Solution Centre Blog2010-07-30T11:45:11Zblog@solutioncentre.co.ukCopyright 2010, blog@solutioncentre.co.ukSPHPBLOGZscaler Launches Industry-First Fully Integrated Email and Web Cloud Security Service "Web and messaging security are no longer mutually exclusive," says Christian Christiansen, Program Vice President for IDC's Security Products and Services group. "Malicious URLs appear in emails, phishing attacks, and sophisticated blended threats that target multiple protocols. The use of web-based malware forces organizations to adopt security technologies that can address both web and messaging threat vectors to an equal degree. Offering potential solutions, Zscaler's security SaaS offerings provide integrated web and email security that reduces cost and complexity while improving security."
Extending Cloud Security from Web to Email Gateway Zscaler launched its game-changing cloud-delivered web security service in 2008 and is now protecting millions of users in 140 countries. Customers range from G2000 enterprises to governments to SMBs. To complement the web security offering, Zscaler has now extended its infrastructure to also provide a deep and comprehensive email security service that provides protection against spam and malware. Key features include:
Accurate filtering to block spam and phishing
Deep protection against viruses and spyware before they enter the enterprise perimeter
Flexible policies to define granular mail flow and encryption
Data Loss Prevention (DLP) for SMTP and webmail
Rich, interactive and correlated real-time reporting
"We have been a happy Zscaler web security customer," said Bob Fairclough, Manager of Technology Services at Raritan Bay Medical Center (RBMC), a leading healthcare institution in New Jersey. "Replacing our email security appliances with Zscaler's email service was almost effortless. Integrated email and web security has provided us holistic reporting and common security policies as well as saved us time and money."
Defining a New Standard for Integration While many vendors talk about web and email integration, offerings are limited to a common dashboard. Beyond that lie two disparate user interfaces as well as multiple policy managers and reporting systems. Truly integrated web and email security is a key factor setting Zscaler apart from the competition.
Service highlights include:
Single Policy: Truly one policy manager for email and web security
Integrated Security: Cross-leveraging threat intelligence with full inline real-time content inspection of email and web traffic for better detection of advanced threats and data loss, as well as dynamic classification of web pages to proactively stop suspicious and malicious code. For example, detection of transaction by botnets sending spam is leveraged by the web security service in real-time.
Integrated Reporting: Holistic visibility for email and web, with unified real-time reporting down to the transaction level at incredibly fast response speeds, powered by Zscaler's patented NanoLog technology
Common DLP: A single, common user interface and policy manager for Data Loss Prevention (DLP), eliminating the need to maintain separate sets of policies and dictionaries for email and web
"Driven by cost, complexity and growing security risks, enterprises of all sizes are looking for integrated cloud security services," said Patrick Foxhoven, CIO of CentraComm, a managed security and network services company based in Ohio servicing Fortune 50 to mid-market customers. "Unlike other offerings, Zscaler email and web are truly integrated, enabling us to serve our customers better by addressing all threat vectors they face with a single unified platform."
In addition, the Zscaler services offer policy-based protection for mobile users anywhere and at any time. With 40+ data centers globally, re-routing latency is minimum and 100% reliability and availability is ensured.
"The new version of Zscaler gives new meaning to, and defines a new standard for, integrated web and email security services," said Jay Chaudhry, CEO of Zscaler. "It also provides us unrivalled visibility into evolving threats across mail and Web globally."
Product Details]]>http://www.solutioncentre.co.uk/blog/index.php?entry=entry100719-2300142010-07-19T00:00:00Z2010-07-19T00:00:00ZMobileIron mange iPhone iOS 4 Core Components Include a New Model for Enterprise Application Discovery and Zero-Touch Security .
MobileIron, have announced a broad set of capabilities to accelerate the adoption of iPhones in the enterprise.
MobileIron's new application discovery, zero-touch security, and real-time cost control services leverage the APIs available with iPhone 4 and iOS 4 to provide the first complete management solution for iPhone, iPod, and iPad.
MobileIron enables IT organisations to secure and manage iOS 4 devices end-to-end while preserving the full user experience of the platform.
