The crew over at Byte and Switch are running an article on a possible merger between SonicWall and Lasso Logic.

I'm vaguely familiar with both companies, I figure this might be a good move. Both service smaller offices, and their markets are slightly different. Could be very interesting.

The SOHO market could see introduction of CDP and firewall all-in-one. Not bad, particularly with disk sizes going up and disk prices going down.

I wonder if soon we'll have storage and security that looks like printer adds - "Print Copy Scan Fax..." Only we'd be going "Replicate, Backup, Virus Scan, Phish block..."

Interesting times, that's all I can say.

You almost need an ID management product to keep track of who acquired who in this space.

Oracle announced its acquisition of ID management vendor Thor Technologies this morning, for an undisclosed sum.

Now, in case you were wondering what happened to the rest of the space, here's a refresher on the timeline:

• September 2002 - IBM acquires Access360


• November 2003 - Sun acquires Waveset


• January 2004 - Netegrity acquires Business Layers


• October 2004 - CA acquires Netegrity


• November 2005 - Oracle acquires Thor Technologies

You might say, "Hey! What about Oblix?"

What about them? Oracle acquired them soon after they had acquired Web services management/security vendor, Confluent. So Oracle now has a full portfolio in this space that covers everything from provisioning to Web services security.

This gives Oracle the provisioning and full systems' management it didn't get with the Oblix acquisition, and plays well into its Fusion architecture plans. CA is well positioned in this same space, along with IBM due to its Access360 buy in 2002 and recent acquisition of DataPower.

Joanne over at Secure Enterprise has a great overview of IdM, and you may want to check out our last review of IdM technologies.

Here's one more sign that Google is eying rolling out a nationwide, free Wi-Fi network: It just won approval to offer free Wi-F for its hometown of Mountain View. And it looks like that's just the first step to a national rollout.

So I'm in the lab trying to get NWC Inc. ready for our upcoming ESB product review. I'm installing OpenJMS and setting up messages queues and reinstalling servers in preparation for product testing.

I flip the KVM to TEST8, put the CD in the drive and restart the machine. Or at least I thought I put the CD in the right machine. The machine boots up as if the CD doesn't exist.

That's odd, so I start looking at the machines in the rack. Nope, not that one. Nope, not that one. Hmmm..try again. Same behavior.

Turns out that someone put the bevel - where the machines are labeled by name and IP - for the mail server on TEST8 and left TEST8 without any identifying marks. I didn't pull the bevel off the mail server when I ejected the CD to try to identify the machine, because it's the mail server, right? It couldn't possibly be the right one.

I'm guessing someone either didn't know any better, or thought it'd be a good joke to make me spend half an hour figuring out what server I was trying to access.

Fess up, boys. Which one of ya did it?

Never mind...I'll just figure out a way to get back at you.

Bwahahahahaha...

At a UN conference in Tunis this week, there have been calls for the U.S. to turn over control of the Internet to an international body. But the last thing this world needs is an Internet controlled by despots and totalitarian regimes.

Just a quick report from the IP4IT conference. Today was my first day at the expo. Speaking from my perspective as a member of the media, this has so far been a worthwhile trip. The vendors sent their technical people down, instead of just the marketers. I'm now covering messaging and collaboration technologies at Network Computing, and would say about half the vendors here fit in my coverage area. The other half are VoIP vendors. That's Sean Doherty's area. And a third half are vendors I've never heard of before, but do some neat stuff, like Cylogistics. They make a low cost web conferencing appliance. Of course there are the big names here like Siemens, Intel and Cisco, but I find the smaller vendors to be the most interesting booths to stop by.

At a panel discussion today, there were two companies featured who implemented an IP telephony solution. A question was brought up as to why they purchased a system from a smaller, not-a-household-name vendor. In other words, when you think IP telephony, throw out the first three names you'd think of. Both of the panelists stated that many of the existing telecom equipment providers, even more so than the big VoIP vendors, were slow to innovate. The lesser known vendor responded faster to feature requests and were on the front lines of innovation.

By the end of the week, I'll have a few podcasts up with my improvised thoughts about the show and what I've seen. These will be the start of a new Network Computing podcast series, and I should have more information available in a week or two.

