In Depth
In Depth
-
Network access control learning guide
From PDAs to insecure wireless modems, users have myriad options for connecting to -- and infecting -- the network. Created in partnership with our sister site SearchSecurity.com, this guide offers tips and expert advice on network access control. ... Continue Reading
-
Microsoft should scrap Patch Tuesday
Instead of leaving flaws unpatched for weeks between cycles, Microsoft should use its resources to produce high-quality patches shortly after vulnerabilities are discovered. Continue Reading
-
PayPal security measures help stamp out fraud
PayPal's 133 million online customers are the biggest ocean phishers have to plunder. CISO Michael Barrett wants to make it safe to be in the water; and he's not going at it alone. Continue Reading
-
ISCSI TCP/IP TOE card purchase considerations
A look at the specific considerations in purchasing iSCSI Continue Reading
-
ISCSI TCP/IP TOE card specifications
Key specifications for a cross-section of popular iSCSI TOE cards. Continue Reading
-
4 Gbit Fibre Channel switch purchase considerations
As SANs scale up, data centres often upgrade and expand the SAN switch infrastructure. Here's what to look for when scaling Continue Reading
-
4 Gbit Fibre Channel switch product specifications
Product snapshots highlighting key specifications for a cross section of popular director-class 4 Gbit and faster FC switch products. Continue Reading
-
The trouble with Google hacking techniques
Some IT security professionals say the threat posed by Google hacking techniques is overblown and that companies can easily avoid it with a layered security program. One skeptical expert is Ira Winkler, founder of the Internet Security Advisors ... Continue Reading
-
Storage consolidation: WAN acceleration and WAFS technology overview
One important avenue of storage consolidation is the consolidation of remote office storage; this is where WAN acceleration and WAFS technology comes into play. Continue Reading
-
Storage consolidation: SRM tools overview
SRM tools are an important part of storage consolidation. They allow admins to monitor the storage environment, allocate and organise available storage, and offer insights into future trends. Continue Reading
-
IP storage switch and router specifications
Key specifications for a cross section of popular IP storage switch and router products. Continue Reading
-
IP storage switch and router purchase considerations
The choice of an IP switch or router demands careful consideration of issues including port speed, segmentation, interoperability and security Continue Reading
-
Skype to the desk phone saves company a bundle
Skype on the desk phone has helped a Chicago-based furniture maker save a considerable amount of money on long-distance voice charges. Continue Reading
-
Inside MSRC: Windows Vista security update explained
Microsoft's Christopher Budd details the first Windows Vista security updates. Continue Reading
-
When disaster recovery and data classification collide
Attendees at a disaster recovery seminar discussed the complex application dependencies when disaster recovery and data classification combine. Continue Reading
-
Will data breach be the end of TJX?
This week in Security Blog Log: Industry experts say companies can learn from a data breach and even prosper from it. But is TJX following the right example? Continue Reading
-
IT pros eye Windows Server 2003 SP2 with caution
Despite its security and stability enhancements, IT pros say they are in no rush to deploy Windows Server 2003 SP2 Continue Reading
-
VoiceCon Spring: A transition show for the VoIP industry
VoiceCon Spring was all about unified communications. Zeus Kerravala provides highlights of the more interesting points from the show. Continue Reading
-
Symantec threat report under the microscope
This week in Security Blog Log: Infosec professionals dissect Symantec's latest threat report and express a range of views in the blogosphere. Continue Reading
-
Web 2.0 tools of the trade
As Web 2.0 technologies become more popular, IT professionals are answering questions from business units on how it can be used. Continue Reading
-
Measuring Vista's true security muscle will take time
Researchers are digging through the Windows Vista code right now, and when they find flaws we'll hear about it. But it's the ones we don't hear about that should keep us up at night. Continue Reading
-
Mobile data services development trends in 2007
Darrell Jordan-Smith takes a look at new data services architectures and development tools emerging in 2007 and the ongoing development efforts of the Java Community and others. Continue Reading
-
Defending mobile devices from viruses, spyware and malware
The nature of threat vectors facing mobile devices, challenges and struggles related to keeping mobile devices secure and strategies Continue Reading
-
LexisNexis fights crime with storage
The document search company is offering a new data forensics service staffed by former federal agents and powered by commodity NAS. Continue Reading
-
Is RAID outdated?
I would suggest that perhaps it is time for us to retire RAID in its current form. Continue Reading
-
Black Hat RFID controversy has bloggers up in arms
This week in Security Blog Log: Infosec pros slam HID Corp., the firm that tried to quash a Black Hat presentation on flaws in its RFID technology, calling HID the latest champion of security through obscurity. Continue Reading
-
PING with Mark Odiorne
Mark Odiorne, CISO at Scottish Re, provides insights on pen testing procedures, prioritising security for senior management and keeping compliant. Continue Reading
-
RFID dispute: Vendors still hostile toward full disclosure
Many vendors still believe that security by obscurity is still the best policy and make it a priority to silence vulnerability researchers. Continue Reading
-
Outsourced VoIP helps devastated company recover
Outsourced VoIP helped a Berkeley company keep up business as usual after a fire destroyed its offices. Continue Reading
-
RFID privacy, security should start with design
Companies planning to deploy radio frequency identification technology (RFID) must demand that privacy and security issues are addressed early. Continue Reading
-
Top 10 VoIP search terms
The top ten VoIP search terms and definitions. Keep tabs on the most popular VoIP terms – updated regularly. Continue Reading
-
Microsoft takes a blogosphere beating over Vista UAC
This week in Security Blog Log: Industry experts take Microsoft to task over a "very severe hole" in the design of Vista's User Account Controls (UAC) feature. Continue Reading
-
Flaws haunt Symantec, IBM, Cisco and IE
Bug Briefs: Security holes plague Symantec Norton products, IBM DB2; Mozilla Firefox; Trend Micro ServerProtect; Cisco IP phones; Google Desktop; IE and Snort. Continue Reading
-
Data breach: If customers don't act, data will remain at risk
To make enterprises take data security seriously, customers must take control of their personally identifiable information and stop handing it out to businesses. Continue Reading
-
Questions fly as EMC Retrospect fades
All signs point to the end of life for EMC's Retrospect backup software for small businesses. Sources say the company cannot support an SMB software channel. Continue Reading
-
Inside MSRC: Microsoft explains security bulletins
Microsoft issued 12 new security bulletins in February. Christopher Budd of the Microsoft Security Response Center provides information about the most important fixes. Continue Reading
-
Download SAN Guide Chapter 3: Switches (PDF)
You asked for it, so here it is -- a printable version of our SAN All-In-One Guide. Download Chapter 3: Switches in .pdf format now. Continue Reading
-
New security vendors take on sophisticated attackers
IT Security vendors are developing technologies that show promise in preventing unknown attacks and protecting machines with zero-day vulnerabilities. Continue Reading
-
Quiz: Using IAM tools to improve compliance
A five-question multiple-choice quiz to test your understanding of the content presented by expert Tom Bowers in this lesson of SearchSecurity.com's Identity and Access Management Security School. Continue Reading
-
VoIP case studies: What you need to know
Case studies are the next best thing to being there. Learn how others overcame the expected and the unexpected challenges of a VoIP migration in our case studies series. Continue Reading
-
Storm Trojan was worse than it should have been
The "Storm" attack made a big splash because people keep falling for social engineering and there was simply little else in the news, experts say. Continue Reading
-
Quiz: Defending mobile devices from viruses, spyware and malware
A five-question multiple-choice quiz to test your understanding of the content presented in Defending mobile devices from viruses and malware lesson of SearchSecurity.com's Messaging Security School. Continue Reading
-
Fujitsu exec says SAS may take years to hit your array
Fujitsu's product development VP talks about the development of SAS, why Fujitsu won't be competing with Hitachi's 1 TB drive and the Star-Trek-like future of disks. Continue Reading
-
VoIP security monitoring gets proactive
VoIP security and traffic monitoring have become imperatives, but it can still be tricky on a converged VoIP and data network. Continue Reading
-
Vendors: Cut the hype, truth is what sells
Storage virtualisation technologies have been purchased and implemented successfully for years. The rest of the IT infrastructure must try to catch up and, ultimately, the only thing not virtualised within the datacentre will be the last guy ... Continue Reading
-
TJX breach: There's no excuse to skip data encryption
Companies complain that database encryption products are too expensive and difficult to manage, but customer loss and breach notification costs outweigh encryption expenses. Continue Reading
-
TJX gets little sympathy from blogosphere
TJX is taken to task by security bloggers for waiting until after a massive data breach to take steps to bolster its security. Continue Reading
-
EqualLogic CEO says IPO on the way
EqualLogic's CEO talks about the company's plans to go public, its intent to add 10 GigE to its products and why he thinks not all iSCSI products are created equal. Continue Reading
-
PatchLink offers solid flaw management
PatchLink Update 6.3 is a solid solution to the enterprise patch management problem and demonstrates its true power in a Windows environment. Continue Reading
-
WiMax clearing path to mainstream
A number of industry moves have made WiMax almost ready for the mainstream. But there's good news and bad news to consider before making the move. Continue Reading
-
Federal government pushes full-disk encryption
Businesses need to follow the federal government's lead in reducing data breaches by holding employees responsible and examining full-disk encryption (FDE) products. Continue Reading
-
Inside MSRC: Microsoft updates WSUSSCAN issue
Christopher Budd of the Microsoft Security Response Center is urging customers to deploy the latest versions of the Systems Management Server Inventory Tool for Microsoft Updates or Microsoft Baseline Security Analyzer to receive all the current ... Continue Reading
-
Why don't we have clustered FC block storage?
Is it odd that the industry has made such serious strides toward incorporating clustering concepts in both file-based storage and IP -based storage, but not Fibre Channel storage? Continue Reading
-
Top Web security tips of 2006
Check out the top five Web security tips of 2006 to get advice on securing Internet Explorer, ISA Server and Radius and a set of tools designed to secure the Web browsing experience. Continue Reading
-
Adobe Reader flaws spook security experts
Security experts sound the alarm over Adobe Reader flaws that could be exploited for cross-site scripting attacks and other mayhem. Continue Reading
-
Storage Outlook '07: In search of better data management
Brian Peterson, storage architect for a Midwest-based Fortune 100 company, says better data management and business processes will be the main goal in 2007. Continue Reading
-
Top Windows server hardening tips of 2006
Check out the top Windows server hardening tips of 2006 for helpful advice on domain controller penetration testing, security tips for the Windows Server 2003 OS and more. Continue Reading
-
Top 10 mobile tips of 2006
Review of the popular mobile technical tips of 2006 from our stable of mobile experts; Lisa Phifer, Craig Mathias, Daniel Taylor, Kevin Beaver and Robbie Harrell. Continue Reading
-
Security pros glean insight from '06
Corporate acquisitions, an abundance of spam, and the White House's take on cybersecurity mark 2006. Continue Reading
-
Storage Outlook '07: Seeking better backups and archives
Tom Becchetti, senior infrastructure engineer for a major national financial services company, says compliance, backup and archiving will be top priorities in 2007. Continue Reading
-
Top client security tips of 2006
A network user without the proper know-how is a ticking time bomb when it comes to security. Check out our top five client hardening tips of 2006 to get a head start on protecting yourself from potentially dangerous users. Continue Reading
-
Cleversafe envisions a new world of storage
An organisation led by the inventor of the wireless thin client aims to combine storage and the Internet, and change how we think of both storage and computing. Continue Reading
-
Top network security tips of 2006
The top Windows networking security tips of 2006 cover a range of topics, including network isolation, open source Windows security tools, VPN security and more. Continue Reading
-
Enterprises are open to Asterisk
Organisations have become so comfortable with VoIP and standards that open-source technologies like Asterisk are being given serious consideration over big iron PBX platforms. Learn all about Asterisk here. Continue Reading
-
Top storage tips 2006
What's on the minds of storage techies. What's hot, what's not, what works, what doesn't work. These expert tips cover the storage issues that take top honours when it comes to disaster recovery, NAS, SAN, backup and storage management. Continue Reading
-
Review: Prevx1 not ready for prime time
Prevx1 will require significant improvement in management and detection capabilities before it can be considered a serious contender for enterprise deployments. Continue Reading
-
Review: Reconnex's iGuard needs improvements
Reconnex's iGuard is maturing, though it still needs some usability improvements such as wizards, customisable reports and the ability to drill down on the graphs. Continue Reading
-
Review: Deep Security is a solid IPS
Third Brigade's Deep Security is a well-designed, effective product with strong configuration and policy control capabilities. Continue Reading
-
Microsoft Vista could improve Internet security
Two new Microsoft Vista features -- Kernel Patch Protection and User Account Control -- could prove especially useful in preventing serious malware infections. Continue Reading
-
Review: Lancope StealthWatch 5.5 offers more than IDS
Hot Pick: StealthWatch goes far beyond traditional intrusion detection, with powerful network-monitoring features. The optional IDentity-1000 is an essential addition. Continue Reading
-
Hot technologies for 2007
"Storage" magazine's editors reviewed technology developments, product introductions and storage standards to come up with this short list of must-have technologies for 2007. Continue Reading
-
Storage Decisions Session Downloads: Smart Shopper Track (LV 2006)
Very few storage managers have carte blanche when it comes to storage spending. Sessions in our "Smart Shopper track" help managers get the most bang for their storage buck. Continue Reading
-
Storage Decisions Session Downloads: Architecture Track (LV 2006)
More than 70% of the attendees of Storage Decisions say they are setting up or evaluating a tiered storage architecture. Featured in this track are Tiered Storage School sessions along with other sessions that can help any manager set up or ... Continue Reading
-
Storage IPOs, brilliant or brainless
Just when we thought the fast and loose spending of the dot-com bubble was well behind us, a few recent storage company IPOs remind us that we really haven't gotten a lot smarter. Continue Reading
-
Inside MSRC: Visual Studio flaw, tool extensions explained
Christopher Budd of the Microsoft Security Response Center sheds detail about a flaw in Visual Studio 2005 and explains that support for Software Update Services 1.0 will be extended. Continue Reading
-
Infrastructure security: Remote access DMZ
An excerpt from Chapter 7: Infrastructure security from "How to Cheat at Managing Information Security," by Mark Osborne. Continue Reading
-
Storage Decisions Session Downloads: Engineering Track (LV 2006)
Managers need to engineer the most flexible and complete storage network. This track looks at SAN and NAS issues, distance demands, remote offices and how to build out systems. Continue Reading
-
Storage Decisions Session Downloads (NYC 2006)
Take a look at the sessions that floored at the Storage Decisions conference in New York City, September 27-29, 2006. Continue Reading
-
Zero-day tracker a hit, but IT shops need better strategy
This week in Security Blog Log: Reaction to eEye's new zero-day tracker is positive, but some experts say it won't help unless IT shops have a layered defense to start with. Continue Reading
-
MySpace, YouTube successes open door to Web 2.0 dangers
Web 2.0, and Ajax in particular, are introducing new threats to life on the Web. Many people are rushing to add interactive features to their Web applications using Ajax, but as columnist Mike Cobb explains, security has often been overlooked. Continue Reading
-
Active Directory security school: Set up and configuration
An Active Directory security lesson. Continue Reading
-
Active Directory security school: Maintenance and testing
This is lesson three of our Active Directory security school. Continue Reading
-
Active Directory security school: Management
Lesson two of the Active Directory security school. Continue Reading
-
Active Directory Security School
An improperly configured Active Directory can render the rest of your security measures useless. So how can you protect yourself from a hacker with their eyes on your AD? How can you recover from such an attack? Find the answers to all of your AD ... Continue Reading
-
Managed and hosted VoIP: muddling through
For companies looking for an alternative to a premise-based phone system, there are plenty available, and they come in all shapes and sizes. Get a clearer understanding of exactly what's available so you can ask the right questions to get the ... Continue Reading
-
Recordless email: magical or menacing?
A new startup promises recordless email. Is this a stroke of genius that will reward the company with billions of Internet bucks, or is it the end of the world as we know it? Continue Reading
-
Is the SANS Top 20 still useful?
This week in Security Blog Log: Some experts ponder whether the SANS Institute's Top 20 vulnerability list is as valuable than it once was. Others weigh in on the VoIP threat. Continue Reading
-
Security Blog Log: Sailing a sea of spam
This week, bloggers struggle to purge their bloated inboxes. Their experiences lend weight to recent studies showing a breathtaking spike in spam. Continue Reading
-
Security Blog Log: Dissecting Firefox 2.0
This week, bloggers examine the security features of Firefox 2.0 and come away with mixed reviews. Does it fare better than Internet Explorer 7? Continue Reading
-
Review: Arbor Networks' Peakflow X 3.6
Hot Pick: Peakflow isn't cheap and requires an intimate understanding of data flows, applications and network infrastructure. But the investment will pay dividends. Continue Reading
-
Review: Network Intelligence's enVision
enVision offers excellent value and is highly configurable, though typically that means you have to put a lot into it to get the most out of it. Continue Reading
-
Download Advanced Storage Guide Chapter 2: Backup/Data protection (PDF)
A printable version of our Advanced Storage All-In-One Guide. Download Chapter 2: Backup/Data protection in .pdf format now. Continue Reading
-
VoIP convergence: Managing staffing issues
Companies making the transition to IP telephony must find a way to converge their voice and data networks -- and the employees who work on them. Continue Reading
-
Production databases find a home on IP SANs
Dow Chemical will be cutting costs with a NetApp system; AirClic goes with EqualLogic's newest SAS array after evaluating both NetApp and EMC. Continue Reading
-
Download Advanced Storage Guide Chapter 1: Storage components (PDF)
A printable version of our Advanced Storage All-In-One Guide. Download Chapter 1: Storage components in .pdf format now. Continue Reading
-
What storage managers are buying and why, page 5
What storage managers are buying and why Continue Reading
-
What storage managers are buying and why, page 4
What storage managers are buying and why Continue Reading
-
Nokia E62 thin mobile productivity device
In this product review, John Shepler weighs in on Nokia's new E62 mobile device for Cingular Wireless. Continue Reading
-
Strategy clinic: Deciding which activities to measure to provide meaningful insights
I have always believed in 'doing' rather than self-monitoring, but reluctantly agree that the IT department needs to provide meaningful metrics on its activities. We have no shortage of things to measure, but how do we decide which are the most ... Continue Reading
-
Nmap Technical Manual
By now, most infosec pros have heard of Nmap, and most would agree that even though the popular freeware tool is invaluable, installing, configuring and running it in the enterprise is no easy task. With that in mind, SearchSecurity.com, in ... Continue Reading