A Learning Model for Intrusion Prevention
Worms, viruses, and other intrusion attacks are becoming increasingly sophisticated and harder to detect, making network security an ever-increasing corporate challenge. Intrusion Prevention System (IPS) technology is quickly becoming a must-have threat-management tool for today's IT administrators.
I recently talked with David Lavenda, chief marketing officer for V-Secure Technologies (http://www.v-secure.com), about the latest release in V-Secure's line of intrusion-prevention appliances—V-Secure IPS 8.0. Typically, there are two camps of IPS technologies: content-based, which uses a footprint or signature to identify threats, and behavior-based, which studies normal network traffic patterns to detect intrusion attempts.
V-Secure IPS 8.0 integrates new signature-based functionality with the company's adaptive, behavior-based network security technology to create a true hybrid IPS. The appliance studies your normal network behavior and traffic patterns and when it detects abnormal behavior, denies network access to those packets. The fuzzy-logic–based decision engine has adaptive capabilities that let the appliance continually tune itself to changing threat characteristics. By integrating signature-based threat-detection methods with the appliance's behavior-based detection technology, V-Secure IPS 8.0 provides protection against a variety of threats without restricting legitimate traffic.
High Availability Requires More Than Just Clustering
When I sat down with representatives from The Neverfail Group (http://www.neverfailgroup.com) to learn about its "cluster-class" product, Neverfail Heartbeat, I was prepared with questions about how it compared with other clustering products. I learned that it takes more than clustering to truly meet the goals of immediate failover and high availability.
Neverfail implements only an active-passive cluster. However, in addition to its Heartbeat technology, the vendor offers Neverfail SCOPE and application-specific modules for Microsoft Exchange Server, SQL Server, file servers, SharePoint Portal Server, and IIS. SCOPE helps you configure your OS and applications according to best practices. The application-specific modules automate monitoring for and fixing common problems prior to failover. This prevention-oriented troubleshooting, then failover, approach addresses the high-availability problem instead of providing only a clustering solution.
Best of TechEd
Windows IT Pro Technical Director Michael Otey and I judged the Best of Show Awards at TechEd in June to identify the best products the market has to offer. We spoke with more than 30 finalists across 11 categories. AMD, exhibiting its dual-core and 64-bit CPU technologies, took overall Best of Show for both the Editor's Pick and the Attendee's Pick, making it the big winner.
We also liked two other hardware products: Motion Computing's LE1600 Tablet PC and the HP ProLiant DL580 G3 server. The LE1600 won Best of TechEd in the Most Innovative Product category. With a wide-angle screen, detachable keyboard, thumbprint reader for biometric authentication, and as much as 1.5GB of RAM, the LE1600 is a great mobile workstation. The DL580 G3 server won Best of TechEd in the Hardware Solutions category. The DL580 G3 is a redundant and scalable server platform.
Developers and DBAs will be excited about Red Gate Software's SQL Developer Bundle and Identify Software's AppSight. SQL Developer Bundle took the award in the Database Development category and includes tools to compare and synchronize data and schemas between two databases. AppSight won in the Development Tools category. AppSight lets you record data about how your application is running and can even show you a movie of what specific users see on screen.
We evaluated some products that end users will appreciate. ProClarity's Analytics Platform, a tool for data visualization, won in the Business Intelligence category. Skelta Software's SharePoint Workflow Accelerator won in the Software Components and Middleware category. SharePoint Workflow Accelerator integrates workflows into Microsoft SharePoint Services to coordinate tasks that involve multiple users. Adomo Voice Messaging for Exchange was awarded Best of TechEd in the Messaging category. Adomo puts voicemail messages in your Microsoft Exchange Server Inbox for complete email and voicemail integration. Quest Software's Quest Collaboration Services for Exchange won in the Productivity and Collaboration category. It syncs Exchange Global Address Lists (GALs) and free/busy data between Exchange organizations without establishing a trust relationship.
Of course, we found some fantastic products for administrators, too. Extended Systems' OneBridge Mobile Data Suite was awarded Best of TechEd in the Mobile Solutions category. OneBridge helps to track and control mobile devices and extends enterprise applications to them. EIQNetworks' Network Security Analyzer took the award in the Security category. It provides real-time monitoring for threat detection and compliance. The award in the Systems Management category went to Configuresoft's Enterprise Configuration Manager. ECM provides cross-platform management and monitoring for clients and servers.