- Test Center Tracker: Layer One Networking and a New Guide
- Test Center Tracker: One-one-one with OS X Leopard, small project management with OpenProj, seizing control of remote service monitoring, and defeating denial of service attacks
- Test Center Tracker: Slippery malware, storage clouds on the horizon, and a guide to getting green
- Test Center Tracker: Green tops Gartner's list, security best practices gone wrong
- Test Center Tracker: Safe Surfing
- Test Center Tracker: App limits
- A Day Without SPAM is, well, Rare
- Preview: Reconnex 6.0 Endpoint Agent locks back doors on intellectual property leaks
- Tripwire tightens grip on configuration changes
- IBM enhancing security
January 08, 2008 | Comments: (0)
Test Center Tracker: Layer One Networking and a New Guide
We keep trying to figure out how do networking without a physical layer, but so far we haven't figured that out, yet. Until then, we'll need to worry about things like cables. Brian Chee has looked at the craft and art of cable lacing, as part of the general focus on cables at InfoWorld. We also introduce a new kind of product article here in the Test Center -- one that should make reviews even more useful to you.
Network Beauty: When you have to network more than two or three systems together, cable management becomes a significant issue. Over in the Geeks in Paradise blog, Brian Chee takes on the nearly-lost art of cable lacing, and discusses why it's so important to current network maintenance and performance. In particular, he asks why more network centers aren't using cable harnesses -- a tool that auto and aircraft manufacturers have used for years -- to maintain order and regularity in their infrastructure. When you pair Brian's post with an object lesson in structured cabling in Off the Record, you have the basis for a serious discussion on just how important good cabling installation and management are to your network's continued performance.
A New Buyer's Guide: One of the constant issues we face here in the Test Center is how to make all our reviews useful to our readers. We've decided that one answer is a new kind of article, the Buyer's Guide. These articles will bring together information on the products, technologies,and companies within a product category, and provide a convenient place for us to link to all the reviews and analysis we've done on the products. Each of these guides will evolve as the market and products evolve, and will be updated to reflect new reviews and analysis. The first buyer's guide, our Buyer's Guide to SIMS, is up now. Take a look, and let us know how we can make it better -- there's much more to come.
Posted by Curt Franklin on January 8, 2008 01:16 PM
November 02, 2007 | Comments: (0)
Shacking up with Leopard: Apple's OS X Leopard hit the North American market one week ago this evening, prompting Tom Yager to swing by the Apple store, MacBook Pro in hand, then make a beeline for an isolation chamber (the local Holiday Inn) for an intensive evaluation. (Nothing gets between Yager and a new Mac OS.) While we wait for the resulting review, you can track his progress on Enterprise Mac. For the quick-and-dirty on what Leopard will mean to users, the best places to start are two of Tom's recent posts to Ahead of the Curve, "Apple OS X Leopard: A beautiful upgrad" and Tom's "Leopard: Not an OS, but a system you operate".
Small (and cheap) project management: If Microsoft Project is more than enough, free and open source OpenProj might be just enough. Curt "Dr. Gantt" Franklin takes the tidy project manager for a spin in SMB IT.
Help your datacenter help itself: The self-checking and "phone home" features in many server and storage systems use the Axeda ServiceLink service-monitoring system. A new offering from Axeda, called ServiceLink for Datacenters, brings these remote access links under a central management portal -- reducing the risk of data exposure, reports Storage Insider Mario Apicella.
Welcome to Estonia: If you think your business is immune to the kind of massive distributed denial of service attack that shoved Estonia off of the Internet, think again, advises our Security Advisor, Roger Grimes.
Posted by Doug Dineley on November 2, 2007 12:05 PM
October 26, 2007 | Comments: (0)
Test Center Tracker: Slippery malware, storage clouds on the horizon, and a guide to getting green
Mutating malware: Roger Grimes gives us a peek inside the network security arms race, where virus and worm authors evade signature-based detection techniques through "server-side polymorphism," and malware fighters seek a better defense. Say what? Server-side polymorphism? See today's Security Advisor.
Hash and stash: In today's Storage Insider, Mario profiles two startups that are rethinking how data is stored: Instead of storing complete data sets in a single bucket, they break the data into fragments and store them in multiple places. Cleversafe uses "dispersed storage" to boost data security, while RevStor applies the technique to disk to disk backup pools.
