.

-------------- Original message ----------------------
From: "kschlu" <kschlu@...>
> Helen,
>
> You are correct. Using the "single access" metric alone will not
> help you as much as Bounce Rate in measuring or making descisions.
>
> Example: If Page A is showing 150 for "single access" and Page B is
> showing 15 for "single access" that doesn't mean page B is a better
> landing page. Because Page A could have 5,000 "entries" while page B
> only had 100 entires. Bounce Rate would show you that page A is
> better with a 3% bounce rate compared to page B with a 15% bounce
> rate, but looking at "single access" alone would not show you this.
>
> --- In webanalytics@yahoogroups.com, "hvet125" <hvetrano@...> wrote:
> >
> > Hi Lana,
> >
> > My understanding between the two metrics is that Single Access is
> a
> > count whereas Bounce Rate is a rate--Single Access/Entries. The
> rate
> > will indicate the amount of people who entered on that page and
> left
> > compared to the amount of people who entered on that page and
> clicked
> > to other pages. The count alone doesn't really tell me the page's
> > full performance in relation to those visitors who stayed, because
> it
> > only focuses on those who didn't stay.
> >
> > Say if there is a 40% bounce rate on your home page. I know that
> 60%
> > continued to click through the website. If I just had a single
> > access count, I really can't determine what that means in relation
> to
> > other visitors who entered.
> >
> > Concerning strategy, you can easily institute a goal when using a
> > rate: decrease bounce rate by 20% which effectively increases the
> > rate of those who click through by 20%. Yet if I use Single Access
> as
> > my goal, just because I decrease that count doesn't mean I
> increase
> > the amount of those who click through (which is what you care
> >
> > Thoughts?
> >
> > ~helen
> > www.crameronline.com
> >
> > --- In webanalytics@yahoogroups.com, "eurolana" <eurolana@> wrote:
> > >
> > > Hi again,
> > > I am wondering how everyone out there distinguishes these two. I
> > have
> > > been trying to push the "bounce rate" but it has been a bit of
> > pain.
> > > I get it, but am having a hard time explaining the true
> difference
> > > between them, even when presented with the actual
> equation/formula I
> > > still get confused faces and questions that lead back to "but
> isn't
> > > that one and the same thing...bounce rate doesn't make sense".
> > >
> > > Help? Can you give me any tips how to explain the difference
> between
> And
> > why
> > > it makes sense to look at the bounce rate?
> > >
> > > many thanks!
> > > Lana
> > >
> >
>
>
>

[Non-text portions of this message have been removed]
• Hi again, I would use single access/entries instead of the total as the former limits the perspective to the performance of the specific page instead of in
Message 6 of 14 , Nov 29 11:52 AM
Hi again,

I would use single access/entries instead of the total as the former
limits the perspective to the performance of the specific page
instead of in relation to the entire site. Otherwise, optimization of
that particular page is difficult as the metric includes the
performance of other pages too.

