|
Security Threats of the
Future
Gerhard Eschelbeck explains how to tackle the
ever-shortening cycle between discovery of vulnerabilities and
exploitation.
A new
breed of automated, Internet-born viruses and worms has taught
security managers that relying on human action alone does not work.
In each case of recent damaging strikes, we've had advance warning -
weeks, even months - to prepare for known vulnerabilities. Yet
attackers still were able to hit hundreds of thousands of PCs and
servers, crippling vital businesses and services and causing other
havoc.The uncertainty of conventional, human-led security efforts
frustrates many security managers who are trying to guarantee
protection. New research analysing more than 3.8 million network
vulnerabilities during a recent 30-month period shows the
frustration is warranted. The data were a statistically valid sample
anonymously drawn from more than six million scans made by
Global 2000 organisations that were auditing network security.
We learned:
· Half-Life: the half-life of critical
vulnerabilities is 21 days on external systems and 62 days on
internal systems, and doubles with lowering degrees of
severity.
· Prevalence: 50% of the most prevalent and
critical vulnerabilities are replaced by new vulnerabilities on an
annual basis.
· Persistence: the lifespan of some
vulnerabilities and worms is unlimited
· Exploitation:
the vulnerability-to-exploit cycle is shrinking faster than the
remediation cycle. 80% of worms and automated exploits are targeting
the first two half-life periods of critical
vulnerabilities.
These 'laws of vulnerabilities' describe the
effects of human-based security efforts, and the persistent ability
of attackers to gain full control of systems - including access to
highly sensitive information. Resolving issues revealed by this
research requires understanding the causes and means for prevention.
CIOs, chief security officers, network managers, IT managers, and
security specialists should consider new trends in attack
technology. Exploitation is
becoming faster with the aid of new
automated attack tools that require no special skills for operation.
The most effective way to thwart these challenges is to supplement
security efforts by humans with automated defences.
Taking
Charge With Automated Defences The implications
of persistent vulnerabilities and hyper-propagation require
addressing network threats in a new way. In the past, the
discovery/attack lifecycle curve was one or two years
from
advent of discovering a vulnerability to widespread exploitation.
Urgency is now rising from a shorter discovery/attack curve - SQL
Slammer happened six months after discovery, Nimda was four months,
Slapper was six weeks, Blaster came just three weeks after news of
the vulnerability, and the Witty worm struck the day after
announcement of the vulnerability. The most recent attacks happened
faster than any possible human response.
Threats of the future
require security managers to make an equal-force response to
automation tools used by attackers. Automating defence strategies
include:
§ Regular Audits of Security Systems: new automated
audit solutions delivered over the web identify everything
susceptible to attack, identify and prioritise vulnerabilities, and
match them with appropriate remedies, such as patches and new
security-device configuration settings.
§ Keep Antivirus
Software Up-to-Date: server-based solutions allow automatic scans to
ensure systems are protected against older, persistent
vulnerabilities.
§ Timely Patch Management. This is a
critical process requiring manual implementation, but automated
audit scanners can keep security managers posted on which systems
need urgent care and facilitate remediation.
§ Ongoing
Evaluation of Security Policy. Trend analysis with automated
scanning solutions provides data for ensuring that security systems
help meet the ever-changing nature of attack threats.
In
summary, network security attacks are increasing in number and
sophistication. Research demonstrates that many vulnerabilities
linger, sometimes without end. New attacks are capable of spreading
faster than any possible human response effort. The timely and
complete detection of security vulnerabilities with automated
techniques and rapid application of remedies is the most effective
preventive measure security managers can use to thwart automated
attacks and preserve network security.
Gerhard Eschelbeck is Chief Technology Officer and VP of
Engineering for Qualys, Inc, www.qualys.com
....................................................................................................................................
Top of
Page
The
Impending Death of Tape is a Myth
Semar Majid discusses the importance of innovative tape
technology and why this media still remains today, an essential
aspect of storing business critical data.
