According the National Venture Capital Association (NVCA), there are 798 venture capital firms managing more than $235B in the United States. These are long-term, professional investors who specialize in funding and building new, innovative companies.

So how do you figure out who to approach for funding? This is the area where I find entrepreneurs make the biggest mistakes. Most of us approach investors we know. Perhaps you have a friend who knows a VC or you have a friend who is a VC. How do you know if your friend or the person you get introduced to is the right investor for you? Most likely they’re not. Not all VCs are alike. Some are geared for early stage and some are not. Some are suited for late stage investments while others just say they are.

You can’t always trust what an investor says their appetite is either. I’ve pitched to investors who say, “yeah we do Series A” only to be barraged by questions like, “how many paying customers do you have that we can talk to.” On the other hand, I’ve presented to wanna be later stage investors that were only prepared to pay an early stage price.

You need to do your own research. Venture capitalists are for the most part, creatures of habit. They don’t change investment philosophies much. Often within a firm it will take a generation before new blood arrives and can affect major change. In addition to the succession challenges, VCs are bound by the structure and economics of their business. Venture funds are seven to ten year financial vehicles. VCs raise the money for their funds based on an investment strategy which takes several years to play out.

I suggest doing your own primary research. Identify eight to ten prospects with a track record of backing entrepreneurs like you. Look for a history of focusing on your market and the stage your company is at and the type of involvement you want. Suspend your judgment during the your data gathering. Just get the data and avoid acting surprised or judgmental. Get specific data on the number of projects and stages of investment each firm has completed recently.

When we raised a Series C round earlier this year, I identified eight firms to approach based on their past investment history. Specifically, I was looking for firms and partners that had done a majority of their investments in late stage, infrastructure software companies over the past eighteen months. I wanted to focus on VCs who demonstrated a track record of paying a fair price to invest in revenue generating companies that need capital to accelerate growth. I gathered data on how many investments each VC made, how many of the investments were later stage and how many later stage investments they actually led versus just participated in. My goal was to focus on investors with the highest percentage of later stage deals led as a function of total investments made.

Of the VCs I researched the percentage of Series C or later deals led ranged from 15% to 95% of the total deals invested in during the prior 18 month period. Surprisingly the firm with the 15% invested in far more deals and far more later stage deals than anyone else. But the participation in later stage deals was mostly follow on investments in their existing portfolio. This was not the type of later stage investor I was looking for to lead our financing.

There were two VCs that approached us and pitched themselves as later stage investors. But the data just didn’t support their claims. The one had a 19% rating and the other a 17% rating. Despite showing great interest both of these investors dropped out of the financing process when we had several term sheets and commented, “the price is too high for us, we can’t dedicate our time to the project unless we can own more of the company.” At which point the leopard really showed his stripes.

The core set of later stage VCs I focused on had ratings ranging from 50% to 95% indicating they had led a significant number of later stage investments in the past 18 months. Every one of these investors delivered us a term sheet at a competitive price.

How do you find this information? The brute force way is to visit a number of firm’s websites and go through their portfolios. This takes a while but can yield the information you’re looking for if you put in the time. It is certainly a lot less time consuming (and less humiliating) than pitching investors that will never invest in your profile situation. There are a variety of venture capital databases that can make your research much faster and easier. If you have a friend that’s a VC they likely have access to one or more of these sources. If the answers about a particular firm are vague drill down and get the real story. If you can’t figure it out, move on. You’ve got 798 firms to choose from.

Last week I was in NYC for Interop 2007. Interop in NY is a significantly smaller conference than the big brother Interop in Vegas. I’d say there were 7,500 to 8,000 people at Interop NYC this year, compared to 18,500 in Vegas back in May. Somehow though I always find the New York show more interesting. Perhaps it’s the lack of constant firefighting in the NOC that gives us all more time to have meaningful conversations about the latest networking technologies. Plus somehow New York just seems to have more substance than Vegas. Call me crazy but…

This was also the first Interop where we had a chance to apply the magic of Splunk genre 3.0. We had a record number of searches in the NOC (despite the smaller show). I’m not surprised. 3.0 is so cool the way it automatically extracts fields out of data streams from all kinds of networking gear.

Now there are lots of people who know more about networking and security than I do, but here’s a simple investigation I did with Splunk.

1. I started with a simple search for “failed password.” This picks up firewall and router hacking attempts (typically ssh) sent to Splunk using syslog forwarding.

2. I was then able to quickly see the top “source IP”. Because the source IP field automatically gets extracted with each search I’m able to quickly click and see the list of top source IPs for the time frame in question. A single click and I’ve added the top offender to my search parameters.

3. Just a click away and I can geolocate this IP. With field actions in Splunk I can now drive workflow items right from the search results. Here I just need to click on the menu next to any IP address and I can geolocate the address with any number of free web based services. It was interesting to watch the hackers and bots travel around the world and with more time would have been fun to write a little Flash application to call the Splunk API and map things in real-time.

4. Reporting on top source_IPs every hour was easy. Like any IT guy without a bunch of time, I went for the low road. I just clicked report on all source_IPs from the field action menu and I got a nice looking flash report. It was really easy to save the report and run it on a schedule every hour. Now anyone on the NOC team alert list can get it right in their email or log into Splunk and check out the dashboard with a few other useful security searches.

You can split the same report series by user and see how a lot of these hacker bots try to use common software package and open source default configuration usernames and passwords.

If you want to check it out yourself, send me mail and I’ll let you know where you can access the server. It’s kinda fun to search on your own machine name and see all the times you were on the network at the show. You can drill down into each DHCP transaction and see all the events.