2 Itroductio: 10 Thigs Your Next Firewall Must Do Much has bee made about brigig applicatio visibility ad cotrol ito etwork security. The reaso is obvious: applicatios ca easily slip by traditioal port-based firewalls. Ad the value is obvious: employees use ay applicatio they eed to get their job doe ofte idifferet to the risk that use poses to the busiess. Nearly every etwork security vedor has ackowledged that applicatio cotrol is a icreasigly critical part of etwork security. While the ext-geeratio firewall (NGFW) is well defied by Garter as somethig ew, eterprisefocused, ad distict, may etwork security vedors are claimig NGFW is a subset of other fuctios (e.g., UTM or IPS). Most traditioal etwork security vedors are attemptig to provide applicatio visibility ad cotrol by usig a limited umber of applicatio sigatures supported i their IPS or other exteral database. But udereath, these capabilities are poorly itegrated ad their products are still based o legacy port-blockig techology, ot NGFW techology. Perhaps most importatly, these folks are missig the poit it s ot about blockig applicatios, but safely eablig them. Ufortuately, the products proffered by traditioal etwork security vedors igore much of what eterprises do with applicatios today they use them to eable their busiess ad as such, eed to make sure that those applicatios ru securely. It is obvious that a ext-geeratio firewall is a differet ad revolutioary class of product, but the iterest from eterprise customers is so strog that vedors of traditioal products are tryig to subvert the Defiitio: Next-geeratio firewall. iterest of eterprise etwork security team by attemptig to look like a NGFW. 5 Requiremets: 1. Idetify applicatios regardless of port, protocol, evasive tactic or SSL For eterprises lookig at NGFWs, the most importat cosideratio is: Will this ew techology empower security teams to securely eable applicatios to the beefit of the orgaizatio? Key questios to ask iclude: 2. Idetify users regardless of IP address 3. Protect i real-time agaist threats embedded across applicatios 4. Fie-graied visibility ad policy cotrol over applicatio access / fuctioality 5. Multi-gigabit, i-lie deploymet with o performace degradatio Will it icrease visibility ad uderstadig of applicatio traffic? Will it expad traffic cotrol optios beyod blut allow/dey? Will it help prevet threats? Will it elimiate the eed to compromise betwee performace ad security? Will it reduce costs for my orgaizatio? Will it make the job of risk maagemet easier or simpler? If the aswers to the above questios are yes, the trasitio is easy to justify. Page 2
3 There are substatial differeces betwee NGFWs ad UTM-style devices i terms of the kids of orgaizatio each targets, ad i terms of architecture ad security model. These differeces have dramatic impacts o real-world fuctios/features, operatios, ad performace as we ve attempted to capture i the te thigs sectio below. Architecture ad Security Model: Traffic is Best Classified i the Firewall I buildig ext-geeratio firewalls, security vedors have take oe of two architectural approaches: 1. Build applicatio idetificatio ito the firewall as the primary classificatio egie 2. Add applicatio sigatures to a IPS or IPS-like patter matchig egie which is the added to a port-based firewall Both ca recogize applicatios but with varyig degrees of success, usability, ad relevace. Most importatly, these architectural approaches dictate a specific security model for applicatio policies either positive (default dey), or egative (default allow). Firewalls use a positive security model. Aother term for it is default dey. Which meas that admiistrators write policies to ALLOW traffic (e.g., allow WebEx) ad the everythig else is deied or blocked. Negative policies (e.g., block Limewire) ca be used i this model, but the most importat fact is that the ed of the policy i a positive security model says, all else dey. Oe of the key implicatios of this approach is that all traffic must be classified i order to allow the appropriate traffic. So visibility of traffic is easy ad complete. Policies eable applicatios. Aother key result of this approach is that ay ukow traffic is, by default, deied. I other