Enterprise IT Watch Blog


December 9, 2010  9:03 AM

Members Decide: The best of network security

Melanie Yarbrough Profile: MelanieYarbrough

Network security is one of those topics where everyone has an opinion, but there’s no way to know what’s right until you try it. We’ve tried to alleviate the need to frantically practice trial-and-error on every last network security product for the enterprise by polling IT Knowledge Exchange members. And here’s what you had to say: Continued »

December 7, 2010  4:34 PM

Juniper Networks acquires Altor, expands network security offerings

Melanie Yarbrough Profile: MelanieYarbrough

While most people fret about the hundreds of dollars now on their credit cards for the holiday season, Juniper has dropped $95M for Altor Networks, a virtualization security vendor. This partnership is preceded by the companies’ previous involvement with one another, providing virtualization services and technology to the enterprise. Mark Bauhaus, executive VP at Juniper Networks, says that the acquisition is part of Juniper’s goal of expanding its data center and cloud security offerings:

[It] will enable customers to deploy a consistent set of security services across their physical and virtual infrastructure, while delivering lower TCO.

This is Juniper’s second acquisition in the past two months, after the $152M acquisition of Wi-Fi vendor Trapeze Networks. The goal is to expand what executive VP of Fabric and Switching Technologies David Yen calls its “end-to-end networking product portfolio.” And it seems that joining forces with Altor is a means to that end, adding introspection technology as well as policy and compliance aspects for the entire enterprise or virtualized data center infrastructure.

With competitors such as VMware and Cisco also creating extensions from physical to virtualized systems, is the acquisition enough for Juniper to keep up?

Melanie Yarbrough is the assistant community editor at ITKnowledgeExchange.com. Follow her on Twitter or send her an email at Melanie@ITKnowledgeExchange.com.


December 2, 2010  11:56 AM

Marines Respond: “Corps’ networks are secure”

Michael Morisy Michael Morisy Profile: Michael Morisy

Following up on our piece explaining how to access certain Marine Corps’ password-protected materials, we received another e-mailed response to a few of our questions which shed a little on the situation. In addition, in a surprisingly transparent move, password protection was completely removed from many of the documents. We should note, however, that while the e-mail below states no documents from after 2005 were available, we found one (unclassified) manual from October 2007.

The e-mail in full below.

Continued »


December 2, 2010  9:44 AM

The keys to stopping the next WikiLeak from sinking your company

Michael Morisy Michael Morisy Profile: Michael Morisy

WikiLeaks’ data dumps have been called “unprecedented” a number of times in the past few weeks and months, as hundreds of thousands of pages of once internal documents have found their way to the web. Unfortunately, data leakage is nothing new, and has cost millions if not billions over the years in stolen identities, lost revenue and fines. What is new is how the data leakage has been disseminated: Not over shadowy back channels or black markets, but out in the open in the public eye. WikiLeaks now seems poised to give the same treatment to a private company, but even if they weren’t, someone else will or already is using similar attack vectors at major companies around the world. The only difference is that in the WikiLeaks case, the public is made well aware of it after the fact.

Here are some tips to helping minimize possible damage on your own network.

Continued »


December 1, 2010  9:12 AM

Data Center Round-Up

Michael Morisy Melanie Yarbrough Profile: MelanieYarbrough

Buy versus Build Dilemma

Users responded with a middle-ground instead: Buy existing unused space and build within. Technochic’s company removed the raised flooring and installed chimney racks. Now they’re able to install racks as they go, saving money on cooling costs and diminishing the initial investment for a new data center space. Labnuke99 had a similar experience finding that happy middle ground; now his company has a personally owned, designed and managed solution without the monthly cost of a data center lease.

Who knew that Goldilocks was about data centers…

Consider This

So many aspects of operation fall under the data center’s jurisdiction. How do you wrap your head around a task as daunting as designing and developing a data center? IT Knowledge Exchange members didn’t even flinch at this one, instead offering great insight and a spectrum of concerns necessary to creating an efficient data center checklist.

