Recent announcements from HP,IBM and Sun all foretell a new and evolutionary concept in IT. The underpinning of this concept is the remolding of the vertical silos of technology within a company into a horizontal structure based on business imperatives. In the new world of IT, the main business tenets of the corporation become intertwined with the technology to form an operationally cohesive structure that will help a company achieve its revenue and profit goals. In this way, IT finally will return to its roots as an integral business profit tool rather than a business expense.
Too often in business presentations, the network is alluded to as a "cloud" but never made a part of the business integration effort. While the computing industry has focused on meeting customers' needs for application integration and increased availability the network industry has remained out of touch with customer demand.
The network community must begin to realize that it is not the center of the IT universe, but only a segment of its operational processes. Network applications, including management, operations, signaling, convergence and security; should be developed and interface with one another using software industry standards rather than proprietary network standards. Just like the TDM, hardware-based PBX, so should the software-based Internetwork Operating System become a proprietary networking legacy. Open standards "rule," with Linux becoming an operating system of choice for embedded systems and a viable option for servers, and XML-based messaging the lingua franca of all applications. Integration of legacy applications, databases, development tools and even operating environments now can be accomplished using XML.
Advertisement
Heterogeneity is a way of life in IT. The new world of IT will kick it up a notch by taking the concept of heterogeneity into hybrid architectures of customer-owned applications networked with third-party services or partner equipment and software. IT environments such as IBM's on-demand architecture will not only accommodate legacy or hybrid structures, but also exploit them using XML.
Another tenet of the new world of IT is virtualization. One cannot implement this concept correctly without an optimized network. The IT community never addresses network issues such as latency. The assumption is that the customer's transport bandwidth is infinite, always will meet demand and availability and network techniques such as caching or quality of service (QoS) will be in place to control network latency problems. Unfortunately, carrier transport services are not free and on demand, nor are 10G bit/sec LAN upgrades. The network costs associated with achieving compute and storage virtualization are not minimal, nor is the task mundane. The complexity, from a LAN and WAN perspective, makes the issue of voice convergence seem simple.
Paramount to the success of this new world is the integration of IT and wired or wireless network management to form a single seamless entity within the corporate business structure. Policy associated with application workflow - coupled with network access security and QoS, and managed under a single service-level agreement - will be linked to its corporate business value, such as speed of revenue recognition and profitability of the transaction sequence. Distributed automation technology used in tasks such as resource allocation, workflow scheduling, capacity measurement, fault prediction/isolation and security is now part of integrated IT management rather than today's isolated islands of systems and network management.
The introduction of on-demand, adaptive and utility computing has changed the rules of networking. The development, integration, operations and management of this new IT environment must be viewed from a business perspective and therefore measured as an integral part of all corporate business practices. Times have changed; the phrase "the network is the computer" no longer will be valid in the new world of IT.
Wednesday, April 25, 2007
Travelocity's flight to open system
CTO Barry Vandevier trusts Linux to keep Travelocity's renowned extended enterprise aloft.
The extended enterprise concept is as old as networking itself and as young as e-commerce. Few companies typify that old/young dichotomy better than Travelocity, the Internet child of Sabre Holdings - granddaddy of extended enterprises.
In Travelocity's seven-plus years of operation, it expertly has piloted the e-business skies, serving millions of customers with connections to thousands of hoteliers, airlines, car rental agencies and other travel suppliers.
Its Merchant Program, just one instance of its e-business architecture, already represents more than 7,500 hotels one year after its launch. With this program,which increased by 3,000 partners from June to September 2003 alone, Travelocity behaves like a hoteliers own Web site.Via exclusive contracts negotiated between Travelocity and the hoteliers, the site taps into the hoteliers' central reservation systems (CRS) and carts out the lowest rates and real-time availability This is in addition to the 55,000 hotels that Travelocity sells via the Sabre system (the same data accessible by all travel agencies using Sabre).
CTO Barry Vandevier, one of Travelocity's early site developers and a member of Sabre's IT team before that,became CTO in October 2002. He describes his passion for open source tools and shares his thinking on Web services, security and site management in an interview with Julie Bort, executive editor for Network World's Signature Series.
Advertisement
From an IT standpoint, describe your relationship with Sabre.
We have separate IT organizations. We focus on the Travelocity site, Sabre on the infrastructure, but we collaborate heavily on a constant basis building out our projects. For instance, the Hotel Merchant product that [Travelocity has], we built together.The Total Trip product that we released in June, where we are packaging our hotel and air products together, was a combined product between Travelocity and Sabre.
Tell me a bit about Travelocity's architecture.
We are migrating to a new architecture, from our original system built on C++, running on Unix SGI. We are migrating to an open source Java platform running on Linux.Total Trip is running on the new architecture, as is some other functionality. We'll continue migrating over the next several months [for completion] next year.
Why Linux?
We want to improve our flexibility and really decrease our time to market.The system we run for some of our older products is great, but from a total-cost-of-ownership perspective, Linux was just a very good ROI.
We're a big fan of open source, from total cost of ownership and from the sharing/collaboration [creation processes], using tools developed by other people and having [easy access] to other people who have experience with them. We're using Tomcat, Struts, Linux, JUnit, as well as some off-the-shelf products, like [IBM's] Rational Rose and [JetBrains'] IntelliJ, for our [Java] development environment (see graphic, below).
Tell me about Travelocity's Merchant Program. What infrastructure was needed to enable direct connectivity to the hoteliers' CRS?
We took advantage of existing Sabre connectivity to 55,000 hotels' CRS to really improve our suppliers' ability to update rates and inventories on our system. We partnered with Sabre and built interfaces to [Sabre's] Merchant platform through XML services.
You say XML services. You don't consider the connectivity between the Travelocity and Sabre Merchant systems to be Web services?
I would actually But because that was built a while back, we are working on a much more robust gateway, right now, with Sabre. This is Sabre's Universal Services Gateway which gives us access to Sabre capabilities via Web services.
So the current, XML services don't have all the latest fancy things, like UDDI, etc., I would guess?
That is correct.
What then is your opinion of Web services?
Web services are a big key for us for the future, to improve flexibility and changes between [us and our] partners. Web services will enhance our suppliers' connectivity, so making changes or adding content will be much faster for both parties.
What advice can you offer for security?
Security has got to be top of the mind. We have a full-time security officer. We also work a lot with Sabre security, and we involve security at the beginning of every one of our projects. We walk through a set of security questions so that we get our technical leads thinking about the subject. Any profile or customer data has to be heavily encrypted. Anything [sensitive] we store in any servers or database has to be encrypted. We never send, for instance, credit card data through the customer's [user interface], we only do the last four digits.
The extended enterprise concept is as old as networking itself and as young as e-commerce. Few companies typify that old/young dichotomy better than Travelocity, the Internet child of Sabre Holdings - granddaddy of extended enterprises.
In Travelocity's seven-plus years of operation, it expertly has piloted the e-business skies, serving millions of customers with connections to thousands of hoteliers, airlines, car rental agencies and other travel suppliers.
Its Merchant Program, just one instance of its e-business architecture, already represents more than 7,500 hotels one year after its launch. With this program,which increased by 3,000 partners from June to September 2003 alone, Travelocity behaves like a hoteliers own Web site.Via exclusive contracts negotiated between Travelocity and the hoteliers, the site taps into the hoteliers' central reservation systems (CRS) and carts out the lowest rates and real-time availability This is in addition to the 55,000 hotels that Travelocity sells via the Sabre system (the same data accessible by all travel agencies using Sabre).
CTO Barry Vandevier, one of Travelocity's early site developers and a member of Sabre's IT team before that,became CTO in October 2002. He describes his passion for open source tools and shares his thinking on Web services, security and site management in an interview with Julie Bort, executive editor for Network World's Signature Series.
Advertisement
From an IT standpoint, describe your relationship with Sabre.
We have separate IT organizations. We focus on the Travelocity site, Sabre on the infrastructure, but we collaborate heavily on a constant basis building out our projects. For instance, the Hotel Merchant product that [Travelocity has], we built together.The Total Trip product that we released in June, where we are packaging our hotel and air products together, was a combined product between Travelocity and Sabre.
Tell me a bit about Travelocity's architecture.
We are migrating to a new architecture, from our original system built on C++, running on Unix SGI. We are migrating to an open source Java platform running on Linux.Total Trip is running on the new architecture, as is some other functionality. We'll continue migrating over the next several months [for completion] next year.
Why Linux?
We want to improve our flexibility and really decrease our time to market.The system we run for some of our older products is great, but from a total-cost-of-ownership perspective, Linux was just a very good ROI.
We're a big fan of open source, from total cost of ownership and from the sharing/collaboration [creation processes], using tools developed by other people and having [easy access] to other people who have experience with them. We're using Tomcat, Struts, Linux, JUnit, as well as some off-the-shelf products, like [IBM's] Rational Rose and [JetBrains'] IntelliJ, for our [Java] development environment (see graphic, below).
Tell me about Travelocity's Merchant Program. What infrastructure was needed to enable direct connectivity to the hoteliers' CRS?
We took advantage of existing Sabre connectivity to 55,000 hotels' CRS to really improve our suppliers' ability to update rates and inventories on our system. We partnered with Sabre and built interfaces to [Sabre's] Merchant platform through XML services.
You say XML services. You don't consider the connectivity between the Travelocity and Sabre Merchant systems to be Web services?
I would actually But because that was built a while back, we are working on a much more robust gateway, right now, with Sabre. This is Sabre's Universal Services Gateway which gives us access to Sabre capabilities via Web services.
So the current, XML services don't have all the latest fancy things, like UDDI, etc., I would guess?
That is correct.
What then is your opinion of Web services?
Web services are a big key for us for the future, to improve flexibility and changes between [us and our] partners. Web services will enhance our suppliers' connectivity, so making changes or adding content will be much faster for both parties.
What advice can you offer for security?
Security has got to be top of the mind. We have a full-time security officer. We also work a lot with Sabre security, and we involve security at the beginning of every one of our projects. We walk through a set of security questions so that we get our technical leads thinking about the subject. Any profile or customer data has to be heavily encrypted. Anything [sensitive] we store in any servers or database has to be encrypted. We never send, for instance, credit card data through the customer's [user interface], we only do the last four digits.
Cisco Systems Supports National Groundhog Job Shadow Day 2006; More Than 100 Cisco U.S. Locations to Host Networking Academy Students
SAN JOSE, Calif. -- Starting February 2, Cisco Systems(R) (NASDAQ:CSCO) will kick off Job Shadow Days at five primary sites across the country: Atlanta, Ga., Chicago, Ill., Herndon, Va., Raleigh, N.C., and San Jose, Calif. In conjunction with its business partners and customers, Cisco(R) will be helping thousands of students from the Cisco Networking Academy(R) program learn first-hand about working in the information technology (IT) industry. By May, Cisco will have hosted students in up to 100 field sites across all 50 states.
The Cisco Networking Academy provides students with the Internet technology skills essential in a global economy. The Program offers students and workers who want to expand their IT knowledge or consider a career in the high-tech industry valuable networking and IT skills.
"Hosting students from the Networking Academy provides Cisco employees with a tremendous opportunity to give back to the community and help shape the future leaders of our industry," said Tae Yoo, vice president of corporate affairs, Cisco Systems. "Job shadowing presents a wonderful chance for students to broaden their horizons. The program exposes young people to career opportunities and helps translate how what they learn in the classroom leads to success in the workplace."
Advertisement
The U.S. Bureau of Labor Statistics estimates that demand for IT professionals will grow by nearly 50 percent through 2012. Cisco's Job Shadow Day will help students from Job Corp centers, high schools and colleges throughout the country position themselves for highly rewarding futures in the IT Industry.
Designed to encourage students to participate in careers and pursue educational opportunities in IT, Cisco's Job Shadow Day events feature technology demonstrations, facility tours and the opportunity for students to hear directly from a variety of technology professionals about what a career in IT entails on a day-to-day basis. Technology professionals will give presentations, and students will have the opportunity to meet one-on-one with mentors during lunchtime roundtables and throughout the day.
National job shadowing is a coordinated effort of America's Promise, Junior Achievement, the U.S. Department of Education and the U.S. Department of Labor. The U.S. Department of Labor honored Cisco as a Corporate Gold Award recipient as a result of its Job Shadow Day efforts. Cisco employees devote hundreds of hours to Job Shadow Day activities, and as a result, Cisco provides a matching donation to Junior Achievement.
The Cisco Networking Academy provides students with the Internet technology skills essential in a global economy. The Program offers students and workers who want to expand their IT knowledge or consider a career in the high-tech industry valuable networking and IT skills.
"Hosting students from the Networking Academy provides Cisco employees with a tremendous opportunity to give back to the community and help shape the future leaders of our industry," said Tae Yoo, vice president of corporate affairs, Cisco Systems. "Job shadowing presents a wonderful chance for students to broaden their horizons. The program exposes young people to career opportunities and helps translate how what they learn in the classroom leads to success in the workplace."
Advertisement
The U.S. Bureau of Labor Statistics estimates that demand for IT professionals will grow by nearly 50 percent through 2012. Cisco's Job Shadow Day will help students from Job Corp centers, high schools and colleges throughout the country position themselves for highly rewarding futures in the IT Industry.
Designed to encourage students to participate in careers and pursue educational opportunities in IT, Cisco's Job Shadow Day events feature technology demonstrations, facility tours and the opportunity for students to hear directly from a variety of technology professionals about what a career in IT entails on a day-to-day basis. Technology professionals will give presentations, and students will have the opportunity to meet one-on-one with mentors during lunchtime roundtables and throughout the day.
National job shadowing is a coordinated effort of America's Promise, Junior Achievement, the U.S. Department of Education and the U.S. Department of Labor. The U.S. Department of Labor honored Cisco as a Corporate Gold Award recipient as a result of its Job Shadow Day efforts. Cisco employees devote hundreds of hours to Job Shadow Day activities, and as a result, Cisco provides a matching donation to Junior Achievement.
Silicon & Software Systems Introduces 90nm IP Portfolio for Consumer and Enterprise Networking Applications; S3 to Demonstrate Mixed-Signal Expertise
SAN JOSE, Calif. -- Silicon & Software Systems Ltd (S3), a leading supplier of licensable mixed-signal intellectual property building blocks, today announced the availability of silicon-proven data converter IP for designs in the 90nm process technology node. The company will demonstrate these new IP cores to customers gathering here at the TSMC Technology Symposium, Wednesday, May 17.
S3's extensive 90nm IP portfolio includes ADCs, DACs and associated PLL components, optimized for integration in System ICs targeting consumer and broadband communication applications. Some of the end markets served by S3 customers include WLAN and WiMAX, digital broadcast standards (e.g. DVB-T and DVB-H) and High-Definition (HD) video applications.
Last August, Gartner Dataquest reported that the "analog and mixed signal IP grew by 36 percent in 2004, almost twice as much as the total IP market. We expect market growth to be equally impressive in 2005. This growth is being enabled by new tools and methodologies that aim to increase the value of the IP relative to the cost of integrating it into a SOC (system-on-a-chip)."(1)
Advertisement
"S3's successful R&D investments in 90nm process technology services and products have already generated considerable interest from the company's global customer base of IDM and fabless suppliers," said Mike Murray, S3 Mixed Signal IP general manager. "Customers recognize the significant benefits of increased levels of product integration available to them at 90nm and they are repeatedly validating this point by incorporating our proven IP in their advanced SoC designs."
S3 has already taped out solutions, integrating its IP into single-chip systems, and has leveraged its considerable experience at 90nm with more than 20 SoC designs in the 90nm process technology node.
A major attraction for customers is access to S3's engineering design expertise in combination with proven silicon IP. The advantage of a one-stop-shop for IP and design services at the 90nm node is clear to customers who need to ensure confidence that their product will meet shrinking market windows and will speed time to revenue for their end-customers.
S3 will discuss its design services capabilities and the advantages of incorporating its mixed-signal IP blocks into single-chip systems at its display at the TSMC Technology Symposium at the San Jose Convention Center, Wednesday, May 17.
(1) Gartner, Inc., "Analog and Mixed Signal IP Is Growing in Importance" by Christian Heidarson. August 8, 2005.
About Silicon & Software Systems Ltd. (S3):
S3 delivers innovative System IC design solutions based on a unique combination of semiconductor engineering expertise, advanced methodologies, customizable IP and application knowledge. The company addresses complete System IC design processes from architecture to verification to system verified silicon. S3 focuses on leading-edge IC designs, including products at the 90nm and 65nm process technology nodes. S3's global customer base includes the world's leading semiconductor companies (both IDMs and fabless suppliers) and the company teams with major foundry partners.
S3 offers an extensive portfolio of silicon-proven customizable Mixed Signal IP, featuring high-performance analog building blocks such as ADCs, DACs and PLLs for a wide variety of technically demanding System IC, Digital Consumer, Network Infrastructure and Medical System applications including Wireless LAN, Broadband Communications, Imaging and Video. S3 was founded in Dublin, Ireland in 1986 and has operations in six countries: Ireland, USA, the Netherlands, Poland, Czech Republic and the UK
S3's extensive 90nm IP portfolio includes ADCs, DACs and associated PLL components, optimized for integration in System ICs targeting consumer and broadband communication applications. Some of the end markets served by S3 customers include WLAN and WiMAX, digital broadcast standards (e.g. DVB-T and DVB-H) and High-Definition (HD) video applications.
Last August, Gartner Dataquest reported that the "analog and mixed signal IP grew by 36 percent in 2004, almost twice as much as the total IP market. We expect market growth to be equally impressive in 2005. This growth is being enabled by new tools and methodologies that aim to increase the value of the IP relative to the cost of integrating it into a SOC (system-on-a-chip)."(1)
Advertisement
"S3's successful R&D investments in 90nm process technology services and products have already generated considerable interest from the company's global customer base of IDM and fabless suppliers," said Mike Murray, S3 Mixed Signal IP general manager. "Customers recognize the significant benefits of increased levels of product integration available to them at 90nm and they are repeatedly validating this point by incorporating our proven IP in their advanced SoC designs."
S3 has already taped out solutions, integrating its IP into single-chip systems, and has leveraged its considerable experience at 90nm with more than 20 SoC designs in the 90nm process technology node.
A major attraction for customers is access to S3's engineering design expertise in combination with proven silicon IP. The advantage of a one-stop-shop for IP and design services at the 90nm node is clear to customers who need to ensure confidence that their product will meet shrinking market windows and will speed time to revenue for their end-customers.
S3 will discuss its design services capabilities and the advantages of incorporating its mixed-signal IP blocks into single-chip systems at its display at the TSMC Technology Symposium at the San Jose Convention Center, Wednesday, May 17.
(1) Gartner, Inc., "Analog and Mixed Signal IP Is Growing in Importance" by Christian Heidarson. August 8, 2005.
About Silicon & Software Systems Ltd. (S3):
S3 delivers innovative System IC design solutions based on a unique combination of semiconductor engineering expertise, advanced methodologies, customizable IP and application knowledge. The company addresses complete System IC design processes from architecture to verification to system verified silicon. S3 focuses on leading-edge IC designs, including products at the 90nm and 65nm process technology nodes. S3's global customer base includes the world's leading semiconductor companies (both IDMs and fabless suppliers) and the company teams with major foundry partners.
S3 offers an extensive portfolio of silicon-proven customizable Mixed Signal IP, featuring high-performance analog building blocks such as ADCs, DACs and PLLs for a wide variety of technically demanding System IC, Digital Consumer, Network Infrastructure and Medical System applications including Wireless LAN, Broadband Communications, Imaging and Video. S3 was founded in Dublin, Ireland in 1986 and has operations in six countries: Ireland, USA, the Netherlands, Poland, Czech Republic and the UK
Protecting against wireless threats: security risks abound in networking environments that allow untethered server access - Computers & Auditing
URING THE LAST TWO YEARS, wireless fidelity (WiFi) has become one of the fastest growing electronics technologies in history. Although much of this growth can be attributed to the consumer market, businesses have also begun to appreciate the value of beaming data through the airwaves and pulling the plug on conventional networks.
WiFi provides a degree of flexibility in the work environment that cannot be achieved with conventional, wired connections. Through the use of wireless local-area networks (WLAN), for example, manufacturers can reconfigure production facilities for increased efficiency, hospital staff members can use handheld devices to deliver patient information, warehouse workers can exchange inventory control information without crossing the warehouse floor, and students and teachers can communicate without being confined to a computer lab or dorm room.
At the same time, however, WiFi also presents greater risks and security challenges. For instance, whereas typical wired networks feature a limited number of fixed physical points of access, wireless networks can be used at any point within range of the system's antennas -- approximately 300 feet. WLANs can potentially provide access to individuals located outside the physical security perimeter of the network, such as the office parking lot, an adjacent floor, or a nearby building, creating a host of new vulnerabilities for hackers and other ill-intentioned users to exploit.
Advertisement
With the increased presence of wireless connectivity in today's businesses, internal audit professionals need to recognize this emerging technology's potential impact on their organization's risk environment and help protect against wireless threats. Auditors can play a valuable role in assisting with WLAN-related risk management during both the evaluation and implementation phases for these systems, as well as after the WLAN is fully operational.
EVALUATION
Before system implementation, internal auditors should focus their attention on issues related to the adoption of wireless technology. Vendor offerings can vary considerably, especially in terms of security, and poor decisions made during this phase can lead to unnecessary risk.
First, auditors should ensure the company focuses on wireless vendors that provide standards-based security solutions. Many vendor offerings deliver security features such as key exchange and encryption through the use of proprietary technology, which can affect WLAN compatibility with other network components and increase the complexity of managing security in a multi-vendor environment. Furthermore, proprietary solutions can compromise independent security experts' ability to analyze and remedy weaknesses throughout the network.
Next, the audit team should make sure the company thoroughly assesses the security features of each vendor's system, as well as vendor plans for improving the inherent weaknesses of wireless encryption protocol (WEP) -- a standard security feature found on most WiFi networks that helps to prevent casual "eavesdropping" by unauthorized parties. Because many experts believe WEP's encryption method provides inadequate protection against intruders, WEP is being replaced by WiFi Protected Access (WPA), which is a standards-based, interoperable security specification that significantly increases the level of data protection and access control. Therefore, auditors should ensure that the manufacturer of each system being considered for purchase has plans for upgrading to this new technology once its available and that its equipment can be adapted easily to WPA.
Until WPA is released, however, auditors should also ensure the company considers using extensible authentication protocol (EAP) to provide an additional layer of security to wireless systems. EAP is a method of conducting an authentication conversation between a user and an authentication server. Its role is to relay messages between the parties performing the authentication. In wireless communications using EAP, user connection requests are relayed from the WAP to an authentication server, which then requests proof of identity.
Auditors should also make sure the organization gives adequate consideration to the overall design of a security strategy for its WLAN. Although WLAN design is an extremely specialized field, auditors can help by ensuring that a site survey is performed to obtain details about coverage, bandwidth performance, and access point placement. Auditors should also verify that the design takes into account both the initial and the target size of the WLAN, as security strategies may vary considerably depending on the overall number of users. In addition, auditors should ensure the company has considered a method of protecting the WLAN against malicious threats such as manipulation of protocols and denial-of-service attacks.
WiFi provides a degree of flexibility in the work environment that cannot be achieved with conventional, wired connections. Through the use of wireless local-area networks (WLAN), for example, manufacturers can reconfigure production facilities for increased efficiency, hospital staff members can use handheld devices to deliver patient information, warehouse workers can exchange inventory control information without crossing the warehouse floor, and students and teachers can communicate without being confined to a computer lab or dorm room.
At the same time, however, WiFi also presents greater risks and security challenges. For instance, whereas typical wired networks feature a limited number of fixed physical points of access, wireless networks can be used at any point within range of the system's antennas -- approximately 300 feet. WLANs can potentially provide access to individuals located outside the physical security perimeter of the network, such as the office parking lot, an adjacent floor, or a nearby building, creating a host of new vulnerabilities for hackers and other ill-intentioned users to exploit.
Advertisement
With the increased presence of wireless connectivity in today's businesses, internal audit professionals need to recognize this emerging technology's potential impact on their organization's risk environment and help protect against wireless threats. Auditors can play a valuable role in assisting with WLAN-related risk management during both the evaluation and implementation phases for these systems, as well as after the WLAN is fully operational.
EVALUATION
Before system implementation, internal auditors should focus their attention on issues related to the adoption of wireless technology. Vendor offerings can vary considerably, especially in terms of security, and poor decisions made during this phase can lead to unnecessary risk.
First, auditors should ensure the company focuses on wireless vendors that provide standards-based security solutions. Many vendor offerings deliver security features such as key exchange and encryption through the use of proprietary technology, which can affect WLAN compatibility with other network components and increase the complexity of managing security in a multi-vendor environment. Furthermore, proprietary solutions can compromise independent security experts' ability to analyze and remedy weaknesses throughout the network.
Next, the audit team should make sure the company thoroughly assesses the security features of each vendor's system, as well as vendor plans for improving the inherent weaknesses of wireless encryption protocol (WEP) -- a standard security feature found on most WiFi networks that helps to prevent casual "eavesdropping" by unauthorized parties. Because many experts believe WEP's encryption method provides inadequate protection against intruders, WEP is being replaced by WiFi Protected Access (WPA), which is a standards-based, interoperable security specification that significantly increases the level of data protection and access control. Therefore, auditors should ensure that the manufacturer of each system being considered for purchase has plans for upgrading to this new technology once its available and that its equipment can be adapted easily to WPA.
Until WPA is released, however, auditors should also ensure the company considers using extensible authentication protocol (EAP) to provide an additional layer of security to wireless systems. EAP is a method of conducting an authentication conversation between a user and an authentication server. Its role is to relay messages between the parties performing the authentication. In wireless communications using EAP, user connection requests are relayed from the WAP to an authentication server, which then requests proof of identity.
Auditors should also make sure the organization gives adequate consideration to the overall design of a security strategy for its WLAN. Although WLAN design is an extremely specialized field, auditors can help by ensuring that a site survey is performed to obtain details about coverage, bandwidth performance, and access point placement. Auditors should also verify that the design takes into account both the initial and the target size of the WLAN, as security strategies may vary considerably depending on the overall number of users. In addition, auditors should ensure the company has considered a method of protecting the WLAN against malicious threats such as manipulation of protocols and denial-of-service attacks.
Friday, April 13, 2007
Metrobility adds CWDM to metro - New Products/New Services; Metrobility Optical Systems
Metrobility Optical Systems announced that it is introducing a scalable and flexible managed Ethernet CWDM solution for metro access or campuses to its Radiance model family. A cost effective passive optical networking solution to bring fiber optics to the curb, business and home, the R4000 CWDM models reduce the capital expenditure of the channel costs to approximately 1/3 that of DWDM, and reduces the operating expenditures by simplifying the installation, configuration, and management of the network.
Metrobility's R4000 CWDM solution maximizes the use of the existing fiber plant, is simple to deploy, leverages existing Ethernet expertise, and creates a solution that addresses quality of service issues since it is both highly available and highly manageable. Metrobility's CWDM solution utilizes a Gigabit Ethernet line card with wavelength-specific SFP pluggable optics based on the ITU-T industry standard 20nm spacing. The line card, available as copper-to-fiber or fiber-to-fiber, provides an inline electrical conversion mechanism for monitoring the optical power of every link against problems such as poor connections, wavelength degradation, and even physical breaks in the fiber.
Optical power management is accomplished through the company's EFM OAM feature-ready Radiance technology and Metrobility's NetBeacon SNMP Element Management software. Optional line protection and restoration capabilities are also available by providing dual wavelength-specific fiber connections that automatically failover should a link loss occur. The R4000 (1U high, 19 or 23" rack mount) multiplexer is a scalable solution that supports up to 12 wavelengths (from 1350nm to 1610nm) based on the ITU G.694.2 CWDM wavelength grid. Optical add/drop multiplexers provide either point-to-point or ring topologies and can support distances up to 80km without regeneration. The R4000 enables service providers to offer up to 12 Gigabits of bandwidth over a single fiber link. The R4000 is designed to meet NEBS certification requirements.
Metrobility's R4000 CWDM solution maximizes the use of the existing fiber plant, is simple to deploy, leverages existing Ethernet expertise, and creates a solution that addresses quality of service issues since it is both highly available and highly manageable. Metrobility's CWDM solution utilizes a Gigabit Ethernet line card with wavelength-specific SFP pluggable optics based on the ITU-T industry standard 20nm spacing. The line card, available as copper-to-fiber or fiber-to-fiber, provides an inline electrical conversion mechanism for monitoring the optical power of every link against problems such as poor connections, wavelength degradation, and even physical breaks in the fiber.
Optical power management is accomplished through the company's EFM OAM feature-ready Radiance technology and Metrobility's NetBeacon SNMP Element Management software. Optional line protection and restoration capabilities are also available by providing dual wavelength-specific fiber connections that automatically failover should a link loss occur. The R4000 (1U high, 19 or 23" rack mount) multiplexer is a scalable solution that supports up to 12 wavelengths (from 1350nm to 1610nm) based on the ITU G.694.2 CWDM wavelength grid. Optical add/drop multiplexers provide either point-to-point or ring topologies and can support distances up to 80km without regeneration. The R4000 enables service providers to offer up to 12 Gigabits of bandwidth over a single fiber link. The R4000 is designed to meet NEBS certification requirements.
A Roadmap for the Successful Implementation of Competitive Intelligence Systems
THE SUCCESSFUL DESIGN, DEVELOPMENT AND DEPLOYMENT OF A SUCCESSFUL CI system requires a good project plan. Much [ike a roadmap, this plan serves to identify important miLestones and provide information about alternative routes that can help the project team(s) avoid delays. According to a survey by the Delphi Group, 58% of the useful knowledge of an organization is recorded information (documents and databases) and 42% resides in employee brains (Hickens 1999). Integrating knowledge management and competitive intelligence encourages their use, improves their quality and allows the firm to respond more rapidly to changing business conditions (Senge 1994), so the best CI system uses what is already inside the organization. One of the first decisions is whether to improve access to the organization's recorded information or elicit knowledge that currently resides in employee brains. Regardless of format or location, an organization's knowledge is generally filtered through both a cognitive dimension and a relatio nship dimension.
The cognitive dimension focuses on the "stuff," but to identify the important attributes of the relevant "stuff," it is important to know how it is filtered through the relationship dimension. The relationship dimension has the following characteristics:
Advertisement
Purpose -- the organization's business purpose, its vision, mission, goals and objectives
Process -- the means by which strategic initiatives are moved from "clean sheet" to launch
People -- the "four - ics"
* Demographics -- personal characteristics of current and potential users (e.g., position, education and training, learning style)
* Psychographics -- personal belief systems that impact action/reaction/interaction
* Geographics -- factors of culture, distance and time
* Politics -- formal/informal lines of authority, innovation and trust (Shelfer and Goodrum 1999)
The planning process and the project itself must take these characteristics into consideration in order to be successful. In fact, the successful CI system might also be likened to the steps involved in successful community gardening: (1) seed the ground, (2) water and fertilize what you plant, (3) weed the garden, (4) reward the gardeners, (5) discourage the predators, and (6) harvest the value.
Indicators of Project Failure or Project Success
Experienced consultants have identified the following critical failure indicators: (1) lack of informed consensus; (2) acceptance of the status quo; (3) unwarranted trust in the vendor; (4) failure to support the business purpose; (5) a short term, internal, myopic approach; (6) paralysis by analysis; (7) sabotage by external predators; (8) suicide through ignoring project constraints; and (9) failure to consider business, human or technology limitations imposed on the project (Tyson, 1998). Careful planning is the best form of failure prevention. There are both management constraints and technical constraints to be considered. Management constraints involve three key problem areas--time, money and scope. The flexibility needed to deliver a quality project is severely hampered if any one or two of these three are fixed. For example, project constraints impact deadline constraints. A fixed budget with deadline constraints generally kills any chance of success. Regarding technical constraints, is there any fle xibility in terms of the tools available? It is imperative to avoid getting caught up in the "trade rag" hype, so a warning is appropriate here: NEVER buy off vendor presentations! Other key factors to consider include experience, whether legacy systems are involved and whether the system will be "bleeding edge" or a patch. It helps to know if this system will be a pilot for knowledge-sharing in the organization.
Unlike failure, success can't be guaranteed, but it is much more likely if the project includes: (1) flexible design; (2) willingness to implement a mechanized "less than ideal" system; (3) use of an evolutionary approach with prototyping; (4) giving users substantial (to total) control; (5) coordination by individual business units; and (6) active networking. Though there are many factors contributing to software project success, the presence of a committed project sponsor is one of the most important early success factors (Proccacino and Verner 2001). A committed sponsor has a significant impact on many of the project phases and project functions, including the (1) schedule estimates, (2) quality of the project team members, and (3) degree of interaction with other stakeholders.
The cognitive dimension focuses on the "stuff," but to identify the important attributes of the relevant "stuff," it is important to know how it is filtered through the relationship dimension. The relationship dimension has the following characteristics:
Advertisement
Purpose -- the organization's business purpose, its vision, mission, goals and objectives
Process -- the means by which strategic initiatives are moved from "clean sheet" to launch
People -- the "four - ics"
* Demographics -- personal characteristics of current and potential users (e.g., position, education and training, learning style)
* Psychographics -- personal belief systems that impact action/reaction/interaction
* Geographics -- factors of culture, distance and time
* Politics -- formal/informal lines of authority, innovation and trust (Shelfer and Goodrum 1999)
The planning process and the project itself must take these characteristics into consideration in order to be successful. In fact, the successful CI system might also be likened to the steps involved in successful community gardening: (1) seed the ground, (2) water and fertilize what you plant, (3) weed the garden, (4) reward the gardeners, (5) discourage the predators, and (6) harvest the value.
Indicators of Project Failure or Project Success
Experienced consultants have identified the following critical failure indicators: (1) lack of informed consensus; (2) acceptance of the status quo; (3) unwarranted trust in the vendor; (4) failure to support the business purpose; (5) a short term, internal, myopic approach; (6) paralysis by analysis; (7) sabotage by external predators; (8) suicide through ignoring project constraints; and (9) failure to consider business, human or technology limitations imposed on the project (Tyson, 1998). Careful planning is the best form of failure prevention. There are both management constraints and technical constraints to be considered. Management constraints involve three key problem areas--time, money and scope. The flexibility needed to deliver a quality project is severely hampered if any one or two of these three are fixed. For example, project constraints impact deadline constraints. A fixed budget with deadline constraints generally kills any chance of success. Regarding technical constraints, is there any fle xibility in terms of the tools available? It is imperative to avoid getting caught up in the "trade rag" hype, so a warning is appropriate here: NEVER buy off vendor presentations! Other key factors to consider include experience, whether legacy systems are involved and whether the system will be "bleeding edge" or a patch. It helps to know if this system will be a pilot for knowledge-sharing in the organization.
Unlike failure, success can't be guaranteed, but it is much more likely if the project includes: (1) flexible design; (2) willingness to implement a mechanized "less than ideal" system; (3) use of an evolutionary approach with prototyping; (4) giving users substantial (to total) control; (5) coordination by individual business units; and (6) active networking. Though there are many factors contributing to software project success, the presence of a committed project sponsor is one of the most important early success factors (Proccacino and Verner 2001). A committed sponsor has a significant impact on many of the project phases and project functions, including the (1) schedule estimates, (2) quality of the project team members, and (3) degree of interaction with other stakeholders.
After 25 years, CABLExpress keeps networking
NORTH SYRACUSE - CABLExpress founder William Pomeroy isn't waiting for historians to recognize his company's accomplishments. Visitors to CABLExpress' headquarters in North Syracuse encounter two historical monuments to the company before ever entering the building. One celebrates CABLExpress' occupation of the building while the other celebrates the company's accomplishments in the form of a historical marker like those placed along the highway. Though CABLExpress will mark 25 years this month, Pomeroy says he and his 296 employees have good reason to celebrate every day.
"We're the largest dealer in pr-owned/refurbished computernetwork equipment in the world," he says. "We are also the number-one reseller of Cisco-authorized refurbished equipment."
Privately held CABLExpress sells networking equipment and computers in more than 30 countries. The company has annual revenues of $98 million. Its name comes from the company's early concentration in networking cables for IBM-mainframe computers.
Advertisement
Pomeroy came to Syracuse in 1974, following an extended vacation in South America. He spent two years traveling the continent via VW camper before going to work for Bernie Mahoney at Continental Information Systems (CIS) Corp., a computer-leasing company. In the early 1970s, "computer" meant a large mainframe built by IBM, rather than something to slip into a shoulder bag. These machines might serve as a "laptop" at the Lincoln Memorial, but even a desktop IBM was nearly a decade away.
Pomeroy had previously worked for IBM, Procter & Gamble, General Electric, and New York Telephone, but his future would take him back to an earlier job. In the early 1960s he worked with his father's heating business, and he liked what he saw.
"My dad was in business for himself," he says, "and I wanted to be like him."
After leaving CIS, Pomeroy used $50,000 in savings to create Reliance Used Computer Corp. He named the company in honor of one his grandfather had run after New York denied his registration of the name - "International Used Business Machines."
From his home, Pomeroy began buying and selling used, IBMmainframe computers and accessories nationwide. The United States Air Force was an early customer, relying on the company to provide legacy parts for the nation's over-the-pole, ballistic-missile warning system. The business has done well for the past quarter-century, says Pomeroy.
"I was profitable in the first year and every year since," he adds.
Within two years of starting a company in his home, Pomeroy moved the company to a location on Erie Boulevard and adopted the name CABLExpress, in order to identify with the company's mainframe-cabling niche. Five years later, CABLExpress relocated to a 10,000-square-foot facility on Brighton Avenue. Throughout the 1980s, CABLExpress expanded its operations, adding a catalog of networking equipment and selling to under-served markets. The rapid pace of technology brought CABLExpress back into the usedequipment market in the mid-1990s as Pomeroy recognized the value in a new generation of "obsolete" equipment.
By 1997, CABLExpress needed new space for its growing work force. Pomeroy purchased a vacant store near the Syracuse airport and converted the space into the company's headquarters. The 66,000-square-foot facility has space for 500 employees and Pomeroy says the company could grow to 1,000 employees by expanding its national and international markets. CABLExpress does 90 percent of its business outside New York State.
"We're just scratching the surface," he adds.
CABLExpress has its own brand of hardware - "equal2new," that promises to live up to its name. The company restores each piece of equipment to its original factory specifications, making it "equal to new" at a lower price.
"We scour the world for these pieces, certify them, and reissue them with a warranty that in many cases exceeds the original manufacturers warranty," Pomeroy explains.
CABLExpress may be one man's vision, but the company is far from a one-man show.
Pomeroy strives to maintain a "fun" workplace for his biggest asset - his 296 employees. CABLExpress' dinosaur-decorated office celebrates its roots selling mainframes, the "dinosaurs" of computing. Conference rooms bear the names of pioneers in science, business, and computing, such as Carl Sagan and Bill Gates.
"We're the largest dealer in pr-owned/refurbished computernetwork equipment in the world," he says. "We are also the number-one reseller of Cisco-authorized refurbished equipment."
Privately held CABLExpress sells networking equipment and computers in more than 30 countries. The company has annual revenues of $98 million. Its name comes from the company's early concentration in networking cables for IBM-mainframe computers.
Advertisement
Pomeroy came to Syracuse in 1974, following an extended vacation in South America. He spent two years traveling the continent via VW camper before going to work for Bernie Mahoney at Continental Information Systems (CIS) Corp., a computer-leasing company. In the early 1970s, "computer" meant a large mainframe built by IBM, rather than something to slip into a shoulder bag. These machines might serve as a "laptop" at the Lincoln Memorial, but even a desktop IBM was nearly a decade away.
Pomeroy had previously worked for IBM, Procter & Gamble, General Electric, and New York Telephone, but his future would take him back to an earlier job. In the early 1960s he worked with his father's heating business, and he liked what he saw.
"My dad was in business for himself," he says, "and I wanted to be like him."
After leaving CIS, Pomeroy used $50,000 in savings to create Reliance Used Computer Corp. He named the company in honor of one his grandfather had run after New York denied his registration of the name - "International Used Business Machines."
From his home, Pomeroy began buying and selling used, IBMmainframe computers and accessories nationwide. The United States Air Force was an early customer, relying on the company to provide legacy parts for the nation's over-the-pole, ballistic-missile warning system. The business has done well for the past quarter-century, says Pomeroy.
"I was profitable in the first year and every year since," he adds.
Within two years of starting a company in his home, Pomeroy moved the company to a location on Erie Boulevard and adopted the name CABLExpress, in order to identify with the company's mainframe-cabling niche. Five years later, CABLExpress relocated to a 10,000-square-foot facility on Brighton Avenue. Throughout the 1980s, CABLExpress expanded its operations, adding a catalog of networking equipment and selling to under-served markets. The rapid pace of technology brought CABLExpress back into the usedequipment market in the mid-1990s as Pomeroy recognized the value in a new generation of "obsolete" equipment.
By 1997, CABLExpress needed new space for its growing work force. Pomeroy purchased a vacant store near the Syracuse airport and converted the space into the company's headquarters. The 66,000-square-foot facility has space for 500 employees and Pomeroy says the company could grow to 1,000 employees by expanding its national and international markets. CABLExpress does 90 percent of its business outside New York State.
"We're just scratching the surface," he adds.
CABLExpress has its own brand of hardware - "equal2new," that promises to live up to its name. The company restores each piece of equipment to its original factory specifications, making it "equal to new" at a lower price.
"We scour the world for these pieces, certify them, and reissue them with a warranty that in many cases exceeds the original manufacturers warranty," Pomeroy explains.
CABLExpress may be one man's vision, but the company is far from a one-man show.
Pomeroy strives to maintain a "fun" workplace for his biggest asset - his 296 employees. CABLExpress' dinosaur-decorated office celebrates its roots selling mainframes, the "dinosaurs" of computing. Conference rooms bear the names of pioneers in science, business, and computing, such as Carl Sagan and Bill Gates.
Friday, April 06, 2007
Cisco Systems Supports National Groundhog Job Shadow Day 2006; More Than 100 Cisco U.S. Locations to Host Networking Academy Students
SAN JOSE, Calif. -- Starting February 2, Cisco Systems(R) (NASDAQ:CSCO) will kick off Job Shadow Days at five primary sites across the country: Atlanta, Ga., Chicago, Ill., Herndon, Va., Raleigh, N.C., and San Jose, Calif. In conjunction with its business partners and customers, Cisco(R) will be helping thousands of students from the Cisco Networking Academy(R) program learn first-hand about working in the information technology (IT) industry. By May, Cisco will have hosted students in up to 100 field sites across all 50 states.
The Cisco Networking Academy provides students with the Internet technology skills essential in a global economy. The Program offers students and workers who want to expand their IT knowledge or consider a career in the high-tech industry valuable networking and IT skills.
"Hosting students from the Networking Academy provides Cisco employees with a tremendous opportunity to give back to the community and help shape the future leaders of our industry," said Tae Yoo, vice president of corporate affairs, Cisco Systems. "Job shadowing presents a wonderful chance for students to broaden their horizons. The program exposes young people to career opportunities and helps translate how what they learn in the classroom leads to success in the workplace."
Advertisement
The U.S. Bureau of Labor Statistics estimates that demand for IT professionals will grow by nearly 50 percent through 2012. Cisco's Job Shadow Day will help students from Job Corp centers, high schools and colleges throughout the country position themselves for highly rewarding futures in the IT Industry.
Designed to encourage students to participate in careers and pursue educational opportunities in IT, Cisco's Job Shadow Day events feature technology demonstrations, facility tours and the opportunity for students to hear directly from a variety of technology professionals about what a career in IT entails on a day-to-day basis. Technology professionals will give presentations, and students will have the opportunity to meet one-on-one with mentors during lunchtime roundtables and throughout the day.
National job shadowing is a coordinated effort of America's Promise, Junior Achievement, the U.S. Department of Education and the U.S. Department of Labor. The U.S. Department of Labor honored Cisco as a Corporate Gold Award recipient as a result of its Job Shadow Day efforts. Cisco employees devote hundreds of hours to Job Shadow Day activities, and as a result, Cisco provides a matching donation to Junior Achievement.
Additional information about Cisco's Job Shadow Day initiative is available at: http://www.cisco.com/go/promoteitcareers
For more information about the Cisco Networking Academy Program, visit: http://www.cisco.com/go/netacad
About Cisco Systems
Cisco Systems, Inc. (NASDAQ:CSCO) is the worldwide leader in networking for the Internet. Information about Cisco can be found at http://www.cisco.com. For ongoing news, please go to http://newsroom.cisco.com.
Cisco, Cisco Systems, the Cisco Systems logo, and Networking Academy are registered trademarks of Cisco Systems, Inc. in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners. The use of the word partnership does not imply a partnership relationship between Cisco and any other company. This document is Cisco Public Information.
The Cisco Networking Academy provides students with the Internet technology skills essential in a global economy. The Program offers students and workers who want to expand their IT knowledge or consider a career in the high-tech industry valuable networking and IT skills.
"Hosting students from the Networking Academy provides Cisco employees with a tremendous opportunity to give back to the community and help shape the future leaders of our industry," said Tae Yoo, vice president of corporate affairs, Cisco Systems. "Job shadowing presents a wonderful chance for students to broaden their horizons. The program exposes young people to career opportunities and helps translate how what they learn in the classroom leads to success in the workplace."
Advertisement
The U.S. Bureau of Labor Statistics estimates that demand for IT professionals will grow by nearly 50 percent through 2012. Cisco's Job Shadow Day will help students from Job Corp centers, high schools and colleges throughout the country position themselves for highly rewarding futures in the IT Industry.
Designed to encourage students to participate in careers and pursue educational opportunities in IT, Cisco's Job Shadow Day events feature technology demonstrations, facility tours and the opportunity for students to hear directly from a variety of technology professionals about what a career in IT entails on a day-to-day basis. Technology professionals will give presentations, and students will have the opportunity to meet one-on-one with mentors during lunchtime roundtables and throughout the day.
National job shadowing is a coordinated effort of America's Promise, Junior Achievement, the U.S. Department of Education and the U.S. Department of Labor. The U.S. Department of Labor honored Cisco as a Corporate Gold Award recipient as a result of its Job Shadow Day efforts. Cisco employees devote hundreds of hours to Job Shadow Day activities, and as a result, Cisco provides a matching donation to Junior Achievement.
Additional information about Cisco's Job Shadow Day initiative is available at: http://www.cisco.com/go/promoteitcareers
For more information about the Cisco Networking Academy Program, visit: http://www.cisco.com/go/netacad
About Cisco Systems
Cisco Systems, Inc. (NASDAQ:CSCO) is the worldwide leader in networking for the Internet. Information about Cisco can be found at http://www.cisco.com. For ongoing news, please go to http://newsroom.cisco.com.
Cisco, Cisco Systems, the Cisco Systems logo, and Networking Academy are registered trademarks of Cisco Systems, Inc. in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners. The use of the word partnership does not imply a partnership relationship between Cisco and any other company. This document is Cisco Public Information.
Protecting against wireless threats: security risks abound in networking environments that allow untethered server access - Computers & Auditing
URING THE LAST TWO YEARS, wireless fidelity (WiFi) has become one of the fastest growing electronics technologies in history. Although much of this growth can be attributed to the consumer market, businesses have also begun to appreciate the value of beaming data through the airwaves and pulling the plug on conventional networks.
WiFi provides a degree of flexibility in the work environment that cannot be achieved with conventional, wired connections. Through the use of wireless local-area networks (WLAN), for example, manufacturers can reconfigure production facilities for increased efficiency, hospital staff members can use handheld devices to deliver patient information, warehouse workers can exchange inventory control information without crossing the warehouse floor, and students and teachers can communicate without being confined to a computer lab or dorm room.
At the same time, however, WiFi also presents greater risks and security challenges. For instance, whereas typical wired networks feature a limited number of fixed physical points of access, wireless networks can be used at any point within range of the system's antennas -- approximately 300 feet. WLANs can potentially provide access to individuals located outside the physical security perimeter of the network, such as the office parking lot, an adjacent floor, or a nearby building, creating a host of new vulnerabilities for hackers and other ill-intentioned users to exploit.
Advertisement
With the increased presence of wireless connectivity in today's businesses, internal audit professionals need to recognize this emerging technology's potential impact on their organization's risk environment and help protect against wireless threats. Auditors can play a valuable role in assisting with WLAN-related risk management during both the evaluation and implementation phases for these systems, as well as after the WLAN is fully operational.
EVALUATION
Before system implementation, internal auditors should focus their attention on issues related to the adoption of wireless technology. Vendor offerings can vary considerably, especially in terms of security, and poor decisions made during this phase can lead to unnecessary risk.
First, auditors should ensure the company focuses on wireless vendors that provide standards-based security solutions. Many vendor offerings deliver security features such as key exchange and encryption through the use of proprietary technology, which can affect WLAN compatibility with other network components and increase the complexity of managing security in a multi-vendor environment. Furthermore, proprietary solutions can compromise independent security experts' ability to analyze and remedy weaknesses throughout the network.
Next, the audit team should make sure the company thoroughly assesses the security features of each vendor's system, as well as vendor plans for improving the inherent weaknesses of wireless encryption protocol (WEP) -- a standard security feature found on most WiFi networks that helps to prevent casual "eavesdropping" by unauthorized parties. Because many experts believe WEP's encryption method provides inadequate protection against intruders, WEP is being replaced by WiFi Protected Access (WPA), which is a standards-based, interoperable security specification that significantly increases the level of data protection and access control. Therefore, auditors should ensure that the manufacturer of each system being considered for purchase has plans for upgrading to this new technology once its available and that its equipment can be adapted easily to WPA.
Until WPA is released, however, auditors should also ensure the company considers using extensible authentication protocol (EAP) to provide an additional layer of security to wireless systems. EAP is a method of conducting an authentication conversation between a user and an authentication server. Its role is to relay messages between the parties performing the authentication. In wireless communications using EAP, user connection requests are relayed from the WAP to an authentication server, which then requests proof of identity.
Auditors should also make sure the organization gives adequate consideration to the overall design of a security strategy for its WLAN. Although WLAN design is an extremely specialized field, auditors can help by ensuring that a site survey is performed to obtain details about coverage, bandwidth performance, and access point placement. Auditors should also verify that the design takes into account both the initial and the target size of the WLAN, as security strategies may vary considerably depending on the overall number of users. In addition, auditors should ensure the company has considered a method of protecting the WLAN against malicious threats such as manipulation of protocols and denial-of-service attacks.
IMPLEMENTATION
Once WLAN implementation begins, auditors should pay close attention to the system's coverage area. Typically, wireless signals can be received at a distance of several hundred feet beyond the physical perimeter of a facility, representing a significant security concern. Potential threats are further compounded in facilities using multiple wireless access points (WAP), as each WAP represents a potential point of entry inside the firewall.
WiFi provides a degree of flexibility in the work environment that cannot be achieved with conventional, wired connections. Through the use of wireless local-area networks (WLAN), for example, manufacturers can reconfigure production facilities for increased efficiency, hospital staff members can use handheld devices to deliver patient information, warehouse workers can exchange inventory control information without crossing the warehouse floor, and students and teachers can communicate without being confined to a computer lab or dorm room.
At the same time, however, WiFi also presents greater risks and security challenges. For instance, whereas typical wired networks feature a limited number of fixed physical points of access, wireless networks can be used at any point within range of the system's antennas -- approximately 300 feet. WLANs can potentially provide access to individuals located outside the physical security perimeter of the network, such as the office parking lot, an adjacent floor, or a nearby building, creating a host of new vulnerabilities for hackers and other ill-intentioned users to exploit.
Advertisement
With the increased presence of wireless connectivity in today's businesses, internal audit professionals need to recognize this emerging technology's potential impact on their organization's risk environment and help protect against wireless threats. Auditors can play a valuable role in assisting with WLAN-related risk management during both the evaluation and implementation phases for these systems, as well as after the WLAN is fully operational.
EVALUATION
Before system implementation, internal auditors should focus their attention on issues related to the adoption of wireless technology. Vendor offerings can vary considerably, especially in terms of security, and poor decisions made during this phase can lead to unnecessary risk.
First, auditors should ensure the company focuses on wireless vendors that provide standards-based security solutions. Many vendor offerings deliver security features such as key exchange and encryption through the use of proprietary technology, which can affect WLAN compatibility with other network components and increase the complexity of managing security in a multi-vendor environment. Furthermore, proprietary solutions can compromise independent security experts' ability to analyze and remedy weaknesses throughout the network.
Next, the audit team should make sure the company thoroughly assesses the security features of each vendor's system, as well as vendor plans for improving the inherent weaknesses of wireless encryption protocol (WEP) -- a standard security feature found on most WiFi networks that helps to prevent casual "eavesdropping" by unauthorized parties. Because many experts believe WEP's encryption method provides inadequate protection against intruders, WEP is being replaced by WiFi Protected Access (WPA), which is a standards-based, interoperable security specification that significantly increases the level of data protection and access control. Therefore, auditors should ensure that the manufacturer of each system being considered for purchase has plans for upgrading to this new technology once its available and that its equipment can be adapted easily to WPA.
Until WPA is released, however, auditors should also ensure the company considers using extensible authentication protocol (EAP) to provide an additional layer of security to wireless systems. EAP is a method of conducting an authentication conversation between a user and an authentication server. Its role is to relay messages between the parties performing the authentication. In wireless communications using EAP, user connection requests are relayed from the WAP to an authentication server, which then requests proof of identity.
Auditors should also make sure the organization gives adequate consideration to the overall design of a security strategy for its WLAN. Although WLAN design is an extremely specialized field, auditors can help by ensuring that a site survey is performed to obtain details about coverage, bandwidth performance, and access point placement. Auditors should also verify that the design takes into account both the initial and the target size of the WLAN, as security strategies may vary considerably depending on the overall number of users. In addition, auditors should ensure the company has considered a method of protecting the WLAN against malicious threats such as manipulation of protocols and denial-of-service attacks.
IMPLEMENTATION
Once WLAN implementation begins, auditors should pay close attention to the system's coverage area. Typically, wireless signals can be received at a distance of several hundred feet beyond the physical perimeter of a facility, representing a significant security concern. Potential threats are further compounded in facilities using multiple wireless access points (WAP), as each WAP represents a potential point of entry inside the firewall.
Storage & Networking for NLEs: what's best for you? Fibre Channel, Gigabit Ethernet or iSCSI, a combination of both?
When it comes to storage and networking, few applications are more demanding than nonlinear editing (NLE). Besides handling huge files, NLEs need data flowing in at sustained levels, without any glitches, hiccups or data loss. Storage failures compromise productivity and creative energy.
Nowhere is the need for speed more insatiable than the high end where editing high definition (HD) video is pushing the limits of network bandwidth and storage. There's a growing demand to network resolution-independent finishing systems (by such companies as Discreet and Quantel) to form collaborative workgroups" where multiple editors have simultaneous, realtime access to near-film resolution video in central repositories.
The conventional wisdom is that only Fibre Channel (now 2Gbps), configured as a SAN (Storage Area Network), is up to this daunting challenge--making up to 400MBps of data available to each network client without bottlenecks.
But because Fibre Channel is such a huge capital expense, it's often deployed judiciously, only to those workstations that require ultra-high-bandwidth for the most demanding realtime editorial. Unable to cost-justify Fibre Channel, the desktop NLE market--especially those working with non-realtime or compressed video--is finding Gigabit Ethernet (I Gbps) to be a better frt. At one-fifth the cost of Fibre Channel, Gig-E" has reached a point where its price performance makes it a compelling alternative for a tight budget.
And, what about facilities that have say four high-end finishing stations and maybe six low-end desktop systems, all of which need to share the same data, but Fibre Channel is too costly to connect them all? Well, an interesting option has emerged called SCSI, a newly adopted standard (not to be confused with SCSI or Ultra-SCSI) that will play a significant role in a growing trend called "IP SANs." IP (Internet Protocol) relates to the TCP/IP protocol central to standard networks like Gigabit Ethernet.
iSCSI routers, which have a Fibre Channel front-end and a Gigabit Ethernet back-end, are a hybrid solution bridging the Fibre Channel SAN with the Gigabit Ethernet workgroup to form one network on which anyone can share the same data, albeit at different data rates.
So, the controversy over whether to network NLEs with Fibre Channel or Gigabit Ethernet - or a combination of both with iSCSI--is only going to grow since hardware prices are falling while performance is rising dramatically. The vendors we canvassed have divergent views as to which approach is best suited to collaborative workgroups, from HD to DV, now and tomorrow.
STUDIO NETWORK SOLUTIONS
"Only Fibre Channel guarantees high performance to every workstation on the network no matter how many users access the data at the same time," says Gary Holladay, chief systems design engineer for Studio Network Solutions (SNS) in St Louis.
"While Gigabit Ethernet is a switched network it's a shared bandwidth environment," explains Holladay. "So, the more users 'hitting the switch' at once, the lower the bandwidth available to each client on the network Because Gigabit Ethernet is hampered by the overhead of TCP/IP processing, it's not sufficient to support several workstations requiring 170MBps for high-end video editing, especially with realtime effects.
"When several editors need to work on the same HD content simultaneously, the only way to guarantee that throughput to every client on the network is by using 2Gbps Fibre Channel, Below that HD benchmark, 1Gbps Fibre Channel is ideal for the demands of standard 601 editing," he adds.
"At SNS, we push the Fibre Channel hardware even further by optimizing the [Seagate] drives, and customizing the HBAs [Host Bus Adapters] for more streamlined, powerful and reliable SAN environments."
At NAB, SNS (wwwstudionetworksolutions.com) introduced SANmp Management and Sharing Software, which facilitates greater interoperability when sharing media between Windows and Mac OS platforms. When used with SNS's A/V SAN Pro, a SAN that scales from three to over 64 seats with up to 400MBps sustained throughput, users derive a multiplatform environment, SNS also offers A/V SAN, a two-user configuration--which, in addition to the A/V SAN Pro, was used by Grammy Award-winning music engineer David Gleeson in the editing, mixing, and recording of the music score for The Lord of the Rings: The Two Towers.
"Our customer base has grown largely by word of mouth. By seeing what we've done for others, people recognize that our integrated solution will add value to their SAN by simplifying installation and ensuring reliable operation," says Holladay. "Every business wants to save money but cost cutting should not be done at the expense of workflow efficiency or the quality of the end product"
HUGE SYSTEMS
"If you understand the fine points of Fibre Channel and Gigabit Ethernet, it becomes clear that Gigabit Ethernet is the better solution to people's file sharing problems:' says Mike Anderson, chief engineer for Huge Systems (www.hugesystems.com) in Agoura Hills, CA."When Gigabit Ethernet is employed for file sharing on a network it qualifies as a 'SAN."' Anderson says that widely-held perceptions about Gigabit Ethernet are no longer true.
Nowhere is the need for speed more insatiable than the high end where editing high definition (HD) video is pushing the limits of network bandwidth and storage. There's a growing demand to network resolution-independent finishing systems (by such companies as Discreet and Quantel) to form collaborative workgroups" where multiple editors have simultaneous, realtime access to near-film resolution video in central repositories.
The conventional wisdom is that only Fibre Channel (now 2Gbps), configured as a SAN (Storage Area Network), is up to this daunting challenge--making up to 400MBps of data available to each network client without bottlenecks.
But because Fibre Channel is such a huge capital expense, it's often deployed judiciously, only to those workstations that require ultra-high-bandwidth for the most demanding realtime editorial. Unable to cost-justify Fibre Channel, the desktop NLE market--especially those working with non-realtime or compressed video--is finding Gigabit Ethernet (I Gbps) to be a better frt. At one-fifth the cost of Fibre Channel, Gig-E" has reached a point where its price performance makes it a compelling alternative for a tight budget.
And, what about facilities that have say four high-end finishing stations and maybe six low-end desktop systems, all of which need to share the same data, but Fibre Channel is too costly to connect them all? Well, an interesting option has emerged called SCSI, a newly adopted standard (not to be confused with SCSI or Ultra-SCSI) that will play a significant role in a growing trend called "IP SANs." IP (Internet Protocol) relates to the TCP/IP protocol central to standard networks like Gigabit Ethernet.
iSCSI routers, which have a Fibre Channel front-end and a Gigabit Ethernet back-end, are a hybrid solution bridging the Fibre Channel SAN with the Gigabit Ethernet workgroup to form one network on which anyone can share the same data, albeit at different data rates.
So, the controversy over whether to network NLEs with Fibre Channel or Gigabit Ethernet - or a combination of both with iSCSI--is only going to grow since hardware prices are falling while performance is rising dramatically. The vendors we canvassed have divergent views as to which approach is best suited to collaborative workgroups, from HD to DV, now and tomorrow.
STUDIO NETWORK SOLUTIONS
"Only Fibre Channel guarantees high performance to every workstation on the network no matter how many users access the data at the same time," says Gary Holladay, chief systems design engineer for Studio Network Solutions (SNS) in St Louis.
"While Gigabit Ethernet is a switched network it's a shared bandwidth environment," explains Holladay. "So, the more users 'hitting the switch' at once, the lower the bandwidth available to each client on the network Because Gigabit Ethernet is hampered by the overhead of TCP/IP processing, it's not sufficient to support several workstations requiring 170MBps for high-end video editing, especially with realtime effects.
"When several editors need to work on the same HD content simultaneously, the only way to guarantee that throughput to every client on the network is by using 2Gbps Fibre Channel, Below that HD benchmark, 1Gbps Fibre Channel is ideal for the demands of standard 601 editing," he adds.
"At SNS, we push the Fibre Channel hardware even further by optimizing the [Seagate] drives, and customizing the HBAs [Host Bus Adapters] for more streamlined, powerful and reliable SAN environments."
At NAB, SNS (wwwstudionetworksolutions.com) introduced SANmp Management and Sharing Software, which facilitates greater interoperability when sharing media between Windows and Mac OS platforms. When used with SNS's A/V SAN Pro, a SAN that scales from three to over 64 seats with up to 400MBps sustained throughput, users derive a multiplatform environment, SNS also offers A/V SAN, a two-user configuration--which, in addition to the A/V SAN Pro, was used by Grammy Award-winning music engineer David Gleeson in the editing, mixing, and recording of the music score for The Lord of the Rings: The Two Towers.
"Our customer base has grown largely by word of mouth. By seeing what we've done for others, people recognize that our integrated solution will add value to their SAN by simplifying installation and ensuring reliable operation," says Holladay. "Every business wants to save money but cost cutting should not be done at the expense of workflow efficiency or the quality of the end product"
HUGE SYSTEMS
"If you understand the fine points of Fibre Channel and Gigabit Ethernet, it becomes clear that Gigabit Ethernet is the better solution to people's file sharing problems:' says Mike Anderson, chief engineer for Huge Systems (www.hugesystems.com) in Agoura Hills, CA."When Gigabit Ethernet is employed for file sharing on a network it qualifies as a 'SAN."' Anderson says that widely-held perceptions about Gigabit Ethernet are no longer true.
Travelocity's flight to open systems
CTO Barry Vandevier trusts Linux to keep Travelocity's renowned extended enterprise aloft.
The extended enterprise concept is as old as networking itself and as young as e-commerce. Few companies typify that old/young dichotomy better than Travelocity, the Internet child of Sabre Holdings - granddaddy of extended enterprises.
In Travelocity's seven-plus years of operation, it expertly has piloted the e-business skies, serving millions of customers with connections to thousands of hoteliers, airlines, car rental agencies and other travel suppliers.
Its Merchant Program, just one instance of its e-business architecture, already represents more than 7,500 hotels one year after its launch. With this program,which increased by 3,000 partners from June to September 2003 alone, Travelocity behaves like a hoteliers own Web site.Via exclusive contracts negotiated between Travelocity and the hoteliers, the site taps into the hoteliers' central reservation systems (CRS) and carts out the lowest rates and real-time availability This is in addition to the 55,000 hotels that Travelocity sells via the Sabre system (the same data accessible by all travel agencies using Sabre).
CTO Barry Vandevier, one of Travelocity's early site developers and a member of Sabre's IT team before that,became CTO in October 2002. He describes his passion for open source tools and shares his thinking on Web services, security and site management in an interview with Julie Bort, executive editor for Network World's Signature Series.From an IT standpoint, describe your relationship with Sabre.
We have separate IT organizations. We focus on the Travelocity site, Sabre on the infrastructure, but we collaborate heavily on a constant basis building out our projects. For instance, the Hotel Merchant product that [Travelocity has], we built together.The Total Trip product that we released in June, where we are packaging our hotel and air products together, was a combined product between Travelocity and Sabre.
Tell me a bit about Travelocity's architecture.
We are migrating to a new architecture, from our original system built on C++, running on Unix SGI. We are migrating to an open source Java platform running on Linux.Total Trip is running on the new architecture, as is some other functionality. We'll continue migrating over the next several months [for completion] next year.
Why Linux?
We want to improve our flexibility and really decrease our time to market.The system we run for some of our older products is great, but from a total-cost-of-ownership perspective, Linux was just a very good ROI.
We're a big fan of open source, from total cost of ownership and from the sharing/collaboration [creation processes], using tools developed by other people and having [easy access] to other people who have experience with them. We're using Tomcat, Struts, Linux, JUnit, as well as some off-the-shelf products, like [IBM's] Rational Rose and [JetBrains'] IntelliJ, for our [Java] development environment (see graphic, below).
Tell me about Travelocity's Merchant Program. What infrastructure was needed to enable direct connectivity to the hoteliers' CRS?
We took advantage of existing Sabre connectivity to 55,000 hotels' CRS to really improve our suppliers' ability to update rates and inventories on our system. We partnered with Sabre and built interfaces to [Sabre's] Merchant platform through XML services.
You say XML services. You don't consider the connectivity between the Travelocity and Sabre Merchant systems to be Web services?
I would actually But because that was built a while back, we are working on a much more robust gateway, right now, with Sabre. This is Sabre's Universal Services Gateway which gives us access to Sabre capabilities via Web services.
So the current, XML services don't have all the latest fancy things, like UDDI, etc., I would guess?
That is correct.
What then is your opinion of Web services?
Web services are a big key for us for the future, to improve flexibility and changes between [us and our] partners. Web services will enhance our suppliers' connectivity, so making changes or adding content will be much faster for both parties.
What advice can you offer for security?
Security has got to be top of the mind. We have a full-time security officer. We also work a lot with Sabre security, and we involve security at the beginning of every one of our projects. We walk through a set of security questions so that we get our technical leads thinking about the subject. Any profile or customer data has to be heavily encrypted. Anything [sensitive] we store in any servers or database has to be encrypted. We never send, for instance, credit card data through the customer's [user interface], we only do the last four digits.
The extended enterprise concept is as old as networking itself and as young as e-commerce. Few companies typify that old/young dichotomy better than Travelocity, the Internet child of Sabre Holdings - granddaddy of extended enterprises.
In Travelocity's seven-plus years of operation, it expertly has piloted the e-business skies, serving millions of customers with connections to thousands of hoteliers, airlines, car rental agencies and other travel suppliers.
Its Merchant Program, just one instance of its e-business architecture, already represents more than 7,500 hotels one year after its launch. With this program,which increased by 3,000 partners from June to September 2003 alone, Travelocity behaves like a hoteliers own Web site.Via exclusive contracts negotiated between Travelocity and the hoteliers, the site taps into the hoteliers' central reservation systems (CRS) and carts out the lowest rates and real-time availability This is in addition to the 55,000 hotels that Travelocity sells via the Sabre system (the same data accessible by all travel agencies using Sabre).
CTO Barry Vandevier, one of Travelocity's early site developers and a member of Sabre's IT team before that,became CTO in October 2002. He describes his passion for open source tools and shares his thinking on Web services, security and site management in an interview with Julie Bort, executive editor for Network World's Signature Series.From an IT standpoint, describe your relationship with Sabre.
We have separate IT organizations. We focus on the Travelocity site, Sabre on the infrastructure, but we collaborate heavily on a constant basis building out our projects. For instance, the Hotel Merchant product that [Travelocity has], we built together.The Total Trip product that we released in June, where we are packaging our hotel and air products together, was a combined product between Travelocity and Sabre.
Tell me a bit about Travelocity's architecture.
We are migrating to a new architecture, from our original system built on C++, running on Unix SGI. We are migrating to an open source Java platform running on Linux.Total Trip is running on the new architecture, as is some other functionality. We'll continue migrating over the next several months [for completion] next year.
Why Linux?
We want to improve our flexibility and really decrease our time to market.The system we run for some of our older products is great, but from a total-cost-of-ownership perspective, Linux was just a very good ROI.
We're a big fan of open source, from total cost of ownership and from the sharing/collaboration [creation processes], using tools developed by other people and having [easy access] to other people who have experience with them. We're using Tomcat, Struts, Linux, JUnit, as well as some off-the-shelf products, like [IBM's] Rational Rose and [JetBrains'] IntelliJ, for our [Java] development environment (see graphic, below).
Tell me about Travelocity's Merchant Program. What infrastructure was needed to enable direct connectivity to the hoteliers' CRS?
We took advantage of existing Sabre connectivity to 55,000 hotels' CRS to really improve our suppliers' ability to update rates and inventories on our system. We partnered with Sabre and built interfaces to [Sabre's] Merchant platform through XML services.
You say XML services. You don't consider the connectivity between the Travelocity and Sabre Merchant systems to be Web services?
I would actually But because that was built a while back, we are working on a much more robust gateway, right now, with Sabre. This is Sabre's Universal Services Gateway which gives us access to Sabre capabilities via Web services.
So the current, XML services don't have all the latest fancy things, like UDDI, etc., I would guess?
That is correct.
What then is your opinion of Web services?
Web services are a big key for us for the future, to improve flexibility and changes between [us and our] partners. Web services will enhance our suppliers' connectivity, so making changes or adding content will be much faster for both parties.
What advice can you offer for security?
Security has got to be top of the mind. We have a full-time security officer. We also work a lot with Sabre security, and we involve security at the beginning of every one of our projects. We walk through a set of security questions so that we get our technical leads thinking about the subject. Any profile or customer data has to be heavily encrypted. Anything [sensitive] we store in any servers or database has to be encrypted. We never send, for instance, credit card data through the customer's [user interface], we only do the last four digits.
Wednesday, April 04, 2007
Hitachi Data Systems extends storage connectivity options with new iSCSI solution - along with McData
Hitachi Data Systems, a wholly-owned subsidiary of Hitachi, Ltd. (NYSE:HIT), has announced that it has partnered with McDATA, the expert provider of multi-capable storage networking solutions, to offer small-and medium-sized enterprises a cost-effective alternative for storage area networking, the Hitachi TrueNorth iSCSI SAN Solution.
Small-and medium-sized enterprises can realize the many benefits of networked storage such as storage consolidation, improved capacity utilization, centralized backup, security and unified storage management, while lowering total cost of ownership by leveraging a customer's IP infrastructure. In addition, the solution has been tested with Microsoft's native iSCSI drivers making this a perfect fit for Windows environments.
Providing a lower-cost alternative to Fibre Channel SANs, the new solution from Hitachi Data Systems and McDATA includes the Hitachi Thunder 9570V modular storage system, the McDATA Eclipse 1620 SAN internetworking switch, and enablement services.The Hitachi TrueNorth iSCSI SAN Solution reinforces our strategy of providing a range of connectivity options that address customers' needs for performance and availability at an affordable price," said Scott Genereux, Vice President, Global Marketing & Business Development, Hitachi Data Systems. "Our new iSCSI solution provides an alternative for customers who have been priced out of the SAN market by the high cost of Fibre Channel. Our partnership with McDATA has enabled us to bring this solution to market quickly with a combination of products and services that allows customers to rapidly and cost-effectively achieve the benefits of networked storage."
"As the need for access to information continues to grow, McDATA is committed to providing best-of-breed reliable solutions through partnerships with industry leaders," said Mike Gustafson, Senior Vice President of Worldwide Marketing, McDATA. "iSCSI allows customers to realize the benefits of a SAN at a lower entry cost, and McDATA is pleased to work with Hitachi Data Systems to make this exciting technology widely available to the market."
The iSCSI SAN Solution is the first offering available as part of Hitachi Data Systems' iSCSI strategy. This approach will build on the existing TrueNorth open and collaborative business model to over time deliver a range of iSCSI solutions for both the SME and enterprise market that will be complementary to the existing Freedom Data Networks SAN and NAS portfolio from Hitachi Data Systems. Additional iSCSI offerings will be announced in 2004.
Small-and medium-sized enterprises can realize the many benefits of networked storage such as storage consolidation, improved capacity utilization, centralized backup, security and unified storage management, while lowering total cost of ownership by leveraging a customer's IP infrastructure. In addition, the solution has been tested with Microsoft's native iSCSI drivers making this a perfect fit for Windows environments.
Providing a lower-cost alternative to Fibre Channel SANs, the new solution from Hitachi Data Systems and McDATA includes the Hitachi Thunder 9570V modular storage system, the McDATA Eclipse 1620 SAN internetworking switch, and enablement services.The Hitachi TrueNorth iSCSI SAN Solution reinforces our strategy of providing a range of connectivity options that address customers' needs for performance and availability at an affordable price," said Scott Genereux, Vice President, Global Marketing & Business Development, Hitachi Data Systems. "Our new iSCSI solution provides an alternative for customers who have been priced out of the SAN market by the high cost of Fibre Channel. Our partnership with McDATA has enabled us to bring this solution to market quickly with a combination of products and services that allows customers to rapidly and cost-effectively achieve the benefits of networked storage."
"As the need for access to information continues to grow, McDATA is committed to providing best-of-breed reliable solutions through partnerships with industry leaders," said Mike Gustafson, Senior Vice President of Worldwide Marketing, McDATA. "iSCSI allows customers to realize the benefits of a SAN at a lower entry cost, and McDATA is pleased to work with Hitachi Data Systems to make this exciting technology widely available to the market."
The iSCSI SAN Solution is the first offering available as part of Hitachi Data Systems' iSCSI strategy. This approach will build on the existing TrueNorth open and collaborative business model to over time deliver a range of iSCSI solutions for both the SME and enterprise market that will be complementary to the existing Freedom Data Networks SAN and NAS portfolio from Hitachi Data Systems. Additional iSCSI offerings will be announced in 2004.
Networking Recovery Imminent, Says Analyst
While most analysts predict continued gloom for the hi-tech and telecoms markets, one networking expert is convinced of an economic boost as early as this autumn.
Venture capitalists (VCs) are beginning to funnel money into network infrastructure companies, as the technologies compensate for the internet's IP shortcomings which were blamed for the hi-tech sector's economic difficulties.
Will Cappelli, research fellow for network management at Giga Information Group, is convinced that this kind of investment will lift the sector's overall economic performance.
"Even small investments at deep infrastructure level have an exponential effect further up," he said. "Money is still flowing, but it is targeted at critical infrastructure areas that will enable IP to become a business-class platform."
Cappelli predicted the downturn late last year, and said it happened so quickly that companies disappeared overnight. It left VCs with little time to take their money out and vast investments remained in the technology sector. Now they are streamlining their portfolios.VCs reasoned: 'Let's clean out and reinvest in the companies that have survived so far'. They pulled money out of dotcoms and targeted infrastructure companies, such as optical layer, internet QoS and operation support systems (OSS)," he said.
Cappelli is confident in spite of recent disappointing results from OSS companies Lucent, Nortel and Cisco. He blamed Lucent's decline on bad management and its rebranding of vendor-independent technologies into Lucent products. Nortel, he said, suffered from some "dodgy technology choices", while Cisco products were too specific.
But Peter Sommer, research fellow at the London School of Economics, was sceptical. He detected no great cause for optimism as the technology sector is tied into the global economy as a whole. He does not expect an upturn until next spring at the earliest.
Venture capitalists (VCs) are beginning to funnel money into network infrastructure companies, as the technologies compensate for the internet's IP shortcomings which were blamed for the hi-tech sector's economic difficulties.
Will Cappelli, research fellow for network management at Giga Information Group, is convinced that this kind of investment will lift the sector's overall economic performance.
"Even small investments at deep infrastructure level have an exponential effect further up," he said. "Money is still flowing, but it is targeted at critical infrastructure areas that will enable IP to become a business-class platform."
Cappelli predicted the downturn late last year, and said it happened so quickly that companies disappeared overnight. It left VCs with little time to take their money out and vast investments remained in the technology sector. Now they are streamlining their portfolios.VCs reasoned: 'Let's clean out and reinvest in the companies that have survived so far'. They pulled money out of dotcoms and targeted infrastructure companies, such as optical layer, internet QoS and operation support systems (OSS)," he said.
Cappelli is confident in spite of recent disappointing results from OSS companies Lucent, Nortel and Cisco. He blamed Lucent's decline on bad management and its rebranding of vendor-independent technologies into Lucent products. Nortel, he said, suffered from some "dodgy technology choices", while Cisco products were too specific.
