April 01, 2005
April 30, 2005
High doofynition
By
Mike DeMaria
at 11:58 AM
Networld-Interop is just a couple dozen hours away. One thing I'm quite interested in is High Definition video conferencing. This is regular video conferencing, but in Hi-Def, like TV. A number of vendors have recently announced this feature, although I'm wondering if it's really useful.
When I think of video conferencing and reasons for people's reluctance to use it, high definition isn't on my list. I haven't even been sold on HDTV yet. I've noticed that no store or location promoting HDTV has done a side by side. What I want is a demonstration where a HDTV is on the left, and a standard TV of similar quality (a mid-level HDTV vs mid-level traditional TV) is on the right, and I can see the difference. I'm hoping a vendor at N+I will do that demo.
Posted here at 11:58 AM in Convergence
Comment on this blog entry
April 29, 2005
XML and Viruses
By
Lori MacVittie
at 06:25 PM
I have been assured by our very own security gurus that the plural of virus is viruses, not virii, so no comments are necessary on the subject, okay?
Apparently April 25th was the day for viruses everywhere to fear XML security vendors. That was the day Forum Systems announced its plans to integrate Computer Associates' eTrust Anti-Virus capabilities into its XWall product and apparently it was also the day that Layer 7 announced it already had such a capability from Symantec integrated into its SecureSpan gateways.
I say apparently because although the press release is dated April 25th, it was routed across the ether and either took a left turn in Albequerque or stopped for a drink in Vegas because it didn't turn up in my inbox until yesterday, the 28th. (No, I'm not bitter at all about it, thanks for asking)
In any case, this is a great move by newcomer Layer 7 and it makes me wonder when the rest of the pack will follow the lead of Layer 7 and Forum Systems. There's a definite hole in the perimeter defenses when it comes to XML and Web Services and it's just a matter of time before it becomes a verifiable threat to the enterprise without proactive moves like integrating anti-virus scanning into the XML defense layer.
As deployment of SOAP 1.2 Web services grows, I'd expect to see a growth in attachments to SOAP messages floating around out there. And any protocol that carries along binary baggage whose contents can't be verified is a potential threat that needs to be contained.
Posted here at 06:25 PM in Enterprise Applications
Comment on this blog entry
Food Pyramid Leaves Users Hungry
By
twilson
at 02:38 PM
The U.S. Department of Agriculture published its new "food pyramid" earlier this week, a revolutionary guideline for eating that lets people customize the data to fit their age, body type and activity level. There was one little problem with the unveiling, though: the USDA Web site was almost completely inaccessible for the first 72 hours of its online life.The new food pyramid site logged 160 million hits in its first three days, 20 percent of them from outside the country. The rush of traffic completely overloaded the site's servers, leaving users unable to access the new data until additional server could be added nearly 72 hours after the site's debut. (see http://www.washingtonpost.com/wp-dyn/content/article/
2005/04/25/AR2005042501162.html) The USDA's glitch is another in a long line of Web site failures that have occurred in the last decade due to poor capacity planning by site creators. The publication of Kenneth Starr's report on President Clinton's sexual activities with Monica Lewinsky brought two government sites to a standstill for several days. Major news sites were routinely brought down by major events in the early days of online news reporting. My favorite is Victoria's Secret, which advertised a streaming video lingerie show following the Super Bowl one year -- and site operators were surprised when the site failed due to a traffic overload. The fact is that there is simply no excuse for such overloads in today's technology environment. Load balancing technology is as good as it has ever been. There are numerous Web hosting services that are only too happy to provide overload capacity for highly active sites. Performance management monitoring and trending tools provide solid predictions on future traffic loads. The USDA was simply too shortsighted -- or too cheap -- to take advantage of these technologies. And, sadly, it likely won't be the last enterprise to make that mistake.
Posted here at 02:38 PM in Business Strategy
Comment on this blog entry
April 28, 2005
Trend Micro Forgets the Basics
By
twilson
at 04:21 PM
Antivirus software vendor Trend Micro over the weekend made a huge blunder when it published an update of its software that was incompatible with Windows XP SP2. The update was downloaded to thousands of Windows PCs, which promptly crashed or slowed to a crawl, forcing hundreds of IT people to come in on the weekend to fix the problem.
The update was available only for about 90 minutes, affecting mostly users in Japan, and a repaired version has been made available. But it will take a long time for Trend Micro to recover from the embarrassment of issuing a faulty release, especially just two months after the company conceded that a flaw in its antivirus apps could be exploited to help spread an infection. The moral of Trend Micro's story is simple: you've got to test, test, test. Whether you are a software vendor or an IT department distributing software to users, your business depends on getting it to work right the first time. If you don't have the test environment you need, you should look to software packaging and testing tool vendors, such as Altiris' Wise subsidiary, to help with staged trials of your applications. This sort of testing isn't a luxury -- it's a business necessity.
Posted here at 04:21 PM in Business Strategy
Comment on this blog entry
April 26, 2005
The Smartphone versus the Feature Phone
By
Peter Rysavy
at 04:14 PM
It’s clear that our mobile phones are powerful computers with tremendous capability. The question is how to apply all of this capability to satisfy users. Do people want general-purpose mobile computing platforms onto which they can download all kinds of applications? If so, they want a smartphone, with Symbian, PalmSource and Microsoft being the leading OS providers. New research data from Canalys (http://www.canalys.com/) released today shows Nokia, using the Symbian OS, the device leader in this category with 50% of the smart mobile device market. Total 2005 Q1 shipments were close to 11 million devices, a small percentage of total mobile phone sales, but still a very large, rapidly growing market. However, the real action right now is in phones that use their computing power for specific functions of interest to consumers, such as taking pictures. Some people call these feature phones. Here the numbers are much higher. Strategy Analytics (http://www.strategyanalytics.net/Default.aspx) earlier this month reported a huge 257 million camera phones sold in 2004, compared to 68 million digital cameras. The next big thing for phones in my view: integrated music players that will come close to matching the capabilities of an iPod.