In the world of blade servers, IBM has probably been the most aggressive company in touting the idea of a blade as a machine that can do far more than simply route your data around the office or back to central IT. That notion, in fact is the underpinning of the company's "In A Box" approach to bringing blades into specific industries, pre-tooled to handle a variety of functions that make the server the IT shop on the spot.

Ooohhh...fun stuff out there this week. Citrix made another acquisition, this time targeting web appplication firewall vendor Teros.

This coming on the not so distant acquisition of layer 7 load balancer and application acceleration vendor, Netscaler.

The Teros offering will be rebranded as the Citrix NetScaler Application Firewall and we expect to see deeper integration between the NetScaler product line and Teros' technology as a result of the acquisition.

This is definitely a leap frog over competitor F5 Networks, who announced (nearly at the same time, coincidence? We don't think so) its Application Security Module (ASM) for its BIG-IP product line. ASM is the same robust application firewall technology found in F5's standalone TrafficShield appliance but it runs as a software module on the BIG-IP platform.

The difference between the two is that Teros has the added edge of protection for Web Services (SOAP), something that F5 has not yet added into its security module.

This is a good move for Netscaler, though we've seen performance issues with Teros in the lab that will need to be addressed during integration efforts if the application security functions of the Teros product is to keep up with the traditional performance of the Netscaler product line.

Watch closely, we've said for years that application/Web services security and content switches were a natural fit, and we wouldn't be surprised to see more acquisitions by other layer 7 players in the near future.

Google has been negotiating with book publishers to allow readers to rent books online for a week --- one more sign that Google is in full retreat over its controversial plan to scan copyrighted books without copyright holders' permissions.

If Robert Petrick is convicted of murder, his use of Google may be the key piece of evidence that convicts him. I guess it's not a good idea to search for "neck snap break" just before your wife is killed.

Today's Friday Freebies are kind of fun. Both offer the ability to send yourself an e-mail in the future for whatever reason you'd like.

Want to remind yourself in 2020 what your goals were this year? Send yourself an e-mail to your "future you" today and these organizations will hold your e-mail until the date you specify and then send it out to you.

Sound freaky? Could be, especially if you forget that you did it!

The first one is from FutureMe.org. The cool thing about futureme.org is that you can mark the e-mail as public and other people can see what you're sending to yourself in the future - without your name and e-mail addy, of course. It's amusing to see what people are planning on sending to themselves - everything from high school kids reminding themselves to study hard and pass all their exams to adults exposing their goals for themselves. Even if you don't want to send yourself an e-mail in the future it's an interesting read.

The second organization plugging this service is, believe it or not, Forbes.com. Yes, Forbes.com. Forbes has entered into an agreement with Yahoo and a couple of other internet savvy organizations to provide the same service, but it's done so as a kind of technological survival experiment and the description of how it's planned for loss of services and built redundancy into the system is an interesting read.

So get on out there and send your future self an e-mail.

Enterprises should immediately ban the use of Skype on their networks, warns analyst firm Info-Tech, claiming "even a mediocre hacker could take advantage of a Skype vulnerability." If Info-Tech crying wolf, or is the firm right in its call to ban the VoIP software?

I was on the phone with Network Appliance, talking about their "Uncompromised Security" initiative, which I chose not to blog on the assumption that you're hearing this type of news elsewhere, but I got some interesting other information from them.

They have reorganized their business to reflect the very issues we face in the Enterprise. I think it's a solid move, and I think it's about time someone did it.

You know how it goes in the enterprise, things move slowly because you can't afford make changes that will bring business systems down. This is particularly true of big infrastructure items like mainframes and storage. My experience with Storage Administrators is predictable "I'll upgrade when it breaks, not before". Understandable, don't fix what isn't broke.

But then we get the security people, who work on the motto of "if it's got a known vulnerability, it's broke." Another valid viewpoint that must be balanced against the Storage Admin to come up with the plan that works best for your organization.

It is safe to say though that the security guy wants about 100x the amount of change that the storage guy wants. They are on completely different ends of the spectrum. And neither is really wrong.

NetApp has built their organization up to reflect these divergent needs. They have moved security and select other non-infrastructure, high change groups into a separate unit, and are encouraging them to go nuts with updates. Quality isn't skipped, but they're diverging from the storage industry release cycles, which are traditionally very slow. They're calling this group "emerging markets".

