Sunday, December 15, 2013

Mobile Device Management Checklist

Ideally, IT should be at least aware of every smartphone and tablet used in an organization, from activation to retirement. Accomplishing this requires a cohesive plan for mobile device management.
As business use of smartphones and tablets continues to grow, inadequate IT oversight and control is having negative effects. Up to one-third of companies acknowledge that smartphone use is being hindered or slowed because IT admins cannot manage the devices to the extent they would like, according to a 2012 Osterman Research study; the situation is even worse for tablets.

Mobile devices: Out of sight, out of mind

For the past decade, IT departments turned a blind eye to mobile handhelds, believing that cell phones were too limited and PDAs saw too little use to warrant attention. But today's increasingly powerful converged mobile devices have blown past both barriers, leaving IT in the hot seat. After all, you cannot secure what you don't manage, and you cannot manage what you don't see.

Mobile device management (MDM) can help your business plug this gaping hole by enabling remote visibility and control over smartphones and other handheld devices carried by your workforce. But MDM can also be a frustratingly vague term, applied to a diverse collection of products. The first step is to define precisely what you want an MDM system to do for your mobile workforce. The following checklist can help you identify your needs and common MDM capabilities that could address them.

Mobile asset inventory

Clearly, your MDM must maintain a list of devices to be managed -- that is, your mobile asset inventory. But what should your inventory include, and how will it be maintained?
  • Device inventory: What physical details do you need to track? Beyond the basics (device ID, hardware model, firmware version), an MDM can help you record and report on related assets like wireless adapters and removable memory.
  • Inventory classification: How do you want to group those mobile devices? For example, an MDM might auto-classify your devices by mobile OS/version or state (e.g., unknown, authorized, provisioned, decommissioned).
  • Inventory maintenance: How do you want to update your inventory to reflect adds, changes and deletes? An MDM might be used to periodically poll devices, check for changes at network connect, or carry out admin-initiated audits.
  • Physical tracking: Do you need to know not just who carries each handheld but precisely where that device is located? With many smartphones now supporting GPS, location-based MDM features become feasible.
  • Database integration: Do you already have inventory systems that manage other assets (e.g., desktops, phones)? If so, you may want to integrate managed mobile device records into a common database using inventory exports or reports.

Mobile device provisioning

Managing a device through its lifecycle begins with activation and provisioning. How will each new device become an authorized, capable member of your handheld fleet?
  • Supported platforms: Device management depends on many characteristics, including operating system and vendor/model/version. What platforms (e.g., Apple iOS, Google Android, BlackBerry OS, Microsoft Windows Phone) and minimum models/versions (e.g., Samsung SAFE devices running Android 4+) must you support? Make device-independent management choices wherever possible and practical while establishing baseline acceptance criteria for specific business uses (e.g., hardware-encrypted devices with remote find/wipe capability).
  • Device registration: How will you enroll mobiles to be managed? MDMs can help administrators register company handhelds (e.g., directory add) or let users register their own devices (e.g., enrollment portals), or some combination thereof.
  • Agent activation: How will MDM software get installed and activated on each new device? Some mobile devices ship with native MDM (e.g., Apple iOS, BlackBerry OS); others may require employees to visit an app store or an IT-managed Web portal to download and install an MDM agent. The latter is often accomplished by texting or emailing a URL to each enrolled device to complete over-the-air installation.
  • Device configuration: How will you override factory/carrier defaults? For example, you might want to require passwords, add registry keys, or rewrite menus to eliminate non-business applications. MDMs can apply your "standard config" to each device after initial activation or hard reset.

Mobile software distribution

Many MDMs go beyond device inventory and configuration, providing tools that deliver and update mobile applications. This may not be Job 1, but it should be a close second.
  • Software packages: How will you bundle related applications for purposes of configuration and delivery? MDMs can help you define and deploy those packages, helping to resolve platform, memory, and application dependencies.
  • Application distribution: Do you want software and updates to be downloaded from public app stores (e.g., Apple iTunes, Google Play), pushed transparently to managed devices by an enterprise app store, or some combination thereof? Each mobile OS enforces its own rules regarding user permissions required to install and update apps, but MDMs can help IT automate related processes (e.g., prompting users to install required public apps).
  • Mobile optimizations: Must your strategy accommodate unreliable or limited WANs? Some MDMs offer compression, incremental updates, and bandwidth management (attempting or resuming installation only over fast, low-cost links).
  • Change control: How often will your mobile applications need patching or update? Define how deployed packages will be maintained so that changes are applied without resulting in user pain or weeks of effort to fix failed updates.