~helen
www.crameronline.com

--- In webanalytics@yahoogroups.com, "eurolana" <eurolana@...> wrote:
>
> When you guys defined it, in calc metrics did you use
> single access/entries or single access/total entries?
> I'm wondering because I can make sense of it both ways...
>
> thanks again for all your help!
>
> --- In webanalytics@yahoogroups.com, "kschlu" <kschlu@> wrote:
> >
> > Helen,
> >
> > You are correct. Using the "single access" metric alone will not
> > help you as much as Bounce Rate in measuring or making
descisions.
> >
> > Example: If Page A is showing 150 for "single access" and Page B
is
> > showing 15 for "single access" that doesn't mean page B is a
better
> > landing page. Because Page A could have 5,000 "entries" while
page B
> > only had 100 entires. Bounce Rate would show you that page A is
> > better with a 3% bounce rate compared to page B with a 15% bounce
> > rate, but looking at "single access" alone would not show you
this.
> >
> > --- In webanalytics@yahoogroups.com, "hvet125" <hvetrano@> wrote:
> > >
> > > Hi Lana,
> > >
> > > My understanding between the two metrics is that Single Access
is
> > a
> > > count whereas Bounce Rate is a rate--Single Access/Entries.
The
> > rate
> > > will indicate the amount of people who entered on that page and
> > left
> > > compared to the amount of people who entered on that page and
> > clicked
> > > to other pages. The count alone doesn't really tell me the
page's
> > > full performance in relation to those visitors who stayed,
because
> > it
> > > only focuses on those who didn't stay.
> > >
> > > Say if there is a 40% bounce rate on your home page. I know
that
> > 60%
> > > continued to click through the website. If I just had a single
> > > access count, I really can't determine what that means in
relation
> > to
> > > other visitors who entered.
> > >
> > > Concerning strategy, you can easily institute a goal when using
a
> > > rate: decrease bounce rate by 20% which effectively increases
the
> > > rate of those who click through by 20%. Yet if I use Single
Access
> > as
> > > my goal, just because I decrease that count doesn't mean I
> > increase
> > > the amount of those who click through (which is what you care
> > >
> > > Thoughts?
> > >
> > > ~helen
> > > www.crameronline.com
> > >
> > > --- In webanalytics@yahoogroups.com, "eurolana" <eurolana@>
wrote:
> > > >
> > > > Hi again,
> > > > I am wondering how everyone out there distinguishes these
two. I
> > > have
> > > > been trying to push the "bounce rate" but it has been a bit
of
> > > pain.
> > > > I get it, but am having a hard time explaining the true
> > difference
> > > > between them, even when presented with the actual
> > equation/formula I
> > > > still get confused faces and questions that lead back to "but
> > isn't
> > > > that one and the same thing...bounce rate doesn't make sense".
> > > >
> > > > Help? Can you give me any tips how to explain the difference
> > between
> > And
> > > why
> > > > it makes sense to look at the bounce rate?
> > > >
> > > > many thanks!
> > > > Lana
> > > >
> > >
> >
>
• Hi, One of our customers is using WebTrends enteprise version and they are moving from normal web server log files to SDC. This customer is extremely sensitive
Message 7 of 14 , Nov 30 5:52 AM
Hi,

One of our customers is using WebTrends enteprise version and they are
moving from normal web server log files to SDC. This customer is extremely
sensitive to any software that is installed in their data center. Since SDC
server is required to be on the public network, their security team wants to
know

a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
threat?
b. If there has been any instance of SDC installation being exploited
in the past?

We tried searching on the Internet, but found only old articles on
securityfocus.com. Perhaps there is nothing online because there are no
issues whatsoever in terms of security. But would be good to know. Thanks
for any input that you might have.

Regards,

Seby Kallarakkal

seby@...

+91-80-25423566 Ext.207

www.nabler.com

[Non-text portions of this message have been removed]
• ... By definition it can t pose a threat, but can expose a weakness or vulnerability that could be exploited by a threat. /pedantic. ... *known* would be the
Message 8 of 14 , Nov 30 9:22 PM
On Dec 1, 2007 12:52 AM, Seby Kallarakkal <seby@...> wrote:
> One of our customers is using WebTrends enteprise version and they are
> moving from normal web server log files to SDC. This customer is extremely
> sensitive to any software that is installed in their data center. Since SDC
> server is required to be on the public network, their security team wants to
> know
>
> a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
> threat?

By definition it can't pose a threat, but can expose a weakness or
vulnerability that could be exploited by a threat.
/pedantic.

> b. If there has been any instance of SDC installation being exploited
> in the past?

*known* would be the key word.

> We tried searching on the Internet, but found only old articles on
> securityfocus.com. Perhaps there is nothing online because there are no
> issues whatsoever in terms of security. But would be good to know. Thanks

No. What that means is that there have been none exposed, or publicly
announced. It does not mean they don't or haven't existed.
It doesn't mean they have been exposed or exist either. This silence
cuts both ways.

But I am highly curious as to why you're being asked to provide this
information to the customer to their Security team?
With all due respect to your customer, this information gathering
exercise is one of the key tasks of their security team. THEY are the
ones that should have hooks into CERT, AUSCERT and so on. THEY are the
ones who trawl bugtraq.

They're the experts in this area, why are they abrogating one of their
primary duties?

After all, you're trying to sell a service to them. How can they
possibly know that you're not lying through your teeth to (a) sell
something and (b) use the weakness info to onsell elsewhere and make
an even bigger profit!