I think it's cool. Nimble like a startup where it's needed, steady and only updating you when it's absolutely necessary elsewhere.

Other vendors that play in both storage and security, take note. I think you'll see this setup working well for NetApp, I hope you follow suit.

My colleague at InformationWeek, Darrell Dunn, is a little more curious than I was in his blog today about those AMD processors on Dell's website and what they mean, if anything. Darrell's a real smart guy and anything he writes is well worth reading, so I'd suggest clicking on over and getting his take as well.

Emic Networks has rebranded itself as Continuent and completed its Series B funding this month.

With the rebranding comes some great news for databases, as the previously MySQL focused HA database product line will be expanded to support not only MySQL and PostgreSQL, but commercial databases including SQL Server, Sybase and Oracle in 2006.

Continuent's HA solutions have been completely rearchitected and are transparent to middleware and fully transactional. It runs on any tier and has been enhanced to support heterogeneous databases.

Yup. You can support your mission critical database by providing high availability failover support to a MySQL database. How cool is that?

Way cool. Talk about lowering the cost of redundancy in the data center. Continuent's products also do on the fly conversions of between specific SQL implementations, so the oddities between SQL Server and MySQL or Oracle and SQL Server can be handled transparently by Continuent's products without worrying about recoding.

You've got to check this out. Continuent

A Congressional committee yesterday unveiled a draft of a bill that would in essence allow Big Telecom to hijack the Internet --- and the wording makes one wonder whether SBC had a hand in drafting the law.

Not Sony, that's for sure.

Mark Russinovich over at Sysinternals discovered Sony BMG's rootkit recently and blogged the process (great reading for anyone who likes nitty gritty, device driver details and hex code dumps).

The fuss was over Sony's unauthorized installation of a rootkit that cloaked files from the system and inserted a driver into the CD device driver stack that, if removed, would break the ability of your PC to play any CDs. The software was installed off of Sony BMG "copy protected CDs" and no mention of it was made in the EULA.

Since then, Sony has altered its EULA to cover its...software and has grudgingly offered instructions on how to safely remove its rootkit without killing your PCs ability to play CDs. Antivirus providers pointed out that such a rootkit could potentially provide a mechanism for virus writers to hijack PCs, and today we learn that this is exactly what has happened with the discovery of a trojan using the Sony DRM rootkit to drop an IRC trojan on user's machines.

A new trojan which uses the cover provided by the Sony DRM component to hide has been detected by BitDefender Labs at 12.15 PM GMT today and is in the wild. This is the first ever observed instance of malware using the Sony DRM rootkit detected and analysed by Mark Russinovich.

***UPDATED (14.02 pm GMT)***

Analysts at the BitDefender Labs have completed a technical description of the threat and published a signature update. A removal tool for the trojan and a detection tool for the Sony DRM component are in preparation at the BitDefender Labs and will be made available to the general public in the following hours.

While we understand the desire of music companies (greed) and the (evil) RIAA to protect their copyrighted content from being illegally obtained, it is improper for them to endanger users to protect their own pocketbooks.

This isn't the first time that music companies or the RIAA has utilized questionable tactics to protect their interests (money money money). The RIAA has fought for the right to destroy user's computers in the event that illegally traded music files are discovered, has polluted file sharing networks with virus laden files, and used other underhanded, blatantly illegal tactics to protect its content despite the lack of hard facts to prove that file sharing networks are the cause of the decline in CD sales (crap music would explain the decline just as well).

DRM may sound like the perfect way to protect your content, but if you use techniques that endanger users or destroy their PCs then you are as guilty as virus writers of breaking the law and, my friend, you have become what you claim to despise.

"As soon as men decide that all means are permitted to fight an evil, then their good becomes indistinguishable from the evil that they set out to destroy."
Christopher Dawson, The Judgment of Nations, 1942

Be careful out there...

Woo hoo! After three weeks of messing around with ChoiceOne, NWC Inc. is back on the map.

Turns out our ISP replaced their border routers about ... well, 3 weeks ago. (Funny that we lost our routes about the same time, isn't it?)

