Just before the sad event of Steve Jobs death, obtained a MacBook. While everyone is still immersed in reading the biography, we embarked on the journey of using a new OS for the first time. Here are the positive experiences and gripes that we found when using it in a multi-purpose multi-platform environment.

Please note that we are just starting up using the Mac, and some of our issues may have solutions that we haven't found yet.


The environment
The MacBook arrived in the very mixed environment of Shortinfosec

• Domain - an active AD Win2008 functional level domain, but used only for testing. The computers are only added to the domain to do research related to the domain.
  
• Computers - Work is done on our laptops - HPs, Lenovo and Acer running Windows 7, Vista and Ubuntu.
• Virtual environment - Virtual Box and VMWare player based virtual machines, mostly bridged network
  
• Network - 802.11 n Wifi and wired 1 Gbps Ethernet network. Cisco and Huawei network elements
  
• VPN - Cisco IPsec VPN for remote access
  
• Storage - iSCSI based storage server, built around an Openfiler storage server, on the wired LAN segment
  
• Printing - a very old HP LaseJet printer, so old that we have to use a Centronix to USB convertor, so we attach it to any laptop we need.
  

What we do on this environment:

• Testing and honing skills of attack tools
• Running test scenarios on corporate products
• Active Directory fiddling and trying to break
  
• Playing games
  
• Blog management
• A lot of article and paper writing
  
• Java development
• Odd accounting jobs
• Lots of games ;)

The positives
We like to start on a positive note, so here are the things we like about our Mac

• User experience - as Steve Jobs insisted, the user experience of working in Mac Applications on the Mac is seamless. Everything just runs. Even attaching external hardware a 20 year old printer was a breeze - much easier then doing the same on Vista.
  
• Battery life - the battery life is simply outstanding. The commercials say that the Mac can do 7 hours on battery, and that is quite true, for working in word processor, at 65% screen brightness.
• Portability - not really comparable, since all other laptops are 15'', but the Mac is very easy on the shoulders, and an excellent companion at meetings.
  
• Speed of functions - all implemented functions within the OS are implemented VERY WELL. For example, the Cisco IPSec VPN connection using the native Lion client authenticates at least 10 seconds faster than the Cisco VPN Client for 64bit Windows 7 (we actually measured)
  

The gripes
Naturally, not everything is that great, and here are the frustrations that we faced with our Mac.

• The keyboard shortcuts - putting an IT pro who worked on a PC and Unix for 20 years in front of a Mac running OSX is a special kind of hell: NONE of the keyboard shortcuts are the same, and it a significant effort to shift to OSX shortcuts. They are not illogical, only completely different, which hampers productivity for anyone used to do much of their work on a keyboard.
  
• Interoperability with other platforms - There are interoperability gripes with a lot of stuff. The Mac can join an AD domain (sort of), but we had a lot of stress getting the Mac to use cached credentials. Mostly the same happened with a Linux based LDAP service.
  
• Software is missing - A lot of productivity software that we are used to is missing for Mac - we stumbled on Visio, then on MS Project, then on Notepad++, then on 7zip... We didn't go into developing Java in Eclipse, because of the following point. Mind, there are replacements for most of the software we were missing, but productivity was hampered since we needed to find the appropriate software, buy it and learn how to use it. VMware player is nonexistent for Mac, we are limited to VirtualBox.
  
• Lacking native support for obvious items - first disaster - no support for NTFS write. We had to revert to the dreaded FAT32, which was a deal breaker for development. As if that wasn't enough, iSCSI is not natively supported, which further killed any attempt at accessing the large Java codebase on our iSCSI fileserver.
• Remote access - So far we haven't discovered an efficient native tool to access and work on our Mac remotely. The Apple Remote Desktop is a shameless highway robbery - why should any company or user need to pay any money to access and manage a single Mac remotely? We are at the moment trying out VNC, which is not a very preferred platform.
• No Native or Free Disk Encryption - (Updated, thanks to comments on reddit.com). Up to OSX 10.6 only Sophos SafeGuard provided full disk encryption for a Mac. For OSX 10.7 there is FileVault full disk encryption, but we haven't tried it.
  

Conclusions and thoughts
We are not abandoning the Mac - it is a great tool and an asset in our little lab. But in the current state of things, it takes a lot of effort and compromise to fully migrate to a Mac platform, especially since a multi-environment knowledge is required.

If today someone asks us whether a Mac is a good idea for company use, we would not be very supportive for the following reasons:

• Business Software lack of compatibility
• (Updated per the comment of Ryan Black) Incompatibility with writing to NTFS filsystem (which is everywhere) (previously stated NTFS fileservers - fileservers are accessed through SMB, which is supported)
  
• Learning Curve for efficient use

Talkback and comments are most welcome


Related posts
Information Risks when Branching Software Versions
8 Golden Rules of Change Management

A server is essentially a computer that does not do anything else but supply and store information for other computers. You could be using one of your computers as a server in your office, for example.

This computer would then be called a server and supplies information (even software applications) and data to other computers, which basically become user terminals. If you have an e-commerce site, or you have a lot of important information that you want to keep safe and secure, you should be looking at the best dedicated servers provider in your country or region.


Normally, when you register for a website, your website would be hosted on what is called a shared server. This means your website and information are stored on a computer that is used by many other customers of that provider.
In the case of a dedicated server, you have your own whole computer and network connection.

Here is a comparison of normal shared servers and dedicated servers to illuminate the issue.

• Traffic Issues. If someone else’s website gets a lot of traffic, and your website and database are on the same server, your website will start to slow down. You cannot have this happening if your website and database are crucial to your business operations. With a dedicated server, you have the one whole computer to yourself, and there will be no influence on your traffic from outside sources.
• Size. What happens when your website grows? With a shared server, you will have to keep buying extra space. With a dedicated server, you have the whole computer, and this means it is just about impossible to run out of space.
• Security. Information on shared servers is never as secure as dedicated servers. There are multiple accounts and multiple users. Do you really want your important company information on a computer that is also being used by other people?
• Service. Dedicated servers normally come with a range of services, such as back-up, security and support. If your information is on a computer provided by a normal shared server supplier, you cannot expect the same service. Do not expect the computer support with shared servers to match the response times of that provided by your dedicated server company. Dedicated also means the company should be dedicated to you, and not just the fact you have your own server.
• Location. Just like any other server, your dedicated server will be stored in a very secure location. This is much better than having a server in your own office, for example. It would be possible to run your own e-commerce site from your own office, but you would need the technical know-how and computer support to manage your own server. Normally, that will require outsourcing it services or employing your own team.
• Cost. Dedicated servers will obviously cost a considerable amount more than a standard server. If your e-commerce site is growing, for example, having a smooth, fast and reliable website will mean more money. Investment in a dedicated server is an investment into your revenue stream.

In essence, dedicated servers are necessary for anyone who is making revenue from their site with a lot of traffic. You need to be sure that your business is managed, monitored, protected and stands alone from anyone else’s business on the internet. You can always switch your website to a managed server as it grows, although for those who are serious about e-commerce, setting it up so it is stand-alone from the beginning, is still the best option.

This is a guest post by Tom Mallet is an Australian freelance writer and journalist. He writes extensively in Australia, Canada, Europe, and the US. He’s published more than 500 articles about various topics, including dedicated servers and Computer Support


Talkback and comments are most welcome

Related posts
Creating Your Own Web Server
Tutorial: Making a Web Server
Is the Server Running - optimal use of redundancy on a budget

The Web Content Filtering and Security products are already a maturing market. The need for monitoring and controlling user access to the Web is identified as critical for today's businesses

GFI Software is entering this market arena with a solution named GFI WebMonitor. This product is available either as a standalone proxy version that works in most network environments or as a dedicated plug-in for organizations that have deployed Microsoft ISA Server.

Installation
The installation is very easy, and the only really critical step that the admin needs to make a decesion in which mode the software will run. GFI WebMonitor can run in the following modes:

1. Simple Proxy mode - In this mode, GFI WebMonitor operates on a server with a single NIC and functions as a proxy. In order to use it, block direct access to the Internet from the clients and set their browsers to use the GFI WebMonitor system as a proxy.
2. Traffic forwarding mode - In this mode, GFI WebMonitor works 'inline', and acts as a router/proxy. To operate in this mode, you need to install GFI WebMonitor on a server with two NICs and routing ability (like Windows RRAS)

We will observe the operation of GFI WebMonitor in Simple Proxy mode - a mode that is easier to set-up and which will be the default choice of most companies.According to the documentation, GFI WebMonitor is designed for corporate use. In order to understand how GFI WebMonitor matches the corporate expectations, let's define a corporate environment scenario in which GFI WebMonitor will have to perform:

Corporate Scenario

Internet users
A typical corporate organization will have the following Internet users:

1. Standard Internet Users - The generic corporate grunts, people who are not expected to use the Internet during most of their work day. Their Internet access is limited to most basic Internet access, and download of PDF, Word and PPT files of maximum 2 MB size.
2. Power Internet users - Power Internet users, requiring access to a lot of Internet locations, and who regularly download documentation (PDF, Office) and media (audio, video, flash) from the Internet. These files can be of a larger size, up to 50 MB.
3. Management - The top brass, which although would use the Internet very rarely, they should not feel as if they are much limited
4. Exceptions - For research or testing purposes, exceptions of all rules must exist

Corporate policy
The typical corporate organization has a Internet access corporate policy. Here is a sample one:

• Rules for all users

1. No access to gaming sites, porn sites, narcotics or alcohol abuse sites, gambling sites, spamming and hate mail, racism and hate sites, job search sites, social media and instant messaging sites, web based e-mail services, virus and malware sites, hacking or exploitation sites, personal financial gain sites.
2. No workaround bypass of this policy is permitted

• Rules for Standard Internet Users

1. No access to news sites, media sites, file sharing sites
2. Download limit set to 5 MB per file
3. Permitted files - HTML, Images, XML, PDF, PPT, DOC(X), XLS(X)
4. No malware should be downloaded
5. Limit bandwidth to a maximum of 10kbps per user

• Rules for Advanced Internet users

1. No access to file sharing sites
2. Download limit set to 50 MB per file
3. Permitted files - HTML, Images, XML, PDF, PPT, DOC(X), XLS(X), AVI, MP3, MP4, FLV, VSD, Archives containing these types of files
4. No malware should be downloaded
5. Limit bandwidth to a maximum of 150kbps per user

• Rules for Managers

1. Download limit to 500 MB per file
2. Permitted files - PDF, PPT, DOC(X), XLS(X), AVI, MP3, MP4, FLV, VSD, Archives containing these types of files
3. No malware should be downloaded
4. Limit bandwidth to a maximum of 250kbps per user

Internet usage reports must be submitted to Information Security Officer per request and in a Monthly automatic report

GFI WebMonitor Performance against scenario

We have used all functions of WebMonitor to simulate the corporate scenario as close as possible. We have set up groups for web filtering and download access, and tested for normal functionality.

GFI WebMonitor has a simple but useful tactical dashboard for overview



Web Filtering Control

The good

• All restricted areas can be set-up in the web filtering control, and were properly blocked with a restriction message. If default policies are not sufficient, you can include or exclude manually, or you can also suggest categorizing a site GFI's database, so it gets into policy automatically.

The issues

• The minor administration issue that we found is that the categories are not explained, and it took us some time to discover that Instant Messaging is defined as Internet Communications. A dynamic description should appear as a category is selected - this will make the admin's life much easier.
• The functional issue that found is that there is no bandwidth control for anyone. GFI might discuss that this is not a function of a content filter, but there are products which provide these functions.

Download Control
The good

• The download controls can define the file types that can be downloaded
• The integrated proxy can save the already downloaded files, thus reducing internet link load

The issues

• There is no file size limit to apply to groups. So corporations cannot limit users to downloading only certain size of files and thus preventing of hogging the Internet link.
• Download restrictions can be bypassed by hiding files within other files (Zipped executable, embedded as an object within a word file)
• Selection of items in download control is a bit difficult, since you need to open each item specifically. This is mostly a cosmetic issue, but it can nag the administrator

Spyware and virus protection

The good

The antivirus protection worked as expected, and it identified the test EICAR virus simulation file


The issues

• The antivirus protection worked on the second attempt. The first time EICAR was downloaded and wasn't detected as a virus. We checked the antivirus engines and found that they have remained in Downloading and updating status for the entire 5 days of testing. After we forced the update to finish (required a reboot of the GFI WebMonitor computer and about 1 hour of patience) , the EICAR file was detected as a virus threat. We can't identify the reason for this behavior

Phishing protection

The good

• The phishning control is very effective. We tested against a fresh phishing site (at time of test only live for 5 hours) It was properly blocked both by GFI WebMonitor as well as Firefox Phishing protection. The site for testing was selected from PhishTrack

Instant Messaging Control

The good

• We tested with Windows Live messanger, and notifications are properly delivered to the administrator.
  

The issues

• This function looks more like a nice idea then a real functionality. It only functions for Microsoft IM Protocols, and is not useful for Skype, XMPP - (Jabber), YMSG (Yahoo), Gadu-Gadu. These protocols will either pass undetected or will not work at all.

Reporting

The good

• GFI WebMonitor has a brief set of reports integrated within it's engine, and it has a free ReportPack add-on especially for reporting.

Conclusion

GFI WebMonitor is a nice step in the right direction. The product is very easy to install, and the company that starts using it can see it's benefits by the end of the first day of use.
It matched all the basic requirements of our sample scenario, and only failed at the most advanced expectations. We have some reserve about the antivirus, but this is probably due to error in our installation or a bug that will befixed.

In order to evaluate whether GFI WebMonitor meets your requirements, simply note down your corporate scenario, and install the evaluatoion version. You'll be able to evaluate the match to your requirements very fast.


Talkback and comments are most welcome

GFI has published an opportunity to review their WebMonitor product. It is designed as a competition, with some prizes for the best reviewers.

Shortinfosec will be performing the review, but we will focus on the product quality. So, our readers may even expect some rants and constructive criticism.

Anyone wishing to perform the review can find it at
http://www.gfi.com/blog/software-reviewers-wanted/

Large enterprises rely on software products. And as everything else in large enterprises, the software products are large, complex, cumbersome and nearly unchangeable. This last attribute is better known as vendor lock-in. Software vendors love vendor lock-in. Here is a definition borrowed from Wikipedia:

Vendor lock-in, also known as proprietary lock-in, or customer lock-in, makes a customer dependent on a vendor for products and services, unable to use another vendor without substantial switching costs

The problem
Vendor lock-in exists in most large enterprise industries like Telco, Healthcare, Finance, Energy. Such industries rely heavily on certain computer systems or software products, usually dubbed Core Systems. Because most of the business transactions, logic and information are stored and processed by these Core Systems, the transition to a different Core System vendor is extremely costly and time consuming.

So most large enterprise companies simply continue to operate with the same Core System vendor, while they suffer:

1. delays in patch or version delivery
   
2. poor quality product versions
3. inadequate compliance from the Core System to their local law and regulation
4. ever increasing maintenance costs.

On the other hand, switching to another Core System vendor will result in probably the same end effect, with the added costs of the switchover.

The solution
So is there a way to improve your position? Indeed there is, but with a radical move: there is only one thing that any software vendor reacts to - risk of decrease in earnings from a customer.
To make this risk a reality for the vendor, the customer needs to reach a situation where competitors can successfully bid for software upgrades and new functionality without actually switching the Core System.

This is most easily achieved through the Core System's API interface. Most Core Systems have extensive Application Programming Interfaces (API), which can be used to exchange data with the Core System or issue commands to it.


So instead of asking for every possible modification or new functionality from the Core System vendor, just use it as a processing core - move everything else to other developers, which will need to adhere to the Core System API specification.

This way you can outsource the development of a lot of applications to other vendors, achieve better response from everyone and always have healthy competition. Oh, and it will keep the Core System vendor on it's toes!


Talkback and comments are most welcome

Related posts
Software vendor relationship - can you make it better?
3 rules to keep attention to detail in Software Development
Security challenges in software development
Paying for Software Support - When to do it?

A security assessment is a big deal. It takes a lot of time, requires a good chunk of budget since it is done by independent consultants and the outcome is at best 'OK, but could be better'.

For all these reasons, as well as some egoistic ones which won't be mentioned here, a lot of companies avoid hiring a security consultant and doing this assessment.

While the real thing may take time, budget lobbying and guts to admit that you are not perfect, here is a very fast self-assessment which will give you a feeling where are you standing. You can do this assessment on your own time, and no one needs to know the outcome.


Assessment instructions
Answer each of the questions truthfully with a yes or a no. If it is partial, write it up as a no. For each answer add appropriate number of points to a total score (indicated on each question). After finishing with all the questions, sum the score and find the appropriate assessment result depending in which interval your score fell.

Assessment questions

1. Do we have a firewall active at all ingress points of the network? Yes - 5 points, No - 0 points
   
2. Does our team control all firewalls? Yes - 5 points, No - 0 points
3. Do we have the following basic technical policies in place? Add 1 point for each policy in place
   
• password complexity
• password retention
• password history
• logon hours
• controlled registry editing
  
4. Does everyone in the organization have their own individual and unique username for all activities? Yes - 5 points, No - 0 points
5. Do we have logon/logoff auditing active on all servers and stations? Yes - 5 points, No - 0 points
6. Do we have a testing environment for patches, new versions and new software before it is rolled out into production? Yes - 5 points, No - 0 points
7. Do we have written procedures for regulating the above questions as process? Add 1 point for each procedure in place

Assessment results

• 30-36 points - Very good security posture - You have the basics of a great security governance. Continue developing in both the procedural and technical levels of security.
• 20-30 points - Acceptable security posture - You are lacking in written procedures and change management, but basic technical security is at a good level - you need to work harder on formalization
• 10-20 points - Basic security posture - Very basic security, lacking in any formal process of security, and also probably missing elements in auditing, ingress path control and technical policies. You need to go a long way, and you should have started yesterday!
• 0-10 points - Disaster waiting to happen - So you have firewalls? Really? And maybe you've even plugged them in? Hire a good security expert - after firing your current one and start getting somewhere

Talkback and comments are most welcome

Related posts
Quick and Basic Security Assessment for Databases
WMI Scanning - Excellent Security Tool
Tutorial - Using Ratproxy for Web Site Vulnerability Analysis

Most projects fail due to a manager's ambition or pressure to complete on time. This leads to significant errors.

Here are two examples from the opposite sides of the spectrum

• I have been witness to a very large and very risky project, which was initiated with nearly no regard for the risks involved. The project was completed successfully but only with the titanic effort and dedication of the project team.
• Only 2 weeks later, I was a witness to a project which had major issues with coordination, communication and breached deadlines, but still it went ahead. Sadly, the project finished with a major issue, mostly because of project staff fatigue which led to human error.

With these two examples, one must always be prepared to properly implement boundary conditions to ensure proper risk management.

You should ALWAYS be prepared with an answer to the following question:

• What is the 'deal breaker' of the implementation? Under which conditions should we abort and re plan?

The answer to this question should not be just any obstacle. Whatever the answer is, it should be related to

• Risk to business continuity
• Risk of impact to core business operation
• Risk of major personnel harm

Talkback and comments are most welcome

Related posts
Security risks and measures in software development
4 Controls to Avoid Risks of Fully Trusting a System
Information Risks when Branching Software Versions

For a long while, the MySQL Database Server is the choice of start up developers. Since it can be used under the GPL model, it seems free to use it. But is there a point where one would pay for MySQL.

Here is an analysis of the conditions under which it would be wise to invest in software support, through the example of MySQL.

The popularity of MySql is mainly due to it's seamless use with web applications, which is closely tied to the popularity of PHP, which is often combined with MySQL. Also, it is quite often deemed a cheap solution since it can be freely downloaded and installed, since it can be used under the GNU General Public License (GPL) license.

So do you need to pay anything with MySQL? While the first answer is no, since you can use it under the GPL license, any serious user will soon have a wealth of information stored in a MySQL Database.

Here is an analysis based purely on costs of licenses vs value of information

A common misconception based on simple logic is that the point in which the value of the stored information is higher then the value of the MySQL server, it makes a sense to invest in support and services for MySQL.

However the following diagram presents the flaw in the previous logic:

1. Up until the time the value of stored information reaches the cost of licensing, the company was generating revenue, but with risk to the data.
2. Should the company decide to license the server software at the time the value of stored data matches the costs, it will cease to be profitable. Even if the growth of the company continues as planned, it will take time to reach the level of profitability it had prior to licensing.
3. As the value of stored information continues to grow, it reaches a point where the the costs of licensing become stable over time. This is a good point to invest in licensing and services, since the licensing costs can be factored into the price of the information as a fixed item and will not increase the price of information significantly

Of course, this is not the only approach. The diagram may be quite different if the licensing increases the value of the stored information (For example, adding some enterprise features of availability or integrity)

Such changes will merit licensing at a much earlier point in time.

Talkback and comments are most welcome

Related posts
Software vendor relationship - can you make it better?
High Availability - Clusters have Issues
Know the Difference - Backup vs. Archive
Strategic Choice - Proper Selection of Web Hosting

Most administrators and security officers are well aware of the necessity of system hardening for corporate systems.

Hardening is the process of securing a system by reducing its surface of vulnerability. By the nature of operation, the more functions a system performs, the larger the vulnerability surface.

Since most systems are dedicated to one or two functions, reduction of possible vectors of attack is done by the removal of any software, user accounts or services that are not related and required by the planned system functions. System hardening is vendor specific process, since different system vendors install different elements in the default install process.

However, all system hardening efforts follow a generic process. So here is a checklist and diagram by which you can perform your hardening activities.

1. Perform initial System Install - stick the DVD in and go through the motions.
   
2. Remove unnecessary software - all systems come with a predefined set of software packages that are assumed to be useful to most users. Depending on your target use of the system, you should remove all software that is not to be used like graphics and office packages on a web server.
   
3. Disable or remove unnecessary usernames and passwords - most systems come with a lot of predefined user accounts for all kinds of purposes - from remote support to dedicated user accounts for specific services. Remove all remote and support accounts, and all accounts related to services which are not to be used. For all used accounts, ALWAYS change the default passwords.
   
4. Disable or remove unnecessary services - just as the two previous points, remove all services which are not to be used in production. You can always just disable them, but if you have the choice remove them altogether. This will prevent the possible errors of someone activating the disabled service further down the line.
   
5. Apply patches - after clearing the 'mess' of the default install, apply security and functionality patches for everything that is left in the system - especially the target services.
   
6. Run Nessus Scan - update your Nessus scanner and let her rip. Perform a full scan including dangerous scans. Do the scan without any firewalls on the path of the scan. Read through the results, there will always be some discoveries, so you need to analyze them.
   
7. If no Vulnerabilities are discovered, use system - after the analysis of the results, if there is noting significant discovered, congratulations! You have a hardened system ready for use.
   

Here is the described checklist as a process diagram


Talkback and comments are most welcome

Related posts

Checking web site security - the quick approach
Protecting from Meddling Web Applications
Strategic Choice - Proper Selection of Web Hosting
Web Site that is not that easy to hack - Part 1 HOWTO - the bare necessities
Web Site that is not Easy to hack - Part 2 HOWTO - the web site attacks
Rules for good Corporate Web Presence

When purchasing a server, most companies select a server class computer from a reputable manufacturer. And in this day, usually the servers come loaded with redundant components to optimize server availability and make it more resilient. And yet a lot of these servers fail at the first glitch simply because they are not configured properly. Here is a brief blueprint on how to optimally utilize the purchased and paid redundancy.

First, let's analyze what is usually redundant in a server. If we take into account only the garden variety commercial servers and ignore the hugely expensive fault tolerant machines, here is what you usually get:

• Redundant Disk drives
  
• Redundant Power Supplies
• Redundant Network Adapters

To achieve a maximum from these elements, you should perform the following steps:

• Redundant Disk drives - organize them into a RAID configuration. RAID 1 (mirror) is the best in terms of redundancy and speed. But you loose exactly 50% of capacity. RAID 5 (parity) gives you the best trade off between capacity loss and optimal performance. When planning a RAID, look for a server that has a hardware RAID controller. The modern server operating systems can make a RAID themselves, but this way the operating system has to dedicate resources and have specific software to maintain the RAID - thus burdening the main CPU with this task
  

• Redundant Power Supplies - connect all power supplies of the server to power lines coming from a different circuit breaker. This will save you a lot of grief if the cleaning lady decides to connect her vacuum cleaner to an outlet connected to the same circuit breaker as the server and overloads it. If possible, connect all power supplies of the server to different Uninterruptible Power Supplies. This way, all UPS systems will help your server ride out the blackout.

• Network adapters - First, organize the network adapters to work as a failover team. This is realized with specific drivers delivered by the manufacturer, and the driver creates a virtual network adapter. The virtual network adapter is configured with the IP address of the server, and it binds to one of the physical network adapters. Should the adapter loose connectivity, the driver will bind the virtual network adapter to the other physical one, thus reestablishing connectivity. To achieve optimal solution, connect the physical network adapters to several switches which are interconnected via trunk links - thus creating one large meta-switch.
  

All described actions can be performed by your in-house system administrator, and do not require any special expertise. With these simple steps, you'll achieve excellent availability of your server.

Talkback and comments are most welcome

Related Posts

High Availability - Clusters have Issues

Know the Difference - Backup vs. Archive

Creating Your Own Web Server

Tutorial: Making a Web Server

Your company bought a corporate software solution. Your teams tweaked, modified and tested to get it up to your requirements. Now, you just continue to use it for the next 20-30 years without problems. Right?

Well, not quite. The marriage between a corporation and a software vendor has a tendency of turning ugly as time passes and here is why:

• Software Vendor Greed - You are tied up into maintenance and upgrade contract, with a yearly fee. And lately, the largest software vendors are increasing these fees as new sales are dropping. The latest example are SAP and Oracle, and they are actually blaming it on Inflation - Here is a great article on this tendency http://blogs.zdnet.com/BTL/?p=9717
• Customer treatment - After a corporation has migrated it's core data into the new software, and sufficient delta time has passed to make the reverse migration into the old system impossible (usually 3-6 months), the software vendor relaxes. He know that the customer is his for the foreseeable future, since migration back or to another system is way too costly, in time, money and human effort. So the software vendors becomes less responsive, focuses on new deals, and in extreme cases even becomes outright arrogant
• Software Quality Failures - What initially seemed like a minor issue, can grow into a big ugly monster of a bug as the dataset grows, or as errors creep into the system. And the software vendor may choose not to address the core problem, simply because it is too costly or not really possible to be fixed without a full overhaul. So what usually happens is that your company ends up throwing ever more powerful hardware at the problem in the hope that raw speed will help alleviate the issues.

So, is there a way to kick the software vendor where it hurts and make them work as good as the first time they sold a solution?

There is no silver bullet solution, but the following suggestions can help a lot:

• Put a big stick in the purchase contract - Include software issues resolution time and change request reply times bound with severe penalties in the original purchase contract. This way, all you need is to enforce this SLA every time the software vendor slips. Pretty soon the software vendor will have to bite the bullet and start dedicating it's resources to you - simply because it will cost them way too much to treat you bad.
• Put a carrot in front of the software vendor - Place a condition of payment for any new expansion or module purchase with clearance of all outstanding issues in the original software.
• Always plan a contingency - Have a planned alternative solution. This is the most difficult solution - and the most costly to complete. But when in dire straits look at alternative solutions - especially fully managed (outsourced) alternatives. With these alternatives your organization is the user of a software, and most of the effort of migration in terms of hardware and resources is offloaded to the outsourcing company. Oh, and by the way, once the software vendor understands you have an alternative, quality will definitely improve.

Talkback and comments are most welcome

Related posts

Information Risks when Branching Software Versions

3 rules to keep attention to detail in Software Development

8 Golden Rules of Change Management

Application security - too much function brings problems

Security risks and measures in software development

Security challenges in software development

As IT services become more and more important to the organization, the notion of the a service being down becomes scary. So the organization begins to search for ways to make the IT services more available. The usual solution to high availability is to place the IT service on a cluster system.

So, let's start with a definition
A computer cluster is a group of linked computers, working together closely so that in many respects they form a single computer. They come in three generic flavors:

• High-availability (HA) clusters - implemented for the purpose of better availability of IT services
• Load-balancing clusters - distributing a workload evenly over multiple nodes
• Grid computing - large sets of computers optimized for workloads which consist of many independent jobs or packets of work

High Availability Cluster
For a typical corporation the 'weapon of choice' is the High-availability cluster. The simplest form of a high availability cluster contains two computers and a shared disk resource.


Most high availability cluster run in a 'failover' mode, also known as 'active/standby' mode. This means that one of the computers (nodes) is running the IT service (web server, database server or similar) while the other node is idling and waiting for the first node to fail.


Should it fail, the second node will take over the IT services and related resources - usually disk volumes, ip addresses and hostnames and continue to run the service. This takeover takes anywhere from several seconds to a minute, which is acceptable for most types of services.

The process of takeover includes a process called 'voting'.

1. Both nodes are checking each other's health at regular intervals. This health check is known as a heartbeat
   
2. In the case when one of the nodes does not respond, the second one will assume that the first one has failed, and it needs to take over the IT service that needs to be run.
   
3. The problem with the immediate decision to take over is that the missing response can be just a connectivity issue, in which case the first node is still up and running - and both nodes will end up fighting over the IT service. This is known as a 'split brain' cluster
4. To avoid this situation, an odd numbered element must be included. Since a third computer can be expensive, a usual third element is a disk drive that is connected to both servers. This disk drive is known as a 'quorum disk'.
   
5. So, in case of a failure, the surviving node will first contact the quorum disk and perform a 'vote' - usually write a file and wait a predetermined time to see whether the other node will erase it. If the file is there, the vote is successful, and the surviving node will take over the IT services.

This entire voting process takes several milliseconds so it does not delay the fail over process

Issues
Naturally, there are issues with using clusters. Here are the most common

• Cost - Cluster systems need specific cluster aware software, the hardware is usually highly redundant and the shared disk systems are quite expensive.
  
• Resource Waste - In failover cluster - the most common variety, one of the cluster computers is mostly idle, just sitting there and waiting for the first node to fail.
  
• Difficult performance scaling - In failover cluster, if the current cluster node does not have sufficient power, it is not easy to replace it with a faster cpu. Everything inside a computer designed to run in a cluster is more expensive and needs special approval by the cluster software vendor to confirm that it is compatible with a cluster solution. And even if you manage to upgrade the system, you are careful to upgrade both nodes, so if failover occurs the performance remains the same.
  
• No protection against software error - In essence, the cluster is not a silver bullet. It protects against hardware error, but in no way helps against corruption of information caused by faulty software or human error.
  

Conlcusion
The High Availability cluster is an excellent solution for increasing IT service availability - if you can live with it's issues:

• For maximum effect it needs to be supported by methods of protection against software or human error (backup and archive)
• For resource waste, you can run several IT services and balance them on both nodes, so each node acts as failover for the services running on the other node. But bear in mind that when a failover occurs, you'll have to run all services on one node - thus creating a possible performance issue.
  
• If cost of hardware and upgrades is a major issue, you can even consider an assymetric cluster - one node being much more powerful then the other. This is a double-edged sword: should a failover occur you'll be left running on considerably lower resources which may not be accepted by the organization

Talkback and comments are most welcome

Information availability and IT operations require Data Backup. Legal and Compliance requirements dictate Data Archival. But many organizations make the mistake of equalizing Archive with Backup, which can lead to wrong choice of backup or archival media, very poor restore time and even loss of information.

