HP consolidates, protects data centers

HP announced this week switching products for data centers and security designed to simplify server connectivity and secure data in a converged infrastructure.

For server connectivity in a converged data center, HP announced a Fibre Channel-over-Ethernet switch module A5820 your data center, which is inherited through the acquisition of 2.7 billion U.S. dollars of 3Com . The module alleviates the need for two adapters to allow the physical and virtual servers to access network resources and storage – Fibre Channel running over Ethernet on the access level to the server.
Continue reading “HP consolidates, protects data centers”

The breakdown of carriers ‘4 G ‘wireless spin

The major carriers’ marketing teams have jumped on the “4G” wireless bandwagon to such an extent that the term has no real meaning anymore.

The International Telecommunications Union had initially defined “4G” technologies as International Mobile Communications (IMT)-Advanced standards that hit peak theoretical data rates of 100Mbps or higher. Needless to say, none of the current wireless data technologies commercially available anywhere in the world come close to those data rates, and actual IMT-Advanced standards aren’t expected to be completed until 2012 at the earliest.
Continue reading “The breakdown of carriers ‘4 G ‘wireless spin”

Google Apps for Administrators to rein to updates

Google will begin to allow application administrators to delay the delivery of updates of its domain to give them the opportunity to prepare and train their users for changes in the interface or functionality.

So far, Google has transparent driven enhancements to its suite of applications on an ongoing basis as is tested and deemed ready for prime time, as it does for your applications and consumer sites.

CONTROVERSY: Google Apps crashed by the advocacy group for the blind

However, some administrators of applications, especially those of large companies said they would like to have both a face to face in the coming changes and a margin of time before the update to go live in their domains.

Therefore, application administrators now have the option of “scheduled premiere of” way of updates, upgrades in a package that consolidates weekly or biweekly and boards to go live in the domains with a delay of one of the two weeks.

“This is a new process launched Google Apps that meets the needs of our enterprise customers,” said Rajen Sheth, product manager for Google Enterprise.

Along with the launch of the scheduled release of “way, Google is starting a website dedicated to updates and upgrades of applications and is designed to keep managers better informed about this issue through resources such as user training material final.

Apps is a fully web-hosted collaboration and communication suite that includes email, calendar, office productivity, instant messaging, the creation of intranet and other applications for use workplace. As such, application administrators have little or no control over the software, especially in regard to how applications are maintained and enhanced, a process handled by Google. For example, in 2010 Google evicted 130 upgrade versions for Google Apps.

While vendors host applications, maintaining and updating the patch is a great attraction of cloud-based software such as applications, also has the disadvantage of removing the control of IT departments in this software release cycles.

Thus, some administrators of applications, especially in large to medium-sized companies have a department to support end-users have told Google that they want more predictability about Apps versions, because even small changes can have a dramatic effect on your domains, Sheth said.

For example, an interface change could trigger a wave of help desk calls to end users confused that support staff can not immediately know how to deal with because they could not have seen the updated characteristics.

“They want to know if updates are occurring, what is happening in them, the most advanced notice and better information for themselves and their users about new features,” said Sheth. “That’s why people want to give more visibility to this.”

Industry analyst Rebecca Wettemann calls this new “scheduled premiere of” via a good idea. “This shows that Google is working to make their applications more palatable to business organizations,” he said via e-mail.

Companies often want to plan improvements around training projects and other initiatives or pilot projects for the application of a small group before launching an application to the general population, he said.

“This should help IT managers take advantage of Google’s innovations in his own time to deliver the greatest benefit and least disruption to end users,” said Wettemann. “On the implementation side, we will be seeking feedback from managers – and also looking for Google to increase its efforts to demonstrate that you are investing in enterprise-class applications and client services and business support providers expect .

Applications customers will default to this new “scheduled release” track, except for those who had previously opted to receive “pre-release features” in their domains. Customers will remain at the current “Rapid Release”, the track, in which the changes are driven from their domains when you are ready and without notice.

Even if they were not registered to “pre-release functions,” Application administrators will be able to change the “programmed release” to “rapid release” if they wish.

The improvements covered by the “scheduled premiere of” line are those that are visible to end users, such as changes in the interface or functionality, but no back-end updates or security patches or fixes and corrections, which always be activated as soon as “ready for everybody.