With MobileIron for iOS 4, businesses can now take advantage of that same power to easily develop, secure, and publish their own in-house apps to their employees. iOS 4 is a watershed release for the industry that will catalyse mobile application development and shift the battle for the mobile enterprise from email to apps."
MobileIron for iOS 4 addresses three core enterprise requirements:
Application discovery: For the first time, application discovery for in-house apps will be easy for both IT and the end-user. IT can publish a catalogue of the company's in-house apps for users to download over-the-air, without iTunes required. Different apps can be made available for different users, based on policy. For example, the sales team might have access to CRM and expense reporting apps while the engineering team has access to knowledge management and collaborative apps. IT can now also maintain an accurate inventory of what apps are on what iPhones and restrict access to enterprise email if non-compliant apps are present.
Zero-touch security: User intervention is no longer required to update iPhone security and application configuration profiles. IT can now push profiles to iPhones without requiring any action on the part of the user. Certificates can be used to authenticate user and device identity. All devices accessing the enterprise can now be managed 24x7, with constant management connectivity. Modified iPhones can be kept out of the enterprise and all iPhones can be kept up-to-date and in-sync with corporate security policy.
Real-time cost control: One of the largest and most unpredictable business telecom costs is data roaming charges from apps and web browsing. With MobileIron for iOS 4, IT can now monitor international roaming in real-time. Whenever an iPhone user travels to a new country, both the user and IT are notified to ensure that costs are tightly managed and service plans are appropriate.
MobileIron for iOS 4 strengthens iPhone security and manageability for all organisations, regardless of whether they are deploying just email or email plus apps. However, as apps usage in the enterprise explodes, MobileIron's management platform will allow IT to keep pace with both iPhone innovation and user demand. ]]>http://www.solutioncentre.co.uk/blog/index.php?entry=entry100622-2336322010-06-22T00:00:00Z2010-06-22T00:00:00ZThings Riverbed Cascade does that made customers go “Wow!”
ByLocation Cascade allows you to group devices (servers, clients etc) by different variables, one of which is geographic location. Sometimes the result show a whole range of IP addresses and devices which were completely unknown to the central network team.
When creating/importing the ByLocation host group view members of all existing host locations. Then add a new group “0/0 unassigned”. This will pick up all internal addresses that have not yet been allocated into one of the location groups. This has 1 or 2 effects – it identifies those locations that were missed from the network location list, and/or identifies networks/IP addresses that hitherto were unknown to the network administrators.
Server Delay / Network Delay Being able to track real-time responses of real application traffic anywhere in the network is powerful, after all that is the whole purpose of the systems, to provide decent responses and performance to end users no matter where they are or what application they are running.
Whilst navigating through the various reports look out for any large numbers around the RTT / Server Delay / Network Delay fields. Whilst they may not in themselves be cause for alarm, it should warrant further investigation to prove that these large numbers are acceptable. Remember, because we are just installing the profiler we have no concept of normal behaviour on this network. It is equally likely that we have identified a problem area as it is this is normal behaviour (server delay should never be excessive though)
Suspicious connections Because Cascade can see all traffic traversing the network, it can see stuff that should be there and perhaps stuff that shouldn’t.
A tough one for us to identify as we do not fully “understand” the customer’s network - but go with their instincts. On a couple of occasions we have noticed client host systems connecting to other hosts (server or client) that have required additional investigation e.g. why is that system in Italy connecting to another in Finland? In this particular instance we noticed that the volume of traffic between this client and the Exchange server was far greater than its contemporaries. Drilling into this client then identified a number of other suspect connections including the Finnish one.
Daily Reports The reporting capabilities of Cascade are vast. Whether you are a network person, a server person, an application person, a security person, a line of business person, a data centre person..... (the list goes on), Cascade has reports which are useful to you in your daily life. As a line of business person, for example, getting a report showing end to end performance of an application and variations across the reporting period and from normal, gives a clear view that all is well, or otherwise. So that report turning up in your inbox every morning along with the ability to look at your customised dashboard in real0-time, means you have a real handle on your critical service delivery.
Try and configure a daily report that emails to the principal contact – say WAN Utilisation report, and/or a mission critical application reports such as SAP Utilisation or Exchange. This will help to keep Cascade in the forefront of their daily activity. We don’t want them to forget it’s there two days after leaving site.
Product details ]]>http://www.solutioncentre.co.uk/blog/index.php?entry=entry100615-2120082010-06-15T00:00:00Z2010-06-15T00:00:00ZMonitoring Primary and Backup WAN Paths An important factor in this is ensuring the backup circuit is alive and operating correctly at all times – it will be too late when the primary system goes down to then find that the backup circuit also isn’t working with a preventable problem leaving the branches disconnected from the datacentre.
The PathView software sequencers located in each branch are used by the PathView system in the datacentre to monitor the network paths between the datacentre and the branch sequencers. The PathView system reports on a variety of metrics including: latency, jitter, capacity, utilisation, and (of course) connectivity. If any of these metrics breach the predetermined thresholds then alerts are automatically issued so that remedial action can be taken if necessary.
This is all well and good for the primary circuit, but how can we monitor the backup line? The sequencer by default is installed with just one network interface. By adding an additional interface to the sequencer and monitoring systems on a VLAN dedicated to monitoring the backup route we can now test both the default and backup paths.
The diagram above shows a typical MPLS architecture with IPSec backup paths. For clarity the routing for just one branch has been detailed.
Having sequencers with two interfaces at each branch location will allow for simultaneous monitoring of either WAN type from either direction. This will provide great visibility into path performance for each scenario.
Paths are defined as a triple in PathView Premise (sequencer, target, target type).
To take advantage of the dual interface create and assign a duplicate target type for the IPSec VPN paths.
Example:
SeqA=head office SeqB=some branch office 10.10.10.x=MPLS WAN IP numbering 172.16.1.x=IPSec WAN IP numbering
Possible Paths:
SeqA(10.10.10.x) to SeqB(10.10.10.x) using Server WAN (MPLS) SeqA(172.16.1.x) to SeqB(172.16.1.x) using Server WAN (IPSec)
You could also perform UDP monitoring at the same time:
SeqA(10.10.10.x) to SeqB(10.10.10.x) using Server WAN (MPLS - UDP) SeqA(172.16.1.x) to SeqB(172.16.1.x) using Server WAN (IPSec - UDP)
Furthermore, you could perform monitoring in the opposite direction…..
SeqB(10.10.10.x) to SeqA(10.10.10.x) using Server WAN (MPLS) SeqB(172.16.1.x) to SeqA(172.16.1.x) using Server WAN (IPSec) SeqB(10.10.10.x) to SeqA(10.10.10.x) using Server WAN (MPLS - UDP) SeqB(172.16.1.x) to SeqA(172.16.1.x) using Server WAN (IPSec - UDP)
]]>http://www.solutioncentre.co.uk/blog/index.php?entry=entry100513-1139562010-05-13T00:00:00Z2010-05-13T00:00:00ZCitrix XenServer - Free Enterprise-Class Virtualisation This is an interesting twist in the server virtualisation wars. They have decided their very capable product can be free, presumably to step on VMware ESX sales by differentiating themselves at the entry point. In the current cash strapped times this should do them no harm at all.
It is not a cut down or incapable version, it comes with a feature set that will be all many organisations need, with features such as centralised multi-node management, and full live motion.
They are reverting to a classic Citrix model of adding value to “standard” products by producing a range of chargeable add-ons for those who need them. Citrix Essentials™ for XenServer, a new product line that includes a rich set of capabilities specifically optimised for the XenServer environment. These optional features including:
• lab automation • dynamic provisioning • workflow orchestration • high availability • seamless integration with leading storage systems
will be directly visible in the XenCenter administration console in grayed-out mode, making it easy to understand the additional capabilities available. As Citrix adds new enhancements to the Citrix Essentials product line, all active XenServer users will have the option to be automatically notified of these new capabilities through their XenCenter management console.
Customers using Microsoft Windows Server 2008 Hyper-V for their virtualisation platform will also be able to add similar advanced virtualisation management capabilities to their environments by purchasing Citrix Essentials™ for Hyper-V™. With the Citrix Essentials product line, Citrix is committed to adding significant value to both XenServer and Hyper-V, the two fastest growing virtualisation platforms in the market, helping customers in all market segments achieve more manageable, scalable and agile data centres in a way that leverages their existing investments in the most efficient way possible.