Green in twelve steps Going green can save you money, spare the air, engender feelings of goodwill in customers, and allow you to shame reprobate competitors. So good, but how do you get started? Forrester Research has a plan, which Ted Samson examines in yesterday's Sustainable IT.
Posted by Doug Dineley on October 26, 2007 10:49 AM
October 12, 2007 | Comments: (0)
Test Center Tracker: Green tops Gartner's list, security best practices gone wrong
Green is number one! At least according to Gartner, whose list of ten strategic technologies for 2008 caught the eye of greenalyst Ted Samson. See yesterday's Sustainable IT for Ted's take, and his swift run down the rest of Gartner's list. Hand it to Gartner: It's a fascinating list, a buzz-stirring blend of the real, the improbable, the silly, and the absurd, served with the signature deadpan delivery. Terrific reading. Go Web 2.0!
Guidelines and gridlines: Roger Grimes has spotted a disturbing trend in these times of compliance and governance, wherein best practices guidelines evolve into mandates, and the mandates begin reaching down into systems settings, trapping sensible security managers in a corner. See yesterday's Security Advisor for Roger's tales of good security guidelines gone wrong.
Posted by Doug Dineley on October 12, 2007 10:38 AM
August 28, 2007 | Comments: (0)
Test Center Tracker: Safe Surfing
Everyone wants to be secure while using the Internet, but tucking your enterprise into the warm, comfy blanket of safe surfing can be, at best, a significant challenge. James Borck looked at the Clearswift MIMEsweeper Web Appliance ENW10 and says that it does a job that's both reliable and broad, protecting web surfing, e-mail, IM, and ftp traffic from the various nasties that we've all come to know and loathe. It's not a perfect tool, with HTTPS contents being among the packets that remain hidden to its probing, but it could be the sort of tool that makes on-line life a bit safer and happier for your enterprise.
If your on-line duties include blogging, you'll want to check out Geeks in Paradise, where Brian Chee has been discovering the kinks, hiccups, and promise in Microsoft LiveWriter 64. Brian's managed to get it working (with significant support from Microsoft), and likes the way it helps get more rich-media bloggy goodness up and on the web.
Posted by Curt Franklin on August 28, 2007 08:46 AM
August 21, 2007 | Comments: (0)
Test Center Tracker: App limits
By now, pretty much everyone is aware that Skype suffered a massive meltdown last week, with bazillions of users unable to log into their P2P VoIP accounts. Skype says the problem was caused by Microsoft's Patch Tuesday, but not everyone is buying that explanation. Here at the Test Center, we're accustomed to the routine of testing products and watching them break, so Skype's explanation is plausible--though that doesn't mean it's correct. That's the real value of the kind of testing we do here, and it's why we're going to keep doing it. Sure, we're probably not going to be able to simulate every single combination of conditions, and modeling millions of clients rebooting at once is dicey, but we'll test as many products as possible, under conditions that give readers as much information as possible. We'll also be grateful that we're not responsible for keeping the Skype network up and running, but that's probably another blog entry.
Speaking of keeping things running, Ted Samson reports on Fujitsu's installation of a hydrogen fuel-cell generator for back-up power. I've seen very small hydrogen fuel cells for emergency back-up power, but Fujitsu has gone out on the leading edge for a facility of its size. Since most building-sized back-up generators are diesel units, switching to hydrogen could have a significant impact on both particulate and green-house gas emissions.
Finally, it's been amazing (and frustrating) to watch the evolution of the Storm Worm. Zero Day Security is tracking the twists and turns of this dangerous malware--if you're responsible for the security of even one system, you should follow along and stay on top of this truly vicious worm.
Posted by Curt Franklin on August 21, 2007 09:11 AM
August 14, 2007 | Comments: (0)
A Day Without SPAM is, well, Rare
A couple of interesting security announcements today, one positive and one much less so.
On the positive side, Microsoft has released Forefront Security of Exchange Server SP1 Beta 2 just in time for the release of Exchange Server SP1 Beta 2. The really good part about this is the recognition that security is a critical part of any application suite. According to the press release, the new version offers IPv6 support, improved filtering for profanity (in 11 languages, yet), better integration with Microsoft System Center Operations Manager, and more flexibility in dealing with ZIP and RAR files as attachments. More information on the product is available from Microsoft.
