C:\temp\Err>err 0x80070003 # for hex 0x80070003 / decimal -2147024893 : COR_E_DIRECTORYNOTFOUND corerror.h # MessageText: # The specified path couldn't be found. # 1 matches found for "0x80070003"

Operation IDent-ification

A man matching the description of a suspected child abuser who became the target of an international manhunt earlier this week has been arrested in the US.

Wayne Nelson Corliss, 58, was arrested in Union City, New Jersey on Thursday - two days after Interpol published photos resembling him. The actor, whose stage name is Casey Wane, is suspected of sexually abusing at least three boys aged between six and ten in south east Asia between April 2000 and May 2001.

Interpol Secretary General Ronald Noble hailed Corliss’s arrest: “Two days ago, this man’s nationality, identity and location were totally unknown. All we had to go by were a series of graphic photographs in which the suspect was seen sexually abusing young children and our confidence that the public and police worldwide would once again respond… That two days later, the primary suspect is now in custody is an outstanding achievement and a credit to the citizens, media and law enforcement worldwide who responded to Interpol’s call.”

In March 2006, police in Norwary found images of the abuse on the PC of a convicted paedophile. Two years of police investigation failed to identify the grey-haired, bespectacled suspect, or even his nationality. This prompted Interpol to publish six pictures of the man on Tuesday, in only its second appeal to find a suspected paedophile.

Last year a similar appeal uncovered the identity of Canadian Christopher Paul Neil, who is in jail awaiting trial on child abuse charges. German police unscrambled an image of Neil’s face that had been “swirled” to hide his identity. The picture was contained in a cache of child abuse images, and its publication by Interpol last October quickly led to his arrest in Thailand.

More from Interpol here. ®

Montego Networks Prediction:

Virtual Environments will be more secure than their physical counter parts by 2010.

Neil McDonald of Gartner reported in 2007 that throughout 2009, 60% of virtual environment deployments would be less secure than their physical counter parts.

Although I tend to believe Neil’s prediction I’m a bit optimistic about the markets awareness of the security concerns within virtualized environments and feel companies will start to address those concerns by 2009. I also believe that by the end of 2009 the majority of companies virtualizing will have built virtualized environments that are more secure than their physical counter parts.

Now, you may be thinking I’m either crazy or that I’m just one of these guys that just states the opposite of what someone else says!

Well, not at all. I’ve been studying the virtual security market for some time now and after talking with many companies that are deploying virtualization I’m starting to get the sense that people get it (security). It’s pretty evident that when people are made aware of what seems to be the obvious (security), that something clicks and they get it right away. In fact, many times the light bulbs start turning on and people start thinking about more creative ways to secure severs by taking advantage of virtualization which enables them to do things they’ve never been able to do before. 

So, although I agree that there has been this issue of security being once again forgotten and that 60% of virtual environments will be less secure up until 2009, I’m not so sure I’m going to underestimate the market and think that this pattern will continue much longer after that.

Take a look at the following graphic and it depicts the various layers in a network. History has proven itself time and time again that a new network layer is built first and security always comes along afterwards.

Well, one of the challenges we’ve seen with these physical networks is that it’s pretty costly, time consuming and a burden to purchase, install and administer security. Then once it’s in place and being run, you have to fork lift upgrade certain parts of your security infrastructure due to bandwidth demands and changes in application security concerns.

What virtualization brings to the table is not only cost savings for server consolidation, power consumption and datacenter space but the ability to do all of those things for parts of your security infrastructure as well.

Imagine instead of having to deploy engineers to install 20 firewalls across your datacenter, you could sit from a single workstation with a couple of guys and install 20 firewalls in hours vs. days. The reason this is possible is because now firewalls have just went virtual! You can roll them out as software images or virtual appliances without leaving the comfort of your cubical. 

Imagine being able to “virtual-lift upgrade” vs. “fork-lift upgrade” a new firewall, UTM appliance, IPS or whatever by simply powering off a Firewall Virtual Machine and powering on a new one.  Imagine being able to improve your performance by taking advantage of the multi-core processing and blade server computing trends vs. waiting for the next super fast security ASIC chip.

In the past it’s been difficult to get security as close as possible to the servers and desktops without having to deploy host based solutions. The reason for this is because we have been constrained by the physical limitations of our hardware purchases from the likes of Cisco, Extreme and Foundry. Then for vendors that have thought about putting security in a switch there has always been the price per port debate. Also, many don't want to take the risk and replace Cisco for a new startup building a new switch (ie. Force 10's Switch + IPS product).  Typically switching ports are cheap and security is more expensive and when trying to combine the two, you end up with a switch that costs a lot of money. So imagine having a 200+ port switch with a Firewall built in for $300 bucks. How could this be so? Because its virtual, and because its 100% software.

Did he just elude to a firewall for every port?  Does each Server or Desktop have firewalling between every other Server & Desktop on the same switch?  Absolutely! all because of virtualization!