]]>http://www.solutioncentre.co.uk/blog/index.php?entry=entry090330-2322572009-03-30T00:00:00Z2009-03-30T00:00:00ZWhat’s in name?Riverbed Cascade. We know why Mazu is now Riverbed – they bought the company. Who knows why Profiler, which describes a bit of what this wonderful piece of kit does, is now Cascade. No idea what Cascade describes or implies, but that doesn’t stop the product being magnificent. It’s not a network monitor. It’s not a security monitor. It’s not an application performance monitor. It’s not a compliance monitor. It’s not a behavioural analysis monitor. It’s ALL of those things and probably more beside.
It’s a strange beast. When you try and describe it to someone they almost always say “I have something that does that”. I’ve seen things that do bits of what this can do, but nothing like as comprehensive. You probably can recreate much of the functionality by throwing loads of products at it, but you would end up with multiple panes of glass to manage and multiple throats to choke, multiple support contracts and a general nightmare.
With Riverbed Cascade, as we must get used to calling it, you get real end to end visibility into how the entire infrastructure stack is delivering services to the end users, which after all is the whole point of the infrastructure. There is no synthetic traffic to run across the network. No agents or probes to install and maintain. Just a simple installation which can start to give meaningful results within a couple of hours of taking the appliance out of the box.
Simple use examples are: • For those who were clobbered by Conficker. With this you can see the activity and isolate the affected hosts before it spreads • Get real response time measurements for every client server conversation, for every application • Is the problem the network or the server, easily identify root causes for quick resolution • Active Directory, DNS and DHCP integration means you can easily see who and what is involved • SNMP integration means you can get location information and identify which switch the user is plugged into • Easily allows you to prove to an auditor that no unauthorised (non-compliant) activity has happened • Deep packet inspection means you know exactly what that application is, not just ports and protocols • How heavily used is your network, great for capacity planning • Where do the application dependencies lie, does the application really work in the way you think • How many of your servers are not really doing anything, how much could you save switching those servers off
Integrates with a bunch of other stuff, manage it through your overall management architecture; integrate it with specialist tools, such as SEMS.
The only way to really get your head round the power of this system is to see it in action. Ask about our webinar demonstrations and see what it could do for you!! Product Link ]]>http://www.solutioncentre.co.uk/blog/index.php?entry=entry090318-2336542009-03-18T00:00:00Z2009-03-18T00:00:00ZWhat use is IT to the rest of the organisation? It is therefore important to the business to know how well those services are being provided to the end users.
In many environments this visibility is provided by how frequently the helpdesk phone rings. Some have a range of sophisticated probes and monitors deployed. Deploying probes is always a hassle and is never cheap. Some run synthetic traffic across the network and measure responses; that adds load, is hassle to set up and doesn’t represent the real world.
What is needed is something that: • Is simple to install, without probes everywhere • Can see all traffic, all the time • Can see across the LAN and the WAN • Can see response times for real data and applications • Introduces no real load on the system • Can give a helicopter view across silos • Facilitates easy deep dives into the nitty gritty to allow proper root cause analysis • Doesn’t need to be set up and scheduled, like a sniffer, as it’s always everywhere
That is what the Mazu Profiler is like. It is awesomely powerful. It can do so much it is easy to make it sound unbelievable, but it really is.
Mazu Profiler uses Network Behaviour Analysis (NBA) to provide a new way of looking at the infrastructure by analyzing network traffic to provide valuable information about the interactions of and dependencies between users, applications, and systems.
You can set up different dashboards appropriate for different users. So it can be a simple traffic light, or tell you the inside leg measurement of the router in rack 24, or the SQL query being processed by the server when it runs like a dog. Unbelievable? Yes, but real and awesome! ]]>http://www.solutioncentre.co.uk/blog/index.php?entry=entry081121-1044152008-11-21T00:00:00Z2008-11-21T00:00:00ZPortlock Software have release SMART Suite.Portlock System Management and Recovery Toolkit (SMART) Suite for Windows is the essential system administrator's toolkit for professionally managing and maintaining enterprise servers and virtual machines. Portlock SMART Suite has three main functions: 1. A GUI for managing Microsoft Hyper-V Server and Windows Server 2008 Core 2. A bootable platform to repair damaged operating systems 3. Tools to perform system tasks on bare-metal systems and virtual machines
Use Portlock SMART Suite for Windows directly from the ISO image, or burn the ISO to a CD and insert into a running Windows system. Manage Portlock SMART Suite for Windows remotely from a running Windows system or from a bare-metal boot, download Windows updates, and administer drivers, services, firewalls and much, much more.
