In Depth

In Depth

• State agency tiers records storage with Compellent

  The South Carolina attorney general's office estimates it will save thousands by storing millions of paper records in digital format using Compellent's automated tiered storage.  Continue Reading

• Corporate Mergers and Acquisitions Security Learning Guide

  A panel of experts breaks down M&A security priorities and explains the best ways to manage disparate security staffs, technologies and policies.  Continue Reading

• Hacking for Dummies: Test your firewall rules

  Before someone else hacks your firewall, test your firewall rules during the self-hacking process to test your network's security.  Continue Reading

• IBM chief engineer talks green storage

  IBM engineer Clod Barrera discusses the growing energy crisis in storage, the need for better power efficiency metrics and the future for "green" products.  Continue Reading

• Storage Decisions Downloads: Executives' storage guide

  Ideas of where firms' storage should be and where it's headed. Also key ways to integrate new technologies, processes and ideas without going over budget.  Continue Reading

• Prevent network hacks with secure Web browsing

  Hackers can penetrate your network in almost unlimited ways these days, and that includes through your Web browser. Learn how to improve Web browser security and keep these hackers out of your network.  Continue Reading

• Big Microsoft Vista concerns for Big Pharma

  The second installment of an ongoing series examining the challenges of deploying Windows Vista and the considerations that go into the decision to roll out the new OS.  Continue Reading

• Is a merger or acquisition in Sourcefire's future?

  Sourcefire founder and Chief Technology Officer Martin Roesch, talks about how Sourcefire fits into Security 3.0 theme and how the firm may be involved in a future merger or acquisition.  Continue Reading

• Why hacking contests, 'month-of' projects don't help

  Ivan Arce, chief technology officer of Core Security Technologies explains why he thinks hacking contests and public vulnerability disclosure projects do little to improve IT security.  Continue Reading

• Web applications tangle security researchers, attract attackers

  Web application security researchers are finding that some of their work could land them on the wrong side of the law. As a result, Web applications are more vulnerable to attack.  Continue Reading

• Tiered Storage School: Table of Contents

  Get a better understanding of what tiering can do for your storage, how it works and why a tiered plan can aid in backup, DR, overall management and long-term archive  Continue Reading

• The Art of Software Security Testing

  Identifying software security flaws including the proper methods for examining file formats.  Continue Reading

• Data retrieval strategies: Document management software overview

  The role of document management software in data storage and how it can mitigate risk for the enterprise.  Continue Reading

• Deploying VoIP: Five things every CIO should know

  Navigating the complexity of a VoIP deployment can be overwhelming and it may seem like you need a technical degree to understand it. Here are five tips to help steer through the fog of a VoIP migration.  Continue Reading

• Unified communication case studies: What you need to know

  Learn how others overcame the expected and the unexpected challenges of a UC deployment in our case studies.  Continue Reading

• WAN storage guide -- Chapter 1: WAN basics

  The implications of WAN connectivity have had a profound influence on networking. We look at some of the practical WAN issues, such as bandwidth, cost, latency and reliability.  Continue Reading

• The man behind the Month of Search Engine Bugs speaks

  Ukrainian security researcher Eugene Dokukin, more widely known by his online name MustLive, is about to launch a new "Month-of" flaw disclosure project focusing on search engine bugs, at a time when many security professionals are dismissing such ...  Continue Reading

• When Microsoft Vista and VPNs don't mix

  Papa Gino's is ahead of many companies in deploying Windows Vista, thanks to its involvement in the Microsoft TAP program. But VPN compatibility has been a sticking point.  Continue Reading

• Admins run into trouble with Microsoft updates

  A DNS service failure and an ongoing WSUS glitch are among this month's frustrations as IT administrators try to deploy the latest security patches from Microsoft.  Continue Reading

• Network access control learning guide

  From PDAs to insecure wireless modems, users have myriad options for connecting to -- and infecting -- the network. Created in partnership with our sister site SearchSecurity.com, this guide offers tips and expert advice on network access control. ...  Continue Reading