words, the best ext-geeratio firewall is a firewall. Itrusio prevetio systems (IPS) typically employ a egative security model, or default allow. Which meas that IPS idetifies ad blocks specific traffic (traditioally threats) ad everythig else is passed through. Traditioal etwork security vedors are addig applicatio sigatures to a IPS-style egie ad boltig it oto a traditioal port-based firewall. The result is a applicatio prevetio system. The applicatio cotrol is i a egative security model i other words, it s ot i a firewall. Implicatio: oe oly sees what is expressly looked for, ad ukow traffic is, by default, allowed. Page 3
4 While this paper is focused o the 10 specific thigs your ext (geeratio) firewall must do, kowledge of the architecture ad model as outlied above are prerequisites to uderstadig the differet capabilities of the differet products o the market ad their ability to deliver these fuctios. The te thigs discussed below represet some of the critical, specific requiremets we ve gathered from thousads of IT orgaizatios sice we bega sellig ext-geeratio firewalls i These are all real-world examples of requiremets that make the job of securig eterprise etworks easier, better, or simpler marketig hype aside. The 10 Thigs Your Next (Geeratio) Firewall Must Do There are three areas of differece security fuctios, operatios, ad performace. The security fuctioal elemets correspod to the efficacy of the security cotrols, ad the ability for eterprises to maage risk associated with etwork traffic. From a operatios perspective, the big questio is: where does applicatio policy live, ad how hard or complex is it to maage? The performace differece is simple: ca the firewall do what it s supposed to do at the throughput it s supposed to do it? The Te Thigs Your Next (Geeratio) Firewall Must Do are: 1. Idetify ad cotrol applicatios o ay port 2. Idetify ad cotrol circumvetors 3. Decrypt outboud SSL 4. Provide applicatio fuctio cotrol 5. Sca for viruses ad malware i allowed collaborative applicatios 6. Deal with ukow traffic by policy 7. Idetify ad cotrol applicatios sharig the same coectio 8. Eable the same applicatio visibility ad cotrol for remote users 9. Make etwork security simpler, ot more complex with the additio of applicatio cotrol. 10. Deliver the same throughput ad performace with applicatio cotrol active Page 4
5 1Your ext firewall must idetify ad cotrol applicatios o ay port, ot just stadard ports (icludig applicatios usig HTTP or other protocols) Busiess case: Applicatio developers o loger adhere to stadard port/protocol/applicatio mappig. More ad more applicatios are capable of operatig o o-stadard ports or are ca hop ports (e.g., istat messagig applicatios, peer-to-peer file sharig, or VOIP). Additioally, users are icreasigly savvy eough to force applicatios to ru over o-stadard ports (e.g., MS RDP, SSH). I order to eforce applicatio-specific policies where ports are icreasigly irrelevat, your ext firewall must assume that ay applicatio ca ru o ay port. This is oe of the fudametal chages i techology that made the NGFW a absolute ecessity. It was this chage to applicatios that made the positive cotrol of traditioal port-based firewalls obsolete. It also uderscores why a egative cotrol model ca t solve the problem. If a applicatio ca move to ay port, a product based o egative cotrol would have to ru all sigatures o tes of thousads of ports. Requiremets: This oe is simple if ay applicatio ca ru o ay port your ext firewall must classify traffic, by applicatio, o all ports all the time (see #4 ad #7). Otherwise, security cotrols will cotiue to be outwitted by the same techiques that have plagued them for years. 