Posted here at 04:14 PM in Wireless
Comment on this blog entry
Domain Email Spoofing
By
hmetatek
at 04:11 PM
Has anyone else out there in IT corporate world had your company domain spoofed in s-p-a-m emails? Then you get the tons of bounces if you have a catchall address set up. Somebody has been using the ACME email domain for their s-p-a-m-i-t-y s-p-a-m s-p-a-m campaigns for a few weeks now and we started getting tons of bounces due to the thousands of invalid addresses they have in their blasts. Please read on..... (I might be able to use your help).
Continue reading "Domain Email Spoofing"
Posted here at 04:11 PM in Reality IT
Comment on this blog entry
Vendor Swag
By
hmetatek
at 03:03 PM
I had to use the term "swag" since I didn't know how to spell tchotchy (and I still don't). Today I received a postcard today from a vendor of some network product I never heard of and they offer a change to win a t-shirt if you attend their presentation at Networld+Interop. Wow, a chance to win a t-shirt! Oh how the vendor give-a-ways have changed.
Also -- am I the only one getting tired of presentations/registrations that offer a chance to win an iPod? Vendors giving away items must account for 10% of all iPod sales.
I just got back from a few tech events and I only saw one vendor with t-shirts to give away actually. I did get these various items (saves me a ton in trip gifts for the kids): beanie type stuffed animal dog, beach ball (suitable for inflation), some rubix cube ripoff, battery powered light-up pen (for taking notes in meetings with the lights off I assume), a small squishy football (again maybe for use in meetings), a balsa wood toy airplane, a squisky penguin (some Linux vendor), and the usual mix of pens/pads. I also was given a nifty multi-purpose tool which the security scanning wonks promptly took from me upon arrival at the airport.
The t-shirt I did get was good, my other vendor ones are getting thread-bare. This one I gave to my wife as part of my anniversary gift as a gag, it was from an online backup vendor and the text says "Once a Night Is Not Enough". She was not amused.
Posted here at 03:03 PM in Reality IT
Comment on this blog entry
April 25, 2005
Taking Action against Attacks
By
at 10:34 PM
How far should we go in defending our networks? Is it enough to stiffen our defenses and patch vulnerabilities, or should we actively pursue (through legal means, of course) those who work to usurp network resources and steal information? For a growing number of organizations, strengthening the bulwarks is no longer enough--it's time to treat network attackers like criminals.
In the course of the last week, I've had three separate conversations on this topic. One was with the executive director of a new organization called CIDDAC. They're trying to gather the data that law enforcement will require to go after phishing, re-direction, and other attacks. The other two conversations were with executives at Microsoft. The two, coming from different aspects of the security whole, had different takes on what their customers and partners were doing towards actively pursuing the attackers.
I think that we're going to hear more and more about companies and organizations teaming with law enforcement to pursue those who attack networks and customers. Take a listen to the podcast and let me know what you think.
Posted here at 10:34 PM in Security
Comment on this blog entry
A good book for beginners and something for everyone.
By
Don MacVittie
at 12:13 PM
Okay, I won't do this too often, and you'll never see a "brand new" book here, but every once in a while I get my hands on a book that is worthy of recommending to you.
Why won't I do it too often or on a "brand new" book? Because I actually read them before I recommend them - and I read them only when I have time.
With that said, if you're new to storage networking, or you've focused in on one area and want a good overview that actually has meaty bits, then I have to recommend "Storage Networking Fundamentals" by Marc Farley and published by Cisco Press.
In the past my experiences with Cisco Press were limited to Cisco certification guides, which while in-depth tend to be very focused on their topic - Cisco gear. This book is not in any way Cisco-specific, and it takes you from disk to networks to virtualization to replication, all done well.
If I had a single complaint about the book, it would be that backups - the thing that most readers can be expected to have a familiarity with - are pushed back into the second half of the book.
Otherwise, if you want to learn about storage and your storage environment, this is the book to get you going. When I recruit new freelancers that are familiar with the space but not in-depth storage gurus, this is where I will send them to get their feet wet.
I'm no slouch in the storage networking space, and there were a few things that I learned in the book. 'nough said.
I don't have any other books laying around, but when something comes up that's worth your time I'll post it here.
Posted here at 12:13 PM in Storage and Servers
Comment on this blog entry
Kraft Macaroni & Cheese -- Now with SPAM
By
Tom LaSusa
at 08:53 AM
Say it isn't so. The makers of that yummy cheezy macaroni that got so many of us through the long drudgery of college life on little money has been accused of SPAM? A small ISP in California says so. Joe Wagner, founder of Hypertouch.com, says the maker of chocolately good Oreos, succulent Triscuts, yummy Jell-O and creamy, dreamy Cool-Whip (I'm on a diet. Can you tell?) slammed his company with thousands of messages pitching their Gevalia coffee subscription service. Joe's lawyer says he's got solid legal footing for the case because the email pitches appeared to come from a non-existent sender, thereby violating the federal CAN-SPAM act and California's own anti-spam laws.
Joe says he's entitled to $11.7 million in damages...but will settle for having Oreo cookies renamed "Wagner-O's." (Relax, I'm kidding about the last part. Sheesh.)
Posted here at 08:53 AM in Techno-Oddities
Comment on this blog entry
XML, XML Everywhere
By
Lori MacVittie
at 08:51 AM
If I get a press release lately it's guaranteed to at least mention XML somewhere.
Solace Systems announces its new 3200 Series Multiservice Router today. The 3200 provides routing of XML messages, but not in the way you'd think - it's more like DNS for Web Services than it is a simple XML router. The 3200 is a carrier grade router, targeted at the telco market as a means of provided value add services. The 3200 includes custom silicon to speed parsing of XML messages and boasts a content-aware control plane which extends OSPF-like protocols into the application layer.
The 3200 utilizes a publish/subscribe model, which will allow enterprises to subscribe to services hosted across a meshed network of 3200 Series routers providing reliable, secure transport of XML based services.
Forum Systems has teamed up with Computer Associates to offer the first XML virus scanning capable product in the XML space. Dubbed "XAV" (XML Anti-virus), the module will be available today for its product line.
Because Web services firewalls/security gateways, like Forum's Sentry and XWall and offerings from Reactivity, Sarvega, Actional and DataPower, often end up being the point of entry into the enterprise for Web Services traffic that traffic often bypasses traditional AV scanners. SOAP 1.2, which in addition to the core SOAP protocol specifies how to deal with attachments, is growing in use and as more and more attachments flow through these systems it becomes imperative that these attachments be scanned for viruses and malware that may end up on a users desktop and, ultimately, infect the entire enterprise.
While we haven't seen this method used maliciously yet, it is believed that several viruses have entered various organizations accidently, making the need for a product like Forum's XAV that much more timely and necessary.
Posted here at 08:51 AM in Enterprise Applications
Comment on this blog entry
April 23, 2005
It's Been Quite a Week
By
at 03:21 PM
Sorry that I haven't blogged since Tuesday, but it's been quite a week. I flew up to Seattle, then drove out to spend the day with Microsoft on Wednesday. There are a number of things we discussed that you'll be seeing in future blog posts and Network Computing articles, and a pretty cool podcast that I'm putting together on the topic of agressive responses to attacks--how (and whether) we enlist the help of law enforcement to try putting thieves and vandals in jail, rather than simply beefing up our defenses to keep them out.
The thing that I keep coming back to in discussions with companies (both vendors and users) is a profound change in the way wework with the "people" aspect of security. To this point we've heard more about the technology because, in many respects, technology is the easier problem to solve. Changing products is (relatively) easy; changing people's ingrained behavior is hard. Unfortunately, if we're going to make significant improvements in security, we're going to have to tackle the hard issues.
Posted here at 03:21 PM in Security
Comment on this blog entry
April 22, 2005
Top Ten Stupid Things/Outright Lies I heard on my SNW trip.
By
Don MacVittie
at 04:55 PM
Well, it took me a week - you get a little behind when you take a week of vacation, then are out sick a week, then leave for SNW. But I finally got to it...
Please understand: I heard a LOT of good things and saw a lot of verifiable claims at SNW, this is the worst, but there was more good...
Top Ten Stupid things/Outrageous Lies I heard on my SNW trip:
10. "Yes sir, we do have to confiscate your lighter."
I flew back on day 1 of The Great Lighter Confiscation, and I have to wonder... If our idiot from Heathrow had tried to set off the bomb in his shoes with matches, would lighters be okay, and matches be getting confiscated?
9. "iSCSI is not scalable."
Sorry if you only do FC, but this FUD will only keep you going for so long.
8. "FC SANs are dead."
Sorry if you really want iSCSI to take off today, but our readers are not rushing to throw away their multi-million dollar SANs. Maybe when 10 GigE comes along, but there's still that darned "initial investment" thing.
7. Vendor: "Our iSCSI product outperforms FC"
Don: "You mean if you use multiple switches, right?"
Vendor: "Switches are non-blocking, we can do it with one GigE switch."
Oh boy. I want this toy in the labs. They're perfectly wrong - it's still 1 Gig, and that 1 Gig has more overhead (the IP packet) than FC.
6. "NAS is dead."
sigh. Okay, here's a Public Service Announcement for all vendors. Just because you don't make it doesn't mean it's dead, nor does it mean that it's not scalable.
5. "We don't see a market for SAS products."
I'm sorry, I just thought I heard you say "We feel less options for our VARs, OEMs, and end customers is a good idea." Everyone else gets it, so why don't you?
4. "We don't see heterogeneous SANs in the field."
This is not the first time I've heard this argument. You know why? Because for most combinations of heterogeneous switching I have to shut of half the functionality of your switch. If there was true interoperability between switch vendors, this wouldn't be a problem.
3. "We don't believe customers want replication."
Right, they'd rather lose data, perhaps? Or stick with a backup window that is killing them? Our readers want it, so who are your customers?
2. "This product is the easiest storage product we've seen."
This was an analyst quote that a vendor showed me about their product. My immediate response was "how many have they seen?" Goodness, there are more storage products every day, because this market is so hot at the moment. If I were that analyst, I wouldn't have spoken in an absolute like that. I really want this product in the lab to test this claim. I've seen some pretty darn easy storage products.
1. "Tape is dead."
Groan. This one has been going on for ever. You know what? Disks don't travel well. Remote replication assumes a fat pipe. D2D is good, and helps with restore times a LOT but it's not a silver bullet. People still want to move things to tape. Don't point me at your one customer that quit using tapes as "proof" that DR doesn't use tape any more. Finally, See #6.
Posted here at 04:55 PM in Storage and Servers
Comment on this blog entry
Video blogs are coming
By
Mike DeMaria
at 02:55 PM
In case you haven't heard, video blogging may be the next big thing. It's like podcasting...but with video. There isn't a universal term for this. I've heard vod, video blog, vlog, vidcasting, the vlogosphere, vodding...video diary....
It's not that web video production is expensive or difficult to set up. Digital video cameras are available for a few hundred dollars nowadays, even a simple $30 webcam would be sufficient. There are plenty of free video capture and editing tools out there. The problem comes down to the nature of video itself.
Text blogging is just like writing a newspaper column, but with more spelling errors. Podcasting actually allows you to hear reflection. Things like humor and sarcasm tends to get lost in print. Video blogging brings along a visual medium. This means that people have to actually watch the video for the visuals to have any impact, right? I've looked at a bunch of the early video blogs this morning. Most of them are horrible. Boring, dull, uninteresting to watch talking heads with poor lighting. Nobody wants to watch a talking head for five minutes straight.
Then again I found some interesting ones. There's this one video blog about digging for Civil War relics in Virginia. It was quite interesting to watch. Text blogging just requires you to write. Audio blogging requires you to 'write' and orate. Video requires writing, speaking, acting, cinematography, lighting and sound considerations, editing and directing. It's by far the hardest medium, but allows for the most creativity.
I'm not targeting any particular video blogger in this piece, so if you are one don't take offense. I might not be talking about you in particular. However the medium has to improve for it to gain momentum, and early video bloggers can influence the direction. Keep the quality high, and the medium will gain respect and admiration. I don't think diary style video blogs will ever be interesting. What I see as growing are web series, like personal television or public access shows. Although lowering the barrier of entry always causes more crap to appear (look at the number of good webcomics versus the number of bad ones), it lets amateurs and hobbyists have an outlet for creativity. We're in the Age of the Digital Amateur, and that's a good thing.
Posted here at 02:55 PM in Convergence
Comment on this blog entry
April 21, 2005
Outsourcing Falling from Grace?
By
Rob Preston
at 09:48 AM
Deloitte & Touche this week e-mailed just about every editor on our staff touting a new study which concludes that IT and business process outsourcing are "falling from favor with the world's largest organizations." It's not exactly headline news - outsourcing wears a permanent "Kick Me" sign on its back - but the reasons for the continued negative sentiment are worth further analysis.
The Deloitte survey, of senior execs at mostly U.S. multinationals, found that 70 percent of respondents "had significant negative experiences" with outsourcing projects. Cost and complexity - ironically, the reasons most companies outsource in the first place - were cited as the biggest problems. One in four respondents said their companies have pulled functions back in-house after realizing they could do a better job or do the job at a lower cost, while 44 percent said they didn't realize any cost savings.
These survey results send me all the way back to September 1997, when I edited the following story lead while working for InformationWeek: "After years of big promises and even bigger deals, the IT outsourcing backlash has arrived. Many users say wholesale outsourcing hasn't lived up to its promise. Some are so frustrated that they're canceling long-term deals and going through the painful process of rebuilding their in-house IT operations." One CIO who had "insourced" observed at the time that almost every big deal more than two years old was being renegotiated or terminated.
So why do long-term outsourcing contracts continue to be shaky propositions? Here's one take: Say Home Depot were to negotiate a long-term deal with EDS. EDS throws bodies at it, but those bodies never increase because there's no financial incentive for the vendor. By the time that contract starts maturing, Home Depot's needs have grown tremendously, so Home Depot calls up EDS and says, "We need to talk"...and the renegotiations begin.
In a later missive, I'll go into other problems inherent with outsourcing, and also talk about its many benefits.
Posted here at 09:48 AM in Business Strategy
Comment on this blog entry
April 20, 2005
Clustering OSS
By
Lori MacVittie
at 09:01 AM
Ever wondered how to cluster a LAMJ (Linux-Apache-MySQL-JSP/J2EE) solution effectively? Emic Networks just introduced its latest clustering solution, now supporting J2EE/JSP architectures.
In addition to Emic™ lamp/cluster for the LAMP stack and Emic™ lamj/cluster for the LAMJ stack, Emic also offers Emic™ m/cluster for MySQL and Emic™ a/cluster for Apache.
The m/cluster for MySQL is particularly interesting, and includes support for MySQL Network, an enterprise class solution for MySQL including support options, update advisories and a certified version of the popular MySQL database.
Posted here at 09:01 AM in Enterprise Applications
Comment on this blog entry
April 19, 2005
Old Enemies Come Back
By
at 11:58 PM
Sunday night we were having dinner with some friends, a gathering that included someone who rides herd on the IDS at a Major University. Just as he got to the house, his phone started ringing--something was knocking a couple of key segments off the network. It turned out that a host on the network had been given a new dose of Sasser--and the result was an IDS log file large enough to choke servers, which cascaded down to sensors, which then caused problems in dealing with the issue. He took care of the problem in a few minutes, but there were more phone calls, and a renewed acquaintance with a problem we thought had been handled.
Now comes word from F-Secure that a new Sober variant, Sober.N is seeding itself, and spreading through infected .ZIP files. As I mentioned in the last podcast, attention to user training (Don't Open Unexpected ZIP Files) will be as important as AV signatures in stopping this one early. Beyond that, the renewal of old threats is a solid reminder that the early versions of these worms tended to be more proof of concept that serious damage attempts--the real payoff in terms of network damage is yet to come. We've been warned--let's get busy protecting our networks through technology and training.
Posted here at 11:58 PM in Security
Comment on this blog entry
IT Show Convergence
By
Hunter Metatek
at 07:34 PM
Convergence, it's big eh? I am attending an IT event in Toronto, Canada. At the same time there are these three events in town all at the Metro Toronto Convention Centre. One event is Network World Conference & Expo which is also associated with LinuxWorld Conference & Expo. The other event is the 2005 SAN/NAS Summit. And the last event is VON (Voice On The Net). I took the time to snag the free exhibition badges for each event.
Next month when one of our IT network staff will be attending Networld+Interop in Vegas there are also like two other IT events there, not odd for Vegas I bet.
Posted here at 07:34 PM in Reality IT
Comment on this blog entry
The Acquisition of the Week
By
Lori MacVittie
at 06:57 PM
Adobe acquires Macromedia.
Wow. Well, what does one say to that? There are plenty of seemingly complementary products across the two organizations, though the target market of products like Photoshop and Fireworks are completely different and could, therefore, be potentially considered non-competitors.
What most users are worried about is what will happen to Flash and Dreamweaver and support of professional development in enterprises who have adopted it as a rich user interface development platform.
They have a valid concern. While Adobe has some kick ass enterprise class software, they have never before been responsible for a truly developer oriented product. The support necessary to successfully move a development environment forward is no small undertaking, and given the amount of support readily available from Adobe for developers utilizing the APIs of their enterprise class products, this could be an issue for existing Macromedia customers.
There are some exciting possibilities for new products - especially in the forms arena - that arise from a marriage between the two companies. Given Adobe's forms management and processing software and its Web Services focused integration with Acrobat Reader, the possibilities are endless. While Flash based user interfaces are still not as ubiquitous as other Web based technologies, an easy integration with Adobe's back end servers might prove to be just the kick in the rear Flash needs to propel it into a serious application user interface platform rather than being primarily used for ads, games and photo slideshows.
Let's just hope Yetisports isn't adversely impacted by this acquisition.
Posted here at 06:57 PM in Enterprise Applications
Comment on this blog entry
The Week of the Registry
By
Lori MacVittie
at 06:42 PM
It's the week of the UDDI registry, as two more registry vendors join Systinet in announcing enhancements to their registry offerings.
SOA Software (more recently known as Digital Evolution) announced today that for a limited time it is offering its UDDI v3 complilant Registry product for free. SOA Software hopes to drive adoption of SOA by offering the Registry for free and hopes that enterprises will adopt the UDDI registry as their core meta-data repository, which fuels run-time discovery of services in an SOA Infrastructure.
The next e-mail in my inbox, literally the very next e-mail, was an announcement from competitor Infravio, announcing it had extended UDDI Features in Governance Focused SOA Registry
product, Infravio X-registry. Like Systinet's announcement, Infravio is focusing on governance and business use of its registry for managing services in both the fledgling and advanced SOA infrastructure.
UDDI registries have, until now, been a relatively underutilized piece of the SOA infrastructure. As SOA as heated up and more services have been cropping up in enterprise deployments - both custom developed and through upgrades and installations of packaged applications - the need to discover, categorize and manage services has grown and now the SOA Registry players are gearing up, ready to provide a solution.
A UDDI registry need not be part of a larger SOA management offering, such as those offered by AmberPoint, Actional and SOA Software or even part of an existing application platform such as IBM's WebSphere or BEA's WebLogic. Because an SOA infrastructure depends on interoperable standards and all communication takes place via open standards, the SOA infrastructure may be one of the first where a best of breed set of applications may actually be a viable solution.
Posted here at 06:42 PM in Enterprise Applications
Comments(1)
Further City-Wide Wi-Fi Developments
By
Peter Rysavy
at 02:30 PM
Minneapolis just announced a plan for a city wide, privately-owned Wi-Fi network which will cost $15 to $20 million to build, and will offer data services at speeds between 1 Mbps and 3 Mbps. Service could be up in the 2006 timeframe, and will be available to consumers at about $20 per month. Neighboring Chaska, Minn., a city of 22,000, launched similar service last year. Similar efforts are underway in Philadelphia and San Francisco. By turning ownership over to private entities, these cities hope to avoid conflicts with telecom operators who might complain of unfair competition. One might ask whether these networks are necessary with 3G deployments. My answer is that these public services will be highly complementary because 3G cannot handle large densities of broadband users like Wi-Fi, but are more adept at coverage everywhere to lower user densities. Even if the resulting initial coverage is likely to be unpredictable, I’m enthusiastic about these city-wide deployments as I expect the service to be useful to large numbers of users.
Posted here at 02:30 PM in Wireless
Comment on this blog entry
April 18, 2005
Super-meta-data
By
Lori MacVittie
at 10:26 AM
Sometimes I think the best part about SOA is all the TLAs I have to remember.
Systinet is introducing another one - GIF (Governance Interoperability Framework). It's a mouthful, but the idea behind GIF is to provide a single "super-meta-data" repository in which information about an enterprise SOA can be managed, accessed and reported upon.
Continue reading "Super-meta-data"
Posted here at 10:26 AM in Enterprise Applications
Comment on this blog entry
April 15, 2005
Let's Get Serious
By
at 11:14 PM
April has, so far, been a month of bad news in the computer security field as Lexis/Nexis and Mastercard revealed that individual data had been release in system breaches. They're not alone, as we've found listening to the steady drumbeat of news stories announcing that data from various organizations has been released without authorization.
The fact is, after all the talk and all the legislation, we're still not taking security seriously. You can hear more about what we're not doing--and what we should be doing--at the podcast found here. Have a good weekend and, as always, drop me a line to let me know what you think.
Posted here at 11:14 PM in Security
Comment on this blog entry
Cable Companies Need Reliability Lesson
By
Tim Wilson
at 10:45 AM
Cable operator Comcast Corp. has suffered three outages across its network since April 7, preventing users from accessing the Internet or e-mail for three to five hours at a time on some evenings. A spokeswoman from the cable giant said the outages were "intermittent and varied," and were related to the company's DNS function, but she declined to give details on how the company is fixing the problem. http://techweb.com/wire/160900727When it comes to broadband access, cable stacks up well against DSL or other options in every area except one: reliability. Cable service providers -- and their service desks -- are still operating in a TV mode, where the worst that can happen is that customers miss their favorite show. But today's broadband access is used for e-mail and other critical business applications that simply cannot tolerate such excessive downtime. In the 1980s, the public switched telephone network underwent extensive testing to ensure the reliability of the dial tone across the U.S. at nearly 100 percent. The PSTN is virtually always available, and has been tested even in disaster scenarios. Cable, on the other hand, can't even survive a DNS error or a local cable cut. If cable service providers want to be taken seriously as business service providers, they need to start getting serious about reliability and customer service. A joint effort by the cable companies to build a joint reliability council, much as telecommunications companies did in the 1980s, would be a good first step.
Posted here at 10:45 AM in Business Strategy
Comment on this blog entry
Funny AND Insightful.
By
Don MacVittie
at 12:33 AM
So Marie Drucker, one of CMP's many talented staff sent me this link the other day, and even though it was out on the uber-geek forums, I wanted to share it in case you missed it.
Hitachi's "stand up bit" anime
Not only entertaining, but also a great idea that could shake our world if they can get it right.
Next up, the "Top Ten Stupid Things I Heard During My SNW Trip".
Don.
Posted here at 12:33 AM in Storage and Servers
Comment on this blog entry
April 14, 2005
High-tech Drops the Rebound
By
Tim Wilson
at 02:28 PM
Apparently, reports of the rebound of the high-tech industry are greatly exaggerated. The high-tech job sector lost nearly 60,000 jobs in the first quarter of 2005, the biggest drop since Q4 2003, according to a report issued earlier this week by outplacement firm Challenger, Gray and Christmas. That figure was almost double the job cuts that took place during the first quarter of 2004. (see http://www.mlive.com/business/ambizdaily/bizjournals/index
.ssf?/base/abd-1/1113280800141650.xml There was much optimism at the end of 2004, but if you're doing any job hunting, you probably haven't seen much movement this quarter. Most high-tech companies are holding still, and major mergers such as Oracle-PeopleSoft have cost thousands of jobs. And things aren't likely to get better -- SBC is promising to cut about 13,000 jobs if its merger with AT&T is approved, and Qwest has said it would have to cut as many as 15,000 people if it wins its effort to acquire MCI. The bottom line? Be nice to your boss, and stop complaining. If you're in high-tech and you've got a job, you should count your blessings.
Posted here at 02:28 PM in Business Strategy
Comment on this blog entry
SNW bigger, louder, faster.
By
Don MacVittie
at 01:12 AM
Well, halfway through this season's SNW, I have to say there are more people, more vendors, and a ton more FUD.
I love the storage space, it's new, it's dynamic, it's still a little wooly... But if I hear one more "we're the only vendor to do X...", I think I'll just start laughing. There are just too many vendors to say that.
And I saw an analyst quote that said "The easiest storage to configure". Wow, that's just poor policy for an analyst. My immediate reaction was "hey! What about company Y that is not in your space??" I told the vendor I wanted their stuff in my lab to play with. There's an awful lot of easy-to-configure storage out there these days, so I want to see if it really is the easiest to configure. Needless to say, I'm skeptical.
Anyway, there's still good stuff going on out there, I talked to vendors with a lot of cool new things coming up. Hopefully I can get them into the lab and kick the tires, letting you know how they fare.
And next week, just for you, I will offer a sanitized list of "the biggest lies I heard at SNW". It's time for storage vendors to stop hyping and start actually delivering. What they're doing tomorrow isn't as big a deal to you, our readers, what is available today is.
So I'll remove vendor names, and filter my language, and offer you a list of outrageous lies :-). Watch this space...
Don.
Posted here at 01:12 AM in Storage and Servers
Comment on this blog entry
April 12, 2005
Introduced to ISA Server
By
at 10:05 PM
With ISA Server 2004 Enterprise Edition, Microsoft is trying to bring a number of performance and security functions together under a single management interface in a single product. They seem to have done a pretty good job a key portions of the task, if the demonstration we had in the Gainesville, Florida Real World Lab is any indication. We will, of course, reserve judgement until we've had a chance to put the product through its paces on our own, but the management interface, at least, looks quite good.
That management interface was, in fact, the only thing I saw today that gave me any pause. Is it possible to make a product too easy to use? The only worry I have is that, if the folks in the central network management group aren't careful about how they define priveleges for admins at branch offices, a remote admin could wander over his head into security policies very quickly.
In addition to the demo, we were able to talk for a while, and part of the conversation makes up today's podcast, which you can find here. Enjoy and, as always, let me know what you think.
Posted here at 10:05 PM in Security
Comment on this blog entry
Open XChange
By
Lori MacVittie
at 04:39 PM
Netline Internet Service announced today the release Open-Xchange Server 5. Open-Xchange is platform agnostic and includes all the functionality and features of the open-source Open-Xchange Server 0.8 and adds:
- enhancements to Outlook and Palm connectors
- web based administration
- web based contextual help for users
- shared folders and distribution lists
- synchronization with .pst files
Open-Xchange is a full featured open source based groupware solution duplicating features and functionality enjoyed by users of Microsoft Exchange.
A demo and download is available at its website
Posted here at 04:39 PM in Enterprise Applications
Comment on this blog entry
SOA Infrastructure
By
Lori MacVittie
at 08:31 AM
In the past few weeks I've read a lot of news surrounding SOA. Sonic Software, for example, just recently launched v6.1 of its SOA focused ESB suite of tools. Sonic's latest release includes its new Collaboration Server, for managing partner interactions, and its Database Service, which is designed to ease interaction (and I assume, integration) with relational databases.