After slogging through Tier 1 support for 3 weeks, someone finally realized that just because the support guys could "ping" our Class C from the ChoiceOne network didn't mean it was accessible from outside their network.

Ya think?

After they finally figured that out (despite being told as much by me for 3 weeks) some router jockey finally went in and began advertising the address block again and golly gee willikers, we're accessible again.

...for now, anyway. It's tempting to make much of the story that Dell is offering some packaged Athlon 64 processors through its website, but it sounds as if the company is simply dumping some acquired assets. That hardly represents a strategy, much less one that would matter in the server market.

The feds are holding hearings today on a bill that could essentially allow big Telcos to hijack the Internet. The law would regulate Internet Protocol and broadband services, and it would let the big providers block services and net access, and possibly worse as well.

As we enter the brave new world of Internet phone and VoIP, this short from 1927 makes you think. People used to not know how to *dial* the phone. Wild.

Am I writing as Richard Bachman today? (That was Stephen King's nom de plume for a freaky little novel of the same name.) No, but even writing under my own name, I'll point out that the trend of slimming down hardware resources, which we've seen in blade servers, is cropping up again on the desktop -- a development that would lead the market back to server-based computing if successful.

When was the last time Cisco made news other than patching yet another router security hole? Can't remember? Neither can I. There's a good reason for that --- the company has lost its sizzle.

Today's Friday Freebie comes to you from SpamButcher.

SpamFreeze is a free tool for webmasters, bloggers and anyone else who needs to publish their e-mail address on the web but abhors spam. (Who doesn't?)

SpamFreeze makes your email address invisible to spiders, helping to minimize how much spam you receive. SpamFreeze works by encoding the publisher’s email address within a URL. This URL can be placed on any webpage, blog or online forum where they would like to make their email address available.

When a user clicks the link, they will need to identify a word jumbled within an image to confirm they are not actually a spider collecting addressees for spamming. They are then provided with the publisher’s email address.

SpamFreeze is a completely free service provided by SpamButcher. SpamButcher does not send SpamFreeze users unwanted email, or sell their addresses to third-parties.

Hey, it's free, and it stops spam. What more could you ask for?

Amazon has announced a book-scanning project --- and it's figured out a way to please authors and publishers, spread around the money for everyone, and do the right thing for readers. Google should sit up and take notice.

There's something about economics that tends to act like the anti-coffee to most folks. Their eyes glaze over, the head starts to kinda bob back and forth, and before you know it they're snoring on the conference-room table. When it comes to security, we want to focus on the exciting, glamorous parts--the pen tests and intrusion prevention--while we ignore some of the things (like HR policies) that can have a huge overall impact. In this podcast, I talk with John Pironti of Unisys, who has spent a lot of time thinking about the economics of security. I was impressed because he's gone beyond the questions of cost (always the key to security business analysis) to talk about the issues of tangible economic benefit.

If you're still bruised from your last encounter with the budget committee, you'll want to spend some time listening to this podcast. This one goes a few minutes longer than our normal podcast, but I think the five extra minutes are well worth it. You can listen to the podcast here. After you do, drop me a note (cfranklin@cmp.com) to let me know whether you agree with the kind of analysis that John is applying to security.

If you you haven't already subscribed to the podcast, look over to the left, you'll find the link to subscribe to the Security Channel podcast. In addition, I'd like to ask a favor. Take a minute to drop me a note at cfranklin@cmp.com, and let me know what you'd like to hear in future podcasts. A podcast can be short or long, serious or amusing, hands-on or quite strategic. Let me know what you'd like to listen to, and we'll do our best to make it happen.

The music in this podcast is "Bugeater" from the album Aeonblue by subatomicglue. They release their music under a Creative Commons license--if you like the sound, head over to their web site and check out the rest of their music.

Posted here at 10:19 PM in Podcasts | Security

Comments(1)

Posted here at 03:40 PM in Storage and Servers

Comment on this blog entry

Posted here at 08:27 AM in Network Infrastructure

Comment on this blog entry

Posted here at 04:54 PM in Wireless

Comments(1)

Posted here at 07:45 AM in Network Infrastructure

Comment on this blog entry

Posted here at 02:39 PM in Storage and Servers

Comment on this blog entry

Posted here at 02:27 AM in Storage and Servers

Comment on this blog entry