Green is the new black when it comes to data center operations, so be sure to consider how to improve your current cooling costs and methods. Every decisions affects another decision: Your backup methods and policies affect the amount of power your servers need which affects cooling costs. Then there are more fundamental checkpoints such as ensuring that the new data center is compatible with existing hardware and software.

Member BigKat got specific, listing the necessary nitty gritties: Regularly updated list of hardware and software, including model and version numbers and vendors’ contact and contract numbers; procedures for requesting and installing temporary keys to authorize new computers; and an up-to-date list of in-house IT contact information for support.

Rechil and StevenG7 emphasized the importance of KISS: Keep it simple, stupid. Steve lived it:

I was involved in the design of a large “simple” enterprise data center 12 years ago; in 12 years the total downtime (both scheduled & unscheduled) was about one hour. It was replaced by a new “tier 3″-class data center costing 20 times more and 20 times more complex; and it’s 20 times less reliable. (During a t-storm this summer, none of the 3 redundant generators could be started; it took 7 hours to restore power to the floor). It is so needlessly complex that none of the designers or vendors have been able to figure out why it is so unreliable.

Carlosdl was kind enough to compile some great resources from right around ITKnowledgeExchange:

IT Answers

Guides

Vent Session: Data Center Edition

From bosses to lack of foresight, it seems the main hindrance in the data center (and all of IT) is money. Whether you’re building a new data center or managing a well-seasoned one, looking ahead to problems that may snowball will be your best pathway to cost-efficiency.

Still Want More?

Check out these data center pros on Twitter for updates and resources:

@datacenter: Google anything on the data center these days, and chances are you’ll get a handful of links to Data Center Knowledge. Check out Rich Miller on twitter for bite-sized updates on all thing data center.

@DataCenterGuru: Gabe Cole on data center design, development, financing and operations. What more could you ask for in 140-character bits?

@datacenterpulse: For multimedia updates on what’s going on in the data center globally.

@DCThinkTank: Hang out and chat about what’s going on in data center news all over the world and the Internet.

@ecoINSITE: Green data centers are all the rage. Get the latest info and, well, insight.

Or check out some of the lists from @DataCenter for specific groups of data center-related information:

Melanie Yarbrough is the assistant community editor at ITKnowledgeExchange.com. Follow her on Twitter or send her an email at Melanie@ITKnowledgeExchange.com.


November 30, 2010  9:59 AM

Google Cache is the new WikiLeaks

Michael Morisy Michael Morisy Profile: Michael Morisy

While WikiLeaks has been garnering headlines for leaking tens of thousands of pages of sensitive documents, there’s a quieter internal leaker that has so far gone unnoticed: Google Cache and lax security practices at the United States Marine Corps. Thanks to an anonymous tipster, we discovered dozens of  internal documents (and possibly many, many more) available to anyone via the simple Google Query: “site:cio.usmc.mil“.

What the results show are various documents, presentations and other files that are tucked securely away on the United States Marine Corps’s IT servers … unless you click for the Google Cached version which often shows you a complete copy of the spreadsheet, PowerPoint or Word document. Sometimes the Cached version calls on an image still on the military’s secure servers, but simply clicking “Cancel” when prompted for a username and password takes you to the un-redacted documents. It’s basic Google Hacking at its most elementary, and more advanced cyber sleuths might find more.

While we didn’t see any classified or highly sensitive documents in our own searches, we did find:

Continued »


November 22, 2010  1:00 PM

Data center in a box: Want fries with that?

Michael Morisy Michael Morisy Profile: Michael Morisy

It’s been a common sight at trade shows for a few years now: The data center in a box, letting the proud owner haul 2000 cores or petabytes of data around the country on a moment’s notice in a utilitarian, affordable package. Sun’s sells themMicrosoft’s got ‘em and Intel’s been pushing a data center-in-a-box standard to chop prices and, presumably, stuff more of its chips in them.

Data centers-in-a-box are a nice, tidy package, as Jeremiah Owyang explained when the products first cropped up a few years back:

This first one is the new Sun Data Center in a box, called Project Blackbox seen on 237 in East Palo Alto. This data center is what marketers call a “Solution Sell” when you bundle up services, hardware, software and support and repackage and apply to a business pain. These data centers contain web services, routers, networking equipment, storage, and sometimes remote power. You just plug it in for remote locations, high growth areas, or even for disaster computing needs (if your primary data center goes down, drop one of these in asap).