What Sonic and others are banking on is the need for a unified messaging platform under the hood of SOA in order to make services reliable and to provide unified access. Its ESB, like those from other SOA focused vendors such as Cape Clear, which also recently expanded its ESB product, is the core infrastructure upon which these vendors believe a fully realized SOA infrastructure can and should be built.
Indeed, they aren't far from the truth. With more and more services being deployed in the enterprise - often times unknowingly as part of packaged application upgrades - it is beginning to be time to consider what needs to be implemented to provide a solid foundation for an SOA. While unified access to services is definitely within our grasp, it remains to be seen whether composite applications built upon disparate services or SOBA (Service Oriented Business Applications), comprised of services both within and without the enterprise, can withstand the load of daily enterprise use.
Issues of message reliabilty, transaction integrity and integration remain to be addressed and an ESB (enterprise service bus) such as is offered by Sonic Software appears to be the frontrunner in the race to address this particular need.
Posted here at 08:31 AM in Enterprise Applications
Comment on this blog entry
April 11, 2005
Donate Your Old Computers & Technology
By
Hunter Metatek
at 08:54 PM
Cristina Foundation donate your old computers – Cristina Foundation provides computer technology and solutions to give people with disabilities, students at risk and economically disadvantaged persons the opportunity, through training, to lead more independent and productive lives.
See www.cristina.org for more information.
Posted here at 08:54 PM in Reality IT
Comment on this blog entry
April 09, 2005
New TLDs
By
Mike DeMaria
at 12:09 PM
ICANN has approved a few new top level domains, and is still debating on some. Here is the announcement.
Let's look at them. The newly approved ones:
.JOBS - seems dumb to me. How many people will this affect?
.TRAVEL - Another one that's too niche to matter. Comeon ICANN, get out of niche markets.
And those still being considered:
.ASIA - This makes a lot of sense. Approve it.
.MAIL - Still a bit niche, but could be handy for hosted mail providers.
.TEL - This would be great for a VoIP DNS service. Instead of calling a phone number, you dial a person's DNS entry (call Mike.DeMaria.TEL). Approve it.
.XXX - The argument I've heard for this was that it'd be easy to filter out porn sites in the workplace or schools. Which is exactly why porn sites won't use it and will stay in the .com,.org and .net spaces. That said, having a .mature or .adult domain could make some sense. It'd let a person run a not-safe-for-work site without worrying about getting it's visitors in trouble.
Posted here at 12:09 PM in Convergence
Comment on this blog entry
April 07, 2005
Mile-High Entry
By
at 07:06 PM
Who would have thought that you could build a podcast and blog entry set at 35,000 feet over western Tennessee? Me, neither, but here it is. This time, I'm talking about a couple of tools, from Dymo, and Levenger that help us keep things straight in the lab. In all honesty, the tools' use isn't confined to the lab--I've used the tool from Levenger almost every day for over a decade.
After the tool talk, it's time to talk about fiber-optic cabling. I hear more and more companies using security as the primary justification for a fiber installation, so I feel comfortable putting it in the security channel. If you are looking at going the fiber route, then you really ought to consider all the different ways of pulling the fiber, including nifty methods like the one I've seen from Sumitomo Electric. They use compressed gas to blow the fiber through a special conduit, and the organizations I've talked with that have decided to use the Futureflex system seem pleased with the results. You can find the podcast with both of these sections here. I hope you enjoy it, and find a little bit of useful information inside.
Posted here at 07:06 PM in Security
Comment on this blog entry
Wireless VoIP
By
Peter Rysavy
at 11:42 AM
There is no question that Voice over IP is gaining serious momentum. In a new study, IDC is predicting that VoIP service in US homes is to grow from 3 million homes in 2005 to 27 million by the end of 2009. What about VoIP over wireless? This is quite a tricky proposition, as VoIP requires quality of service mechanisms, largely absent from current wireless technologies, whether local or wide area. However, these are being added to Wi-Fi in IEEE 802.11e, and are also on the roadmap for 3G services, including UMTS/HSDPA and EV-DO. In fact, Verizon indicated this week that it could start offering VoIP over their EV-DO network in the 2008 to 2009 timeframe. The fact this is three to four years away points to the complexities involved. Nevertheless, widespread wireless VoIP is inevitable in my view, it just may lag wireline deployments by a year or two.
Posted here at 11:42 AM in Wireless
Comment on this blog entry
April 06, 2005
Acquisition of the Week
By
Lori MacVittie
at 08:53 AM
Okay, it's really the acquisition of last week, but I was on vacation last week.
Everyone's already chimed in on what this means and why Oracle acquired Oblix, but what it really means is that there are very few pure play vendors left in the identity management space. IBM purchased Access360 and Sun acquired Waveset in the last two years and while both products were more focused on provisioning both provided the basics for identity management and, indeed, worked well with the recently CA acquired Netegrity SiteMinder product line. That leaves RSA Security as one of the few focused identity management and access control vendors in the market.
What's interesting about the Oblix acquisition is that it isn't all about identity management. Last year Oblix acquired Confluent for its Web Services (XML and SOAP) security and management products, which was an excellent complement to its ID management line. This is more than just an ID management play, because Oracle will now join in the fray of the Web Services Management arena, a rather large market at the moment filled with start-ups and relatively small companies like AmberPoint and Actional.