Server Core platforms Windows Server 2008 core and Hyper-V Server 2008 are minimal server bare-metal installation platforms that are installed without any user interface of their own, providing tighter security. Without a user interface you are forced to use and memorise lengthy scripts from the command line for server role and system configuration. With Portlock SMART Suite for Windows providing you with a user friendly environment that replaces script searching, memorising and implementing, server core platforms are sure to become further accepted and routine.
This is a cracking product. More details soon, please give us a call if you need more details in the mean time.]]>http://www.solutioncentre.co.uk/blog/index.php?entry=entry081120-2131132008-11-20T00:00:00Z2008-11-20T00:00:00ZXsigo Updates Director with 20Gbps Connections The enhanced data centre I/O management capabilities of the VP780 x2 include a single-screen view of virtual machines, virtual switches, and I/O topologies that enables end-to-end visualisation of resources extending from the virtual machine to a physical switch port. Enhanced performance monitoring now includes traffic statistics accessible through third party tools. The faster server connection speed delivers greater throughput and increased VMotion performance for faster deployment of virtual resources.
Also new in the VP780 x2 are enhanced SAN and iSCSI boot capabilities that allow users to boot any server from any Fibre Channel or iSCSI LUN for fast re-purposing of server resources. Customers can now adapt to dynamic workloads, deploy resources on demand, and boost utilisation by rapidly changing both a server’s I/O personality and its application workload, all within the Xsigo virtual I/O environment.
Xsigo consolidates the I/O infrastructure and replaces physical network and storage interfaces (NICs and HBAs) with virtual resources that are remotely manageable from a single console. The Xsigo solution works with today’s existing infrastructure, and incorporates a modular design that is easily adapted to accommodate new networks, servers, and interconnect standards.]]>http://www.solutioncentre.co.uk/blog/index.php?entry=entry080915-0936592008-09-15T00:00:00Z2008-09-15T00:00:00ZPresence Networks Throws Reuters Instant Messaging Users a Free Lifeline Apparently in court Eran Barak, the head of Thomson Reuters' strategy and collaboration services, said “If Thomson Reuters were suddenly unable to make use of the Reuters Messaging compliance product, Thomson Reuters' customers would be crippled in their day-to-day business operations.…” and “There is no practical immediate substitute for the Reuters Messaging compliance product in the event of any disruption. Any development of a suitable replacement (and complete transition of existing customers to the new product) would take several months (and would involve tremendous expenditure of money and labor) for Thomson Reuters to convert to an alternative product …" (Decl.of Eran Barak, pp. 6-7; 1:08-cv-4730-CM Document 19)
Presence Networks is offering any Financial Services organisations not currently able to use Reuters Instant Messaging, or concerned about the security implications or disruption to service, an immediate solution of free transfer and network setup, plus the first 100 seats per company free for 90 days on its secure LiveWorker(TM) Software as a Service IM.
Presence Networks specialise in presence and IM, providing Software as a Service designed to meet security requirements and recording for compliance. They can extend and link individual networks to cover as many people as required both inside and outside corporate firewalls and as all users get their secure managed service with unlimited access from PCs, Blackberrys and Mobiles from around GBP 5.99 ($12.00) a month, we believe they will find it incredible value.
To address the fears many IT Professionals have about the security of Instant Messaging, LiveWorker(TM) is fully encrypted and records all chat and transactions. The service offer incorporates the latest real-time communications technology including encrypted file transfer between users. Secure, recorded Public IM gateways can be switched on at the discretion of the Administrators enabling users to see and communicate with contacts on different systems through a single interface.
Contact us if you want to know more.]]>http://www.solutioncentre.co.uk/blog/index.php?entry=entry080731-0952252008-07-31T00:00:00Z2008-07-31T00:00:00Z