How can
a robust storage architecture integrate disparate elements including
high availability, backup and restore, total cost of ownership,
reliability and disaster recovery? The answer is tape. Tape
technologies have been meeting customer demands for backup,
restoration and archiving for over 50 years. Despite alternative
technologies being introduced, tape continues to be extremely
popular with businesses and data centres both large and small,
evolving alongside the ever-increasing demand for storage. Tape
media and cartridges have changed dramatically over the years as
improvements continue to be made across virtually every physical
parameter, all continually increasing capacity on a single
cartridge. 
Over a
one-year period the data spends over 8,000 hours in the tape
cartridge, so it is vital
for the media to store and protect
data safely over many recurring lifecycles. Precise data
reading
and writing is critical, and prevention of debris entering the
cartridge, tape layer
slippage and protection of servo and data
tracks is therefore essential. While some have
been predicting the demise of tape as a viable storage medium, it
remains
the most cost-effective, flexible and scalable medium
for high-capacity, long-term and backup data storage. Indeed, tape
is being used far beyond the traditional batch processing and
backup/restore functions. It is becoming an increasingly integral,
mission-critical,
interactive, near-online storage medium. Data
stored on tape is often defined as a value-added proprietary
corporate asset. Today, tape technology offers capacity and
performance that, a decade ago, was inconceivable. In terms of
performance, the new technology means faster access times, and tape
storage drives and media are generally less expensive on a
per-gigabyte basis than disk or optical storage.
Storage
area networking (SAN) is a growing trend enabling users with open
systems environments to pool their storage instead of dedicating
storage for each server or application. By putting tape drives on
the storage network, any server can utilise tape resources on the
SAN, allowing back up of more servers with fewer tape drives. Tape
virtualisation technology involves the use of a disk cache
partitioned into logical tapes as a target for tape operation, and
this is common practice in many data centres today. Virtualisation
allows for faster read/write access, more efficient tape management,
higher access and availability, and multi-user access to files.
Effective tape management clearly requires understanding the
importance, the value, and strategic role of tape storage - it is
vital both to the overall operations and long-term health of a
business. In addition, tape is easily transportable, ideal for
off-site archiving and a critical part of any corporation's
disaster-recovery strategy.
Half-inch tape technologies continue to be the most
cost-effective solutions for storing and
backing up data as tape
cartridges continue to increase in capacity, transfer rates, and
compression ratios. Due to a substantial cost advantage over
disk-based storage, the industry has also started using tape for
primary storage of large databases, near-line record retrieval in
customer service environments, and temporary database expansions.
Without doubt, the 'death of tape storage' is a myth, and tape is
set to continue to play a pivotal role in the growing requirements
for data storage, backup and archiving for years to come.
Semar Majid is technical marketing executive at Imation,
www.imation.com
.....................................................................................................................................
Top of
Page 
Corporate
Governance
Michel Clement asks whether your staff know enough to
keep you out of jail.
In the
recent high-profile accounting scandals, corporate governance has
become the subject of intense international scrutiny and debate.
Solving the complex, entangled issues of making corporations more
transparent, accountable and answerable to stakeholders has become a
global challenge. Yet, while a great deal of
emphasis has been placed - and rightly so - on promoting responsible
corporate leadership, far less consideration has been given to the
mechanics of bringing a large, geographically dispersed organisation
into compliance. Multinational companies with diversified holdings
around the world must meet the requirements of multiple governments
and regulatory bodies, each with its own reporting criteria, forms,
timetables, languages and currencies. And owing to this rapidly
changing regulatory environment, employees may be committing
breaches of security, confidentiality, business ethics or industry
regulations without even knowing it, while following time-honoured
business procedures. It is after all people, not businesses, which
fail to comply.
Corporate Governance extends beyond the province of the
boardroom and executive suite.
It is virtually impossible for
any organisation to achieve compliance with all the standards
demanded of it unless every employee has the necessary skills,
capabilities and training to
undertake their respective duties
in accordance with legal and ethical requirements.
Education is key. In the past, new employees either were
given on-the-job training by other
employees or put through a
formal training program. Companies now are realising that it is
dangerous to presume that an adequate transfer of knowledge and
skills occurred. Does the
new bookkeeper understand the
ramifications of Sarbanes-Oxley? How much of two days of
intensive training is retained? Was the company's code of ethics
given the weight it deserves?