2 Your ext firewall must idetify ad cotrol circumvetors: proxies, remote access, ad ecrypted tuel applicatios Busiess case: Most orgaizatios have security policies ad cotrols desiged to eforce those policies. Proxies, remote access, ad ecrypted tuel applicatios are specifically used to circumvet security cotrols like firewalls, URL filterig, IPS, ad secure web gateways. Without the ability to cotrol these circumvetors, orgaizatios caot eforce their security policies, ad expose themselves to the very risks they thought their cotrols mitigated. To be clear, ot all of these types of applicatios are the same remote access applicatios have legitimate uses, as do some ecrypted tuel applicatios. But exteral aoymous proxies that commuicate over SSL o radom ports, or applicatios like Ultrasurf ad Tor have oly oe real purpose to circumvet security cotrols. Requiremets: There are differet types of circumvetio applicatios each usig slightly differet techiques. There are both public ad private exteral proxies (see proxy.org for a large database of public proxies) that ca use both HTTP ad HTTPS. Private proxies are ofte set up o uclassified IP addresses (e.g., home computers) with applicatios like PHProxy or CGIProxy. Remote access applicatios like MS RDP or GoToMyPC ca have legitimate use but due to the associated risk, should be maaged. Most other circumvetors, (e.g., Ultrasurf, Tor, Hamachi) do t have busiess uses. There are, of course, ukow circumvetors see #6 below. Regardless Page 5
6 of the policy stace, your ext firewall eeds to have specific techiques to deal with all of these applicatios, regardless of port, protocol, ecryptio, or other evasive tactic. Oe more cosideratio: these applicatios are regularly updated to make them harder to detect ad cotrol. So it is importat to uderstad ot oly that your ext firewall ca idetify these circumvetio applicatios, but also how ofte that firewall s applicatio itelligece is updated ad maitaied. 3Your ext firewall must decrypt outboud SSL Busiess case: Today, more tha 15% of etwork traffic is SSL-ecrypted (accordig to more tha 2,400 eterprise etwork traffic samples see Palo Alto Networks Applicatio Usage ad Risk Report for details). I some idustries (e.g., fiacial services), it s more tha 50%. Give the icreasig adoptio of HTTPS for may high-risk, high-reward applicatios that ed-users employ (e.g., Gmail, Facebook), ad users ability to force SSL o may websites, etwork security teams have a large ad growig blid spot without decryptig, classifyig, cotrollig, ad scaig SSL-ecrypted traffic. Certaily, a NGFW must be flexible eough that certai types of SSLecrypted traffic ca be left aloe (e.g., web traffic from fiacial services or health care orgaizatios) while other types (e.g., SSL o o-stadard ports, HTTPS from uclassified websites i Easter Europe) ca be decrypted via policy. Requiremets: The ability to decrypt outboud SSL is a foudatioal elemet ot just because it s a icreasigly sigificat percetage of eterprise traffic, but also because it eables a few other key features that would ed up icomplete or ieffective without the ability to decrypt SSL (e.g., cotrol of circumvetors - #2, applicatio fuctio cotrol - #4, scaig allowed applicatios - #5, ad cotrol of applicatios sharig the same coectio - #7). Key elemets to look for iclude recogitio ad decryptio of SSL o ay port, policy cotrol over decryptio, ad the ecessary hardware ad software elemets to perform SSL decryptio across tes of thousads of simultaeous SSL coectios with good performace ad high throughput. Page 6
7 4 Your ext firewall must provide applicatio fuctio cotrol (e.g., SharePoit Admi vs. SharePoit Docs) Busiess case: May applicatios have sigificatly differet fuctios, presetig differet risk profiles ad value to both the user, ad the orgaizatio. Good examples of this iclude WebEx vs. WebEx Desktop Sharig, Yahoo Istat Messagig vs. the file trasfer feature, ad regular Gmail vs. sedig attachmets. I regulated eviromets, or i orgaizatios heavily depedet o itellectual property this is a sigificat issue. Requiremets: Cotiuous classificatio ad fie-graied uderstadig of each applicatio. Your ext firewall has to cotiually evaluate the traffic ad watch for chages if a differet fuctio or feature is itroduced i the sessio, the firewall should ote it ad perform a policy check. Uderstadig the differet fuctios of each applicatio ad the differet associated risks is equally importat. Ufortuately, may firewalls classify a traffic flow oce, ad the fast path it (read: ever look at that flow agai) for better performace. This method pre-dates moder applicatios ad prevets those firewalls from meetig this requiremet. 