Mobile security management

On handhelds, device and security management tend to converge. Many MDMs offer basic security features that are missing from mobile OSs or related to device tasks.
  • User authentication: How will you authenticate users before granting access to mobile devices? Some MDMs can be integrated with enterprise directories while addressing mobile needs like network-disconnected authentication.
  • Password policy enforcement: How many login attempts will you allow before requiring reset? Can emergency calls bypass authentication? Many MDM agents can enforce these and other password policies that go beyond OS-provided PINs.
  • Remote device wipe: Do you need the ability to wipe clean a remote mobile device? For example, an MDM can often delete data or hard-reset a lost smartphone on next server connect or upon receipt of an SMS "kill pill."
  • White/black lists and device restrictions: An MDM involved in application management may require certain business applications and ban other applications. Similarly, an MDM that controls device settings can help you disable risky interfaces and wireless options.
  • Secure communication: How will sensitive MDM traffic (e.g., configuration changes, software packages) be protected? Some MDMs provide their own secure channels rather than relying on OS or third-party protocols.

Mobile data protection

Data just might be the most sensitive corporate asset on any mobile handheld. MDMs can help you preserve and protect that mobile data.
  • Data encryption: Do you want to enforce policies that use hardware or software encryption to prevent unauthorized access to data stored on mobile devices? Most contemporary mobile devices provide hardware encryption capability; others can enforce your policies by installing or activating third-party encryption (e.g., secure data lockers, self-encrypting enterprise applications).
  • Backup/restore: How will you prevent data loss when a mobile device is damaged or stolen? Most mobile devices support scheduled over-the-air backup of selected settings and content to a cloud backup service for subsequent restoration by authorized users. Consider whether you also need to back up enterprise application data to an IT-controlled backup server.
  • Data tracking: Do you need to maintain an audit trail of corporate data copied to and from mobile devices? Some MDMs can control and report on sensitive files transferred during over-the-air synchronization or onto removable media.

Monitoring and help desk support

Mobile device total cost of ownership can far exceed hardware/software purchase. Over time, MDM should pay for itself by reducing maintenance and support costs. How?
  • Self-help: Can some admin tasks be cost-effectively shifted away from IT? Some MDMs offer self-help portals for user-initiated device enrollment, password reset or recovery, optional package download, and data restoration from backup.
  • Diagnostics: When problems arise, what will your help desk need to see? MDMs can play a big role by providing not just intended settings but real-time status and health information (e.g., memory, battery, network connectivity).
  • Remote control: When remote users need assistance, what can your help desk really do? Many MDMs include remote-control features (e.g., screen sharing) that let support staff interact with an off-site handheld in real time.
  • Audit and compliance: Do you need to prove that mobile devices comply with your stated policies and/or industry privacy regulations? MDMs can help you automate remote assessment, remediation, and compliance reporting.
  • Activity reports: How much insight will you need into mobile user activities, including interaction with business servers and networks? Most MDMs provide historical reports -- but look closely to see whether they capture what you need to know. 
Probably an organization does not need everything on this checklist, and any single MDM product is unlikely to cover all of these bases. Instead, treat this checklist as though it were a menu, introducing you to a foreign cuisine. Some considerations are simply variations on traditional desktop management needs, while others may be new and unfamiliar. Try a few MDMs to gain field experience with mobile user and device requirements before settling on an enterprise mobility management strategy for your workforce.