No offence meant or implied! :-)

Putting on my highly_opinionated_hat, this sounds like a team that
issues edicts from on high and that has no clue what they are really
there for. Namely: to help the business manage a particular style of
risk in the most cost effective way possible. Anything else is window

How you politely tell them to their job themselves? Politics. Oh joy....

HTH?
Cheers!
- Steve
• Hi Steve, Thanks for the reply. Don t worry, no offense taken :). Actually there are answers to your question. But it might mean offending people and would not
Message 9 of 14 , Dec 1, 2007
Hi Steve,

Don't worry, no offense taken :). Actually there are answers to your question. But it might mean offending people and would not get us to the solution :)

Regards,

Seby Kallarakkal

Sent from BlackBerry® on Airtel

-----Original Message-----
From: Steve <nuilvows@...>

Date: Sat, 1 Dec 2007 16:22:00
To:webanalytics@yahoogroups.com
Subject: Re: [webanalytics] Security aspect of SDC

On Dec 1, 2007 12:52 AM, Seby Kallarakkal <seby@nabler. <mailto:seby%40nabler.com> com> wrote:
> One of our customers is using WebTrends enteprise version and they are
> moving from normal web server log files to SDC. This customer is extremely
> sensitive to any software that is installed in their data center. Since SDC
> server is required to be on the public network, their security team wants to
> know
>
> a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
> threat?

By definition it can't pose a threat, but can expose a weakness or
vulnerability that could be exploited by a threat.
/pedantic.

> b. If there has been any instance of SDC installation being exploited
> in the past?

*known* would be the key word.

> We tried searching on the Internet, but found only old articles on
> securityfocus.com. Perhaps there is nothing online because there are no
> issues whatsoever in terms of security. But would be good to know. Thanks

No. What that means is that there have been none exposed, or publicly
announced. It does not mean they don't or haven't existed.
It doesn't mean they have been exposed or exist either. This silence
cuts both ways.

But I am highly curious as to why you're being asked to provide this
information to the customer to their Security team?
With all due respect to your customer, this information gathering
exercise is one of the key tasks of their security team. THEY are the
ones that should have hooks into CERT, AUSCERT and so on. THEY are the
ones who trawl bugtraq.

They're the experts in this area, why are they abrogating one of their
primary duties?

After all, you're trying to sell a service to them. How can they
possibly know that you're not lying through your teeth to (a) sell
something and (b) use the weakness info to onsell elsewhere and make
an even bigger profit!

No offence meant or implied! :-)

Putting on my highly_opinionated_hat, this sounds like a team that
issues edicts from on high and that has no clue what they are really
there for. Namely: to help the business manage a particular style of
risk in the most cost effective way possible. Anything else is window

How you politely tell them to their job themselves? Politics. Oh joy....

HTH?
Cheers!
- Steve
• Hi Seby, I have gone through the same experience so many times (and in so many different places!), it comes as no surprise! System Administrators on the client
Message 10 of 14 , Dec 4, 2007
Hi Seby,

I have gone through the same experience so many times (and in so many
different places!), it comes as no surprise!

System Administrators on the client side are paid to be they way they are:
Extremely suspicious of anything you plan to plant on their servers. They
just can't help. No matter where you are, you will be cross-examined on the
same points.

Then, of course, as Steve rightly says, they end up being so much better
informed than any of us in the WA world! :)

So, the only way you can help them now is by putting together your
experience with ours and saying: Neither I nor those guys at the forum
(confirmed, this end) have ever experienced a security breach that is
associated to the SDC installation. Of course, we always deal with competent
people on the IIS or Apache side :)

Good luck!