Software makes it easier to bring the price per port down. When things are in software you can deploy multiple copies of them to scale your network capacity without breaking the bank. Virtualization also allows you to do things like “Freeze” and “Thaw” servers and desktops automatically when vulnerability is detected. If a denial of service is occurring against a Virtual Server you can always VMotion that server to a network with more capacity without an administrator having to lift a finger. Imagine an attack happening on a machine and instead of it being quarantined it makes a snapshot image of the infected machine and freezes it in its current bad state so you can go back and analyze how someone broke in. As you can see, there are lots of new capabilities brought to the security round table.

Virtualization will make security solutions even more powerful and increase the adoption rate of security in general due to the massive cost savings that can be appreciated through virtualization. For these reasons I see the market quickly leveraging virtualization to make Virtual Environments more Secure than their counter parts. Virtualization will enable the innovations in security that has been since UTM and Reputation based Anti-Spam.

VMWare, Virtual Iron, Citrix and others, thanks from the security industry for the innovation!

John Peterson, Montego Networks, Co-Founder & CTO

Montego Networks Prediction:

Virtual Environments will be more secure than their physical counter parts by 2010.

Neil McDonald of Gartner reported in 2007 that throughout 2009, 60% of virtual environment deployments would be less secure than their physical counter parts.

Although I tend to believe Neil???s prediction I???m a bit optimistic about the markets awareness of the security concerns within virtualized environments and feel companies will start to address those concerns by 2009. I also believe that by the end of 2009 the majority of companies virtualizing will have built virtualized environments that are more secure than their physical counter parts.

Now, you may be thinking I???m either crazy or that I???m just one of these guys that just states the opposite of what someone else says!

Well, not at all. I???ve been studying the virtual security market for some time now and after talking with many companies that are deploying virtualization I???m starting to get the sense that people get it (security). It???s pretty evident that when people are made aware of what seems to be the obvious (security), that something clicks and they get it right away. In fact, many times the light bulbs start turning on and people start thinking about more creative ways to secure severs by taking advantage of virtualization which enables them to do things they???ve never been able to do before. 

So, although I agree that there has been this issue of security being once again forgotten and that 60% of virtual environments will be less secure up until 2009, I???m not so sure I???m going to underestimate the market and think that this pattern will continue much longer after that.

Take a look at the following graphic and it depicts the various layers in a network. History has proven itself time and time again that a new network layer is built first and security always comes along afterwards.

Well, one of the challenges we???ve seen with these physical networks is that it???s pretty costly, time consuming and a burden to purchase, install and administer security. Then once it???s in place and being run, you have to fork lift upgrade certain parts of your security infrastructure due to bandwidth demands and changes in application security concerns.

What virtualization brings to the table is not only cost savings for server consolidation, power consumption and datacenter space but the ability to do all of those things for parts of your security infrastructure as well.

Imagine instead of having to deploy engineers to install 20 firewalls across your datacenter, you could sit from a single workstation with a couple of guys and install 20 firewalls in hours vs. days. The reason this is possible is because now firewalls have just went virtual! You can roll them out as software images or virtual appliances without leaving the comfort of your cubical. 

Imagine being able to ???virtual-lift upgrade??? vs. ???fork-lift upgrade??? a new firewall, UTM appliance, IPS or whatever by simply powering off a Firewall Virtual Machine and powering on a new one.  Imagine being able to improve your performance by taking advantage of the multi-core processing and blade server computing trends vs. waiting for the next super fast security ASIC chip.

In the past it???s been difficult to get security as close as possible to the servers and desktops without having to deploy host based solutions. The reason for this is because we have been constrained by the physical limitations of our hardware purchases from the likes of Cisco, Extreme and Foundry. Then for vendors that have thought about putting security in a switch there has always been the price per port debate. Also, many don't want to take the risk and replace Cisco for a new startup building a new switch (ie. Force 10's Switch + IPS product).  Typically switching ports are cheap and security is more expensive and when trying to combine the two, you end up with a switch that costs a lot of money. So imagine having a 200+ port switch with a Firewall built in for $300 bucks. How could this be so? Because its virtual, and because its 100% software.

Did he just elude to a firewall for every port?  Does each Server or Desktop have firewalling between every other Server & Desktop on the same switch?  Absolutely! all because of virtualization!

Software makes it easier to bring the price per port down. When things are in software you can deploy multiple copies of them to scale your network capacity without breaking the bank. Virtualization also allows you to do things like ???Freeze??? and ???Thaw??? servers and desktops automatically when vulnerability is detected. If a denial of service is occurring against a Virtual Server you can always VMotion that server to a network with more capacity without an administrator having to lift a finger. Imagine an attack happening on a machine and instead of it being quarantined it makes a snapshot image of the infected machine and freezes it in its current bad state so you can go back and analyze how someone broke in. As you can see, there are lots of new capabilities brought to the security round table.

Virtualization will make security solutions even more powerful and increase the adoption rate of security in general due to the massive cost savings that can be appreciated through virtualization. For these reasons I see the market quickly leveraging virtualization to make Virtual Environments more Secure than their counter parts. Virtualization will enable the innovations in security that has been since UTM and Reputation based Anti-Spam.

VMWare, Virtual Iron, Citrix and others, thanks from the security industry for the innovation!

John Peterson, Montego Networks, Co-Founder & CTO