Source : Internet

Thursday, December 12, 2013

Guide to mobile device management software

The proliferation of mobile devices in the workplace has become a well-established trend. But the increasing use of employees’ personal mobile devices puts IT departments in an unusual position: End-user practices, rather than strategic IT plans, are driving the adoption of the technology, and IT needs mobile device management software to handle it.
In many cases, those responsible for delivering business services, securing infrastructure and complying with regulations have inadequate tools to manage and control the influx of mobile devices. Asset management and configuration management tools that were designed for servers, desktops and laptops lack the functionality needed to support today’s mobile devices. Businesses are turning to mobile device management (MDM) software to address the specific needs of consumer devices in the enterprise.
This guide explores the role of MDM software and features to consider as you evaluate mobile device management software. It also provides tips on avoiding potential pitfalls while you plan for an MDM implementation.

 

MDM software: Why it’s important and what it should include


MDM software has become an enterprise necessity. With so many mobile devices in the workplace, IT needs a way to manage policy, inventory and security, and MDM does just that.

The need for MDM software


According to a recent survey, 75% of IT managers noted that adequate support for mobile devices would require new security rules, 64% believe lost or stolen mobile devices pose a security threat, and 50% want to be able to restrict applications used on mobile devices. Fortunately, not all the news about mobile devices in the enterprise is negative. A Visiongain study found that business use of mobile devices can reduce demand for technical support by as much as 20%.

Another factor driving the adoption of a mobile device management (MDM) system is that many existing infrastructure and configuration management applications were not designed to support mobile devices. Sometimes an existing application can provide functions of MDM software. For example, Microsoft Exchange ActiveSync allows administrators to enforce BYOD policy and remotely wipe devices but lacks more advanced, and increasingly required, functions.

 

Common features of MDM software

MDM software provides at least basic functionality in four areas: policy enforcement and management, inventory management, security management and software distribution.
Policy enforcement is essential to protect business information assets. Of course this assumes you have the necessary policies defined, which include access control, acceptable use, encryption and data management policies.

Access control policies specify rules about which users can authenticate to a device and perform operations on that device. Corporate application users should be segmented into groups according to their roles and responsibilities. They should have the fewest privileges required to perform tasks associated with their roles. This is a best practice for information security more generally, but it extends to mobile device use by specifying which enterprise applications can be accessible to users of mobile devices. Don’t assume that because an individual has access to an application on a company-owned workstation, that person will have access to the application on a mobile device over an unsecured communication channel.
An acceptable use policy should define the types of apps that can run on mobile devices for business operations, and MDM software should enforce these rules. Some application agreements specify that a vendor can download contact information from a mobile device, and such agreements can result in corporate information leaks. Businesses need to have app control on mobile devices, and MDM software enables them to enforce access control and allowed application policies.
Common inventory management features include registering devices, assigning devices to groups, centralized dashboard reporting and billing tracking. Reporting services include a detailed description of devices.

Security management includes a range of capabilities, such as setting password requirements on devices, configuring virtual private network (VPN) settings, installing secure sockets layer (SSL) certificates for device authentication, enforcing encryption policies, disabling device features such as GPS and camera, and remotely wiping a device. Encryption and data management policies are important elements in securing enterprise data. MDM software can support the enforcement of full device encryption policies if needed. They can also provide isolated sandboxes for protected data. With this model, protected data is logically separated from other device data and removed when it is no longer needed. If a device is lost or stolen, this kind of data management can mitigate data leak risks. SSL certificates have long been used to authenticate servers and can now improve the security of enterprise systems accessed from smartphones and tablets by authenticating those devices.

Once mobile devices are in use, you need to support them. MDM software commonly features software distribution services and it often includes the ability to establish an enterprise app distribution service akin to an internal application marketplace. In addition to supporting an app marketplace, MDM software typically allows for patching and remote software distribution.

 

Advanced MDM software features to consider

As MDM software offerings improve, you can distinguish between the technologies based on more advanced features, including additional security controls, better data protection, software license management and bandwidth optimizations.

For IT departments, erasing the personal contents of an employee’s device isn’t necessarily a first choice. But if a device is lost or stolen and the only remote-wipe option that your MDM software offers is resetting to factory defaults, you may have a difficult choice to make. More advanced remote-wiping features can target enterprise data, which is segregated from personal data in a vault that allows you to erase sensitive information without affecting the personal contents of a device.

Malware developers rarely miss an opportunity to exploit potential vulnerabilities, such as widespread mobile device use. MDM software security features have improved and can include automatically updating virus definitions, scanning incoming files from mobile devices for malicious content, and blacklist filtering.

