User Lament: Don’t Tell Me I Have a Problem, Just Fix It
New Boundary Technologies, a provider of automated
configuration and security management solutions, announced a partnership with
Lockdown Networks, a complementary provider of Network Access Control (NAC)
solutions. New Boundary Technologies will enable its Policy Commander security policy management solution for Lockdown Networks’
open intelligent network access control (iNAC)
architecture. Within the iNAC architecture, Policy
Commander serves as a quarantine and remediation
server that performs immediate, automated remediation of devices deemed
non-compliant by Lockdown Enforcer. Designed to serve the needs of security
officers and IT professionals, Policy Commander automatically controls computer
configuration settings for maximum security by continuously monitoring and
enforcing computer security policies. Leveraging automated Smart Update
technology and a dynamic policy format, Policy Commander fully automates
targeting policies to computers based on role, desired security level, and
other selectable parameters. It then strictly enforces assigned security
policies, automatically reverting non-compliant systems to their desired
compliance state.
Organizations large and small have found that NAC is a
vexing problem. On the one hand they want to be as open as they can be to
optimize their revenues, maximize customer satisfaction, and reduce costs
through self-service via the web. On the other, the organization must also
ensure that granting access does not put the organization’s information and IT
infrastructure at risk. These business needs, complemented by privacy laws and
other regulations, are driving organizations to employ technology to control
network access. But, while denial of access is the proper action, it doesn’t
foster the business objectives.
NAC and remediation are not the only areas where the market is demanding synergy. Vulnerability Assessment begs interaction with Patch Management and Intrusion Prevention is far more helpful than Intrusion Detection. Sageza believes that market forces will push complementary vendors to be more cooperative with one another, especially when one technology alerts and the other repairs. That said, we also understand that there have to be underlying policies and procedures to determine the critical path for those seeking to access the network. These professional services could be provided by either vendor if they have sufficient resources or expertise; perhaps, however, the client would be better served by a VAR. In this way they could also assist in the integration and implementation of the two products.
Isilon IQ200: A New Entry Point for Clustered Storage
This week Isilon Systems announced the release of the Isilon
IQ200, a new entry point into the company's lineup of Clustered Storage
platforms. The new offering is a slim, 1U device that delivers clustered storage
capacities scaling from 6TB to 48TB and provides a much lower entry point to
Isilon's solutions than previously available. Current high-end platforms in the
range supply storage capacities that can reach 1PB in a single file system with
10GB/sec performance. In common with other platforms in the range the IQ200 utilizes
Isilon's OneFS software making the platform straightforward to use, while the
clustered nature of the solution provides excellent performance. In addition
Isilon offers customers the option to employ a “pay as you grow” approach to
scalability, a financial capability made simple by the clustered nature of the
platform. In line with its smaller capacity, the IQ200 will be offered at an
attractive, although currently unspecified, price point. Isilon expects the IQ200
to prove to be an attractive offering for its OEM and channel partners with
more than thirty, including Harris Corporation, already committing to sell the
system.
Clustered storage is a concept that is maturing nicely but of
which many organizations are, as yet, unaware. This architecture, when well
engineered, has the potential to offer many advantages. Isilon's offerings
exploit the clustered storage architecture using the OneFS operating system
software and its TrueScale capability to deliver modular
scalability allowing storage capacity to grow in line with need. Isilon has
designed all of its offerings, including the IQ200, to offer very good
performance again as a result of the cluster architecture. Further, the OneFS
software makes the resources of the Isilon platforms available via a single
file system and single volume. This approach, coupled with other management
tools in the software, make system configuration and ongoing administration
relatively straightforward. Software functionality supplied as part of the
solutions includes data protection and management capabilities utilizing the
Snapshot IQ, SyncIQ, and SmartConnect tools.
Isilon has had some success in the market for large, scaleable, and high-performance solutions. However, selling into the markets for which the IQ200 is designed will pose a different set of challenges. Customers with a requirement for the scaleable and performance-level storage capabilities delivered by the IQ200 will, by and large, be smaller organizations than those that have heretofore purchased Isilon's solutions. It is true that large enterprises will be able to make use of the IQ200, but the platform has the characteristics to appeal to a much broader audience. However, this community will often not employ IT professionals highly skilled in storage matters. For the IQ200 to reach the market it deserves it is imperative that Isilon and its channel partners promote the IQ200 as aggressively as possible. There will also be a need to educate potential customers on the business and IT benefits achievable with clustered storage. The potential exists for Isilon to make waves; we shall have to see how high the waves can reach and how quickly Isilon can attract new partners, channels, and customers.