5Your ext firewall must sca for threats i allowed collaboratio applicatios e.g., Sharepoit, Box.et, MS Office Olie Busiess case: Eterprises cotiue to adopt collaborative applicatios hosted outside their physical locatios. Whether it s hosted Sharepoit, Box.et, Google Docs, or Microsoft Office Live, or eve a extraet applicatio hosted by a parter, may orgaizatios have a requiremet to use a applicatio that shares files i other words, is a high-risk threat vector. May ifected documets are stored i collaboratio applicatios, alog with some documets that cotai sesitive iformatio (e.g., customers persoal iformatio). Furthermore, some of these applicatios (e.g., Sharepoit) rely o supportig techologies that are regular targets for exploits (e.g., IIS, SQL Server). Blockig the applicatio is t appropriate, but either is allowig a threat ito the orgaizatio. Requiremets: Part of safe eablemet is allowig a applicatio ad scaig it for threats. These applicatios ca commuicate over a combiatio of protocols (e.g., Sharepoit HTTPS ad CIFS, see requiremet #3), ad require a more sophisticated policy tha block applicatio. First step is to idetify the applicatio (regardless of port or ecryptio), allow it, ad the sca it for ay of the appropriate threats exploits, viruses/malware, or spyware or eve cofidetial, regulated, or sesitive iformatio. Page 7
8 6Your ext firewall must deal with ukow traffic by policy, ot by just lettig it through. Busiess case: There will always be ukow traffic ad it will always represet sigificat risks to ay orgaizatio. There are several importat elemets to cosider with ukow traffic miimizig it, easily characterizig custom applicatios so they are kow i etwork security policy, ad havig predictable visibility ad policy cotrol over traffic that remais ukow. Requiremets: First, by default, your ext firewall should attempt to classify all traffic this is oe area where the earlier architecture ad security discussio becomes very importat. Positive (default dey) models classify everythig, egative (default allow) models classify oly what they re told to classify. Secod, for custom developed applicatios, there should be a way to develop a custom idetifier so that traffic is couted amog the kow. Third, the security model plays ito these requiremets agai a positive (default dey) model ca dey all ukow traffic so what you do t kow ca t hurt you. A egative (default allow) model allows all ukow traffic so what you do t kow will hurt you. For example, may botets will use port 53 (DNS) for commuicatio back to their cotrol servers. If your ext firewall lacks the ability to see ad cotrol ukow traffic, bots will be able to drive right through, uimpeded. 7Your ext firewall must idetify ad cotrol applicatios sharig the same coectio Busiess case: Applicatios share sessios. To esure users are cotiuously usig a applicatio platform, whether it s Google, Facebook, Microsoft, salesforce, LikedI, or Yahoo, applicatio developers itegrate may differet applicatios which ofte have very differet risk profiles ad busiess value. Let s look at our earlier example of Gmail which has the ability to spaw a Google Talk sessio from withi the Gmail UI. These are fudametally differet applicatios, ad your ext firewall should recogize that, ad eable the appropriate policy respose for each. Requiremets: Simple classificatio of the platform or website does t work. I other words, fast path is ot a optio oce ad doe classificatio igores the fact that applicatios share sessios. Traffic must be cotiuously evaluated to uderstad the applicatio, its chages (see #5), whe the user chages to a completely differet applicatio usig the same sessio, ad eforce the appropriate policy cotrols. Lookig briefly at the techical requiremets usig our Gmail/Google Talk example: Gmail is by default HTTPS (see #3) so the first step is to decrypt but it has to be cotiuous, as does the applicatio classificatio, because at ay time, the user ca start a chat which may have a completely differet policy associated with it. Page 8