Unused software licenses incur unnecessary costs, but using unlicensed software is risky as well. MDM software that track and report on application use can identify the number of licenses in use, which enables administrators to determine the number of licenses needed. This can prevent admins from purchasing too many licenses while mitigating the risk of unlicensed application use.

In some locations, bandwidth can be limited. MDM software that can throttle bandwidth usage for management tasks can reduce the risk of undermining other applications’ performance.

 

Avoiding snags in mobile management system selection


Vendors’ marketing hype often depicts software as ideal for your environment’s mobile management system requirements. But in practice, problems can crop up. To avoid pitfalls in your MDM software assessment and deployment, consider the following suggestions:

  • Understand the requirements for MDM client software on devices. Some mobile device management (MDM) systems use agentless management, while others require agent-based management. Test an agent-based mobile management system on platforms you plan to support with a variety of applications to accurately assess the impact of the client software on the device.
  • Test full device encryption with supported apps. Encryption may interfere with the functions of some applications. It can be particularly challenging to test the full range of apps that employees have on their devices.
  • Segregate data types. If you want to avoid requiring full device encryption on employee-owned devices, use an MDM system that can segregate sensitive business data from personal data.
  • Understand the requirements for centralized components. These requirements may include management servers, proxies, relays and other supporting systems.
  • Test and evaluate. Determine whether the logging and reporting functions of the MDM technology are sufficient for your requirements.
  • Back up devices. If mobile devices store business data, they should be backed up. This is especially important for recovery of data on a lost or stolen device. Consider how the mobile management system you choose can back up mobile devices, the flexibility of the management console for defining backup scripts, the ability of backup operations to recover from interrupted sessions.
  • Integrate data. Consider how data from an MDM program can be integrated with other parts of your mobile management system. MDM systems may use relational databases and publish either data models or application programming interfaces for accessing detailed information on device inventory, configurations, and operations.

  • Finally, plan your mobile management system evaluation and implementation based on your specific requirements.

     

    Mobile device management system planning and policies


    Once you are ready to start evaluating a mobile device management system, outline security, data protection, access control and acceptable-use policies.
    While these policies don’t have to be detailed, you should have a clear understanding of the kinds of features you expect, such as full device encryption, data vaulting and so on. Also consider the mobile device management system functions and reporting capabilities you expect. If your current asset management and configuration management tools meet your needs, they can be a guide for the features you want from a mobile device management system.
    Next, determine which platforms that IT will support. The major mobile device offerings are Google’s Android, Apple’s iOS, Research In Motion’s BlackBerry and Microsoft’s Windows Phone.
    All OSes may support your email and collaboration applications, but a smaller number may offer the right apps for your enterprise applications. Consider whether the additional cost of supporting an OS with limited business functionality is worth the marginal benefit. Also consider how well the mobile device management system you may choose support different OSes. If an OS is not in high demand, does not support important business apps and lacks comprehensive support in an otherwise promising management system, you may choose to not support that platform. Use your policy and management-based requirements and your supported platform list to create a feature-by-platform matrix. This framework can organize the results of your product evaluations. Some features and platforms are more important than others, so weigh their relative importance.
    Evaluate the top-ranking product or products in limited tests. This process gives you an opportunity to assess issues with deploying server components, configuring MDM software, deploying agents, and performing basic operations, such as remotely configuring devices, performing backups on devices and generating operational reports.
    Mobile devices are now a part of enterprise infrastructure and a mobile device management system can provide the asset, configuration and security management functionality they require.

     

    Mobile device management system drawbacks

    For employers, a bring your own device (BYOD) policy can be advantageous because the company can consolidate hardware and reap some savings. For employees, using their own devices enables an easy shift between work and personal tasks.

    But two potential problems can undermine these advantages. If the policy and mobile device management system disrupt how employees use their devices, users will likely resist. If applications used for personal purposes do not work with full disk encryption, for example, employees will be forced to choose between using those apps and having access to enterprise systems. A second problem arises when policies appear overreaching. For example, employees may understand the need to register their devices but they may also hesitate to grant access to personal data or to allow an administrator to remotely disable device features, such as a camera or GPS.