This gives Oracle a head start in the SOA Infrastructure Management rush that's sure to come, and puts it in a good position to instrument its suite of applications for such management, which could be a boon over competing applications that today require third-party agents for such deep introspective management.
Posted here at 08:53 AM in Enterprise Applications
Comment on this blog entry
New Releases
By
Lori MacVittie
at 08:41 AM
XOSoft
WANSyncCD was released last week by XOSoft. WANSyncCD may be used to deliver, synchronize and consolidate complete corporate information repositories among multiple locations and branch offices around the world.
Translation WANSyncCD provides data replication and synchronization services and is optimized for distribution of large data sets to branch offices across limited bandwidth links.
SOA Software
SOA Software, formerly Digital Evolution, has introduced its registry based dashboard. The dashboard has been incorporated into the company's Service Manager product and utilizes UDDI v3 to provide the ability to discover, search and manage web services from a centralized location.
Posted here at 08:41 AM in Enterprise Applications
Comment on this blog entry
IM Security
By
Mike DeMaria
at 12:22 AM
Here's a press release I got today: Akonix Systems, [insert standard 'we rule' text that ever vendor includes], today announces that its Security Center team tracked over 100 new corporate security threats targeting IM and P2P systems in the first quarter of 2005, a more than 400% increase over the same period last year and more threats than were identified in all of 2004.
I know, we've heard chicken little arguments from security vendors in the past. However there is real meat here. Exploits have been discovered on most of the major public IM systems, and viruses can be sent via file attachments. Of course, there are the wonderful social engineering attacks. "This is 'Bob' from the advanced QA division. I'm trying to VPN in, but can't remember what the IP address of the VPN server is. Can you help me?"
Network Computing has said in the past that it's best not to have your company use a public IM server for your instant messaging needs, but to roll out your own system such as Lotus Sametime, WiredRed epop or Jabber. Combine that with an AV product and you can solve most of your IM problems. Yet, I'm wondering if this is good but useless advice for a large portion of our readers. After all, one benefit of using AIM is that you can communicate with other AIM users. If your company has it's own internal IM system, it's hard to talk to people at other companies, or personal contacts on AIM/Yahoo/MSN/ICQ. I know, you shouldn't be having personal IM conversations at work. You shouldn't be making personal phone calls either, but everyone does.
Which brings me to my point. Should we be looking at and reviewing IM security add-on products? Of course, Akonix and security vendors will say yes. But is this something that's being used or desired in the enterprise, or just small to midsize markets? Please email or leave comments in this post. I'd like to know if you're protecting public and/or private system IMs, want to do so, or think it's a waste of money.
Posted here at 12:22 AM in Convergence
Comment on this blog entry
April 05, 2005
There's Something About an Airport
By
at 05:26 PM
I don't know exactly what it is, but something about spending time in a line of strangers, holding my boots and my belt in my hands leads me to thoughts about how to improve security. I think the time has come for companies to take the plunge into two-factor authentication and leave the abomination of "strong passwords" behind. You can hear me discuss my reasons for thinking this in today's podcast, which you can download here.
There's something new in this podcast--I'm spreading my audio wings a bit--so let me know what you think. Let me know, too, what you think about us setting up the RSS feed for the security podcasts so you can have them delivered fresh to your desktop when they happen. As I wrote a couple of entries ago, this is new to me, so let me know how I'm doing.
Posted here at 05:26 PM in Security
Comment on this blog entry
April 04, 2005
I'd like a million dollars
By
Mike DeMaria
at 04:05 PM
U.S. Finishes Internet Study Congress Requested In 1998. Now there's a headline This study cost a million dollars. Some conclusions:
DNS is good.
Consolidating all DNS servers into two cities is bad.
Governments shouldn't get involved in DNS.
More useless domain suffixes.
How does something like this cost a million dollars?
In unrelated news, there are four Verizon trucks outside my home, a back-hoe and a three foot deep hole. That's usually not a good sign.
Posted here at 04:05 PM in Convergence
Comment on this blog entry
CDMA vs. OFDM for Cellular
By
Peter Rysavy
at 01:37 PM
Speaking of CDMA vs. OFDM (see last blog entry), there is a major debate in the industry as to whether OFDM has inherent advantages over CDMA in cellular networks. IEEE 802.16 (as supported by the WiMAX Forum) has chosen Orthogonal Frequency Division Multiplexing as the basis of its radio technology. OFDM is also used in IEEE 802.11a, IEEE 802.11g and IEEE 802.11n, as well as in Flarion’s Flash OFDM system. As reported in an in-depth study of how cellular technologies will evolve beyond current 3G systems that I recently completed for Datacomm Research, one advantage is that with wider radio channels, OFDM effectively combats a radio effect called intersymbol interference. ISI is a consequence of the “slowness” of the speed of light, where reflected signals interfere with successive symbols (modulated waveforms). However, for current 3G systems with radio channels up to 5 MHz, it’s not clear that OFDM provides that much of an advantage. But with next generation systems that will deliver throughput rates in the 10 Mbps to 100 Mbps range, the advantages could start becoming significant, especially when combined with multiple input multiple output (MIMO). 3GPP has a work group studying how current cellular technologies might best evolve, including looking at OFDM. OFDM, however is not the only option. Another option is multi-carrier CDMA where multiple CDMA channels are combined for higher throughputs. While the cellular community is studying this, the mobile WiMAX community is racing forward as quickly it can to try and complete their technology. Needless to say, there is a huge amount at stake and its very hard at this stage to predict winners and losers, especially as it may be several years before any of these systems start to be deployed. And what will we call these new networks? 3.5G? 4G? Advanced 3G? Brilliant 3G?
Posted here at 01:37 PM in Wireless
Comment on this blog entry
|
