Daily Network Monitor

Breach, which is set for release in a few weeks, focuses on the true story of an FBI upstart who must investigate his boss who is suspected to be selling secrets to the Soviet Union. For those of you who read the story in paperback or in weekly new journals, a strong lesson materializes in a story early on that is applicable to the numerous breaches we have heard about at TJX and other retail and insurer organizations. Regardless of how strong and robust your physical and digital security plan is, the success or failure of the plan more likely will lie with the human capital charged with installing, managing and watching the systems.

I’ve spent nearly all my career in security related software solutions and I’ve never forgotten the important lesson taught to me as a new recruit at RSA Security a few years ago. No solution, no matter how robust and error proof will survive its goal to protect an organization without the proper declaration and focus of a security plan and the proper screening and training of professionals entrusted to manage the systems. Time haves changed a bit and RSA and other leading security companies have advanced security technologies to make them user-friendly. Still, as I listen to the news day after day, I cannot help but think how much safer consumer data would be today had the breached organizations enabled their staff with proper training and operational-knowledge?

The problem is not a technology one. One need only do a Google search to look-up tens of companies specialized in helping to protect data from RSA (EMC) to Symantec to more specialized firms like Application Security and Ingrian who offer the capability to secure databases with industrial strength encryption and user provisioning. Even my sister product here at Ipswitch, WS_FTP, which revolutionized the way data was transferred from point A to point B has introduced new versions featuring strong encryption and security features to protect the integrity of data in motion and rest after customers and prospects demanded such with strict audits and business rules changing their business models for data sharing. Yet, all of this technology is worth ZERO unless there is a commitment to the proper training of staff that runs these systems.

You might be asking why does the product manager for WhatsUp Gold care so much about security and specifically breaches. First, I like you am nervous about personal data integrity and I have seen first hand in my travels the impact data breaches can have on persons and organizations. Second, I see a strong convergence happening between the security duties and the network duties at organizations around the world. After all, your certificate server, your firewall and your anti-virus boxes are only effective if they are up and running and WhatsUp Gold has the out-of-the-box ability to manage all of the different elements you have running using native SNMP and the related OID’s. For example, in 2006 RSA Security released a version of its flagship ACE Server with SNMP capabilities. Administrators can now monitor the ACE server for common characteristics like up/down as well as other counters for performance. The same is true for SonicWALL, Cisco, Fluke and Adtran equipment to name a few.

Security is an on-going road of progress and never a destination. The marriage between security and network management will ensure the journey has less stops and detours along the way.

Making Your Pipe Greener

Your reaction to this post may vary depending on your ‘green’ view. I am not a ‘green’ fanatic by any means but I actively try to do my part to keep the place we call home (earth) safe for the next generation. Bombarded daily by environmental commercials, I am also afraid of leasing penalties – after all, I am constantly reminded that I did not inherit this home from my parents and grandparents as I had been accustomed to thinking but rather I am leasing it from my son and the rest of his generation. Having seen his 2-year-old temper explode already, I am sure he would penalize me immediately if he found my behavior degraded his place of habitation in any way.

Earlier this week, the IEEE introduced a new initiative designed to make idle or underutilized Ethernet connections more energy efficient, which could mean huge electrical cost savings for large enterprises. The trick: finding a way to seamlessly throttle between 10Mbps and 10Gbps.

Per their announcement, “The standards outfit recently formed an Energy Efficient Ethernet (EEE) study group to explore how to do this. The idea is to save power in PCs and laptops (most of which ship with GigE cards now) when LAN links are idle, or not utilizing full bandwidth. Researchers estimate that U.S. companies could collectively save $450 million a year in power costs by using such a technology.”

(more…)

I’m sure we won’t be accused of pump and dump by tipping our hat with some admiration at Cisco’s earnings report yesterday in which they reported a 41% increase in earnings. Accoridng to CEO John Chambers the results came in better than expected. I say, good for Cisco. They are providing the infrastructure that runs networks and somehow avoiding commoditization. Last week I was at their Networkers event in France, and it was packed with people who had paid hundreds maybe thousands of Euro to attend sessions all about Cisco gear and protocols.

In addition, CNN reports that Cisco’s good news brought increases in the value the stock of such firms as Intel, Juniper, and HP.