Spanish Web Analytics Association
www.aeaw.es

On Nov 30, 2007 2:52 PM, Seby Kallarakkal <seby@...> wrote:

> Hi,
>
> One of our customers is using WebTrends enteprise version and they are
> moving from normal web server log files to SDC. This customer is extremely
> sensitive to any software that is installed in their data center. Since
> SDC
> server is required to be on the public network, their security team wants
> to
> know
>
> a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
> threat?
> b. If there has been any instance of SDC installation being exploited
> in the past?
>
> We tried searching on the Internet, but found only old articles on
> securityfocus.com. Perhaps there is nothing online because there are no
> issues whatsoever in terms of security. But would be good to know. Thanks
> for any input that you might have.
>
> Regards,
>
> Seby Kallarakkal
>
> seby@... <seby%40nabler.com>
>
> +91-80-25423566 Ext.207
>
> www.nabler.com
>
> [Non-text portions of this message have been removed]
>
>
>

[Non-text portions of this message have been removed]
• Webtrends also proposes an hybrid solution in which they would host the SDC, collect the data, and deliver a daily log via FTP. On your side, you would only
Message 11 of 14 , Dec 7, 2007
Webtrends also proposes an hybrid solution in which they would host
the SDC, collect the data, and deliver a daily log via FTP. On your
side, you would only have the Webtrends software and process the log
on a daily basis. This way, you would have the flexibility that comes
with the Webtrends software, without the hassle of hosting the SDC.
Maybe that would alleviate your team's concerns.

Lothaire

>
> Hi Seby,
>
> I have gone through the same experience so many times (and in so many
> different places!), it comes as no surprise!
>
> System Administrators on the client side are paid to be they way
they are:
> Extremely suspicious of anything you plan to plant on their servers.
They
> just can't help. No matter where you are, you will be cross-examined
on the
> same points.
>
> Then, of course, as Steve rightly says, they end up being so much better
> informed than any of us in the WA world! :)
>
> So, the only way you can help them now is by putting together your
> experience with ours and saying: Neither I nor those guys at the forum
> (confirmed, this end) have ever experienced a security breach that is
> associated to the SDC installation. Of course, we always deal with
competent
> people on the IIS or Apache side :)
>
> Good luck!
>
>
> Spanish Web Analytics Association
> www.aeaw.es
>
>
>
>
>
>
>
> On Nov 30, 2007 2:52 PM, Seby Kallarakkal <seby@...> wrote:
>
> > Hi,
> >
> > One of our customers is using WebTrends enteprise version and they are
> > moving from normal web server log files to SDC. This customer is
extremely
> > sensitive to any software that is installed in their data center.
Since
> > SDC
> > server is required to be on the public network, their security
team wants
> > to
> > know
> >
> > a. Since SDC uses ISAPI filter on IIS, does it pose any
vulnerability /
> > threat?
> > b. If there has been any instance of SDC installation being exploited
> > in the past?
> >
> > We tried searching on the Internet, but found only old articles on
> > securityfocus.com. Perhaps there is nothing online because there
are no
> > issues whatsoever in terms of security. But would be good to know.
Thanks
> > for any input that you might have.
> >
> > Regards,
> >
> > Seby Kallarakkal
> >
> > seby@... <seby%40nabler.com>
> >
> > +91-80-25423566 Ext.207
> >
> > www.nabler.com
> >
> > [Non-text portions of this message have been removed]
> >
> >
> >
>
>
> [Non-text portions of this message have been removed]
>
• Hi Sergio, Thanks for sharing your thoughts and my apologies for the delay. You are so right about sys administrators. I ve taken the feedback from this forum
Message 12 of 14 , Dec 14, 2007
Hi Sergio,

Thanks for sharing your thoughts and my apologies for the delay. You are so

I've taken the feedback from this forum to the customers and they are of
course, convinced. The trouble is with the systems team.

The customer is almost ready to go live now. We have given them alternatives
on what happens if the SDC server is not online :-)

Regards,

Seby Kallarakkal

seby@...

+91-80-25423566 Ext.207

www.nabler.com

_____

From: webanalytics@yahoogroups.com [mailto:webanalytics@yahoogroups.com] On
Sent: Tuesday, December 04, 2007 1:51 PM
To: webanalytics@yahoogroups.com
Subject: Re: [webanalytics] Security aspect of SDC

Hi Seby,

I have gone through the same experience so many times (and in so many
different places!), it comes as no surprise!

System Administrators on the client side are paid to be they way they are:
Extremely suspicious of anything you plan to plant on their servers. They
just can't help. No matter where you are, you will be cross-examined on the
same points.