9 8Your ext firewall must eable the same applicatio visibility ad cotrol for remote users as for o-premise users Busiess case: Users are icreasigly outside the four walls of the eterprise. Oce the domai of road warriors, ow a sigificat portio of the eterprise user populatio is capable of workig remotely. Whether workig from a coffee shop, home, or a customer site, users expect to coect to their applicatios via WiFi, wireless broadbad, or ay meas ecessary. Regardless of where the user is, or eve where the applicatio they re employig might be, the same stadard of cotrol should apply. If your ext firewall eables applicatio visibility ad cotrol over traffic iside the four walls of the eterprise, but ot outside, it misses the mark o some of the riskiest traffic. Requiremets: Coceptually, this is simple your ext firewall must have cosistet visibility ad cotrol over traffic regardless of where the user is iside or outside. This is ot to say that eterprises will have the exact same policy for both some orgaizatios might wat employees to use Skype whe o the road, but ot iside headquarters, where others might have a policy that says if outside the office, users may ot dowload salesforce.com attachmets uless they have hard disk ecryptio tured o. This should be achievable o your ext firewall without itroducig sigificat latecy for the ed user, or udue operatioal hassle for the admiistrator, or sigificat cost for the orgaizatio. 9Your ext firewall must make etwork security simpler, ot more complex with the additio of applicatio cotrol. Busiess case: May eterprises struggle with icorporatig more iformatio feeds ad more policies, ad more maagemet ito already overloaded security processes ad people. I other words, if teams caot maage what they ve already got, addig more maagemet, policies, ad iformatio does t help. Furthermore, the more distributed the policy is (e.g., port-based firewall allows port 80 traffic, IPS looks for/blocks threats ad applicatios, secure web gateway eforces URL filterig) the harder it is to maage that policy. Where do admis go to eable WebEx? How do they resolve policy coflicts across these differet devices? Give that typical port-based firewall istallatios have rulebases that iclude thousads of rules, addig thousads of applicatio sigatures across tes of thousads of ports (see #3 above) is goig to icrease complexity by several orders of magitude. Requiremets: Firewall policy should be based o user ad applicatio. Subsequet cotet aalysis ca be performed o allowed traffic, but fudametal access cotrol should be based o relevat elemets (i.e., applicatio ad user or group). This ca have a sigificat simplifyig effect. Firewall policy based o port ad IP address, followed by subsequet aalysis to uderstad the applicatio makes thigs more complicated tha they are today. Page 9
10 10 Your ext firewall must deliver the same throughput ad performace with applicatio cotrol fully activated Busiess case: May eterprises struggle with the forced compromise betwee performace ad security. All too ofte, turig up security features i the etwork security realm meas turig dow throughput ad performace. If your ext-geeratio firewall is built the right way, this compromise is uecessary. Requiremets: The importace of architecture is obvious here too i a differet way. Cobblig together a port-based firewall ad other security fuctios from differet techology origis usually meas there are redudat etworkig layers, scaig egies ad policies which traslates to poor performace. From a software perspective, the firewall must be desiged to do this from the begiig. Furthermore, give the requiremet for computatioally itesive tasks (e.g., applicatio idetificatio) performed o high traffic volumes ad with the low tolerace for latecy associated with critical ifrastructure, your ext firewall should have hardware desiged for the task as well meaig dedicated, specific processig for etworkig, security (icludig SSL termiatio see #3), ad cotet scaig. Coclusio: Your Next Firewall Should Safely Eable Applicatios ad Busiess Users cotiue to adopt ew applicatios ad techologies ad the threats carried by them. I some orgaizatios, obstructig the adoptio of ew techologies ca be a career-limitig move. Eve whe it is t, applicatios are how employees get their jobs doe, or maitai productivity i the face of competig persoal ad professioal priorities. Because of this, safe eablemet is icreasigly the correct policy stace. But to safely eable these applicatios ad techologies, ad the busiess that rides