• Microsoft should scrap Patch Tuesday

  Instead of leaving flaws unpatched for weeks between cycles, Microsoft should use its resources to produce high-quality patches shortly after vulnerabilities are discovered.  Continue Reading

• PayPal security measures help stamp out fraud

  PayPal's 133 million online customers are the biggest ocean phishers have to plunder. CISO Michael Barrett wants to make it safe to be in the water; and he's not going at it alone.  Continue Reading

• ISCSI TCP/IP TOE card purchase considerations

  A look at the specific considerations in purchasing iSCSI  Continue Reading

• ISCSI TCP/IP TOE card specifications

  Key specifications for a cross-section of popular iSCSI TOE cards.  Continue Reading

• 4 Gbit Fibre Channel switch purchase considerations

  As SANs scale up, data centres often upgrade and expand the SAN switch infrastructure. Here's what to look for when scaling  Continue Reading

• 4 Gbit Fibre Channel switch product specifications

  Product snapshots highlighting key specifications for a cross section of popular director-class 4 Gbit and faster FC switch products.  Continue Reading

• The trouble with Google hacking techniques

  Some IT security professionals say the threat posed by Google hacking techniques is overblown and that companies can easily avoid it with a layered security program. One skeptical expert is Ira Winkler, founder of the Internet Security Advisors ...  Continue Reading

• IP storage switch and router specifications

  Key specifications for a cross section of popular IP storage switch and router products.  Continue Reading

• Storage consolidation: WAN acceleration and WAFS technology overview

  One important avenue of storage consolidation is the consolidation of remote office storage; this is where WAN acceleration and WAFS technology comes into play.  Continue Reading

• Storage consolidation: SRM tools overview

  SRM tools are an important part of storage consolidation. They allow admins to monitor the storage environment, allocate and organise available storage, and offer insights into future trends.  Continue Reading

• IP storage switch and router purchase considerations

  The choice of an IP switch or router demands careful consideration of issues including port speed, segmentation, interoperability and security  Continue Reading

• Skype to the desk phone saves company a bundle

  Skype on the desk phone has helped a Chicago-based furniture maker save a considerable amount of money on long-distance voice charges.  Continue Reading

• Inside MSRC: Windows Vista security update explained

  Microsoft's Christopher Budd details the first Windows Vista security updates.  Continue Reading

• When disaster recovery and data classification collide

  Attendees at a disaster recovery seminar discussed the complex application dependencies when disaster recovery and data classification combine.  Continue Reading

• Will data breach be the end of TJX?

  This week in Security Blog Log: Industry experts say companies can learn from a data breach and even prosper from it. But is TJX following the right example?  Continue Reading

• IT pros eye Windows Server 2003 SP2 with caution

  Despite its security and stability enhancements, IT pros say they are in no rush to deploy Windows Server 2003 SP2  Continue Reading

• VoiceCon Spring: A transition show for the VoIP industry

  VoiceCon Spring was all about unified communications. Zeus Kerravala provides highlights of the more interesting points from the show.  Continue Reading

• Symantec threat report under the microscope

  This week in Security Blog Log: Infosec professionals dissect Symantec's latest threat report and express a range of views in the blogosphere.  Continue Reading

• Web 2.0 tools of the trade

  As Web 2.0 technologies become more popular, IT professionals are answering questions from business units on how it can be used.  Continue Reading

• Measuring Vista's true security muscle will take time

  Researchers are digging through the Windows Vista code right now, and when they find flaws we'll hear about it. But it's the ones we don't hear about that should keep us up at night.  Continue Reading

• Mobile data services development trends in 2007

  Darrell Jordan-Smith takes a look at new data services architectures and development tools emerging in 2007 and the ongoing development efforts of the Java Community and others.  Continue Reading

• Defending mobile devices from viruses, spyware and malware

  The nature of threat vectors facing mobile devices, challenges and struggles related to keeping mobile devices secure and strategies  Continue Reading

• LexisNexis fights crime with storage

  The document search company is offering a new data forensics service staffed by former federal agents and powered by commodity NAS.  Continue Reading

• Is RAID outdated?