Then, of course, as Steve rightly says, they end up being so much better
informed than any of us in the WA world! :)

So, the only way you can help them now is by putting together your
experience with ours and saying: Neither I nor those guys at the forum
(confirmed, this end) have ever experienced a security breach that is
associated to the SDC installation. Of course, we always deal with competent
people on the IIS or Apache side :)

Good luck!

Spanish Web Analytics Association
www.aeaw.es

On Nov 30, 2007 2:52 PM, Seby Kallarakkal <seby@nabler.
<mailto:seby%40nabler.com> com> wrote:

> Hi,
>
> One of our customers is using WebTrends enteprise version and they are
> moving from normal web server log files to SDC. This customer is extremely
> sensitive to any software that is installed in their data center. Since
> SDC
> server is required to be on the public network, their security team wants
> to
> know
>
> a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
> threat?
> b. If there has been any instance of SDC installation being exploited
> in the past?
>
> We tried searching on the Internet, but found only old articles on
> securityfocus.com. Perhaps there is nothing online because there are no
> issues whatsoever in terms of security. But would be good to know. Thanks
> for any input that you might have.
>
> Regards,
>
> Seby Kallarakkal
>
> seby@nabler. <mailto:seby%40nabler.com> com <seby%40nabler.com>
>
> +91-80-25423566 Ext.207
>
> www.nabler.com
>
> [Non-text portions of this message have been removed]
>
>
>

[Non-text portions of this message have been removed]

[Non-text portions of this message have been removed]
• Hi Lothaire, Thanks for the information. I m sorry for the delay in replying. Unfortunately, this customer has a corporate policy of not allowing their data to
Message 13 of 14 , Dec 14, 2007
Hi Lothaire,

Thanks for the information. I'm sorry for the delay in replying.

Unfortunately, this customer has a corporate policy of not allowing their
data to go outside their network. So hosting SDC with WT is not going to be
an option. But like I said in my earlier email to Sergio, the customer is
almost done with all kinds of audit and in all probability might go live in
the next few days.

As we move from using web server log files to SDC log files, I'm curious to
see what happens to the data. Traffic should go up because it's a
page-tagged solution. But then machine traffic would not be counted (which
is a good thing) and the traffic would go down. So I'm really, really
curious to see what happens!

Regards,

Seby Kallarakkal

seby@...

+91-80-25423566 Ext.207

www.nabler.com

_____

From: webanalytics@yahoogroups.com [mailto:webanalytics@yahoogroups.com] On
Behalf Of Lothaire Ruellan
Sent: Friday, December 07, 2007 10:59 PM
To: webanalytics@yahoogroups.com
Subject: [webanalytics] Re: Security aspect of SDC

Webtrends also proposes an hybrid solution in which they would host
the SDC, collect the data, and deliver a daily log via FTP. On your
side, you would only have the Webtrends software and process the log
on a daily basis. This way, you would have the flexibility that comes
with the Webtrends software, without the hassle of hosting the SDC.
Maybe that would alleviate your team's concerns.

Lothaire

--- In webanalytics@ <mailto:webanalytics%40yahoogroups.com>
>
> Hi Seby,
>
> I have gone through the same experience so many times (and in so many
> different places!), it comes as no surprise!
>
> System Administrators on the client side are paid to be they way
they are:
> Extremely suspicious of anything you plan to plant on their servers.
They
> just can't help. No matter where you are, you will be cross-examined
on the
> same points.
>
> Then, of course, as Steve rightly says, they end up being so much better
> informed than any of us in the WA world! :)
>
> So, the only way you can help them now is by putting together your
> experience with ours and saying: Neither I nor those guys at the forum
> (confirmed, this end) have ever experienced a security breach that is
> associated to the SDC installation. Of course, we always deal with
competent
> people on the IIS or Apache side :)
>
> Good luck!
>
>
> Spanish Web Analytics Association
> www.aeaw.es
>
>
>
>
>
>
>
> On Nov 30, 2007 2:52 PM, Seby Kallarakkal <seby@...> wrote:
>
> > Hi,
> >
> > One of our customers is using WebTrends enteprise version and they are
> > moving from normal web server log files to SDC. This customer is
extremely
> > sensitive to any software that is installed in their data center.
Since
> > SDC
> > server is required to be on the public network, their security
team wants
> > to
> > know
> >
> > a. Since SDC uses ISAPI filter on IIS, does it pose any
vulnerability /
> > threat?
> > b. If there has been any instance of SDC installation being exploited
> > in the past?
> >
> > We tried searching on the Internet, but found only old articles on
> > securityfocus.com. Perhaps there is nothing online because there
are no
> > issues whatsoever in terms of security. But would be good to know.
Thanks
> > for any input that you might have.
> >
> > Regards,
> >
> > Seby Kallarakkal
> >
> > seby@... <seby%40nabler.com>
> >
> > +91-80-25423566 Ext.207
> >
> > www.nabler.com
> >
> > [Non-text portions of this message have been removed]
> >
> >
> >
>
>
> [Non-text portions of this message have been removed]
>