    To prevent user revolt to BYOD policy, IT departments should limit restrictions on employee-owned devices to those needed to protect business assets and clearly describe the justification for these limitations. If possible, use a tiered approach: Allow access to public and sensitive data with minimal restrictions, but require more stringent controls only for devices accessing confidential and private information or working with valuable intellectual property.

    Source : Internet
     

    Tuesday, December 10, 2013

    The mouse that roared, and launched a PC revolution



    A look at the world's first mouse, which Douglas Engelbart and William English invented and which Engelbart introduced to the world 45 years ago today.

    Wednesday, March 20, 2013

    Types of Cloud Services

    Types of Cloud Services

    IaaS:{Infrastructure as a Service}
    • IaaS is moving from lower-risk pilot programs and into production environments.
    • Organisation's stated plans to adopt IaaS in the near future reinforce the importance of IaaS in an overall portfolio of infrastructure service offerings.
    PaaS:{Platform as a Service}
    • Platform as a service {PaaS}adoption clearly indicates the growing strategic importance of public cloud services for organisations that are adopting cloud infrastructure to support their business needs.
    • Current and anticipated adoption rates of PaaS are leading indicators of a more substantive move to cloud environments and represent an opportunity for service providers to deliver PaaS-oriented solutions to help their clients make this move.
    SaaS:{Software as a Service}
    • Software as serivce {SaaS}adoption,particularly in large enterprise application suites, will continue to reduce the total potential market available for application outsourcing.
    • SaaS adoption in the near term offers consulting and implementation services opportunities for IT services providers, as well as ongoing integration and configuration.
    • The move to SaaS will help drive additional revenue to the application outsourcing market by drawing applications to external,cloud-based implementations where they would otherwise be considered only for internal depolyment.


    Monday, October 22, 2012

    What is Thunderbolt technology and How it Function?

    1. Many of us aware of USB (Universal Serial Bus)port,which is used to plugin the Pen Drive to our System,is one of the fastest data access mechanism till date.A USB port allows you to plug in a device to your computer and instantly access it from the system(Operating System). Each USB port only allows one device (when you use a USB hub to extend it to support multiple devices, it is still theoretically a one-one connection) and whenever users buying their Laptops they always look toward the number of USB ports it have.Thunderbolt eliminates all these problems and adds a new dimension to how you connect your external devices to your computer.



    ThunderBolt Port

    2. Thunderbolt technology is a new emerging technology that work much better than the USB port, which allows you to easily chain multiple devices (up to 6 devices) together. All Thunderbolt devices use the same connector (unlike USB technology that uses a male – female type of connection), so you can connect one device to another with inter operable cables. You just need one Thunderbolt port to chain them all, and you don’t have to worry how many USB ports your computer comes with, and whether you need a USB hub or not.



    Thunderbolt-cable

    3. It is Developed by Intel (code name Light Peak), and brought to market with technical collaboration from Apple 2011 MacBook Pro. Thunderbolt technology is a new, high-speed, dual-protocol I/O technology designed for performance, simplicity, and flexibility. This high-speed data transfer technology features following things:

    • Dual-channel 10 Gbps per port

    • Bi-directional

    • Dual-protocol (PCI Express* and DisplayPort*)

    • Compatible with existing DisplayPort devices

    • Daisy-chained devices

    • Electrical or optical cables

    • Low latency with highly accurate time synchronization

    • Uses native protocol software drivers

    • Power over cable for bus-powered devices

    Must See This Video: Live Working Of Thunderbolt

    4. Thunderbolt technology enables use of the thinnest and lightest laptops and connecting to the extra power and performance of other devices when needed, using a single cable. Adding new performance devices is simple and easy—just plug and play—making Thunderbolt technology powerful and flexible.Thunderbolt technology was specifically designed with professional audio and video applications in mind, where the inherently low latency and highly accurate time synchronization features play a crucial role.

    Advantage Of Using Thunderbolt Technology

    1. It has ability to daisy chain multiple devices together is a job of Single Thunderbolt . The true advantage of Thunderbolt technology is the communication speed between itself and the connected devices. The Thunderbolt technology can transfer data at the rate of 10Gbps (compared to USB 2.0 – 120MBps and USB 3.0 – 400MBps).

    Architecture of Thunderbolt:



    ThunderBold PCI


    Thunderbolt_Block_Diagram


    ThunderboltLayout


    ThunerboltIC

    With the 10 Gbps performance of Thunderbolt products you can

    • Transfer a full-length HD movie in less than 30 seconds

    • Backup 1 year of continuous MP3 playback in just over 10 minutes

    2. That is how fast Thunderbolt technology is. What makes it even better is that it is bi-directional, which means that you can transfer and receive data at the same time, both with the same 10Gbps bandwidth. Best of all, the last device in the daisy chain will enjoy the full bandwidth as well. Imagine the massive library of music and videos you have in your computer, you can now transfer them in/out at lightning speed.




    Thunderbolt vs others

    • In Feature We Will See Thunderbolt Enable Monitors?

    1. In today’s technology, you still need a dedicated port to connect your monitor to the computer. Most of monitors having VGA, or DVI or the latest HDMI connection, still there is no way to connect HD-capable monitor to the USB port.

    2. The Thunderbolt port utilizes the DisplayPort protocol to deliver high display performance on your PC. With the use of adapter, it can also support the existing VGA, DVI, DisplayPort and HDMI interface. This means that you can now hook up your monitor onto the Thunderbolt port and enjoy HD performance.

    Benefits of Thunderbolt

    1. Users will get fast transfer speed that comes with Thunderbolt.

    2. Users can play in TB instead of MB,GB & take any typr of backup within second, or even do faster video editing.

    3. The size of PC will decrease ,because thunderbolt can replace traditional PCI Card Slot user don’t need dedicated slots for graphic card, sound card,Hard Drive or even a Gigabit ethernet card. All these hardware will exist as external devices and hook up via the Thunderbolt port in feature.

    Tuesday, June 26, 2012

    Hyper-V vs. VMware Comparison

    Hyper-V vs. VMware Comparison



    Choosing the right Virtualization software for your datacenter is a complex task. Microsoft's Hyper-V has become a formidable competitor to VMware, especially with Windows Server 2008 R2. So i thought we would share our experience via this comparison of VMware versus Hyper-V, the leading server virtualization solutions.

     
    Hyper-V versus VMware - Pricing


    If you already have a Windows Server 2008 OS platform, you can download Hyper-V Server at no cost. The only cost is for the System Center management framework. Microsoft includes management of physical and virtual environments along with Hyper-V and VMware.Hyper-V provides you with migration capabilities: Live Migration is included in Windows Server 2008 R2 at no extra charge. We are using it and can attest to R2's robustness. With VMware, VMotion in both Foundation and Standard editions, there is an additional charge if you want to add migration capabilities.

    Take a look at the following table, you will see side-by-side the cost comparison of Hyper-V vs VMware. All of VMware feature comparisons use Virtual Infrastructure Enterprise and most of its pricing comparisons use Virtual Infrastructure Foundation. Costs are for five physical servers. We've made the assumption that you've already paid for the host server OS in this comparison.




    Hyper-V R2 versus VMware - Feature Comparison



    The following chart compares VMware Enterprise core features with Microsoft Windows Server 2008 Hyper-V (r2) and System Center Management core features.



    VMI: VMware Infrastructure WS08: Windows Server 2008 R2

    VCB: VMware Consolidated Backup SMSE: System Center Server Management Suite
    VMM: Virtual Machine Manager DPM: Data Protection Manager
    WS08: Windows Server 2008 R2
    SMSE: System Center Server Management Suite

    DPM: Data Protection Manager

     
    Notes:



    With Microsoft, virtualization with Hyper-V was built into Windows Server 2008. For heavy Microsoft shops, this means tighter integration with your existing infrastructure and management tools. Since Hyper-V is part of Windows Server 2008, your IT staff will use it seamlessly because they are familiar with the Windows look-and-feel.