  I would suggest that perhaps it is time for us to retire RAID in its current form.  Continue Reading

• Black Hat RFID controversy has bloggers up in arms

  This week in Security Blog Log: Infosec pros slam HID Corp., the firm that tried to quash a Black Hat presentation on flaws in its RFID technology, calling HID the latest champion of security through obscurity.  Continue Reading

• RFID dispute: Vendors still hostile toward full disclosure

  Many vendors still believe that security by obscurity is still the best policy and make it a priority to silence vulnerability researchers.  Continue Reading

• PING with Mark Odiorne

  Mark Odiorne, CISO at Scottish Re, provides insights on pen testing procedures, prioritising security for senior management and keeping compliant.  Continue Reading

• RFID privacy, security should start with design

  Companies planning to deploy radio frequency identification technology (RFID) must demand that privacy and security issues are addressed early.  Continue Reading

• Outsourced VoIP helps devastated company recover

  Outsourced VoIP helped a Berkeley company keep up business as usual after a fire destroyed its offices.  Continue Reading

• Top 10 VoIP search terms

  The top ten VoIP search terms and definitions. Keep tabs on the most popular VoIP terms – updated regularly.  Continue Reading

• Microsoft takes a blogosphere beating over Vista UAC

  This week in Security Blog Log: Industry experts take Microsoft to task over a "very severe hole" in the design of Vista's User Account Controls (UAC) feature.  Continue Reading

• Flaws haunt Symantec, IBM, Cisco and IE

  Bug Briefs: Security holes plague Symantec Norton products, IBM DB2; Mozilla Firefox; Trend Micro ServerProtect; Cisco IP phones; Google Desktop; IE and Snort.  Continue Reading

• Data breach: If customers don't act, data will remain at risk

  To make enterprises take data security seriously, customers must take control of their personally identifiable information and stop handing it out to businesses.  Continue Reading

• Questions fly as EMC Retrospect fades

  All signs point to the end of life for EMC's Retrospect backup software for small businesses. Sources say the company cannot support an SMB software channel.  Continue Reading

• Inside MSRC: Microsoft explains security bulletins

  Microsoft issued 12 new security bulletins in February. Christopher Budd of the Microsoft Security Response Center provides information about the most important fixes.  Continue Reading

• Download SAN Guide Chapter 3: Switches (PDF)

  You asked for it, so here it is -- a printable version of our SAN All-In-One Guide. Download Chapter 3: Switches in .pdf format now.  Continue Reading

• New security vendors take on sophisticated attackers

  IT Security vendors are developing technologies that show promise in preventing unknown attacks and protecting machines with zero-day vulnerabilities.  Continue Reading

• Quiz: Using IAM tools to improve compliance

  A five-question multiple-choice quiz to test your understanding of the content presented by expert Tom Bowers in this lesson of SearchSecurity.com's Identity and Access Management Security School.  Continue Reading

• VoIP case studies: What you need to know

  Case studies are the next best thing to being there. Learn how others overcame the expected and the unexpected challenges of a VoIP migration in our case studies series.  Continue Reading

• Storm Trojan was worse than it should have been

  The "Storm" attack made a big splash because people keep falling for social engineering and there was simply little else in the news, experts say.  Continue Reading

• Fujitsu exec says SAS may take years to hit your array

  Fujitsu's product development VP talks about the development of SAS, why Fujitsu won't be competing with Hitachi's 1 TB drive and the Star-Trek-like future of disks.  Continue Reading

• VoIP security monitoring gets proactive

  VoIP security and traffic monitoring have become imperatives, but it can still be tricky on a converged VoIP and data network.  Continue Reading

• Quiz: Defending mobile devices from viruses, spyware and malware

  A five-question multiple-choice quiz to test your understanding of the content presented in Defending mobile devices from viruses and malware lesson of SearchSecurity.com's Messaging Security School.  Continue Reading

• Vendors: Cut the hype, truth is what sells

  Storage virtualisation technologies have been purchased and implemented successfully for years. The rest of the IT infrastructure must try to catch up and, ultimately, the only thing not virtualised within the datacentre will be the last guy ...  Continue Reading

• TJX gets little sympathy from blogosphere

  TJX is taken to task by security bloggers for waiting until after a massive data breach to take steps to bolster its security.  Continue Reading

• TJX breach: There's no excuse to skip data encryption

  Companies complain that database encryption products are too expensive and difficult to manage, but customer loss and breach notification costs outweigh encryption expenses.  Continue Reading

• EqualLogic CEO says IPO on the way

  EqualLogic's CEO talks about the company's plans to go public, its intent to add 10 GigE to its products and why he thinks not all iSCSI products are created equal.  Continue Reading

• PatchLink offers solid flaw management

  PatchLink Update 6.3 is a solid solution to the enterprise patch management problem and demonstrates its true power in a Windows environment.  Continue Reading

• WiMax clearing path to mainstream

  A number of industry moves have made WiMax almost ready for the mainstream. But there's good news and bad news to consider before making the move.  Continue Reading

• Federal government pushes full-disk encryption

  Businesses need to follow the federal government's lead in reducing data breaches by holding employees responsible and examining full-disk encryption (FDE) products.  Continue Reading

• Inside MSRC: Microsoft updates WSUSSCAN issue

  Christopher Budd of the Microsoft Security Response Center is urging customers to deploy the latest versions of the Systems Management Server Inventory Tool for Microsoft Updates or Microsoft Baseline Security Analyzer to receive all the current ...  Continue Reading

• Why don't we have clustered FC block storage?

  Is it odd that the industry has made such serious strides toward incorporating clustering concepts in both file-based storage and IP -based storage, but not Fibre Channel storage?  Continue Reading

• Adobe Reader flaws spook security experts

  Security experts sound the alarm over Adobe Reader flaws that could be exploited for cross-site scripting attacks and other mayhem.  Continue Reading

• Top Web security tips of 2006

  Check out the top five Web security tips of 2006 to get advice on securing Internet Explorer, ISA Server and Radius and a set of tools designed to secure the Web browsing experience.  Continue Reading

• Storage Outlook '07: In search of better data management

  Brian Peterson, storage architect for a Midwest-based Fortune 100 company, says better data management and business processes will be the main goal in 2007.  Continue Reading

• Security pros glean insight from '06

  Corporate acquisitions, an abundance of spam, and the White House's take on cybersecurity mark 2006.  Continue Reading

• Storage Outlook '07: Seeking better backups and archives

  Tom Becchetti, senior infrastructure engineer for a major national financial services company, says compliance, backup and archiving will be top priorities in 2007.  Continue Reading

• Top 10 mobile tips of 2006

  Review of the popular mobile technical tips of 2006 from our stable of mobile experts; Lisa Phifer, Craig Mathias, Daniel Taylor, Kevin Beaver and Robbie Harrell.  Continue Reading

• Top Windows server hardening tips of 2006

  Check out the top Windows server hardening tips of 2006 for helpful advice on domain controller penetration testing, security tips for the Windows Server 2003 OS and more.  Continue Reading

• Top client security tips of 2006

  A network user without the proper know-how is a ticking time bomb when it comes to security. Check out our top five client hardening tips of 2006 to get a head start on protecting yourself from potentially dangerous users.  Continue Reading

• Cleversafe envisions a new world of storage

  An organisation led by the inventor of the wireless thin client aims to combine storage and the Internet, and change how we think of both storage and computing.  Continue Reading