While
traditional methods of training still have a place in the workplace,
compliance requires
a more systematic, frequent and
well-documented approach. For many organisations, the best way to
train and monitor the entire workforce regularly is through
web-based training, which can be linked directly to the human
resource management system. With employee information stored in one
place, training can be tailored to job descriptions, skill
requirements and compliance responsibilities. For example,
self-guided web and computer learning can be used for the
dissemination of general information enterprise-wide, while costly
instructor-led classroom instruction can be reserved for specialised
occupational and managerial training. Indeed, research firm Gartner
Group estimates that, by the end of 2004, more than two-thirds of
global top 1000 enterprises will include e-learning as part of a
formal Business to Employee (B2E) initiative.
To be
clear, compliance cannot occur in an information vacuum. Therefore,
it is the company's responsibility to inform employees and external
suppliers and subcontractors of their regulatory obligations, the
'due diligence' that must be performed to meet requirement, and the
potential risks and liabilities of non-compliance.
The
issues surrounding corporate governance are vast and complex, but in
implementing a
comprehensive, web-based human-resource
management system, companies have a good start. Global research is
establishing a direct link between human capital management and
shareholder value. By leveraging the intellectual capital and skills
of its employees, an organisation can drive new efficiencies and
create lasting competitive advantages. A motivated, well-trained
workforce is more likely to produce quality services and products,
which will engender brand loyalty and customer retention. Moreover,
in today's cautious investment climate, the run the company, the
greater the funding opportunities. Corporate governance, managed
across your workforce, is a sound investment.
Michel Clement is Senior Director, Alliances and
Channels, at Oracle EMEA, http://partner.oracle.com
......................................................................................................................................
Top of
Page
Layer 7
Switching
Steve Broadhead asks whether this is a niche product or
universal technology?
Networking, and Ethernet especially, has seen several stages
of evolution over the past 25 years.
From a
bus-based, coaxial-cabled topology it has developed into what we
have today, with many groundbreaking highlights along the way. One
example is when the Ethernet switch was introduced, another was the
introduction of Fast Ethernet, and then Gigabit Ethernet and, more
latterly, 10-Gigabit Ethernet, with 40-Gig around the corner. So
when will this bandwidth explosion stop?
The answer is that, one
way or the other, it probably won't. And, as Ethernet moves onto a
higher bandwidth platform each time, so the price per megabyte
of that bandwidth falls, often
dramatically. But is it really as simple as just buying bandwidth as
cheaply as possible, or is there more to consider when looking at
creating a contemporary Ethernet network? Well, yes there is. The
old classic 'throw more bandwidth at a problem and it'll go away'
never has worked in either the medium-term or long-term, and
certainly will be less and less effective as the applications
themselves are getting smarter. Traffic control and optimisation are
therefore more important than ever, whatever the bandwidth
availability, especially when you're dealing with something as
unpredictable as a web traffic, for example, and often relatively
low-bandwidth WAN links adding further potential bottlenecks.
Witness
the many and famously documented outages that major service
providers and portals have suffered from time to time when a huge
story breaks on the Internet, or how even the biggest enterprises
suffer when worm and viruses hit the Internet, and you see why
control and reliability are key to ensuring connections stay hot and
users' tempers stay cool - and to ensuring that service providers
and enterprises of all types stay in business. Hence, the emergence
of Layer 7 switch technology, which filters web traffic, accelerates
performance and keeps the Internet terrorists at bay
simultaneously.
But, to
date, all the Layer 7 products have been aimed at either service
providers, storage
solution providers or the major corporate
business. Yet, as well as enabling enterprise
applications to
run at usable speeds and ensuring an ASP's hosted service stays up,
this
technology is also designed to simply - but very
effectively - reduce the amount of TCP
requests hitting the
servers and thereby extending the life of those servers enormously -
a
feature that pretty well any business with two or more servers
could benefit from. Within the
confines of Broadband-Testing
labs we've witnessed server performance improvements close on 3000%
(yes, 30 times) by front-ending them with Layer 7 technology, from
the likes of F5
Networks and NetScaler.