atop them, etwork security teams eed to put i place the appropriate policies goverig use, but also cotrols capable of eforcig them. The te thigs described here are critical capabilities for puttig the ecessary cotrols i place especially i the face of a more varied ad rich applicatio ad threat ladscape. Without the etwork security ifrastructure to cope with that variety ad depth, security teams caot safely eable the ecessary applicatios ad maage risk for their eterprises. Page 10 Palo Alto Networks 232 E. Java Drive Suyvale, CA Sales Copyright 2012, Palo Alto Networks, The Network Security Compay, the Palo Alto Networks Logo, ad App-ID are trademarks of Palo Alto Networks, Ic. i the Uited States. All other trademarks, trade ames or service marks used or metioed herei belog to their respective owers. Palo Alto Networks reserves the right to chage, modify, trasfer, or otherwise revise this publicatio without otice. PAN_10T_031312
FME Server Security Table of Cotets FME Server Autheticatio - Access Cotrol Default Security Active Directory Trusted Autheticatio Guest User or Aoymous (u-autheticated) Loggig Out Authorizatio - Roles
10 REQUIREMENTS FOR YOUR NEXT GENERATION MANAGED CLOUD FIREWALL WHITE PAPER 1 10 Requirements for Your Next Generation Managed Cloud Firewall Introduction The Internet is ubiquitous for businesses today;
Securig the Virtualized Data Ceter with Next-Geeratio Firewalls November 2012 Palo Alto Networks: Securig the Virtualized Data Ceter with Next-Geeratio Firewalls Table of Cotets Executive Summary 3 Evolutio
ODBC Gettig Started With Sage Timberlie Office ODBC NOTICE This documet ad the Sage Timberlie Office software may be used oly i accordace with the accompayig Sage Timberlie Office Ed User Licese Agreemet.
Maual CCNA Domai 1 Compoets of the Cisco Uified Commuicatios Architecture Uified Commuicatios (UC) Eviromet Cisco has itroduced what they call the Uified Commuicatios Eviromet which is used to separate
Maual Security+ Domai 1 Network Security Every etwork is uique, ad architecturally defied physically by its equipmet ad coectios, ad logically through the applicatios, services, ad idustries it serves.
Itegrated Productio ad Ivetory Cotrol System MRP ad MRP II Framework of Maufacturig System Ivetory cotrol, productio schedulig, capacity plaig ad fiacial ad busiess decisios i a productio system are iterrelated.
The Moder Malware Review Aalysis of New ad Evasive Malware i Live Eterprise Networks 1st Editio, March 2013 THE MODERN MALWARE REVIEW MARCH 2013 TABLE OF CONTENTS Backgroud ad Goals 3 A Focus o Actioable
IT Support IT Support Premier Choice Iteret has bee providig reliable, proactive & affordable IT Support solutios to compaies based i Lodo ad the South East of Eglad sice 2002. Our goal is to provide our
10 Requirements for Your Next Generation Managed Cloud Firewall The Internet is ubiquitous for businesses today; it is required in order to communicate with customers, identify and nurture prospects, and
Maual Widows 7 Eterprise Desktop Support Techicia (70-685) 1-800-418-6789 Domai 1: Idetifyig Cause of ad Resolvig Desktop Applicatio Issues Idetifyig ad Resolvig New Software Istallatio Issues This sectio
Maual VMware Lesso 1: Uderstadig the VMware Product Lie I this lesso, you will first lear what virtualizatio is. Next, you ll explore the products offered by VMware that provide virtualizatio services.
CotactPro Desktop for Multi-Media Cotact Ceter CCT CotactPro (CP) is the perfect solutio for the aget desktop i a Avaya multimedia call ceter eviromet. CotactPro empowers agets to efficietly serve customers
Adoptio Date: 4 March 2004 Effective Date: 1 Jue 2004 Retroactive Applicatio: No Public Commet Period: Aug Nov 2002 INVESTMENT PERFORMANCE COUNCIL (IPC) Preface Guidace Statemet o Calculatio Methodology
Supply Chai Maagemet LOA Uiversity October 9, 205 Distributio D Distributio Authorized to Departmet of Defese ad U.S. DoD Cotractors Oly Aim High Fly - Fight - Wi Who am I? Dr. William A Cuigham PhD Ecoomics
Extedig Your Maagemet Reach to Remote Users White Paper LANDESK WHITE PAPER : Extedig Your Maagemet Reach to Remote Users Table of Cotets Executive Summary... 3 Obstacles to Cost-Effective Remote Maagemet...