One Person’s Data Security Product Is Another’s Legal Discovery Tool
Guardium, a database security company, has announced a
database monitoring and security solution that provides granular visibility
into all changes to database objects—including database structures,
permissions, data, and configuration files—without relying on database-resident
functions such as trace and transaction logs or native auditing. The product,
Change Control Solution for Databases, is described as an effective and
tamper-proof solution for detecting when critical changes were made outside of
these policies and processes. The new Guardium offering enhances the security,
integrity, and availability of critical data and systems by alerting security
and IT managers on all unauthorized changes by trusted insiders and external
hackers. The vendor claims that the technology also dramatically reduces staff
time required to address auditors’ requirements by automatically creating
reports that compare all detected changes with approved change requests. This
process, known as “change control reconciliation,” is increasingly required by
auditors to tighten internal controls for critical systems such as Oracle
E-Business Suite, PeopleSoft, Siebel, SAP, and in-house SOA applications.
Many analysts would approach this announcement only from the
security perspective, and would applaud the ability to flag unauthorized
changes such as those made without change control IDs, during production
periods, or with unauthorized user IDs generate realtime alerts and the ability
to compare detected changes with authorized change requests from deployed
change management systems such as BMC Remedy, HP-Peregrine, and custom
applications. While this track of analysis is certainly appropriate, top
management would likely be very interested in what may be an unintended use of
the product’s logs and reports.
Changes in the U.S. Federal Government’s Rules of Civil Procedure have elevated the discovery of electronic records and data (E-Discovery) to the forefront of litigation between business organizations. The new rules mandate, among other things, that the parties have an early meeting to outline and agree on E-Discovery production requirements. Sageza believes that records off systems like Guardium will be good targets early in the process because they are pointers; pointers to other parties that ought to be deposed and pointers to the applications where other incriminating evidence might be located and ought to be produced for discovery. The key for end-user organizations is to ensure that the policies and procedures surrounding the implementation and use of database security systems are reviewed by counsel and are covered by very strict records and file retention schemes.
Sony and the PS3: The Home Entertainment Center Battles Loom Larger
Sony Computer Entertainment Europe has confirmed that the
Playstation 3 will be launched in PAL territories Europe, Asia, the Middle East and Australasia on March 23, 2007. Sony has confirmed
that only the 60GB model will be available at launch, with a 20GB model to
follow later in the year depending on demand. Sony expects one million PS3
units will be available during the initial launch period. The company has also
announced the availability of over thirty game titles at launch, as well as
downloadable games from the Playstation Network. Sony expects a new System
Update concurrent with the launch which it believes will enhance the
entertainment potential of the PS3. The system will retail for €599 or£425.
Based on the launches in the U.S. and Japan, we worry
that a million systems distributed over the entire region may not be enough,
especially when one considers that some websites and stores have been taking
advance orders. On the other hand, there are multiple factors affecting the
demand for these systems that needs to be taken into account. Statistics show
that the number of games sold per system is fairly low, which would indicate
that most people have purchased the PS3 as an inexpensive BlueRay device. Gamers
have in fact complained of the high price relative to the Nintendo Wii or the
Microsoft Xbox 360, but the fact is that much of the price is due to the
BlueRay player included with the system. Of course games from the PS2 will work
on the PS3, but to really get the full benefit of new capabilities, one needs
to have PS3 games and other high-definition capabilities to go with it.
Sony is the latest of the game launches for next
generation boxes. It has good and bad associated with it, but a thumbnail SWOT
analysis of the market is probably in order. In general, if one doesn’t have an
HDTV and other HD-capable equipment, and one has no game system, then the
Nintendo Wii is probably your best bet. Both Sony and Microsoft rely on HD to
get the most out of their graphics. The systems will work without HD, but it
won’t be the same experience. If you are an online player, then the Xbox has
the best online experience going. And if you grew up on the PS and PS2, then
clearly, purchasing the Sony is the best way to make sure the games are still
playable. It should be pointed out too that real gaming enthusiasts will have
all three. Why? Because there are fabulous games designed for each of the
consoles that hard-core gamers cannot live without. For them it’s not a question
of if but of when. For them, we can only point out that on the enterprise side
the mantra is never purchase version 1.0 of anything ever. In fact, a close
corollary is: never purchase version x.0 of anything. Wait for the bugs to get
ironed out and then purchase.
Of course the hard-core gaming set is a relatively small segment of the consumer entertainment population. Sony and Microsoft both would like to position their consoles to be more than gaming; the companies would like to turn them into multimedia hubs that play music and video as well as games. For Microsoft, the same account with which you purchase credit for Xbox games is used for purchasing for the new Zune as well. Sony has ambitious plans for content delivery on PS3 as well. However, at this point many households have separate DVD players, DVRs, and set-top boxes and many people have connected their home PC to the stereo and television without another box. We believe that initial sales will be to game enthusiasts who want the latest technology. We believe that only after the price has dropped and the technology has matured will people contemplate using these boxes as mainstream home entertainment hubs. The vendors need to line up distribution mechanisms, pricing, and solve the irritating DRM questions before mainstream consumers wholeheartedly embrace their plans.