Example Scenario
As part of an audit, an auditor reviewed the backup and archival system of a company. The company presented their backup systems, access controls and audit. When asked about archived data, they again pointed to the tapes containing their backup. But their backup tapes are rotated every 6 months, so the company does not have any archive from earlier then 6 months ago.
The company failed the legal Archival requirement.


Analysis
In order to properly design and architect a backup or archive systems, one must clearly understand the differences between backup and archive:

Backup
The key reason for the existence of backup is to provide an alternative data source in case the primary data source is corrupted or destroyed. A Backup process is creating a copy of the current state of data. It is understood and accepted that the state of the backed up data will change in the future under controlled circumstances. At that point the old backup will become irrelevant for operational purposes and the data will need to be backed-up again.

Criteria for selecting a backup solution

• The backup needs to be accessible fast
• The media should be reusable for maximum cost efficiency
• The media should survive transport in less then ideal conditions (trunk of a car)
  
• The backed up information should survive with full integrity and availability for several months on the backup media.
• The backup should be able to span multiple media (if backup set is larger then media capacity).
• The solution should be intelligent enough to enable different backup sets (full backup, incremental backup, differential backup etc)

Archive
The key reason for the existence of archive is to provide historical reference of information. The archive's process final product is a long term non-changeable copy of data or information. It is understood and accepted that the archive media must be resilient, capable of surviving over long periods of time (years) and must guarantee that the archived data remain unchanged during the entire archive lifespan.

Criteria for selecting archive solution

• The archive media needs to be able to operate with different data collections while treating them at the same level of integrity - individual data records from a database as well as entire documents,
• The access speed to an archive can be slow, but archive media should have an extremely high level of reliability (remember, archives can span several decades)
• When creating an archive, always plan the lifetime of the archive, and make sure that the manufacturer will provide systems that can retrieve the stored data - having an archive that is unreadable because there is nothing to read it on is a terrible idea.
• Data integrity must be maintained over the entire period of the archive existence - there is no point in having an archive if you can't trust that it's the same as it was when archived.
• There should be an index of archive media to retreive relevant information from archive

Conclusion
Backup and archive solutions may be part of an integral system, but they perform a different function, so the actual media and individual systems will most likely vary.

While backup is still performed mostly on magnetic tapes, archive is usually performed on optical disks or microfilm. You may choose magnetic media for archive, but if you do, you need to plan that your archive tapes must be shielded from long term adverse influences, and you must maintain a functional reader for the tapes over the entire lifespan of the archive.

Talkback and comments are most welcome

Related posts
3 Rules to Prevent Backup Headaches
Business Continuity Plan for Blogs
Further resources and options for educating yourself in IT terminology
can be found here and here

The time of expensive hosting and limited functionalities on web servers are long gone. Today, everyone and their mother is doing web hosting, with a huge hosting disk capacity at very acceptable prices. But even though most hosting providers differ only in the price on paper, things are much different in the real world.

You can get stuck with a poor hosting, a lot of non-functional elements of the site and even huge downtime on your site.
Here is a practical approach to selecting a good but Affordable Web Hosting provider. In order to properly evaluate them, you'll need to engage both your technical and business teams.

Make a table like the one on the following slide and start grading according to the following bullets

1. Business Support Quality - Through this category, you will evaluate how prepared the hosting provider is to meet your business expectations of hosting. When evaluating business support quality, you need to answer the following questions. Add two points for each Yes answer to your business support category grade:
   
• Does the hosting providers' sales rep answer to calls and e-mails in a timely manner?
• Does the hosting providers' sales rep try to understand what you are trying to achieve?
• Is the sales rep discussing meeting your requirements?
• Does the sales rep provide direct contact with a dedicated technical person for clarifications?
2. Technical Support Quality - Through this category, you will evaluate how prepared the hosting provider is to meet your technical requirements for hosting. When evaluating technical support quality, you need to answer the following questions. Add two points for each Yes answer to your technical support category grade:
• Does the hosting providers' technical support person answer to calls and e-mails in a timely manner?
• Does the hosting provider actually support the technical requirements of your site?
  
• Does the hosting providers' technical support person answer your team's technical questions in a clear manner?
• Does the hosting providers' technical support person ask for clarification on your requirements?
• Does the hosting providers' technical support person warn you of any specific policies and limitations in their hosting solution that might hamper you?\
• Does the hosting provider offer remote tools for web site technical side management (service stop/start, add-ons and libraries management etc..)
  
3. Hosting Solution Breadth - Through this category, you will evaluate what other services you might be able to utilize in the near future combined with web hosting. When evaluating hosting solution breadth, you need to answer the following questions. Add one point for each Yes answer to your solution breadth category grade:
• Is the hosting provider prepared to take over DNS hosting?
• Is DNS records management available to your technical staff via remote interface?
• Is there a e-mail service available?
• Can the e-mail service capture all e-mails for you if necessity arises?
• Are they offering any other services as bundle or with additional payment?
  