So is it
a cost thing? Well, the vast majority of the products are hardware
based, which
immediately creates a price hike problem. One
answer therefore may lie in providing
software-only solutions
that you can run on a 'vanilla' server. This is one approach being
taken by new Layer 7 kid on the block, Zeus, whose background is
in providing web server
technology - the software, not the
hardware - so Layer 7 traffic management is a natural
extension
of this initial direction. The company believes that it can offer a
software-only
solution for a fraction of the dedicated hardware
solutions being offered by most of the
vendors in this market.
Importantly, this then offers traffic management solutions to a
whole
new small-to-medium enterprise market who can finally take
advantage of the performance
improvements, reliability and
server cost savings that this technology brings. Are we about to
see a new trend emerging? If so, then it's not before
time.
Steve Broadhead is Founder and Director of
Broadband-Testing, an independent test lab, based in the south of
France, www.broadband-testing.co.uk
.......................................................................................................................................
Top of
Page
Grid Computing: Hype or
Reality?
Stein Surlien says that Grid Computing is the most
talked-about subject in IT, but what is it and should channel
partners be concerned?
Over the
last couple of years, a major focus by companies has been on how to
make more efficient use of their IT systems. Many companies have a
number of disconnected systems, built up over time, which by their
very nature make inefficient use of IT resources. Worse, such
systems are expensive to maintain and time-consuming to update.
Research ('Beyond Infrastructure', QNB Intelligence, October 2003)
confirms many companies simply buy more, or more powerful, hardware
when servers get near capacity, rather than seeking ways of using
current resources more effectively.
Companies are beginning to speak out, as they're not happy
with wasting resources - they're
looking for an alternative.
Grid Computing has created a buzz because it is the alternative.
Why?
· It provides an adaptive software infrastructure
that makes efficient use of low-cost servers and modular storage,
balancing workloads and providing capacity on demand.
· Scaling out with small servers in small increments
provides flexibility, performance, and reliability at
low-cost.
· New unified management enables you to manage
everything cheaply and simply.
Imagine that a company
needed additional computing power to complete end-of-year tax
reports. Rather than purchasing additional hardware, Grid allows
surplus processing power from another site to be harnessed. In the
same way that plugging into a mains socket provides instant access
to a pool of electricity, so Grid will do the same for
computing.
Smart Channel Partners Adopt Grid
Computing
Make no mistake, customers are increasingly
demanding efficient IT solutions, and wise partners are adopting
Grid technologies. But what role does the channel partner play in
Grid?
Today, system integrators and major hardware vendors are
already working with companies to ensure they carry out the three
steps to Grid Computing.
· Standardisation on low-cost,
high-density modular servers and storage based on technology such as
Intel Itanium processors, blade servers, Linux or
Windows.
· Consolidation of clusters of servers and storage
shared among one or more data centres.
· Automation of all
day-to-day management tasks, enabling a single administrator to
handle hundreds of servers simultaneously in clusters.
Major
strategic implementations aside, there are opportunities for VARs to
offer customers
packaged bundles with 'out-of-the-box' Grid
solutions, tailored for specific verticals. ISVs
offering these
vertical offerings can validate their solutions on the Grid
infrastructure.
After-sales support is another area of opportunity. Technical
agreements between vendor and
partner provide customers with a
single point of contact, ensuring customers achieve optimum
performance from their Grid.
With
Grid Computing set to be a 'disruptive' technology, just as the
Internet was - it
fundamentally changes the way things are done.
The early days of the Internet saw an outburst of hype, from which
it is only now beginning to recover. But the fundamental truth is
there - the Internet has changed everything. Similarly, there is
hype around Grid Computing, but without doubt it is on the same path
as the Internet.
This
path is a journey, and probably not a short one, but a journey of a
thousand miles begins with a single step. Over the next months and
years, more and more companies will join those who are already
several steps along the way to realising the enormous benefits from
Grid Computing. The channel partner that ignores Grid Computing
today does so at their peril.
Stein Surlien is Vice President, Alliances and Channels,
at Oracle EMEA, http://partner.oracle.com
.........................................................................................................................................
Top of
Page
IP
Telephony
Andrew Saunders explains how IP telephony can create the
virtual enterprise cost-effectively.
