[SecurityRatty] tag: nas

Virtualization Needs vs. Cool Features

Tue, 01 Jul 2008 17:00:08 +0000

Regardless of the size of your virtualization project you will probably ask two of the most common questions before you even start:

What product(s) & version(s) should I use?
How much should I plan to spend?

The simplest answer of course is “it depends”. I’ve seen implementations range from a thousand bucks to over several million. Ideally, your virtualization project needs & goals should drive your product selection. The bells & whistles you chose will determine your spending.

10 Basic questions that will help you determine product & cost:

Will your Virtual Infrastructure (VI) host production Virtual Machines (VM)?
What servers do you already have that can be used as hosts (32bit, 64bit, Mem, Disk, Network)?
Do you have a need for High Availability (HA)?
Do you have the need to manage SLA’s on your VMs?
What will a typical VM in your VI look like (OS, Disk, Mem, Network, CPU)?
What other IT resources do you have that can be used (SAN, NAS, Switches, etc…)?
What level of comfort does your existing staff have with the various IT resources?
Do you have existing hardware/software support agreements with Vendors you could leverage?
What tools do you already own that are “virtualization aware” and what new tools will you need?
How many VM’s do you plan to scale to?

Please, please, please, don’t make the mistake of implementing features that you don’t need and over-engineering just because the product lets you do so.

If you plan it right your product & cost, questions will be answered with no unpleasant surprises.

ShareThis

Unstructured data at risk in most firms, survey finds

Mon, 30 Jun 2008 20:00:00 +0000

Corporate information stored on file servers and network-attached storage (NAS) devices is in danger of compromise because IT governance policies and access rules in many companies are incapable of dealing with a massive growth of unstructured data, according to a Ponemon Institute report issued Tuesday.

Consumer Reports on Aviation Security and the TSA

Thu, 10 Jan 2008 10:58:40 +0000

It's not on their website yet, and you'd have to pay to read it in any case, but the February 2008 issue of Consumer Reports has an article on aviation security. Much of it you've all heard before, but there are some new bits:

Larry Tortorich, a TSA training officer and former representative to the Joint Terrorism Task Force who retired in 2006, also says he saw problems from the inside. "There was a facade of security. There were numerous security flaws and vulnerabilities I identified. The response was, it wasn't apparent to the public, so there would not be any corrective action."

I've regularly pointed to reinforcing the cockpit doors as something that was a good idea, and should have been done years earlier.

Critics, however, say a stronger door is only half of the solution. "People have this illusion that hardened cockpit doors work, and they don't," Dzakovic says. "If you want to have a secure door, you need to have a double hulled door."
Consumer Reports searched NAS, the Aviation Safety Reporting System, and found 51 incidents since April 2002 in which flight crews reported problems with the hardened doors.

Most of them weren't really security issues: locking mechanisms failing, doors popping open in flight, and so on. But this was more interesting:

A 2006 study of aviation security by DFI International, a Washington, D.C. security consultancy, found that a drunken passenger kicked a hole in a door panel and that aircraft cleaners "broke a fortified door off its hinges by running a heavy snack cart into it on a bet."
El Al, of course, has double doors. But since the cost is between $5K and $10K per aircraft, the airline industry has fought the measure in the U.S.

The article also talks about how poor the screeners actually are, but I've covered all that already.