The less-good announcment came from Proofpoint, which says that there has been a spike in SPAM using .PDF files as a payload. How big is the spike? It's up 500% in the last two week, with .PDF spam accounting for roughly 25% of all SPAM on August 13. I don't have independent verification of their numbers, but in my own in-box I've seen a dramatic rise in the number of .PDF SPAM messages. We're already seeing more product that claim to deal with this sort of problem (oddly enough, Proofpoint has one of these products), and I think it's heading towards being a check-box requirement for any product that claims to provide e-mail security.
As if e-mail security weren't enough of a challenge to an IT staff, over at the Zero Day Security blog, Matt Hines fills us in on the amount of user silliness going on with FaceBook. It turns out that some people believe no one with bad intentions ever looks at Facebook entries. I like to call these blissfully ignorant people "victims". If they haven't been hit yet, they will. I can offer only sympathy to their security teams.
Posted by Curt Franklin on August 14, 2007 12:07 PM
April 16, 2007 | Comments: (0)
Preview: Reconnex 6.0 Endpoint Agent locks back doors on intellectual property leaks
I'm sure you don't need to be reminded of the consequences when confidential or personal data gets loose from your organization. If pressure from government officials isn't enough incentive to install a data leak solution, your stockholders will give you ample reasons if news of a breach hits the press.
Yet for any data protection system to be effective, it can't just scan e-mail or crawl file shares for suspicious content - a point I've suggested before. That's one reason why software agents are being added to the mix; they stop protected data from, say, being copied from laptops or desktops to removable media.
Based on a recent vendor briefing, the new Reconnex 6.0 Endpoint Agent appears to protect this third area -- data-in-use -- more meticulously than other products I've seen.
Like the competing products, there's a central server (the iGuard appliance) which is con-trolled by Reconnex's inSight centralized policy manager application. As I found in a past review of Reconnex iGuard, protection is comprehensive, including document fingerprinting that catches modified content and predefined policy sets covering most compliance regulations.
Now, policies recognize special capabilities of Endpoint Agent. For example, rules pushed to the agent software will discover unauthorized activity involving any removable media (including FireWire and SCSI external drives, Bluetooth connections, and printers). Once detected, the Endpoint Agent warns the user, logs the threat, and blocks file transfer if the policy specifies this action.
So far, so good - but competitive data leak products and agent solutions do much the same thing. With this 6.0 release, however, Reconnex seems to lead in preventing IP loss from public networks, such as WiFi hotspots or home networks. Put simply, the Endpoint Agent works like a baby iGuard when users are off the corporate LAN. For instance, if you are using Yahoo Mail while at your favorite Starbucks and try to send a restricted spreadsheet through their WiFi access point, the agent prevents the attempt. Importantly, Endpoint Agent reports all these actions to the central controller when you next connect to the corporate network. Incidents are later reviewed and analyzed with a detailed reporting system.
In general, Reconnex does a great job of inspecting every port and communication channel for breaches, including e-mail, Webmail, and instant messaging. The system also prevents unauthorized file encryption, and within your network, Reconnex even ensures unmanaged devices are protected by scanning stored data or newly created files.
Reconnex 6.0 Endpoint Agent
Availability: End of April 2007
Pricing: Starts at $25,000
Verdict: Reconnex 6.0 Endpoint Agent broadens data leak prevention to enterprise end-points, including removable media and mobile devices -- even if they are used on public networks. Beyond monitoring for leaks, the system educates users with warning messages and will block communications according to detailed policies. With these multiple actions and coverage of additional data exits, Reconnex seems to be one of the most complete data leak prevention solutions.
Posted by Mike Heck on April 16, 2007 06:25 AM
February 05, 2007 | Comments: (0)
Tripwire tightens grip on configuration changes
As the saying goes, change is good. But ... in IT it ought to happen under the strictest controls. Tripwire Enterprise 6.0 is designed to be a harsh mistress when it comes to detecting and preventing unauthorized changes, which can lead to any number of hazards, particularly the ones frowned-upon by executive and legal types. The new version of Tripwire, which was released on Monday, appears to be timed just right as IT outfits far and wide strive to implement a fully functional CMDB, the blueprint for how the entire IT infrastructure is structured and how the whole metasystem functions. But there's plenty of room for improvement when it comes to those shiny new CMDBs, just ask someone over at Gartner, which warned in recent a report that on the CMDB front there's tremendous room for improvement. Tripwire 6.0 now includes automated techniques to filter and classify changes, enabling IT staff to treat a change differently based on the type of system, type of change, and its level of severity. In this age of data security and segregation of duties, it's all about integrity. Stealthy monitoring, dashboard views and real-time alerts go a long way in helping to secure any loose cannons.