• Top network security tips of 2006

  The top Windows networking security tips of 2006 cover a range of topics, including network isolation, open source Windows security tools, VPN security and more.  Continue Reading

• Enterprises are open to Asterisk

  Organisations have become so comfortable with VoIP and standards that open-source technologies like Asterisk are being given serious consideration over big iron PBX platforms. Learn all about Asterisk here.  Continue Reading

• Top storage tips 2006

  What's on the minds of storage techies. What's hot, what's not, what works, what doesn't work. These expert tips cover the storage issues that take top honours when it comes to disaster recovery, NAS, SAN, backup and storage management.  Continue Reading

• Review: Prevx1 not ready for prime time

  Prevx1 will require significant improvement in management and detection capabilities before it can be considered a serious contender for enterprise deployments.  Continue Reading

• Review: Reconnex's iGuard needs improvements

  Reconnex's iGuard is maturing, though it still needs some usability improvements such as wizards, customisable reports and the ability to drill down on the graphs.  Continue Reading

• Review: Deep Security is a solid IPS

  Third Brigade's Deep Security is a well-designed, effective product with strong configuration and policy control capabilities.  Continue Reading

• Review: Lancope StealthWatch 5.5 offers more than IDS

  Hot Pick: StealthWatch goes far beyond traditional intrusion detection, with powerful network-monitoring features. The optional IDentity-1000 is an essential addition.  Continue Reading

• Hot technologies for 2007

  "Storage" magazine's editors reviewed technology developments, product introductions and storage standards to come up with this short list of must-have technologies for 2007.  Continue Reading

• Microsoft Vista could improve Internet security

  Two new Microsoft Vista features -- Kernel Patch Protection and User Account Control -- could prove especially useful in preventing serious malware infections.  Continue Reading

• Storage Decisions Session Downloads: Smart Shopper Track (LV 2006)

  Very few storage managers have carte blanche when it comes to storage spending. Sessions in our "Smart Shopper track" help managers get the most bang for their storage buck.  Continue Reading

• Storage Decisions Session Downloads: Architecture Track (LV 2006)

  More than 70% of the attendees of Storage Decisions say they are setting up or evaluating a tiered storage architecture. Featured in this track are Tiered Storage School sessions along with other sessions that can help any manager set up or ...  Continue Reading

• Storage IPOs, brilliant or brainless

  Just when we thought the fast and loose spending of the dot-com bubble was well behind us, a few recent storage company IPOs remind us that we really haven't gotten a lot smarter.  Continue Reading

• Inside MSRC: Visual Studio flaw, tool extensions explained

  Christopher Budd of the Microsoft Security Response Center sheds detail about a flaw in Visual Studio 2005 and explains that support for Software Update Services 1.0 will be extended.  Continue Reading

• Infrastructure security: Remote access DMZ

  An excerpt from Chapter 7: Infrastructure security from "How to Cheat at Managing Information Security," by Mark Osborne.  Continue Reading

• Storage Decisions Session Downloads: Engineering Track (LV 2006)

  Managers need to engineer the most flexible and complete storage network. This track looks at SAN and NAS issues, distance demands, remote offices and how to build out systems.  Continue Reading

• Storage Decisions Session Downloads (NYC 2006)

  Take a look at the sessions that floored at the Storage Decisions conference in New York City, September 27-29, 2006.  Continue Reading

• Zero-day tracker a hit, but IT shops need better strategy

  This week in Security Blog Log: Reaction to eEye's new zero-day tracker is positive, but some experts say it won't help unless IT shops have a layered defense to start with.  Continue Reading

• MySpace, YouTube successes open door to Web 2.0 dangers

  Web 2.0, and Ajax in particular, are introducing new threats to life on the Web. Many people are rushing to add interactive features to their Web applications using Ajax, but as columnist Mike Cobb explains, security has often been overlooked.  Continue Reading

• Active Directory security school: Set up and configuration

  An Active Directory security lesson.  Continue Reading