    Fewer virtual machines, in some situations, can be run on Hyper-V than you can on ESX Server, but Hyper-V is based on Windows Server 2008 and because of that you can run these machines on pretty well any hardware configuration, any hardware configuration that is designed to support Windows. You can only run VMware on maybe dozens or fewer number of server configurations than you can run Windows. That means that Hyper-V can be run on hundreds and hundreds, if not thousands, of configurations whereas because ESX Server, VMware is a more limited product because of that.


    One thing that Microsoft has done very well is that they have tried to add as many management tools for virtualization as possible and of course, the market leader in terms of virtualization management tools is VMware. Microsoft has almost as many tools as VMware in terms of virtualization management.


    Microsoft, by the way, just upgraded the number of cores that you can run with Hyper-V by releasing support for Intel’s new 6-core processors, so that means you can now run up to 24 cores.


    Microsoft supports a limited number of Linux distributions (today SUSE), so keep that in mind. If you have a wider number of platforms to support, VMware ESX is your choice.


    Hyper-V lets you manage virtual and physical environments and uses common deployment, provisioning, monitoring, and backup methodologies across both. VMware’s answer to management is to use Virtual Infrastructure Enterprise and Virtual Center, but even these tools won't allow to manage multiple hypervisors, physical resources or applications.




    Source: Internet


    Wednesday, April 4, 2012

    Daily Security Checklist

    Daily Security Checklist


    In today's connected world, hacking is a 24/7 business. Whether approaching it as a job or a hobby, hackers don't punch a clock. Maybe your company doesn't have the budget for 24/7 security managers, but that doesn't mean you should just give up on security.

    If your security staff is on a 9-to-5 schedule, your network can still remain secure in the 16 hours in-between. You just need to focus activities to provide maximum coverage for the network. Develop a methodical, comprehensive task list that provides the most efficient means of securing your network. To jump-start your planning, here's a sample list of basic tasks you should be sure to check off every day.

    MORNING


    After arriving at work, get some coffee, check your email, and do the following:

     Verify the current connections


    Inspect all the connections going through your firewall — both in and out. Look for anomalies and investigate them this could include outbound FTP or inbound Telnet/SSH sessions.

     Look at network traffic statistics


    How much activity took place while you weren't there? What type of traffic was it? What was the destination and source? Use Network monitoring to achieve this.

     Look at your antivirus logs


    Did a virus hit your email system last night? Are the antivirus signatures up to date?

    Check antivirus server logs, update logs, etc.

     Read the security logs on your domain servers


    Did the system lock out any accounts last night? Pay special attention to any accounts with

    Administrator access. Verify that lockouts were human error — and not part of a breach attempt.

     Check for new security patches


    Determine whether any of your vendors released patches for any software in your baseline. (If you don't have a baseline, I highly recommend developing one.) If a new patch is available, read the release notes thoroughly. Then, make a decision or recommendation whether to implement it now or wait for scheduled system downtime. Test the new patch roll on test environment, rather than implementing directly to production.

    AFTERNOON


    When you arrive back from lunch, there's still a lot left to do:

     Meet & Brief


    Managers like to know what's going on, so don't wait for them to ask — tell them. Meet and brief on anything that occurred during the evening and the actions you've taken so far. This is also a good time to pitch new ideas, such as tools that could help you defend the network or staff training.


     Check more logs


    Take an in-depth look at IDS, firewall, and Wireless devices logs .Who on the Internet is knocking on your door? What are they looking for? Who on the inside of your network is doing something they shouldn't be? If you find unauthorized and/or illegal activity, report it immediately and take action to stop it.


     Turn knowledge into action


    Now that you know what went on while you weren't there, develop an action plan to prevent the behavior in the future. Do you need to adjust your firewall rules? Is your IDS catching and reporting the proper events? Do you need to archive logs to save space on your servers? Do you need to give a final briefing on any actions that occurred during the last 24 hours?

     Final thoughts


    A lot of companies don't run 24/7 security operations, and sometimes you might be the only person providing security for a network. It's easy to get caught up in events and miss important items on your security checklist, but you'll never know what you're missing if you don't create a list in the first place. Network security shouldn't be reactionary — don't wait for events to drive you into action.

    The above list isn't complete, but it's a starting point. Create your own security to-do list that's specific to your organization's needs, and keep your security on track.