WhitePaper: Security "Point" Solutions are Not a 4 Letter Word:
|
|
- Bryan Brendan Stanley
- 8 years ago
- Views:
Transcription
1 Securty "Pont" Solutons are Not a 4 Letter Word: Why Purpose-Bult Solutons for Patch and Confguraton Management Contnue to be a Good Thng
2 Securty "Pont" Solutons are Not a 4 Letter Word: In recent years there has been a substantal amount of consoldaton n the IT securty ndustry. There were over 20 sgnfcant securty related acqustons n 2007 alone. Google acqured both Postn and Green Border, IBM bought Watchfre, HP bought SPI Dynamcs, Checkpont acqured Pontsec, Symantec snapped up Vontu, and there were plenty of others. Large vendors wth a healthy appette for acquston would have buyers of securty software beleve that ths consoldaton s a good thng; that bgger s better, that bult-n s tops, and that ndvdual best-of-breed pont products are a nusance to be avoded, a four letter word f you wll. Whle consoldaton can be a good thng, flyng the same corporate brand doesn t always equate to ntegraton or operatonal effcency. Patch management s a good example where an ndvdual pont soluton s not only desrable, but may be requred. Whle acquston-hungry vendors have tred to delver broader functonalty by addng patch management functon nto ther sutes, there wll always be a need for 3rd party patch management tools. There are a number of reasons why. Consoldaton of patch management functons s tough to do correctly. Sutes offered by the bg guys don't provde best-of-breed patch management capablty they lack patch content, patch-specfc targetng or patch reportng. Ths document s provded strctly as gude. provded or expected. The same stuaton exsts for securty confguraton management. Most sutes offer patch and confguraton management as part of a larger PC lfecycle management soluton. But these sutes lack the substance and depth to gve you confdence that your systems comply wth corporate securty polces or at least that you can prove your systems comply. There s certanly a case to be made for solutons that promse to streamlne complance costs and mprove your securty scorecard. But the false sense of securty that results from deployng a sute of ntegrated products can leave you wth msconfgured devces that expose data to explots and nternal msuse. Examples and sde effects of consoldaton gone wrong nclude a lack of any real ntegraton, slowng of patch management nnovaton and new releases, lack of flexblty, dmnshed focus on actual securty ssues, bg expensve bloatware when lghtweght focused solutons wll do better, and beng locked nto a specfc, nflexble, vendor specfc approach. Wth all of the consoldaton and nvestment n more expensve and larger systems, the end customers are not necessarly seeng any added value. Let s examne some of the ssues. Pag e 2
3 Securty "Pont" Solutons are Not a 4 Letter Word: Inherent bugs, weaknesses and securty vulnerabltes All operatng systems, applcatons, and even hardware have nherent bugs and weaknesses that can be exploted f operatng systems and applcatons are not patched or devces are msconfgured. That premse has exsted snce the begnnng of software development. It sn t gong to change anytme soon, at least not untl developers produce bug free code. Thrd party patch management products act as back up safety nets and address vulnerabltes that are bound to be present n larger systems. Whle securty vendors and technologes wll contnue to be acqured and mbedded wthn larger systems, new, best of breed patch management, confguraton management, and other securty solutons wll necessarly keep emergng to address the ongong and ever-changng securty threats. Bgger sn t always better In the wake of consoldaton, some acqurng vendors wll have you beleve that the best soluton s the one that covers the wdest range of IT tasks. Yes, breadth s mportant, but for confguraton and (especally for) patch management depth, completeness, and accuracy cannot be sacrfced for system wdth. A soluton that s a mle wde but only an nch deep won t provde the protecton needed by organzatons that are prme targets for attack. Ths document s provded strctly as gude. provded or expected. For nstance, vendors that prmarly provde network or systems management solutons are not really focused on securty, let alone the specfc aspect of patch or confguraton management. Securty s an afterthought or a checklst tem only. Whle they mght acqure varous patch management technologes and confguraton management tools and bolt them on top to gve the appearance of securty across a wde scope of applcatons, the companes themselves are focused on other thngs. Patch and confguraton management securty features from such vendors tend to langush and fall behnd. Most consoldated solutons lack real ntegraton It s very dffcult to correctly ntegrate multple technologes and products nto a cohesve soluton, or sute. Although there are exceptons, the ntegrated solutons offered by most vendors today are not really ntegrated at all. The features and technologes were developed by dfferent companes wth dfferng objectves, usng dfferent development teams, for dfferent threats. The varous packages have a myrad of dssmlar nterfaces and admnstraton styles. Pag e 3
4 Securty "Pont" Solutons are Not a 4 Letter Word: As any vendor who s attempted t wll testfy, t s ncredbly dffcult to take multple pont securty products and pece them together nto a cohesve whole wthout losng a substantal porton of the features and benefts. In those rare cases where a suppler wll actually spend the resources to properly ntegrate securty features such as patch management, t usually takes a number of years to pull t off. Unfortunately, by then new solutons are needed to meet the new and ever changng securty threats and the must be repeated. It s a vcous cycle to mantan and get rght. More often than not a number of dverse securty products are merely bundled together as a package. Ths knd of consoldaton hurts more than t helps. Need patch management depth & applcaton coverage Another crtcal ssue for patch management s depth and completeness of applcaton coverage. Mcrosoft s WSUS and any vendor s offerng that reles on the Wndows Update APIs only addresses Mcrosoft systems and applcatons. Unfortunately Mozlla Frefox, QuckTme, Adobe, Realplayer, to name just a few non-mcrosoft applcatons are realtes n most networks today. Whle custom scrpts can be created to help manage these non-mcrosoft applcatons, t s a very complcated task to do wthout the rght tools. To manage non-mcrosoft systems n a cost effectve manner requres a separate pont soluton lke Shavlk NetChk Protect. Ths document s provded strctly as gude. provded or expected. Lkewse, Mcrosoft WSUS and technologes that deploy agents can t easly manage systems that are offlne. Ths s a partcular challenge for large enterprses where at any gven moment there are potentally thousands of devces that are not connected to the network. Extraordnary steps must be taken to patch prevously offlne machnes as they go-onlne. Agan, t takes a best of breed pont product lke Shavlk NetChk Protect to effectvely admnster the patch management of offlne systems. Smple, sustanable patch and confguraton management are keys to success Another mportant consderaton regardng a sustanable patch and confguraton management soluton s the tme to mplement and manage large systems. A large scale Tvol, Openvew, or other large network management system can easly take 9 to 18 months to mplement, and several full tme admnstrators to keep t gong. Good pont products lke Shavlk NetChk Protect and Shavlk NetChk Complance Pag e 4
5 Securty "Pont" Solutons are Not a 4 Letter Word: on the other hand can be deployed and mantaned n a fracton of that tme, produces benefts mmedately, and requres mnmal staffng. Smplcty and ease of use means that you should be able to manage your envronment n ways that support your busness goals. Unless your patch management and confguraton management solutons are comprehensve yet smple enough to manage and sustan n a cost effectve manner, they are not servng your needs. Here are some mportant admnstraton ssues to consder when evaluatng patch management and confguraton management solutons: Ths document s provded strctly as gude. provded or expected. Smple, quck nstallaton and confguraton. Wth a reasonable knowledge of your network and ts assets, you should be able to complete the nstallaton and confguraton of a patch management or confguraton management soluton wthout havng to hre professonal servces from the vendor to be successful. If you cannot download, nstall, and perform the smplest assessment scannng a local machne n 30 mnutes, a red warnng flag should be rased. Polcy establshment and complance reportng. You must be able to easly establsh your patch management polces or confguraton baselne and assess how well you meet those polces. A contnuous, sustanable, ongong s the only way to prevent eroson of your securty status. Automated dscovery and assessment. The admnstraton nterface should dscover new systems on your network and quckly determne f the latest securty bulletns or vendor patches are needed and applcable for your organzaton. The soluton should also provde you wth an easy but effectve way to judge the prorty of vulnerabltes and devces that are out of complance. Quckly determne rsk level. The system should be able to quckly ascertan rsks and level of securty or conformty wth corporate polces for patch deployment and confguraton baselnes. Accuracy and trust. The rght soluton needs to provde an accurate assessment wthout dsplayng false postves or false negatves. It should also perform a deep assessment of patches to ensure accurate results, and t should be able to dentfy patches that have been reverted as well as understandng supersedence so t only dsplays what s needed. A soluton that can be fooled by ncomplete patch nstallatons or faulty regstry key settngs cannot be trusted. Pag e 5
6 Securty "Pont" Solutons are Not a 4 Letter Word: In depth reports. The user nterface and reports should provde real-tme ndcatons of the latest patch status. You should be able to quckly get a lst of top offendng machnes or machnes wth unauthorzed confguratons, applcatons, or out of date patches or software. Automated remedaton. Sustanable patch management and confguraton management must automate routne, mundane tasks such as remedaton and gve you vsblty nto how well those tasks have been accomplshed. Securty Focused. Is the soluton secure by default? Is all necessary traffc encrypted? Can the soluton be subverted by malcous users? The rght soluton needs to ensure that all senstve data s encrypted whle n transmsson. It also needs to employ multple securty checks to ensure the cannot be tampered wth. Defense n depth Another leadng reason for deployng purpose-bult pont solutons s to provde defense n depth. Deployng multple, varyng securty countermeasures has become standard practce for most hgh profle organzatons that are subject to specfc targeted attacks. Not only can 3rd party pont securty products provde backup defenses for other systems, they can be used to audt or valdate that systems are correctly confgured and that the securty s actually workng. Ths document s provded strctly as gude. provded or expected. Quck response tme to new securty threats s crucal Operatng systems and many applcatons that are so large and have such long development and release cycles that they can t possbly respond to the ever changng securty landscape. Snce IT securty threats are constantly emergng, often rapdly, t s not feasble for large systems such as operatng systems to respond to every new and emergng threat. Independent patch management and securty confguraton products that can emerge and adapt quckly must fll that role. Innovaton s drven by small, pont soluton provders Whle mature and unchangng patch and confguraton management features and technologes wll contnue to be acqured and mbedded wthn larger systems, new pont securty solutons wll keep emergng to address the ongong and ever changng securty threats. Most of the nnovaton n the IT securty ndustry comes from smaller companes such as Shavlk Technologes that are focused exclusvely on patch and vulnerablty management solutons. Pag e 6
7 Securty "Pont" Solutons are Not a 4 Letter Word: Securty developers who were acqured by larger IT companes ndcate that the larger IT focused organzatons see securty as merely a checklst tem that they can provde for ther customers. In that envronment nnovaton becomes an expense rather than an asset and therefore takes a back seat to other actvtes. Ths however s opposte for smaller companes who thrve only on nnovaton. They tend to lead wth nnovatve deas and products, contnuously brngng new pont patch management solutons to the marketplace. Fllng the gaps left by network management systems Pont products lke Shavlk NetChk Protect and Shavlk NetChk Complance fll the gaps left by other network management systems. Pont patch management products may not always replace other solutons lke Tvol, SMS, or WSUS, but they are great companon products, complementng and provdng mportant securty benefts otherwse not avalable. Ths document s provded strctly as gude. provded or expected. Whle products lke Tvol or Openvew do a lot to manage the patchng of crtcal systems, because they are not focused on securty they can t go as deep as pure pont securty products. For example, network management or operatng system products rarely f ever cover patch management needs for 100% of an organzaton s applcatons. There s almost always a percentage, typcally between 5 to 20 percent, of applcatons that don t get managed. Pont products address these areas. Don t get locked nto an nflexble, vendor specfc approach Relyng solely on a sngle, comprehensve PC lfecycle management soluton locks you nto an nflexble, vendor specfc approach. Effectve securty solutons requre a lot of flexblty. There are tmes when an agent-less soluton s best, just as there are stuatons where an agent-based soluton s the rght soluton. For maxmum flexblty, a combnaton of agent and agent-less archtecture allows you to protect servers, desktops, and laptops whether they are connected to a LAN, connected over VPN, or are on the Internet. You should also have the flexblty of scannng from ether a dstrbuted or from a centralzed source. Large enterprses wll frequently need to use both approaches n order to meet ther securty and management needs. Pag e 7
8 Securty "Pont" Solutons are Not a 4 Letter Word: Summary Whle the consoldaton trend wll contnue as redundant securty vendors combne and the more mature technologes get embedded wthn the general IT nfrastructure, t doesn t mean that a bgger, more expensve soluton s a better soluton. Wth all of the consoldaton and nvestment n more expensve and larger systems, the end customers are not necessarly seeng any added value as far as patch management s concerned. Unless consoldaton results n a more secure product, and one that s easer to admnster and sustan over the long haul, the consoldaton s of no beneft to end organzatons. Customers seekng qualty and complete solutons for ther patch management and confguraton management needs wll contnue to augment ther network management systems and operatng system tools wth 3rd party, best of breed pont products. In spte of how nce t would be for the operatng system or other large applcatons to handle all securty effcently and transparently, t cannot be. Thrd party pont securty products wll always be necessary, and to a sgnfcant extent. Ths document s provded strctly as gude. Not all pont securty products are four letter words. In your tme of need they just mght become your best frend. If you requred specalzed medcal care, you wouldn t want to rely on a generalst. You would want a certfed pont specalst who does nothng but focus on solvng the partcular threats to your health. The same holds true when t comes to patch management and securty confguraton management and protectng the health of your organzaton s nfrastructure. A pont soluton wll be your best opton. provded or expected. Pag e 8
HP Mission-Critical Services
HP Msson-Crtcal Servces Delverng busness value to IT Jelena Bratc Zarko Subotc TS Support tm Mart 2012, Podgorca 2010 Hewlett-Packard Development Company, L.P. The nformaton contaned heren s subject to
More informationVembu StoreGrid Windows Client Installation Guide
Ser v cepr ov dered t on Cl enti nst al l at ongu de W ndows Vembu StoreGrd Wndows Clent Installaton Gude Download the Wndows nstaller, VembuStoreGrd_4_2_0_SP_Clent_Only.exe To nstall StoreGrd clent on
More informationiavenue iavenue i i i iavenue iavenue iavenue
Saratoga Systems' enterprse-wde Avenue CRM system s a comprehensve web-enabled software soluton. Ths next generaton system enables you to effectvely manage and enhance your customer relatonshps n both
More informationIntroduction CONTENT. - Whitepaper -
OneCl oud ForAl l YourCr t c al Bus nes sappl c at ons Bl uew r esol ut ons www. bl uew r e. c o. uk Introducton Bluewre Cloud s a fully customsable IaaS cloud platform desgned for organsatons who want
More informationVRT012 User s guide V0.1. Address: Žirmūnų g. 27, Vilnius LT-09105, Phone: (370-5) 2127472, Fax: (370-5) 276 1380, Email: info@teltonika.
VRT012 User s gude V0.1 Thank you for purchasng our product. We hope ths user-frendly devce wll be helpful n realsng your deas and brngng comfort to your lfe. Please take few mnutes to read ths manual
More informationFor example, you might want to capture security group membership changes. A quick web search may lead you to the 632 event.
Audtng Wndows & Actve Drectory Changes va Wndows Event Logs Ths document takes a lghtweght look at the steps and consderatons nvolved n settng up Wndows and/or Actve Drectory event log audtng. Settng up
More informationMultitone Electronics Plc. delivering certainty
Multtone Electroncs Plc Multtone Electroncs Plc, Multtone House, Shortwood Copse Lane, Basngstoke, Hampshre, RG23 7NL Tel: +44 (0)1256 320292 Fax: +44 (0)1256 462 643 Emal: nfo@multtone.com Web: www.multtone.com
More informationCONTENTS Introduction... 3
Cuty ourm c r os of t Ex c hangeser v er s t or agec os t sbyupt o85% Howema lar c h v ngs ol ut onsex pand y ournat v eema lappl c at on' sc apab l t es CONTENTS Introducton... 3 Emal Storage Management...
More informationbenefit is 2, paid if the policyholder dies within the year, and probability of death within the year is ).
REVIEW OF RISK MANAGEMENT CONCEPTS LOSS DISTRIBUTIONS AND INSURANCE Loss and nsurance: When someone s subject to the rsk of ncurrng a fnancal loss, the loss s generally modeled usng a random varable or
More informationIT09 - Identity Management Policy
IT09 - Identty Management Polcy Introducton 1 The Unersty needs to manage dentty accounts for all users of the Unersty s electronc systems and ensure that users hae an approprate leel of access to these
More informationOne Click.. Ȯne Location.. Ȯne Portal...
New Addton to your NJ-HITEC Membershp! Member Portal Detals & Features Insde! One Clck.. Ȯne Locaton.. Ȯne Portal... Connect...Share...Smplfy Health IT Member Portal Benefts Trusted Advsor - NJ-HITEC s
More informationHosted Voice Self Service Installation Guide
Hosted Voce Self Servce Installaton Gude Contact us at 1-877-355-1501 learnmore@elnk.com www.earthlnk.com 2015 EarthLnk. Trademarks are property of ther respectve owners. All rghts reserved. 1071-07629
More informationBEST-IN-CLASS VENDOR COMPLIANCE BURLINGTON COAT FACTORY
BEST-IN-CLASS VENDOR COMPLIANCE BURLINGTON COAT FACTORY A best n class Vendor Complance program enabled Burlngton Coat Factory to gan control of ther supply chans by provdng accountablty for vendors and
More informationAn Alternative Way to Measure Private Equity Performance
An Alternatve Way to Measure Prvate Equty Performance Peter Todd Parlux Investment Technology LLC Summary Internal Rate of Return (IRR) s probably the most common way to measure the performance of prvate
More informationStudy on Model of Risks Assessment of Standard Operation in Rural Power Network
Study on Model of Rsks Assessment of Standard Operaton n Rural Power Network Qngj L 1, Tao Yang 2 1 Qngj L, College of Informaton and Electrcal Engneerng, Shenyang Agrculture Unversty, Shenyang 110866,
More informationA powerful tool designed to enhance innovation and business performance
A powerful tool desgned to enhance nnovaton and busness performance The LEGO Foundaton has taken over the responsblty for the LEGO SERIOUS PLAY method. Ths change wll help create the platform for the contnued
More informationMULTIVAC Customer Portal Your access to the MULTIVAC World
MULTIVAC Customer Portal Your access to the MULTIVAC World 2 Contents MULTIVAC Customer Portal Introducton 24/7 Accessblty Your ndvdual nformaton Smple and ntutve Helpful and up to date Your benefts at
More informationDEFINING %COMPLETE IN MICROSOFT PROJECT
CelersSystems DEFINING %COMPLETE IN MICROSOFT PROJECT PREPARED BY James E Aksel, PMP, PMI-SP, MVP For Addtonal Informaton about Earned Value Management Systems and reportng, please contact: CelersSystems,
More informationActivity Scheduling for Cost-Time Investment Optimization in Project Management
PROJECT MANAGEMENT 4 th Internatonal Conference on Industral Engneerng and Industral Management XIV Congreso de Ingenería de Organzacón Donosta- San Sebastán, September 8 th -10 th 010 Actvty Schedulng
More information1.1 The University may award Higher Doctorate degrees as specified from time-to-time in UPR AS11 1.
HIGHER DOCTORATE DEGREES SUMMARY OF PRINCIPAL CHANGES General changes None Secton 3.2 Refer to text (Amendments to verson 03.0, UPR AS02 are shown n talcs.) 1 INTRODUCTION 1.1 The Unversty may award Hgher
More informationTraffic State Estimation in the Traffic Management Center of Berlin
Traffc State Estmaton n the Traffc Management Center of Berln Authors: Peter Vortsch, PTV AG, Stumpfstrasse, D-763 Karlsruhe, Germany phone ++49/72/965/35, emal peter.vortsch@ptv.de Peter Möhl, PTV AG,
More informationCapacity-building and training
92 Toolkt to Combat Traffckng n Persons Tool 2.14 Capacty-buldng and tranng Overvew Ths tool provdes references to tranng programmes and materals. For more tranng materals, refer also to Tool 9.18. Capacty-buldng
More informationTransforming the Field Force: How Accenture Can Help Companies Improve Service Quality While Reducing Operating Costs
Transformng the Feld Force: How Accenture Can Help Companes Improve Servce Qualty Whle Reducng Operatng Costs Introducton Companes today face many challenges n ther pursut of growth. For some organzatons,
More informationHollinger Canadian Publishing Holdings Co. ( HCPH ) proceeding under the Companies Creditors Arrangement Act ( CCAA )
February 17, 2011 Andrew J. Hatnay ahatnay@kmlaw.ca Dear Sr/Madam: Re: Re: Hollnger Canadan Publshng Holdngs Co. ( HCPH ) proceedng under the Companes Credtors Arrangement Act ( CCAA ) Update on CCAA Proceedngs
More informationIntra-year Cash Flow Patterns: A Simple Solution for an Unnecessary Appraisal Error
Intra-year Cash Flow Patterns: A Smple Soluton for an Unnecessary Apprasal Error By C. Donald Wggns (Professor of Accountng and Fnance, the Unversty of North Florda), B. Perry Woodsde (Assocate Professor
More informationEnterprise Content Management
Enterprse Content Management for the Laboratory Jm Mller Drector of Informatcs and Software Aglent Technologes Branden Humphrey Global Data Archve Program Manager Pfzer Global Research The content exploson
More informationElectronic Document Management
tem no 14- THE CTY OF EDNBURGH COUNCL Electronc Document Management Executve of the Councl 7th October 2003 y. 1 1. 2 2.1 2.2 2.3 2.4 2.5 Purpose of report To approve a preferred suppler and proposed way
More informationTo manage leave, meeting institutional requirements and treating individual staff members fairly and consistently.
Corporate Polces & Procedures Human Resources - Document CPP216 Leave Management Frst Produced: Current Verson: Past Revsons: Revew Cycle: Apples From: 09/09/09 26/10/12 09/09/09 3 years Immedately Authorsaton:
More informationGENESYS BUSINESS MANAGER
GENESYS BUSINESS MANAGER e-manager Onlne Conference User Account Admnstraton User Gude Ths User Gude contans the followng sectons: Mnmum Requrements...3 Gettng Started...4 Sgnng On to Genesys Busness Manager...7
More informationSmall pots lump sum payment instruction
For customers Small pots lump sum payment nstructon Please read these notes before completng ths nstructon About ths nstructon Use ths nstructon f you re an ndvdual wth Aegon Retrement Choces Self Invested
More informationCanon NTSC Help Desk Documentation
Canon NTSC Help Desk Documentaton READ THIS BEFORE PROCEEDING Before revewng ths documentaton, Canon Busness Solutons, Inc. ( CBS ) hereby refers you, the customer or customer s representatve or agent
More informationLIFETIME INCOME OPTIONS
LIFETIME INCOME OPTIONS May 2011 by: Marca S. Wagner, Esq. The Wagner Law Group A Professonal Corporaton 99 Summer Street, 13 th Floor Boston, MA 02110 Tel: (617) 357-5200 Fax: (617) 357-5250 www.ersa-lawyers.com
More informationFault tolerance in cloud technologies presented as a service
Internatonal Scentfc Conference Computer Scence 2015 Pavel Dzhunev, PhD student Fault tolerance n cloud technologes presented as a servce INTRODUCTION Improvements n technques for vrtualzaton and performance
More informationHow To Get A Tax Refund On A Retirement Account
CED0105200808 Amerprse Fnancal Servces, Inc. 70400 Amerprse Fnancal Center Mnneapols, MN 55474 Incomng Account Transfer/Exchange/ Drect Rollover (Qualfed Plans Only) for Amerprse certfcates, Columba mutual
More informationAnswer: A). There is a flatter IS curve in the high MPC economy. Original LM LM after increase in M. IS curve for low MPC economy
4.02 Quz Solutons Fall 2004 Multple-Choce Questons (30/00 ponts) Please, crcle the correct answer for each of the followng 0 multple-choce questons. For each queston, only one of the answers s correct.
More informationEfficient Project Portfolio as a tool for Enterprise Risk Management
Effcent Proect Portfolo as a tool for Enterprse Rsk Management Valentn O. Nkonov Ural State Techncal Unversty Growth Traectory Consultng Company January 5, 27 Effcent Proect Portfolo as a tool for Enterprse
More informationA G E N E R A L I Z E D H Y B R I D F I X E D I N C O M E AT T R I - B U T I O N M O D E L
A N D R E W C O L I N A N D K ATA L I N K I S S A G E N E R A L I Z E D H Y B R I D F I X E D I N C O M E AT T R I - B U T I O N M O D E L F L A M E T R E E T E C H N O L O G I E S P T Y LT D Copyrght
More informationOn the Optimal Control of a Cascade of Hydro-Electric Power Stations
On the Optmal Control of a Cascade of Hydro-Electrc Power Statons M.C.M. Guedes a, A.F. Rbero a, G.V. Smrnov b and S. Vlela c a Department of Mathematcs, School of Scences, Unversty of Porto, Portugal;
More informationCloud Auto-Scaling with Deadline and Budget Constraints
Prelmnary verson. Fnal verson appears In Proceedngs of 11th ACM/IEEE Internatonal Conference on Grd Computng (Grd 21). Oct 25-28, 21. Brussels, Belgum. Cloud Auto-Scalng wth Deadlne and Budget Constrants
More informationFeature selection for intrusion detection. Slobodan Petrović NISlab, Gjøvik University College
Feature selecton for ntruson detecton Slobodan Petrovć NISlab, Gjøvk Unversty College Contents The feature selecton problem Intruson detecton Traffc features relevant for IDS The CFS measure The mrmr measure
More informationSQUARE Project: Cost/Benefit Analysis Framework for Information Security Improvement Projects in Small Companies
SQUARE Project: Cost/Beneft Analyss Framework for Informaton Securty Improvement Projects n Small Companes System Qualty Requrements Engneerng (SQUARE) Team Nck (Nng) Xe Nancy R. Mead, Advsor Contrbutors:
More informationPower-of-Two Policies for Single- Warehouse Multi-Retailer Inventory Systems with Order Frequency Discounts
Power-of-wo Polces for Sngle- Warehouse Mult-Retaler Inventory Systems wth Order Frequency Dscounts José A. Ventura Pennsylvana State Unversty (USA) Yale. Herer echnon Israel Insttute of echnology (Israel)
More informationEffective Network Defense Strategies against Malicious Attacks with Various Defense Mechanisms under Quality of Service Constraints
Effectve Network Defense Strateges aganst Malcous Attacks wth Varous Defense Mechansms under Qualty of Servce Constrants Frank Yeong-Sung Ln Department of Informaton Natonal Tawan Unversty Tape, Tawan,
More informationWhat is Candidate Sampling
What s Canddate Samplng Say we have a multclass or mult label problem where each tranng example ( x, T ) conssts of a context x a small (mult)set of target classes T out of a large unverse L of possble
More informationTime Value of Money. Types of Interest. Compounding and Discounting Single Sums. Page 1. Ch. 6 - The Time Value of Money. The Time Value of Money
Ch. 6 - The Tme Value of Money Tme Value of Money The Interest Rate Smple Interest Compound Interest Amortzng a Loan FIN21- Ahmed Y, Dasht TIME VALUE OF MONEY OR DISCOUNTED CASH FLOW ANALYSIS Very Important
More informationA Replication-Based and Fault Tolerant Allocation Algorithm for Cloud Computing
A Replcaton-Based and Fault Tolerant Allocaton Algorthm for Cloud Computng Tork Altameem Dept of Computer Scence, RCC, Kng Saud Unversty, PO Box: 28095 11437 Ryadh-Saud Araba Abstract The very large nfrastructure
More informationFinancial Mathemetics
Fnancal Mathemetcs 15 Mathematcs Grade 12 Teacher Gude Fnancal Maths Seres Overvew In ths seres we am to show how Mathematcs can be used to support personal fnancal decsons. In ths seres we jon Tebogo,
More informationM-applications Development using High Performance Project Management Techniques
M-applcatons Development usng Hgh Performance Project Management Technques PAUL POCATILU, MARIUS VETRICI Economc Informatcs Department Academy of Economc Studes 6 Pata Romana, Sector, Bucharest ROMANIA
More informationSurvey on Virtual Machine Placement Techniques in Cloud Computing Environment
Survey on Vrtual Machne Placement Technques n Cloud Computng Envronment Rajeev Kumar Gupta and R. K. Paterya Department of Computer Scence & Engneerng, MANIT, Bhopal, Inda ABSTRACT In tradtonal data center
More informationConstruction Rules for Morningstar Canada Target Dividend Index SM
Constructon Rules for Mornngstar Canada Target Dvdend Index SM Mornngstar Methodology Paper October 2014 Verson 1.2 2014 Mornngstar, Inc. All rghts reserved. The nformaton n ths document s the property
More informationCLOUD COMPUTING AUDIT
U.P.B. Sc. Bull., Seres C, Vol. 77, Iss. 3, 2015 ISSN 2286-3540 CLOUD COMPUTING AUDIT Georgana MATEESCU 1, Valentn SGÂRCIU 2 Ths paper presents a personal approach of conductng the audt process n cloud
More informationVision Mouse. Saurabh Sarkar a* University of Cincinnati, Cincinnati, USA ABSTRACT 1. INTRODUCTION
Vson Mouse Saurabh Sarkar a* a Unversty of Cncnnat, Cncnnat, USA ABSTRACT The report dscusses a vson based approach towards trackng of eyes and fngers. The report descrbes the process of locatng the possble
More informationSPONSOR BROCHURE. WINning combinations for precision cancer medicine. Symposium
2014 Symposum WINnng combnatons for precson cancer medcne Breakthrough bomarker nvestgatons and combned therapeutc approaches SPONSOR BROCHURE Pars, France, June 23-24, 2014 1. GENERAL SYMPOSIUM INFORMATION
More informationA Secure Password-Authenticated Key Agreement Using Smart Cards
A Secure Password-Authentcated Key Agreement Usng Smart Cards Ka Chan 1, Wen-Chung Kuo 2 and Jn-Chou Cheng 3 1 Department of Computer and Informaton Scence, R.O.C. Mltary Academy, Kaohsung 83059, Tawan,
More informationAN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE
AN APPOINTMENT ORDER OUTPATIENT SCHEDULING SYSTEM THAT IMPROVES OUTPATIENT EXPERIENCE Yu-L Huang Industral Engneerng Department New Mexco State Unversty Las Cruces, New Mexco 88003, U.S.A. Abstract Patent
More informationCalculating the high frequency transmission line parameters of power cables
< ' Calculatng the hgh frequency transmsson lne parameters of power cables Authors: Dr. John Dcknson, Laboratory Servces Manager, N 0 RW E B Communcatons Mr. Peter J. Ncholson, Project Assgnment Manager,
More informationOservce Vs. Sannet - Which One is Better?
o rcng n Compettve Telephony Markets Yung-Mng L nsttute of nformaton Management Natonal Chao Tung Unversty, Tawan 886-3-57111 Ext 57414 yml@mal.nctu.edu.tw Shh-Wen Chu nsttute of nformaton Management Natonal
More informationSPECIALIZED DAY TRADING - A NEW VIEW ON AN OLD GAME
August 7 - August 12, 2006 n Baden-Baden, Germany SPECIALIZED DAY TRADING - A NEW VIEW ON AN OLD GAME Vladmr Šmovć 1, and Vladmr Šmovć 2, PhD 1 Faculty of Electrcal Engneerng and Computng, Unska 3, 10000
More informationMethodology to Determine Relationships between Performance Factors in Hadoop Cloud Computing Applications
Methodology to Determne Relatonshps between Performance Factors n Hadoop Cloud Computng Applcatons Lus Eduardo Bautsta Vllalpando 1,2, Alan Aprl 1 and Alan Abran 1 1 Department of Software Engneerng and
More informationUncrystallised funds pension lump sum payment instruction
For customers Uncrystallsed funds penson lump sum payment nstructon Don t complete ths form f your wrapper s derved from a penson credt receved followng a dvorce where your ex spouse or cvl partner had
More informationPRODUCT AND SERVICES OVERVIEW. The elements for assessing and growing leadership talent
PRODUCT AND SERVICES OVERVIEW The elements for assessng and growng leadershp talent 1 Who s The Booth Company? We are the publsher and admnstrator of 360 degree feedback surveys based on the Task Cycle,
More informationLinear Circuits Analysis. Superposition, Thevenin /Norton Equivalent circuits
Lnear Crcuts Analyss. Superposton, Theenn /Norton Equalent crcuts So far we hae explored tmendependent (resste) elements that are also lnear. A tmendependent elements s one for whch we can plot an / cure.
More information1. Math 210 Finite Mathematics
1. ath 210 Fnte athematcs Chapter 5.2 and 5.3 Annutes ortgages Amortzaton Professor Rchard Blecksmth Dept. of athematcal Scences Northern Illnos Unversty ath 210 Webste: http://math.nu.edu/courses/math210
More informationObjectives How Can Pharmacy Staff Add to the Accountability of ACO s?
Objectves How Can Pharmacy Staff Add to the Accountablty of ACO s? Sandra Van Trease Group Presdent, BJC HealthCare Presdent, BJC HealthCare ACO, LLC The speaker has no conflct of nterest to declare. 1.
More informationDesign and Development of a Security Evaluation Platform Based on International Standards
Internatonal Journal of Informatcs Socety, VOL.5, NO.2 (203) 7-80 7 Desgn and Development of a Securty Evaluaton Platform Based on Internatonal Standards Yuj Takahash and Yoshm Teshgawara Graduate School
More informationMultiple-Period Attribution: Residuals and Compounding
Multple-Perod Attrbuton: Resduals and Compoundng Our revewer gave these authors full marks for dealng wth an ssue that performance measurers and vendors often regard as propretary nformaton. In 1994, Dens
More informationACKNOWLEDGEMENTS. Core Operational Guidelines for Telehealth Services Involving Provider-Patient Interactions
Cor eoper at onal Gu del nes f ort el eheal t hser v c esi nv ol v ng Pr ov der Pat enti nt er ac t ons May201 4 ACKNOWLEDGEMENTS The Amercan Telemedcne Assocaton (ATA) wshes to express sncere apprecaton
More informationHelp is a tou ch of a button away. Telecare - keeping you safe and independent in your own home. i Personal emergency equipment
Help s a tou ch of a button away Telecare - keepng you safe and ndependent n your own home Personal emergency equpment 24/7 moble response - ncludng a dgnty savng lftng servce Professonal support Welcome
More informationexpress why choose Interlink Express? invest in your future
I nt er l nke x pr es spa r c el sl m t ed sas ubs da r yofdpdgr oupukl m t ed express nvest n your future why choose Interlnk Express? If you re consderng becomng a franchse holder wth one of the UK s
More informationCISCO SPA500G SERIES REFERENCE GUIDE
CISCO SPA500G SERIES REFERENCE GUIDE Part of the Csco Small Busness Pro Seres, the SIP based Csco SPA504G 4-Lne IP phone wth 2-port swtch has been tested to ensure comprehensve nteroperablty wth equpment
More informationANALYZING THE RELATIONSHIPS BETWEEN QUALITY, TIME, AND COST IN PROJECT MANAGEMENT DECISION MAKING
ANALYZING THE RELATIONSHIPS BETWEEN QUALITY, TIME, AND COST IN PROJECT MANAGEMENT DECISION MAKING Matthew J. Lberatore, Department of Management and Operatons, Vllanova Unversty, Vllanova, PA 19085, 610-519-4390,
More informationGMA/FPA SmartBrief. ASTA SmartBrief. The premier source of daily news delivered to the desktops of travel agents and executives.
GMA/FPA SmartBref ASTA SmartBref The premer source of daly news delvered to the desktops of travel agents and executves. GMA/FPA SmartBref 2011 Meda Kt Subscrber Profle Reach Travel Agency Professonals
More informationThe Greedy Method. Introduction. 0/1 Knapsack Problem
The Greedy Method Introducton We have completed data structures. We now are gong to look at algorthm desgn methods. Often we are lookng at optmzaton problems whose performance s exponental. For an optmzaton
More informationGenetic Algorithm Based Optimization Model for Reliable Data Storage in Cloud Environment
Advanced Scence and Technology Letters, pp.74-79 http://dx.do.org/10.14257/astl.2014.50.12 Genetc Algorthm Based Optmzaton Model for Relable Data Storage n Cloud Envronment Feng Lu 1,2,3, Hatao Wu 1,3,
More informationA system for real-time calculation and monitoring of energy performance and carbon emissions of RET systems and buildings
A system for real-tme calculaton and montorng of energy performance and carbon emssons of RET systems and buldngs Dr PAAIOTIS PHILIMIS Dr ALESSADRO GIUSTI Dr STEPHE GARVI CE Technology Center Democratas
More informationBig Data Analytics on Acquisition Issues of Public Healthcare
96 Int'l Conf. on Advances n Bg Data Analytcs ABDA'15 Bg Data Analytcs on Acquston Issues of Publc Healthcare A. Habo Wang 1, B. Chenhu Zhou 1, C. We Wang 1 and D. Yaquan Xu 2 1 Sanchez School of Busness,
More informationCourse outline. Financial Time Series Analysis. Overview. Data analysis. Predictive signal. Trading strategy
Fnancal Tme Seres Analyss Patrck McSharry patrck@mcsharry.net www.mcsharry.net Trnty Term 2014 Mathematcal Insttute Unversty of Oxford Course outlne 1. Data analyss, probablty, correlatons, vsualsaton
More informationCERTIFICATION PROGRAMS YOU ARE INVITED TO JOIN THE INDUSTRY ELITE
CERTIFICATION PROGRAMS YOU ARE INVITED TO JOIN THE INDUSTRY ELITE ASA delvers four prestgous certfcaton programs Certfed Staffng Professonal The CSP program features rgorous content focused on employment
More informationSUPPLIER FINANCING AND STOCK MANAGEMENT. A JOINT VIEW.
SUPPLIER FINANCING AND STOCK MANAGEMENT. A JOINT VIEW. Lucía Isabel García Cebrán Departamento de Economía y Dreccón de Empresas Unversdad de Zaragoza Gran Vía, 2 50.005 Zaragoza (Span) Phone: 976-76-10-00
More informationFORMAL ANALYSIS FOR REAL-TIME SCHEDULING
FORMAL ANALYSIS FOR REAL-TIME SCHEDULING Bruno Dutertre and Vctora Stavrdou, SRI Internatonal, Menlo Park, CA Introducton In modern avoncs archtectures, applcaton software ncreasngly reles on servces provded
More informationRob Guthrie, Business Initiatives Specialist Office of Renewable Energy & Environmental Exports
Fnancng Solar Energy Exports Rob Guthre, Busness Intatves Specalst Offce of Renewable Energy & Envronmental Exports Export-Import Bank of the U.S. Independent, self-fundng fundng agency of the U.S. government
More informationWEBSENSE WEB SECURITY SUITE QUICK START GUIDE
WEBSENSE WEB SECURITY SUITE QUICK START GUIDE Websense Web Securty Sute Websense Web Securty Sute Corporate Edton Websense Web Securty Sute Lockdown Edton Websense Web Securty Sute Lockdown Corporate Edton
More informationThe Development of Web Log Mining Based on Improve-K-Means Clustering Analysis
The Development of Web Log Mnng Based on Improve-K-Means Clusterng Analyss TngZhong Wang * College of Informaton Technology, Luoyang Normal Unversty, Luoyang, 471022, Chna wangtngzhong2@sna.cn Abstract.
More informationEnterprise Master Patient Index
Enterprse Master Patent Index Healthcare data are captured n many dfferent settngs such as hosptals, clncs, labs, and physcan offces. Accordng to a report by the CDC, patents n the Unted States made an
More informationMETHODOLOGY TO DETERMINE RELATIONSHIPS BETWEEN PERFORMANCE FACTORS IN HADOOP CLOUD COMPUTING APPLICATIONS
METHODOLOGY TO DETERMINE RELATIONSHIPS BETWEEN PERFORMANCE FACTORS IN HADOOP CLOUD COMPUTING APPLICATIONS Lus Eduardo Bautsta Vllalpando 1,2, Alan Aprl 1 and Alan Abran 1 1 Department of Software Engneerng
More informationDynamic Fleet Management for Cybercars
Proceedngs of the IEEE ITSC 2006 2006 IEEE Intellgent Transportaton Systems Conference Toronto, Canada, September 17-20, 2006 TC7.5 Dynamc Fleet Management for Cybercars Fenghu. Wang, Mng. Yang, Ruqng.
More information7.5. Present Value of an Annuity. Investigate
7.5 Present Value of an Annuty Owen and Anna are approachng retrement and are puttng ther fnances n order. They have worked hard and nvested ther earnngs so that they now have a large amount of money on
More informationThursday, December 10, 2009 Noon - 1:50 pm Faraday 143
1. ath 210 Fnte athematcs Chapter 5.2 and 4.3 Annutes ortgages Amortzaton Professor Rchard Blecksmth Dept. of athematcal Scences Northern Illnos Unversty ath 210 Webste: http://math.nu.edu/courses/math210
More informationSTRATEGIC PLAN TORINO METROPOLI 2025
Tor nopl an Sc ent f ccomm t t ee FI RSTMEETI NG Tur n, 910J anuar y2014 STRATEGIC PLAN TORINO METROPOLI 2025 In July 2012, Mayor Fassno launched Torno s thrd Strategc Plannng effort. After a perod of
More informationTime Value of Money Module
Tme Value of Money Module O BJECTIVES After readng ths Module, you wll be able to: Understand smple nterest and compound nterest. 2 Compute and use the future value of a sngle sum. 3 Compute and use the
More informationIP Telefoni. DHCP Options VLANs
IP Telefon DHCP Optons VLANs The Csco IP Phone attempts to contact the frst call processng server (the prmary server) lsted n ts confguraton fle to regster. If ths fals, the IP phone moves to the next
More informationGR-303 Solution For Access Gateways
GR-303 Soluton for Access Gateways GR-303 Soluton For Access Gateways Verson 1.0 October 2003 Page 1 of 18 GR-303 Soluton for Access Gateways COPYRIGHT Ths materal s the propretary property of and confdental
More informationTrivial lump sum R5.0
Optons form Once you have flled n ths form, please return t wth your orgnal brth certfcate to: Premer PO Box 2067 Croydon CR90 9ND. Fll n ths form usng BLOCK CAPITALS and black nk. Mark all answers wth
More informationCHOLESTEROL REFERENCE METHOD LABORATORY NETWORK. Sample Stability Protocol
CHOLESTEROL REFERENCE METHOD LABORATORY NETWORK Sample Stablty Protocol Background The Cholesterol Reference Method Laboratory Network (CRMLN) developed certfcaton protocols for total cholesterol, HDL
More informationA Parallel Architecture for Stateful Intrusion Detection in High Traffic Networks
A Parallel Archtecture for Stateful Intruson Detecton n Hgh Traffc Networks Mchele Colajann Mrco Marchett Dpartmento d Ingegnera dell Informazone Unversty of Modena {colajann, marchett.mrco}@unmore.t Abstract
More informationPolitecnico di Torino. Porto Institutional Repository
Poltecnco d Torno Porto Insttutonal Repostory [Artcle] A cost-effectve cloud computng framework for acceleratng multmeda communcaton smulatons Orgnal Ctaton: D. Angel, E. Masala (2012). A cost-effectve
More informationThe Safety Board recommends that the Penn Central Transportation. Company and the American Railway Engineering Association revise
V. RECOWNDATONS 4.! The Safety Board recommends that the Penn Central Transportaton Company and the Amercan Ralway Engneerng Assocaton revse ther track nspecton and mantenance standards or recommended
More informationM3S MULTIMEDIA MOBILITY MANAGEMENT AND LOAD BALANCING IN WIRELESS BROADCAST NETWORKS
M3S MULTIMEDIA MOBILITY MANAGEMENT AND LOAD BALANCING IN WIRELESS BROADCAST NETWORKS Bogdan Cubotaru, Gabrel-Mro Muntean Performance Engneerng Laboratory, RINCE School of Electronc Engneerng Dubln Cty
More informationAnalyzing Self-Defense Investments in Internet Security Under Cyber-Insurance Coverage
Analyzng Self-Defense Investments n Internet Securty Under Cyber-Insurance Coverage Ranjan Pal Department of Computer Scence Unv. of Southern Calforna Emal: rpal@usc.edu Leana Golubchk Department of Computer
More informationMission Oriented Business Integration Services (MOBIS) FSC Group: 874 Class: R499
General Servces Admnstraton Federal Supply Servce Authorzed Federal Supply Schedule Prce Lst Msson Orented Busness Integraton Servces (MOBIS) FSC Group: 874 Class: R499 On-lne access to contract orderng
More information