The products are relatively inexpensive, dependable, predictable and come in the same packaging each time. In other words, a lot like fast food. And like fast food, Continued »


November 22, 2010  6:21 AM

Start from scratch: Data center security policy template

Kevin Beaver Kevin Beaver Profile: Kevin Beaver

Security policies are all too often made to be overly-complex and difficult to manage. Done incorrectly,  policies can hinder more than they help. If you’re looking to pull together some security policies for your data center or elsewhere inside your organization, here’s a template you can use to help clarify what’s expected of everyone involved:

Introduction: A brief overview of the topic.

Purpose: The high-level strategy and goals of the policy.

Scope: The departments, employees and systems that are covered by the policy.

Roles and responsibilities: Who is involved and what each person must do to support the policy.

Policy statement: The actual policy outlining what can or cannot be done.

Exceptions: The departments, employees and systems that are not covered by the policy.

Procedures: Specific steps on how the policy is being implemented and enforced. Key word here is “specific.”

Compliance: Metrics and other methods used for measuring adherence within the policy.

Sanctions: Consequences for policy violations.

Review and evaluation: Specifics on when the policy must be reviewed for accuracy, applicability and compliance purposes (i.e. HIPAA/HITECH ACT, PCI DSS, state breach notification laws, etc.).

References: Regulatory code sections and information security standards that the policy quotes or references.

Related documents: Other policies, procedures and security standards that relate to the policy.

Revisions: Ongoing changes made to the policy document.

Notes: Anything else that can help with future policy administration.

Kevin Beaver is an independent information security consultant, expert witness, author, and professional speaker with Atlanta-based Principle Logic, LLC and a contributor to the IT Watch Blog. You can reach Kevin through his website at www.principlelogic.com and follow him on Twitter at @kevinbeaver.


November 19, 2010  6:23 AM

Data centers are fair game for policies, too

Kevin Beaver Kevin Beaver Profile: Kevin Beaver

When we think of security policies, visions of “acceptable use” and “passwords” often come to mind. But policies are much more than that – especially considering the complexities associated with data centers. Policies outline this is how we do things around here regardless of the specific topic. When it comes to information security and managing data center-related risks, there are numerous policies that could apply:

  • Access controls
  • Audit logging
  • Authentication
  • Key management (you know, those old-fashioned physical keys you use to lock and unlock stuff in your data center)
  • Media disposal
  • Mobile device encryption
  • Web security (for your CCTV management system, UPSs, KVMs, etc.)
  • Wireless networks

You don’t necessarily need to create dedicated policies on these topics just for the data center. Instead, simply include the data center and related systems within the scope of the appropriate policy. This will keep your number of policies to a minimum and simplify policy management. Given all the headaches, politics and technical complexities of managing a data center, the last thing you need to do is create more stuff to keep up with. In a follow-up post, I’ll outline a security policy template that can work well in this situation.

Kevin Beaver is an independent information security consultant, expert witness, author, and professional speaker with Atlanta-based Principle Logic, LLC and a contributor to the IT Watch Blog. You can reach Kevin through his website at www.principlelogic.com and follow him on Twitter at @kevinbeaver.


November 18, 2010  3:20 PM

AS VMware moves into data centers, worlds collide

Michael Morisy Michael Morisy Profile: Michael Morisy

“I think data center manager is a mislabel,” the IT manager tells me. It’s a surprising statement, since he’s actually in charge of managing a data center. But he insists.

“It’s server management. The fact that they live in a data center … It’s just marketing stuff.” He won’t let me use his name, but this IT manager – we’ll call him Frank – has the credentials to talk. He works at a big organization that produces a lot of data.

“What two years ago was a one or two terabyte allocation request is now a 10 or 30 terabyte allocation,” he said. Storage may be cheap, but it’s not cheap in those quantities, and so he’s now forced to tell departments to re-run simulations and tests because it’s actually cheaper to spend the thousand dollars to re-run the tests than to store than 10 to 30 terabytes … forever.”

Continued »


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: