In Depth

In Depth

• 4 Gbit Fibre Channel switch product specifications

  Product snapshots highlighting key specifications for a cross section of popular director-class 4 Gbit and faster FC switch products.  Continue Reading

• The trouble with Google hacking techniques

  Some IT security professionals say the threat posed by Google hacking techniques is overblown and that companies can easily avoid it with a layered security program. One skeptical expert is Ira Winkler, founder of the Internet Security Advisors ...  Continue Reading

• IP storage switch and router specifications

  Key specifications for a cross section of popular IP storage switch and router products.  Continue Reading

• Storage consolidation: WAN acceleration and WAFS technology overview

  One important avenue of storage consolidation is the consolidation of remote office storage; this is where WAN acceleration and WAFS technology comes into play.  Continue Reading

• Storage consolidation: SRM tools overview

  SRM tools are an important part of storage consolidation. They allow admins to monitor the storage environment, allocate and organise available storage, and offer insights into future trends.  Continue Reading

• IP storage switch and router purchase considerations

  The choice of an IP switch or router demands careful consideration of issues including port speed, segmentation, interoperability and security  Continue Reading

• Skype to the desk phone saves company a bundle

  Skype on the desk phone has helped a Chicago-based furniture maker save a considerable amount of money on long-distance voice charges.  Continue Reading

• Inside MSRC: Windows Vista security update explained

  Microsoft's Christopher Budd details the first Windows Vista security updates.  Continue Reading

• When disaster recovery and data classification collide

  Attendees at a disaster recovery seminar discussed the complex application dependencies when disaster recovery and data classification combine.  Continue Reading

• Will data breach be the end of TJX?

  This week in Security Blog Log: Industry experts say companies can learn from a data breach and even prosper from it. But is TJX following the right example?  Continue Reading

• IT pros eye Windows Server 2003 SP2 with caution

  Despite its security and stability enhancements, IT pros say they are in no rush to deploy Windows Server 2003 SP2  Continue Reading

• VoiceCon Spring: A transition show for the VoIP industry

  VoiceCon Spring was all about unified communications. Zeus Kerravala provides highlights of the more interesting points from the show.  Continue Reading

• Symantec threat report under the microscope

  This week in Security Blog Log: Infosec professionals dissect Symantec's latest threat report and express a range of views in the blogosphere.  Continue Reading

• Web 2.0 tools of the trade

  As Web 2.0 technologies become more popular, IT professionals are answering questions from business units on how it can be used.  Continue Reading

• Measuring Vista's true security muscle will take time

  Researchers are digging through the Windows Vista code right now, and when they find flaws we'll hear about it. But it's the ones we don't hear about that should keep us up at night.  Continue Reading

• Mobile data services development trends in 2007

  Darrell Jordan-Smith takes a look at new data services architectures and development tools emerging in 2007 and the ongoing development efforts of the Java Community and others.  Continue Reading

• Defending mobile devices from viruses, spyware and malware

  The nature of threat vectors facing mobile devices, challenges and struggles related to keeping mobile devices secure and strategies  Continue Reading

• LexisNexis fights crime with storage

  The document search company is offering a new data forensics service staffed by former federal agents and powered by commodity NAS.  Continue Reading

• Is RAID outdated?

  I would suggest that perhaps it is time for us to retire RAID in its current form.  Continue Reading

• Black Hat RFID controversy has bloggers up in arms

  This week in Security Blog Log: Infosec pros slam HID Corp., the firm that tried to quash a Black Hat presentation on flaws in its RFID technology, calling HID the latest champion of security through obscurity.  Continue Reading

• RFID dispute: Vendors still hostile toward full disclosure

  Many vendors still believe that security by obscurity is still the best policy and make it a priority to silence vulnerability researchers.  Continue Reading

• PING with Mark Odiorne

  Mark Odiorne, CISO at Scottish Re, provides insights on pen testing procedures, prioritising security for senior management and keeping compliant.  Continue Reading

• RFID privacy, security should start with design

  Companies planning to deploy radio frequency identification technology (RFID) must demand that privacy and security issues are addressed early.  Continue Reading

• Outsourced VoIP helps devastated company recover

  Outsourced VoIP helped a Berkeley company keep up business as usual after a fire destroyed its offices.  Continue Reading

• Top 10 VoIP search terms

  The top ten VoIP search terms and definitions. Keep tabs on the most popular VoIP terms – updated regularly.  Continue Reading

• Microsoft takes a blogosphere beating over Vista UAC

  This week in Security Blog Log: Industry experts take Microsoft to task over a "very severe hole" in the design of Vista's User Account Controls (UAC) feature.  Continue Reading

• Flaws haunt Symantec, IBM, Cisco and IE

  Bug Briefs: Security holes plague Symantec Norton products, IBM DB2; Mozilla Firefox; Trend Micro ServerProtect; Cisco IP phones; Google Desktop; IE and Snort.  Continue Reading