7 ways to avoid getting hacked by Anonymous

The hactivist group Anonymous used a series of simple technical and social exploits to crack the network of security-technology firm HBGary Federal, giving the company a schooling that other network security pros can learn from.

The overriding lesson: Meticulously follow the basic best-practices of corporate defense. But there are more detailed takeaways for those who are willing to learn from HBGary Federal’s mistakes. (For a detailed account of just how Anonymous cracked HBGary Federal, check out this thorough Ars Technica story.)

THE LATEST SECURITY PICTURES: Hot products from RSA 2011

HBGary Federal ran afoul of Anonymous when CEO Aaron Barr said he planned to name members of the secretive international group that famously came to the defense of WikiLeaks. Anonymous DDoSed businesses that tried to take down WikiLeaks sites that expose U.S. State Department diplomatic cables.

HBGary Federal suffered the public posting of tens of thousands of its e-mails and the defacing of its Web site and Barr’s Twitter page, as well as a black eye to its reputation as a security firm.

Here are seven lessons to learn:

1. Don’t assume what type of attack you will suffer. Barr thought Anonymous would only launch a DDoS attack against the company’s Web site, just as it had against others. That turned out not to be the case.

2. Use a tried and tested content management system that comes with updates, patches and support. HBGary used a custom CMS for its Web site that was susceptible to SQL injection attacks that led to Anonymous accessing data in HBGary’s database.

3. Thoroughly hash and rehash passwords stored in databases. HBGary did hash its passwords, but didn’t add extra characters that have to be removed to reveal the actual password. Nor did it rehash the hashed passwords to add layers of complexity to brute forcing the passwords out of the hash. The passwords would still have been susceptible to brute-force attacks, but it would have taken a lot longer to succeed.

4. Use strong passwords. Long passwords that use the full range of characters represented on computer keyboards are much harder to break because they rule out the use of rainbow tables — lists of hashes and the passwords they represent. If passwords are composed of long strings of characters and the characters are drawn from all the characters on the computer keyboard (not just letters and numbers), hashes of the passwords become so complex that it isn’t practical to create rainbow tables for them. Two key HBGary Federal executives used simple eight-character passwords — two numbers and six letters. Rainbow tables worked on them.

5. Don’t reuse passwords. Some HBGary executives used the same passwords for access to the company’s CRM system as they did for its Google Apps e-mail, as they did for Twitter, as they did for SSH authentication to company storage servers. One of the cracked passwords was for the company’s e-mail administrator’s Google account, which led to all the company’s e-mails being hacked.

6. Keep current with patches. Key HBGary servers had a known privilege-elevation flaws for which patches existed. Anonymous exploited the vulnerabilities.

7. Heighten user awareness of social engineering. Anonymous sent e-mails from the hacked account of HBGary founder Greg Hoglund to a network administrator requesting key information as if Hoglund himself were asking. In response, the admin opened firewall ports and gave up Hoglund’s user name and password for root access to the servers supporting the company’s rootkit.com Web site.

Yahoo calls 20% layoff report ‘inaccurate’

Yahoo is denying reports that the company is in the midst of a 20% of its workforce.

Rumors began swirling late in line Thursday afternoon, when high-technology blog TechCrunch, citing unnamed sources, reported that the online company is preparing to lay off 20% of its staff of about 14,000, or 2,800 people.

The company does not deny that there are layoffs in the works, but is trying to blunt the report. “Yahoo is always assessing the costs to align with the company’s financial objectives,” said Representative Dana Lengkeek Computerworld Yahoo e-mail. “However, a reduction of 20% of the staff of Yahoo in general is misleading and inaccurate.”

Speculation about Yahoo layoffs comes just a day after reports surfaced that another Internet icon, Google, was about to deliver 10% pay raise across the board to start the new year.

Once the Internet giant and pioneer Yahoo has slipped away from second place to Google in the hot search market, which recently launched Yahoo conducted its own search engine and entered into an agreement with Microsoft to use Bing search for all sites in Yahoo.

Last month, the Internet was abuzz with speculation that AOL was interested in buying Yahoo.

Citing unnamed sources, The Wall Street Journal reported that AOL’s plan to buy Yahoo was so preliminary discussions had not even included came to Yahoo.

“AOL and Yahoo put together is like tying two stones together to make one float” by Gabriel Consulting Group analyst Dan Olds said before a possible deal between Yahoo and AOL.