Teleworking is one of the main applications supported by IP
(Internet Protocol) telephony. IP
enables you to sit down with a
telephone handset and a PC, and connect seamlessly to the
enterprise telephone and data network, whether you're at home,
in a hotel, or anywhere else in
the world with a broadband
Internet connection.
For the
individual worker, an IP handset is a way to save some of the time
and frustration of
daily commuting and frequent business travel,
and so achieve a better work/life balance. For
employers, an
IP-enabled communications system dramatically reduces the cost and
improves the efficiency of workers at home and in the field, of
communication between branch offices, and of communications
infrastructure within each single site. It is also the key to
cost-effective
'informal' call-centre environments made up of
remote teleworkers located anywhere in the world.
We like
to think of this flexible, seamlessly connected network of head
office, branch office,
home-office and field workers as the
'virtual enterprise'.
A
'virtual enterprise' solution allows a home or remote worker access
to the central
communications system simply by plugging an IP
handset into either an ADSL/cable modem or the USB port on an
Internet-connected PC. The IP terminal automatically establishes a
connection with the host communications system, which then treats
the remote worker just like any other extension - with direct
routing of incoming calls, access to phone settings and voicemail,
and toll-free calls to any other extension on the system. Using a
speakerphone, remote workers can be paged from the central system,
and even hear others being paged, creating a realistic 'virtual
office' environment.
Cost
savings associated with an IP communications system vary according
to the circumstances of the user. Samsung's own experience of IP
enabling 10 members of its external sales force with OfficeServ IP
has reduced fixed-line costs from an average 90 Euros in call
charges to just 33 Euros per person per month in ADSL service
charges - not including the even larger savings on mobile phone
bills. Communications costs are no longer dependent on individual
phone bills, but are a fixed cost.
An IP
communications system also enables highly cost-effective 'virtual
call centre'
implementations, with ACD (automatic call
distribution) software routing calls to both in-house
and remote
employees. CTI (computer-telephony integration) client software
installed on a remote PC gives remote workers exactly the same
call-centre environment as at the main site. The 'virtual call
centre' can be extended worldwide: a European company could employ a
home worker in, say, Australia to cover incoming calls at night,
totally free from call forwarding charges.
Nowadays, an increasing number of IP communications systems
support the next-generation
Internet standard known as Session
Initiation Protocol (SIP), and are therefore ready and
waiting
to support new SIP applications as they are developed. From simple
yet useful features like free-hand text messaging between on-site
and remote system users, to presence management applications that
will reach any device with any type of message, anytime, anywhere,
the SIP-enabled future will bring voice and data together as never
before.
Andrew Saunders is Head of Product Marketing at Samsung
Business Communications, www.samsungbusiness.com
..........................................................................................................................................
Top of
Page
Storage Feature starts
here.........
Keep Your
SANity
Alan
Russell identifies where SAN productivity is failing and what
organisations can do to get more from their SANs.
In an
effort to gain advantage over the competition by enhancing SAN
(Storage Area Network) performance, organisations are investing
millions of pounds into high-performance SAN environments. But, to
deliver these high performance benefits around the clock, SANs must
be easy to configure and manage.
However, many organisations are
simply not reaping SAN's full benefits, which directly affect their
ROI. Typically, organisations are unaware of the SAN's actual
performance and utilisation levels - and this leads to further,
often unnecessary, investment in their infrastructure. As
organisations become more aware of the specific usage of the SAN, so
they enable the re-deployment and re-zoning of existing equipment.
The result is a dramatic saving of hardware costs and resources that
would have been required to implement additional kit.
Cure is
one thing, but prevention is quite another, especially when it comes
to productivity
and cost. As long as they know how 'healthy' the
SAN is, organisations can be warned about
potential problems
before they arise. However, many are still waiting until a major
problem
occurs, resulting in possible downtime, stress and
pressure on IT staff and, of course,
increased financial cost.
Simply by knowing the state of the SAN, problems can be efficiently
located and diagnosed, eliminating unnecessary time spent fault
finding.
Rapid
expansion without control makes it very hard to know what is
actually out on the SAN.