[Non-text portions of this message have been removed]
• Happy to hear that, Seby! Good luck with that last milestone... ... [Non-text portions of this message have been removed]
Message 14 of 14 , Dec 17, 2007
Happy to hear that, Seby!

Good luck with that last milestone...

On Dec 14, 2007 7:55 PM, Seby Kallarakkal <seby@...> wrote:

> Hi Sergio,
>
> Thanks for sharing your thoughts and my apologies for the delay. You are
> so
>
> I've taken the feedback from this forum to the customers and they are of
> course, convinced. The trouble is with the systems team.
>
> The customer is almost ready to go live now. We have given them
> alternatives
> on what happens if the SDC server is not online :-)
>
>
> Regards,
>
> Seby Kallarakkal
>
> seby@... <seby%40nabler.com>
>
> +91-80-25423566 Ext.207
>
> www.nabler.com
>
> _____
>
> From: webanalytics@yahoogroups.com <webanalytics%40yahoogroups.com>[mailto:
> webanalytics@yahoogroups.com <webanalytics%40yahoogroups.com>] On
> Sent: Tuesday, December 04, 2007 1:51 PM
> To: webanalytics@yahoogroups.com <webanalytics%40yahoogroups.com>
> Subject: Re: [webanalytics] Security aspect of SDC
>
> Hi Seby,
>
> I have gone through the same experience so many times (and in so many
> different places!), it comes as no surprise!
>
> System Administrators on the client side are paid to be they way they are:
> Extremely suspicious of anything you plan to plant on their servers. They
> just can't help. No matter where you are, you will be cross-examined on
> the
> same points.
>
> Then, of course, as Steve rightly says, they end up being so much better
> informed than any of us in the WA world! :)
>
> So, the only way you can help them now is by putting together your
> experience with ours and saying: Neither I nor those guys at the forum
> (confirmed, this end) have ever experienced a security breach that is
> associated to the SDC installation. Of course, we always deal with
> competent
> people on the IIS or Apache side :)
>
> Good luck!
>
> Spanish Web Analytics Association
> www.aeaw.es
>
> On Nov 30, 2007 2:52 PM, Seby Kallarakkal <seby@nabler.
> <mailto:seby%40nabler.com> com> wrote:
>
> > Hi,
> >
> > One of our customers is using WebTrends enteprise version and they are
> > moving from normal web server log files to SDC. This customer is
> extremely
> > sensitive to any software that is installed in their data center. Since
> > SDC
> > server is required to be on the public network, their security team
> wants
> > to
> > know
> >
> > a. Since SDC uses ISAPI filter on IIS, does it pose any vulnerability /
> > threat?
> > b. If there has been any instance of SDC installation being exploited
> > in the past?
> >
> > We tried searching on the Internet, but found only old articles on
> > securityfocus.com. Perhaps there is nothing online because there are no
> > issues whatsoever in terms of security. But would be good to know.
> Thanks
> > for any input that you might have.
> >
> > Regards,
> >
> > Seby Kallarakkal
> >
> > seby@nabler. <mailto:seby%40nabler.com> com <seby%40nabler.com>
> >
> > +91-80-25423566 Ext.207
> >
> > www.nabler.com
> >
> > [Non-text portions of this message have been removed]
> >
> >
> >
>
> [Non-text portions of this message have been removed]
>
> [Non-text portions of this message have been removed]
>
>
>

[Non-text portions of this message have been removed]
Your message has been successfully submitted and would be delivered to recipients shortly.