• Data breach: If customers don't act, data will remain at risk

  To make enterprises take data security seriously, customers must take control of their personally identifiable information and stop handing it out to businesses.  Continue Reading

• Questions fly as EMC Retrospect fades

  All signs point to the end of life for EMC's Retrospect backup software for small businesses. Sources say the company cannot support an SMB software channel.  Continue Reading

• Inside MSRC: Microsoft explains security bulletins

  Microsoft issued 12 new security bulletins in February. Christopher Budd of the Microsoft Security Response Center provides information about the most important fixes.  Continue Reading

• Download SAN Guide Chapter 3: Switches (PDF)

  You asked for it, so here it is -- a printable version of our SAN All-In-One Guide. Download Chapter 3: Switches in .pdf format now.  Continue Reading

• New security vendors take on sophisticated attackers

  IT Security vendors are developing technologies that show promise in preventing unknown attacks and protecting machines with zero-day vulnerabilities.  Continue Reading

• Quiz: Using IAM tools to improve compliance

  A five-question multiple-choice quiz to test your understanding of the content presented by expert Tom Bowers in this lesson of SearchSecurity.com's Identity and Access Management Security School.  Continue Reading

• VoIP case studies: What you need to know

  Case studies are the next best thing to being there. Learn how others overcame the expected and the unexpected challenges of a VoIP migration in our case studies series.  Continue Reading

• Storm Trojan was worse than it should have been

  The "Storm" attack made a big splash because people keep falling for social engineering and there was simply little else in the news, experts say.  Continue Reading

• Fujitsu exec says SAS may take years to hit your array

  Fujitsu's product development VP talks about the development of SAS, why Fujitsu won't be competing with Hitachi's 1 TB drive and the Star-Trek-like future of disks.  Continue Reading

• VoIP security monitoring gets proactive

  VoIP security and traffic monitoring have become imperatives, but it can still be tricky on a converged VoIP and data network.  Continue Reading

• Quiz: Defending mobile devices from viruses, spyware and malware

  A five-question multiple-choice quiz to test your understanding of the content presented in Defending mobile devices from viruses and malware lesson of SearchSecurity.com's Messaging Security School.  Continue Reading

• Vendors: Cut the hype, truth is what sells

  Storage virtualisation technologies have been purchased and implemented successfully for years. The rest of the IT infrastructure must try to catch up and, ultimately, the only thing not virtualised within the datacentre will be the last guy ...  Continue Reading

• TJX gets little sympathy from blogosphere

  TJX is taken to task by security bloggers for waiting until after a massive data breach to take steps to bolster its security.  Continue Reading

• TJX breach: There's no excuse to skip data encryption

  Companies complain that database encryption products are too expensive and difficult to manage, but customer loss and breach notification costs outweigh encryption expenses.  Continue Reading

• EqualLogic CEO says IPO on the way

  EqualLogic's CEO talks about the company's plans to go public, its intent to add 10 GigE to its products and why he thinks not all iSCSI products are created equal.  Continue Reading

• PatchLink offers solid flaw management

  PatchLink Update 6.3 is a solid solution to the enterprise patch management problem and demonstrates its true power in a Windows environment.  Continue Reading

• WiMax clearing path to mainstream

  A number of industry moves have made WiMax almost ready for the mainstream. But there's good news and bad news to consider before making the move.  Continue Reading

• Federal government pushes full-disk encryption

  Businesses need to follow the federal government's lead in reducing data breaches by holding employees responsible and examining full-disk encryption (FDE) products.  Continue Reading

• Inside MSRC: Microsoft updates WSUSSCAN issue

  Christopher Budd of the Microsoft Security Response Center is urging customers to deploy the latest versions of the Systems Management Server Inventory Tool for Microsoft Updates or Microsoft Baseline Security Analyzer to receive all the current ...  Continue Reading

• Why don't we have clustered FC block storage?

  Is it odd that the industry has made such serious strides toward incorporating clustering concepts in both file-based storage and IP -based storage, but not Fibre Channel storage?  Continue Reading

• Adobe Reader flaws spook security experts

  Security experts sound the alarm over Adobe Reader flaws that could be exploited for cross-site scripting attacks and other mayhem.  Continue Reading

• Top Web security tips of 2006

  Check out the top five Web security tips of 2006 to get advice on securing Internet Explorer, ISA Server and Radius and a set of tools designed to secure the Web browsing experience.  Continue Reading

• Storage Outlook '07: In search of better data management

  Brian Peterson, storage architect for a Midwest-based Fortune 100 company, says better data management and business processes will be the main goal in 2007.  Continue Reading

• Security pros glean insight from '06

  Corporate acquisitions, an abundance of spam, and the White House's take on cybersecurity mark 2006.  Continue Reading

• Storage Outlook '07: Seeking better backups and archives

  Tom Becchetti, senior infrastructure engineer for a major national financial services company, says compliance, backup and archiving will be top priorities in 2007.  Continue Reading

• Top 10 mobile tips of 2006

  Review of the popular mobile technical tips of 2006 from our stable of mobile experts; Lisa Phifer, Craig Mathias, Daniel Taylor, Kevin Beaver and Robbie Harrell.  Continue Reading

• Top Windows server hardening tips of 2006

  Check out the top Windows server hardening tips of 2006 for helpful advice on domain controller penetration testing, security tips for the Windows Server 2003 OS and more.  Continue Reading

• Top client security tips of 2006

  A network user without the proper know-how is a ticking time bomb when it comes to security. Check out our top five client hardening tips of 2006 to get a head start on protecting yourself from potentially dangerous users.  Continue Reading

• Cleversafe envisions a new world of storage

  An organisation led by the inventor of the wireless thin client aims to combine storage and the Internet, and change how we think of both storage and computing.  Continue Reading

• Top network security tips of 2006

  The top Windows networking security tips of 2006 cover a range of topics, including network isolation, open source Windows security tools, VPN security and more.  Continue Reading

• Enterprises are open to Asterisk

  Organisations have become so comfortable with VoIP and standards that open-source technologies like Asterisk are being given serious consideration over big iron PBX platforms. Learn all about Asterisk here.  Continue Reading

• Top storage tips 2006

  What's on the minds of storage techies. What's hot, what's not, what works, what doesn't work. These expert tips cover the storage issues that take top honours when it comes to disaster recovery, NAS, SAN, backup and storage management.  Continue Reading

• Review: Prevx1 not ready for prime time

  Prevx1 will require significant improvement in management and detection capabilities before it can be considered a serious contender for enterprise deployments.  Continue Reading

• Review: Reconnex's iGuard needs improvements

  Reconnex's iGuard is maturing, though it still needs some usability improvements such as wizards, customisable reports and the ability to drill down on the graphs.  Continue Reading

• Review: Deep Security is a solid IPS

  Third Brigade's Deep Security is a well-designed, effective product with strong configuration and policy control capabilities.  Continue Reading

• Review: Lancope StealthWatch 5.5 offers more than IDS

  Hot Pick: StealthWatch goes far beyond traditional intrusion detection, with powerful network-monitoring features. The optional IDentity-1000 is an essential addition.  Continue Reading

• Hot technologies for 2007

  "Storage" magazine's editors reviewed technology developments, product introductions and storage standards to come up with this short list of must-have technologies for 2007.  Continue Reading

• Microsoft Vista could improve Internet security

  Two new Microsoft Vista features -- Kernel Patch Protection and User Account Control -- could prove especially useful in preventing serious malware infections.  Continue Reading

• Storage Decisions Session Downloads: Smart Shopper Track (LV 2006)

  Very few storage managers have carte blanche when it comes to storage spending. Sessions in our "Smart Shopper track" help managers get the most bang for their storage buck.  Continue Reading

• Storage Decisions Session Downloads: Architecture Track (LV 2006)

  More than 70% of the attendees of Storage Decisions say they are setting up or evaluating a tiered storage architecture. Featured in this track are Tiered Storage School sessions along with other sessions that can help any manager set up or ...  Continue Reading

• Storage IPOs, brilliant or brainless

  Just when we thought the fast and loose spending of the dot-com bubble was well behind us, a few recent storage company IPOs remind us that we really haven't gotten a lot smarter.  Continue Reading

• Inside MSRC: Visual Studio flaw, tool extensions explained

  Christopher Budd of the Microsoft Security Response Center sheds detail about a flaw in Visual Studio 2005 and explains that support for Software Update Services 1.0 will be extended.  Continue Reading

• Infrastructure security: Remote access DMZ

  An excerpt from Chapter 7: Infrastructure security from "How to Cheat at Managing Information Security," by Mark Osborne.  Continue Reading

• Storage Decisions Session Downloads: Engineering Track (LV 2006)

  Managers need to engineer the most flexible and complete storage network. This track looks at SAN and NAS issues, distance demands, remote offices and how to build out systems.  Continue Reading

• Storage Decisions Session Downloads (NYC 2006)

  Take a look at the sessions that floored at the Storage Decisions conference in New York City, September 27-29, 2006.  Continue Reading

• Zero-day tracker a hit, but IT shops need better strategy

  This week in Security Blog Log: Reaction to eEye's new zero-day tracker is positive, but some experts say it won't help unless IT shops have a layered defense to start with.  Continue Reading

• MySpace, YouTube successes open door to Web 2.0 dangers

  Web 2.0, and Ajax in particular, are introducing new threats to life on the Web. Many people are rushing to add interactive features to their Web applications using Ajax, but as columnist Mike Cobb explains, security has often been overlooked.  Continue Reading

• Active Directory security school: Set up and configuration

  An Active Directory security lesson.  Continue Reading

• Active Directory security school: Maintenance and testing

  This is lesson three of our Active Directory security school.  Continue Reading

• Active Directory security school: Management

  Lesson two of the Active Directory security school.  Continue Reading

• Active Directory Security School

  An improperly configured Active Directory can render the rest of your security measures useless. So how can you protect yourself from a hacker with their eyes on your AD? How can you recover from such an attack? Find the answers to all of your AD ...  Continue Reading

• Recordless email: magical or menacing?

  A new startup promises recordless email. Is this a stroke of genius that will reward the company with billions of Internet bucks, or is it the end of the world as we know it?  Continue Reading

• Managed and hosted VoIP: muddling through

  For companies looking for an alternative to a premise-based phone system, there are plenty available, and they come in all shapes and sizes. Get a clearer understanding of exactly what's available so you can ask the right questions to get the ...  Continue Reading

• Is the SANS Top 20 still useful?

  This week in Security Blog Log: Some experts ponder whether the SANS Institute's Top 20 vulnerability list is as valuable than it once was. Others weigh in on the VoIP threat.  Continue Reading

• Security Blog Log: Sailing a sea of spam

  This week, bloggers struggle to purge their bloated inboxes. Their experiences lend weight to recent studies showing a breathtaking spike in spam.  Continue Reading

• Security Blog Log: Dissecting Firefox 2.0

  This week, bloggers examine the security features of Firefox 2.0 and come away with mixed reviews. Does it fare better than Internet Explorer 7?  Continue Reading

• Review: Arbor Networks' Peakflow X 3.6

  Hot Pick: Peakflow isn't cheap and requires an intimate understanding of data flows, applications and network infrastructure. But the investment will pay dividends.  Continue Reading

• Review: Network Intelligence's enVision

  enVision offers excellent value and is highly configurable, though typically that means you have to put a lot into it to get the most out of it.  Continue Reading

• Download Advanced Storage Guide Chapter 2: Backup/Data protection (PDF)

  A printable version of our Advanced Storage All-In-One Guide. Download Chapter 2: Backup/Data protection in .pdf format now.  Continue Reading

• VoIP convergence: Managing staffing issues

  Companies making the transition to IP telephony must find a way to converge their voice and data networks -- and the employees who work on them.  Continue Reading

• Production databases find a home on IP SANs

  Dow Chemical will be cutting costs with a NetApp system; AirClic goes with EqualLogic's newest SAS array after evaluating both NetApp and EMC.  Continue Reading

• Download Advanced Storage Guide Chapter 1: Storage components (PDF)

  A printable version of our Advanced Storage All-In-One Guide. Download Chapter 1: Storage components in .pdf format now.  Continue Reading

• What storage managers are buying and why, page 4

  What storage managers are buying and why  Continue Reading

• What storage managers are buying and why, page 5

  What storage managers are buying and why  Continue Reading

• Nokia E62 thin mobile productivity device

  In this product review, John Shepler weighs in on Nokia's new E62 mobile device for Cingular Wireless.  Continue Reading

• Strategy clinic: Deciding which activities to measure to provide meaningful insights

  I have always believed in 'doing' rather than self-monitoring, but reluctantly agree that the IT department needs to provide meaningful metrics on its activities. We have no shortage of things to measure, but how do we decide which are the most ...  Continue Reading

• Nmap Technical Manual

  By now, most infosec pros have heard of Nmap, and most would agree that even though the popular freeware tool is invaluable, installing, configuring and running it in the enterprise is no easy task. With that in mind, SearchSecurity.com, in ...  Continue Reading

• Security Blog Log: Taking Google Code Search for a spin

  This week, the blogosphere is buzzing about Google Code Search. Despite concerns that the tool will aid attackers, some see it as a boost for security.  Continue Reading

• Inside MSRC: Public vulnerability disclosures on the rise

  Even though irresponsible publicly disclosed vulnerabilities seem to be on the rise, Microsoft's Christopher Budd discusses how the software giant was able to quickly release a fix for the recent VML flaw, plus offers best practices on how to make ...  Continue Reading

• School district expels outsourced backup, enrolls CDP

  Revere School District dumps tape and outsourced backup, and deploys SonicWall's continuous data protection product.  Continue Reading

• Test your IQ: Business continuity -- ANSWER

  This type of plan specifies a means of maintaining essential services at the crisis location.  Continue Reading

• DPM's Diary: 3 October 2006

  Monday  Continue Reading

• Alliance and Leicester to overhaul core systems

  Alliance & Leicester has announced plans replace many of its core banking systems with Accenture’s Alnova Financial Solutions banking platform under a three-year IT-led business transformation programme.  Continue Reading