Therefore, it is vital to have a full,
dynamically updated inventory of the SAN, detailing
active ports
and available switch ports - and this gives the ability to plan
expansions. The
trend currently, is still to enter the data
manually into a spreadsheet, which is dependent on
the
information being initially accurate, and places another
time-consuming administrative duty
on an already-overworked IT
department. Something as simple as a SAN topology diagram gives the
ability to see the state of the SAN within seconds, enabling more
specific capacity-expansion questions to be answered.
Kodak
Service and Support provides a 'SAN-ITY' check, providing an
independent SAN review from a global organisation with highly
trained professional storage specialists. Kodak is not selling
hardware or software in the 'SAN-ITY' check - instead, Kodak is
offering a full SAN audit to identify all the SAN devices and host
bus adaptors, and provides a SAN topology diagram. Kodak then
implements a full performance review to establish the SAN
performance over a fourteen-day period and identifies the highest
and lowest utilised ports.
Organisations must realise that SAN for SAN's sake is not the
answer. Ease of management of a heterogeneous environment is a must,
and now a reality, for organisations seeking increased
performance and reduced costs to beat their competitors.
Alan
Russell is Storage Manager at Kodak, www.kodak.com
..........................................................................................................................................
Top of
Page
Stark Chooses
ExaStore
Michael Chazot 
......to speed workflow, increase reliability and save
costs.
Stark
Digital, GmbH, a leading graphic arts house in Pforzheim, Germany,
was looking for a low-cost, highly reliable solution to manage its
workflow of more than 10,000 pages per week, in all file formats.
Stark required a system that would allow workflow to be managed on a
network-wide basis. Operators were storing large files directly onto
their hard drives, which saved time, but decreased reliability and
redundancy for overall job efficiency.
"We
looked at EMC and Network Appliances' storage options, in addition
to custom solutions offered by system integrators," said Joerg
Weippert, Stark's Technical Director. "We chose Exanet's ExaStore to
replace our storage islands and create a single storage solution
working in heterogeneous network for our Artcom and the RIPs (Raster
Image Processors).
"Now, because of ExaStore's speed, operators are
working directly within ExaStore instead of
saving files
locally, while all RIPs are getting their data directly from
ExaStore to produce
the plates," continued Weippert. "In terms
of performance and workflow, this was not
before."
The
entire Stark group consists of five companies and 350 employees.
Stark Digital concentrates on production of digital plates for both
internal users and for outside printers. Stark uses the ExaStore
solution as both a production server and file system server,
managing data of 10,000 pages per week, consisting of 80 percent
PDFs, native data files from Quark, Photoshop, TIFFs, or
CTLWs.
"ExaStore is the only next-generation data storage solution
designed and tailored specifically
to meet the needs of the
graphic arts industry including support for Apple, Windows, Unix,
and
Linux, and provides the standard file system APIs: NFS, CIFS
and AFP to applications," said
Michael Chazot, Exanet's Vice
President of Sales. "We now have ExaStore installations at some of
the largest pre-media and printing companies around the world, and
our customers have experienced significant productivity improvements
among other benefits".
"100%
uptime is crucial for Stark's business continuity and will be even
more crucial in the
future, as we plan to expand very heavily,"
said Weippert. "We chose ExaStore because of its
high
availability and reliability, management capabilities, native AFP,
load balancing and high
performance, which ensure our business
continuity, and because, as our storage needs increase, ExaStore's
scalable architecture will allow us to add servers and RAID arrays
without any planned or unplanned downtime."
"After a
short period, the investment will complete its ROI by delivering
more security,
reliability, and performance. The system's
ability to scale flexibly to any dimension using
hardware
components with the best price and performance will continue to
decrease costs. Going with ExaStore also provided us with immediate
cost savings, as it prevented us from continuing to invest in our
other file servers and its self-healing system ensures that all
current
software and hardware are running at an optimum, 24x7,"
Weippert concluded.
Distributed worldwide in the graphic arts industry by Kodak
Polychrome Graphics, ExaStore is
used in publishing plants
across Europe including, for example, Burda and Interoute in London,
UK.
Exanet, www.exanet.com or call ++44 (0) 870 240 2094
Top of
Page |