4. Hosting Contention Ratio - Through this category, you will evaluate how many other sites you'll have to compete with for server resources, and how many different sites can impact your own in terms of security since they are on the same server. When evaluating contention ratio, you need to answer the following questions. Add one point for each Yes answer to your contention ratio category grade.
• Is your site on a dedicated server?
• Is your site on a server with no more then 50 large customer sites?
• Is your site on a server with dedicated and isolated resources from other sites (virtual machine or chroot type of isolation)?
5. Error Recovery - Through this category, you will evaluate how will the hosting provider react to recover your web site should an error occur. When evaluating error recovery, you need to answer the following questions. Add one point for each Yes answer to your error recovery category grade
• Is backup of the site performed daily?
• Is backup of the site performed together with backup of the site's backend database
• Is hacker attack detection/prevention present?
• Will you get alerting/notice from the provider if suspect hacker activity is detected?
• If site defacement occurs, can the hosting provider recover to a working site within 15 minutes of detection or notice bu you?
  
• If site defacement occurs, is proper forensic investigation performed with results submitted to you?
  

After you've finished answering your questions, you'll have a table like the one below


Select the top 20% providers from the Total grades and add the pricing of their solution. The cheapest one will be your Affordable Web Hosting provider. You can afford to pay him, but you don't need to accept low quality.
Talkback and comments are most welcome

Related posts

Rules for good Corporate Web Presence
Creating Your Own Web Server
Tutorial: Making a Web Server
Web Site that is not that easy to hack - Part 1 HOWTO
Web Site that is not Easy to hack - Part 2 HOWTO - the web site attacks

GPS Fleet Tracking is usually associated with taxi fleets, armored transport and police/security vehicles. In reality, a lot of companies use GPS tracking not just for their company fleet, but also for personal tracking of their top employees or sensitive equipment. And GPS itself brings a whole new challenges to information security.

The Functionality
The Global Positioning System (GPS) is a Global Navigation Satellite System developed by the United States Department of Defense. It uses a constellation of between 24 and 32 Medium Earth Orbit satellites that transmit precise microwave signals, that enable GPS receivers to determine their current location, the time, and their velocity (including direction).

The GPS Fleet Tracking uses a GPS receiver paired with a radio transmitter. The GPS receiver determines it's location, direction and velocity and transmits this information to a central monitoring system via the radio transmitter. The radio transmitter part is most frequently a GSM mobile phone device which transmits the data via GSM Data or GPRS data capability as TCP/IP packets.
The central monitoring system is a server that receives the packets sent by the GPS tracking devices, stores them in a database and presents them as an overlay on a map.

The following diagram presents the overall system:

1. The GPS receiver contacts the GPS satellites and calculates it's position, velocity and direction. At any given time, the GPS receiver has at least 3 satellites over the horizon to contact
2. The GPS tracking device sends the calculated information via the GPRS data link to the information hub
3. The information hub relays the received information to the GPS Tracking server
4. The user uses the monitoring station to follow the fleet or to review the information about any vehicle stored in the database.

BrickHouse Security has a very comprehensive selection of GPS Fleet Tracking solutions.

The Business Benefits
There are well known business benefits of using a Fleet Tracking system. Here are several:

1. Tracked vehicles are used much more responsibly and only for the intended purpose (no detours to buy groceries, or weekend trips to the lake).
2. Because they are used for the planned purpose, the fuel usage is much more optimal.
3. Ability to observe employee vehicle usage to establish their responsibility towards company assets.
   

The Physical Security Benefits
Apart from a clearly business perspective, GPS Tracking has security benefits

1. GPS Fleet Tracking enables stolen vehicles to be recovered very fast.
2. Paired with a panic button, it can be used for tracking and helping kidnapped or blackmailed key personnel (the chief officers and other key employees can be equipped with such GPS Tracking device)
3. Valuable or sensitive equipment or assets can be observed during transport to identify situations where the asset has deviated or been delayed in transport - a major indication of attempt at tampering or theft
   

The open and sensitive questions
Naturally, every new system brings new challenges for information security. Here are the most common ones connected to GPS tracking:

• How do you secure your GPS tracking database - the GPS tracking data is sensitive to say the least. Anyone stealing that data can analyze the travel patterns of each vehicle and subject tracked and plan a possible theft or crime. Also, the GPS tracking data will identify the 'blind spots' where tracking is impossible, like tunnels, parking structures, even streets with train tracks above them - which are first choice for theft.
  
• How do access the GPS tracking data? - if one cannot steal the information from the database, it can be stolen in transit. If the monitoring station and the servers are at a distance from each other, always use an encrypted channel to access this information.
• Do you inform your employees of GPS Tracking systems? - Informing the employees that their vehicles are tracked is a double edged sword: If you do inform them, they should be more careful, but on the other hand some of them will go to great lengths to destroy the GPS device so they can go about their way as they used to. If you don't inform them, you can end up in court for a number of infractions - depending on the judicial system
  
• Do you control against rogue GPS devices - just as you use GPS for a legitimate function, a criminal may use a rogue GPS device to simply collect information off your vehicles. There isn't a very easy to find such devices once they are planted, but it is much easier to control the access to the relevant vehicles to prevent a criminal from approaching them for a time that will enable him to plant the rogue device.
  

Conclusion
The GPS Fleet Tracking systems are very useful systems, and can enable the company to achieve considerable savings to their fleet management, as well as provide additional security leverage for personal and asset safety.

But at the same time, it introduces a new system with it's own IT and communications requirements, and another repository of highly confidential data.

So any company implementing a GPS Fleet Tracking system should clearly define its objectives and requirements, and seek out a professional integrator to deliver the entire solution, always bearing in mind that the solution must be both functional and secure.


Talkback and comments are most welcome