But Peter Sommer, research fellow at the London School of Economics, was sceptical. He detected no great cause for optimism as the technology sector is tied into the global economy as a whole. He does not expect an upturn until next spring at the earliest.
It's 2003: do you know where your data is? The government is enforcing strict new guidelines on archived data. Is your company complying? - Storage Ne
In an era of diminishing trust and public skepticism, regulations are being enforced with greater vigor to enable regulatory authorities to accurately reconstruct past processes and events from electronic records. These sweeping initiatives are being targeted throughout the economy, with some regulations focusing on securities, broker-dealers, pharmaceutical companies, healthcare organizations, major manufacturers and public corporations with more than $75 million in market capitalization.
Legislation now requires many of these U.S. organizations to retain certain records in a way that prevents them from being erased or modified for substantial time periods, sometimes 30 years or more. Steps must also be taken to prevent records from being accessed by those without authorization. Some of these regulations, like those based on the Sarbanes-Oxley law, are new. Others, such as SEC regulations applying to broker-dealers, have existed in one form or another since the 1930s. However, the common themes are broader regulatory purview over more types of records and substantially strengthened enforcement. The main thrust behind strengthened records-retention regulations is the government's desire to maintain an exact record of past activities in order to improve corporate governance, protect investors, enhance national security, ensure the safety of new drugs or medical devices, and modernize medical care, while protecting patient privacy. As a result of some widely publicized Wall Street scandals, the SEC is now enforcing its Rule 17a--originally written in the 1930s--much more aggressively. The use of electronic communication in business has exploded, and brokerage houses are now heavily reliant on e-mail, instant messaging and electronic forms (tickets, statements, approvals, etc.) than before. The SEC now requires the retention of all electronic client communications and many other brokerage records on non-erasable, non-rewritable media (also known as write-once/read-many or "WORM" media). Additionally, the SEC is demanding increasingly rapid responses to more frequent and broader requests for information. A recent enforcement example of the new regulatory reality for broker/dealers is the $8.25 million fine levied on five Wall Street firms in December 2002 for failure to retain regulated e-mails for the proper amount of time. Other firms have been fined or forced to pay large fees because they were unable to find and recover archived e-mails from tapes in a timely fashion.
Healthcare
The Health Insurance Portability and Accountability Act of 1996 (HIPAA), whose privacy rules came into effect April 14, 2003 (with more rules to follow), is designed to improve the efficiency of healthcare through improved access to patient records while simultaneously protecting patient privacy. The government's position is that the quality of medical care can be improved through rapid online access to patient records, but that strong protections must be in place to guard against malfeasance and misuse of confidential patient data. While HIPAA does not mandate how data is stored, the requirements are effectively forcing healthcare payer/providers (hospitals, insurance companies and HMOs) to manage all patient records electronically using secure systems and secure media.
Life Sciences and Pharmaceutical Industries
Federal regulation 21 CFR Part 11 is designed to streamline the process that brings drugs to market, a major interest of the Bush administration. The goal is a well-designed, well-managed flow of information about drug development, testing and batch manufacturing so that the accelerated path from discovery to market will be simultaneously fast and safe--not to mention well-documented. Rigorous records retention is essential to both verify each drug has been thoroughly tested before approval and to ensure a proper investigation should something go wrong with a drug. Since most pharmaceutical companies also maintain clinical trials data, they must also carefully guard the privacy of such data for HIPAA compliance. Enforcement of 21CFR Part 11 has been temporarily suspended because drug companies objected that it was applied too broadly and that compliance was too unwieldy. The government is now recasting the regulation to make it more specific, but it's clear that the regulation will still require careful retention and safeguarding of records for many years.
Corporate Financial Statements
Congress passed the Sarbanes-Oxley Act in response to a series of major corporate financial scandals where C-level executives claimed that they were not accountable for--or even not aware of--faulty financial statements. The new legislation, which affects U.S. public companies with more than $75 million in equity market capitalization and quarterly reporting requirements to the SEC, specifies that CEOs and CFOs must personally certify financial statements as accurate, under penalty of jail time. Additionally, "all audit or review workpapers" must be retained for five years from the end of the corresponding fiscal period. Sarbanes-Oxley specifies significant criminal penalties for "whoever knowingly alters, destroy, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object." Although open to interpretation, such wording implies great care as to how records associated with the production of financial statements are archived.
Legislation now requires many of these U.S. organizations to retain certain records in a way that prevents them from being erased or modified for substantial time periods, sometimes 30 years or more. Steps must also be taken to prevent records from being accessed by those without authorization. Some of these regulations, like those based on the Sarbanes-Oxley law, are new. Others, such as SEC regulations applying to broker-dealers, have existed in one form or another since the 1930s. However, the common themes are broader regulatory purview over more types of records and substantially strengthened enforcement. The main thrust behind strengthened records-retention regulations is the government's desire to maintain an exact record of past activities in order to improve corporate governance, protect investors, enhance national security, ensure the safety of new drugs or medical devices, and modernize medical care, while protecting patient privacy. As a result of some widely publicized Wall Street scandals, the SEC is now enforcing its Rule 17a--originally written in the 1930s--much more aggressively. The use of electronic communication in business has exploded, and brokerage houses are now heavily reliant on e-mail, instant messaging and electronic forms (tickets, statements, approvals, etc.) than before. The SEC now requires the retention of all electronic client communications and many other brokerage records on non-erasable, non-rewritable media (also known as write-once/read-many or "WORM" media). Additionally, the SEC is demanding increasingly rapid responses to more frequent and broader requests for information. A recent enforcement example of the new regulatory reality for broker/dealers is the $8.25 million fine levied on five Wall Street firms in December 2002 for failure to retain regulated e-mails for the proper amount of time. Other firms have been fined or forced to pay large fees because they were unable to find and recover archived e-mails from tapes in a timely fashion.
Healthcare
The Health Insurance Portability and Accountability Act of 1996 (HIPAA), whose privacy rules came into effect April 14, 2003 (with more rules to follow), is designed to improve the efficiency of healthcare through improved access to patient records while simultaneously protecting patient privacy. The government's position is that the quality of medical care can be improved through rapid online access to patient records, but that strong protections must be in place to guard against malfeasance and misuse of confidential patient data. While HIPAA does not mandate how data is stored, the requirements are effectively forcing healthcare payer/providers (hospitals, insurance companies and HMOs) to manage all patient records electronically using secure systems and secure media.
Life Sciences and Pharmaceutical Industries
Federal regulation 21 CFR Part 11 is designed to streamline the process that brings drugs to market, a major interest of the Bush administration. The goal is a well-designed, well-managed flow of information about drug development, testing and batch manufacturing so that the accelerated path from discovery to market will be simultaneously fast and safe--not to mention well-documented. Rigorous records retention is essential to both verify each drug has been thoroughly tested before approval and to ensure a proper investigation should something go wrong with a drug. Since most pharmaceutical companies also maintain clinical trials data, they must also carefully guard the privacy of such data for HIPAA compliance. Enforcement of 21CFR Part 11 has been temporarily suspended because drug companies objected that it was applied too broadly and that compliance was too unwieldy. The government is now recasting the regulation to make it more specific, but it's clear that the regulation will still require careful retention and safeguarding of records for many years.
Corporate Financial Statements
Congress passed the Sarbanes-Oxley Act in response to a series of major corporate financial scandals where C-level executives claimed that they were not accountable for--or even not aware of--faulty financial statements. The new legislation, which affects U.S. public companies with more than $75 million in equity market capitalization and quarterly reporting requirements to the SEC, specifies that CEOs and CFOs must personally certify financial statements as accurate, under penalty of jail time. Additionally, "all audit or review workpapers" must be retained for five years from the end of the corresponding fiscal period. Sarbanes-Oxley specifies significant criminal penalties for "whoever knowingly alters, destroy, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object." Although open to interpretation, such wording implies great care as to how records associated with the production of financial statements are archived.
and Controlware Communications Systems announce strategic partnership - International - Partnership between Atrica Inc. and Controlware Communications
Atrica, a provider of Optical Ethernet equipment for the rapidly expanding Metro networking market, and Controlware Communications Systems, one of Europe's largest and most experienced Systems Integrators, announced a strategic partnership.
Under the terms of the agreement, which combines the strength of Attica's Optical Ethernet Systems with Controlware's world-class reputation and global presence, Controlware will provide local
Systems Integration services to Metro carders as they deploy Atrica's proven solutions.
In addition to supporting joint customers as they deploy Atrica's Carrier-class solutions, the two industry leaders will work together to identify and pursue joint Metro networking opportunities in Europe. Demonstrating increasing market support for utilizing Ethernet to solve metro carriers' business and technical challenges, this agreement represents Controlware's entry into the Optical Ethernet marketplace. Working with Atrica, Controlware will leverage its comprehensive knowledge of local markets to provide fulfillment and delivery services as well as second level support to Metro carriers as they build-out, expand, and/or upgrade their telecommunications infrastructures with Optical Ethernet technology.
The first solutions purpose-built for next generation Metro networks, Attica's Optical Ethernet Systems meld Ethernet with optical switching and networking technology and combine this with Carrier-class traffic engineering capabilities to enable carriers to dramatically simplify their Metro network operations, significantly reduce their capital and operational expenditures, and scale their networks to deliver advanced, profitable Ethernet-based services.Atrica's Optical Ethernet Systems were designed to supply significantly better price/ performance than SDH/SONET-based equipment, and to deliver Carrier-class attributes such as guaranteed service level agreements (SLAs), sub-50 millisecond resiliency, integration with circuit switched networks, Ethernet Circuit Emulation Services (CES) for support of TDM traffic, and point-and-click OAM&P.
Under the terms of the agreement, which combines the strength of Attica's Optical Ethernet Systems with Controlware's world-class reputation and global presence, Controlware will provide local
Systems Integration services to Metro carders as they deploy Atrica's proven solutions.
In addition to supporting joint customers as they deploy Atrica's Carrier-class solutions, the two industry leaders will work together to identify and pursue joint Metro networking opportunities in Europe. Demonstrating increasing market support for utilizing Ethernet to solve metro carriers' business and technical challenges, this agreement represents Controlware's entry into the Optical Ethernet marketplace. Working with Atrica, Controlware will leverage its comprehensive knowledge of local markets to provide fulfillment and delivery services as well as second level support to Metro carriers as they build-out, expand, and/or upgrade their telecommunications infrastructures with Optical Ethernet technology.
The first solutions purpose-built for next generation Metro networks, Attica's Optical Ethernet Systems meld Ethernet with optical switching and networking technology and combine this with Carrier-class traffic engineering capabilities to enable carriers to dramatically simplify their Metro network operations, significantly reduce their capital and operational expenditures, and scale their networks to deliver advanced, profitable Ethernet-based services.Atrica's Optical Ethernet Systems were designed to supply significantly better price/ performance than SDH/SONET-based equipment, and to deliver Carrier-class attributes such as guaranteed service level agreements (SLAs), sub-50 millisecond resiliency, integration with circuit switched networks, Ethernet Circuit Emulation Services (CES) for support of TDM traffic, and point-and-click OAM&P.
Subscribe to:
Posts (Atom)