Posted by Richard Gincel on February 5, 2007 02:53 PM
January 31, 2007 | Comments: (0)
IBM on Wednesday touted software technology designed to enhance security and management in virtualized data centers.
The company's secure hypervisor architectyure, or "sHype," is designed to run in conjunction with commercial and open source hypervisors that control servers and data in a shared environment. The sHype technology is intended to provide a security wrapper around distributed workloads in the data center, extending mainframe-like security to pooled data and resources across multiple IBM and non-IBM systems, the company said.
IBM plans to introduce several technologies with sHype as part of a plan to offer secure and efficient data centers.
Portions of sHype are being used in the open source Xen hypervisor kernel.
Posted by Paul Krill on January 31, 2007 05:44 PM
October 06, 2006 | Comments: (0)
Critical MS patches coming Tuesday
The Big Redmondian Machine has announced that 11 patches are forthcoming next Tuesday, October 10. They include six patches for Windows, four for Office, and one for Microsoft .NET Framework.
Microsoft doesn't specify what vulnerabilities are being patched; just that the highest Maximum Severity rating for the Windows and Office set is Critical. The .NET Framework fix is Moderate.
One patch is expected for Internet Explore to fix the SetSlice vulnerability, which lets malicious hackers load identity theft Trojans and rootkits on infected machines. Redmond announced the flaw on Sept. 28.
Additionally, the company will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center. "Note that this tool will NOT be distributed using Software Update Services (SUS)," the announcement states.
Posted by Ted Samson on October 6, 2006 01:23 PM
September 22, 2006 | Comments: (0)
Test Center Tracker: The promise of virtualization
All virtualization, all the time:: The se-cret word in the Test Center this week has been virtualization. (So has the word exclusive, for that matter.) Paul Venezia got an exclusive opportunity to try out Scalent Virtual Operating Environment, a solution the company claims to be a truly adaptive datacenter. A bold promise? Perhaps, but the company has come pretty darn close. "Combined with a very attractive and usable Flash-based GUI, V/OE 2.0 is a glimpse of what a truly adaptive datacenter could look like."
Security at an unbeatable price:There may not be such a thing as a free lunch, but there such a thing as a free security tool, according to security-meister Roger A. Grimes. In fact, there's a bunch, and they're well worth the price of downloading (and more). You may not be seeing any nifty new freebies from Sysinternals, since Microsoft bought it a while back. However, Foundstone remains a great source. "Many of Foundstone's tools became instant computer security classics, such as Superscan (an excellent port scanner), Fport (a port enumerator), stress testing tools, and all sorts of malware scanners. These are programs and tools that Foundstone's own expert consultants and penetration testers use during security audits."
Live from Interop NYC: Geek-out-of-paradise Brian Chee isn't the only InfoWorld Test Center contributor at Interop NYC this week. Enterprise Windows columnist Oliver Rist couldn't resist the call of the network gear, either. Check out his Emerging Enterprise podcast from the event in which he talks about the state of the WAFS standard and shares some tips on hooking together near-remote sites with more than just T1 lines.
Posted by Ted Samson on September 22, 2006 06:00 AM
September 12, 2006 | Comments: (0)
Internet Security Systems' 2004 acquisition of Cobion netted content analysis software and a URL database that added another security layer to the company's Proventia G series security appliances. Today, the Cobion technology helped give birth to a full-fledged mail security appliance, the Proventia Network Mail Security System.
Available by the end of September, the Proventia mail security box combines anti-spam, anti-virus, content filtering, and something you don't see in competing products, intrusion prevention. Senior Product Manager Matthew Ward notes that ISS Proventia intrusion prevention systems are often deployed in front of Sendmail, Microsoft Exchange, IBM Lotus Notes, and even anti-spam devices, because all are afflicted by countless vulnerabilities.
The anti-virus defenses come in two forms: ISS's own behavioral-based Virus Prevention System (VPS), which promises zero-day protection against new viruses and variants, and optional signature-based protection from partner Sophos. Ward claims that VPS captures more than 93 percent of new viruses without a signature update. That includes spyware, trojans, and even rootkits.
As for the anti-spam module, Ward says it is 98 percent effective in identifying spam and phishing "out of the box," adding that you can tighten that down even further with additional tuning. (We're getting awfully close to 100 percent now.) "False positives are approximately one in ten thousand, or 0.01 percent," he says.
If those claims are true, then ISS's spam filtering would rank with the very best we've tested, which are the solutions from Proofpoint and Symantec (see the reviews). We hope to run Proventia through our spam gauntlet and provide the results by year end. Right now another latecomer to the enterprise anti-spam arena, Microsoft Forefront for Exchange Server, is on Logan Harbaugh's test bench. We should have that review for you in the next few weeks.
Like Proofpoint, Symantec, and some other mail security vendors, ISS is beefing up the content filtering to combat outbound risks such as leaks of sensitive information and private data.
"To a large degree we can do that today with lexicon analysis," says Ward. "But we are going to push further into that space by allowing you to configure sensitive directories and then be able to match content on those directories. One of the things this technology is good at is crawling a file share or server and categorizing data in there -- we do that all the time for the Web filtering. We can leverage that technology to classify and make a matching signature for data inside a proprietary document share, for example."
Posted by Doug Dineley on September 12, 2006 03:35 PM
August 31, 2006 | Comments: (0)
Test Center Tracker: Do DRM dreams come true?
New on the Reviews Docket: If you've got sensitive information floating around your company (and who doesn't), clamping down on who can read, edit, and share which documents is a must. Check out Mike Heck's review of two enterprise DRM solutions from SealedMedia and Liquid Machines that control document access and manage policy compliance.
Windows Marketplace Open for Business: Oliver Rist takes a stroll through the newly-refurbished Windows Marketplace in this week's installment of Enterprise Windows and likes what he sees -- well, some of it at least.
The Ever-Changing Vista: Looks like Vista's ship date is still blowing in the wind, despite Amazon posting dates of Jan. 30 yesterday. Want to reminice about Vista's past, including our examination of Longhorn Beta 2? Check out the Vista Special Report.
Blog Roundup: Paul Venezia is having fun with OpenVZ in The Deep End.
Brian Chee and the rest of the Geeks in Paradise out at the ANCL in Hawaii dig into NTP servers.
And Mario Apicella wonders on the Storage Network blog whether Napoleon would be an iSCSI fan.
Posted by Stephanie McLoughlin on August 31, 2006 10:46 AM
May 12, 2006 | Comments: (0)
nTracker 2.2 keeps tabs on laptops
It's not just data security that's a worry when a laptop is stolen. SyNET's nTracker Anti-Theft, upgraded to version 2.2 recently, helps with recovering the laptop.
A SyNET spokeswoman said more than 1,000,000 laptops reported lost or stolen each year on average, and 97 per cent are never recovered.
nTracker Anti-Theft 2.2 secretly e-mails its location to the owner, in under a minute of going online whenever the laptop (or any PC) has an IP address change, the spokewoman said.
The system uses a global directory of IP location addresses at ARIN (American Registry for Internet Numbers) available via a WHIOS query.
The spokeswoman said SyNET strongly recommends this info be given immediately to police "so they can contact the ISP directly and re-confirm the address through their internal tracking."
"There are no 3rd party monitoring centers or monthly subscription fees," she said.
In addition to the IP address, if the thief connects via dialup, the caller ID info is included in the tracking e-mail from nTracker, she said.
It's not found in Windows' add/remove funtion, or detected by antivirus or firewall programs, she said.
The company intends to deliver similar protection in coming months for cell phones and PDAs such as RIM's BlackBerry.
The nTracker Anti-Theft 2.2 software is $29.95 and available at CompUSA, Staples, Office Depot and Circuit City.
Posted by Mike Barton on May 12, 2006 04:56 PM
May 02, 2006 | Comments: (0)
Layer 7 enhances SOA security with 3.5 Security OS
Layer 7 Technologies has announced the 3.5 Security operating system for its SecureSpan family of Tarari accelerated XML Gateways and Firewalls.
The SecureSpan XML Gateway is a high performance XML security and networking appliance for Web services and SOA.
The 3.5 Security operating system adds new clustered policy and session features for enhanced scalability and manageability, as well as automatic policy replication, session persistence, and multigateway monitoring for simplified scaling and management of enterprise XML Firewalls.
Posted by Caroline Craig on May 2, 2006 08:15 AM