Maual Widows Domai 1: Cofigurig Domai Name System (DNS) for Active Directory Cofigure zoes I Domai Name System (DNS), a DNS amespace ca be divided ito zoes. The zoes store ame iformatio about oe or more
IvetoryCotrol The Complete Ivetory Trackig Solutio for Small Busiesses Regular Logo 4C Productivity Solutios for Small Busiesses Logo Outlie Get i cotrol of your ivetory with Wasp Ivetory Cotrol the complete
Olie Bakig & The Iteret of Thigs Our icreasigly iteretcoected future will mea better bakig ad added security resposibilities for all of us. FROM DESKTOPS TO SMARTWATCHS Just a few years ago, Americas coducted
SOLUTION BRIEF FortiGuard Fortiet s Global Research ad Protectio itelligece represets kowledge of the idetity, capabilities, ad itetios of idividuals ad orgaizatios egaged i espioage, sabotage, or theft
10 Things Your Next Firewall Must Do Introduction Without question, your network is more complex than ever before. Your employees are accessing any application they want, using work or personal devices.
Eterprise Access Cotrol System Egieered for Flexibility Modular Solutio The Eterprise Access Cotrol System is a modular solutio for maagig access poits. Employig a variety of hardware optios, system maagemet
Maual ONT (642-8) 1-800-418-6789 Domai 1 - Describe Cisco VoIP Implemetatios Advatages of VoIP Over Traditioal Switches Voice over IP etworks have may advatages over traditioal circuit switched voice etworks.
BaaERP 5.0c Maufacturig Egieerig Data Maagemet Module Procedure UP128A US Documetiformatio Documet Documet code : UP128A US Documet group : User Documetatio Documet title : Egieerig Data Maagemet Applicatio/Package
3G Security VoIP Wi-Fi IP Telephoy Routig/Switchig Uified Commuicatios NetVata Busiess Networkig Solutios Opportuity to lower Total Cost of Owership ad improve Retur o Ivestmet The ADTRAN Advatage ADTRAN
QUADRO tech PST Flightdeck Put your PST Migratio o autopilot Put your PST Migratio o Autopilot A moder aircraft hardly remids its pilots of the early days of air traffic. It is desiged to eable flyig as
How to use what you OWN to reduce what you OWE Maulife Oe A Overview Most Caadias maage their fiaces by doig two thigs: 1. Depositig their icome ad other short-term assets ito chequig ad savigs accouts.
Uiceter TCPaccess FTP Server Release Summary r6.1 SP2 K02213-2E This documetatio ad related computer software program (hereiafter referred to as the Documetatio ) is for the ed user s iformatioal purposes
Documet Cotrol Solutios State of the art software The beefits of Assai Assai Software Services provides leadig edge Documet Cotrol ad Maagemet System software for oil ad gas, egieerig ad costructio. AssaiDCMS
PENSION ANNUITY Policy Coditios Documet referece: PPAS1(7) This is a importat documet. Please keep it i a safe place. Pesio Auity Policy Coditios Welcome to LV=, ad thak you for choosig our Pesio Auity.
Chapter 8 Key Ideas Hypothesis (Null ad Alterative), Hypothesis Test, Test Statistic, P-value Type I Error, Type II Error, Sigificace Level, Power Sectio 8-1: Overview Cofidece Itervals (Chapter 7) are
A Network Moitorig System with a Peer-to- Peer Architecture Paulo Salvador ad Rui Valadas Uiversity of Aveiro Istitute of Telecommuicatios Summary Motivatio Peer-to-peer architecture System elemets Data
iprox sesors iprox iductive sesors iprox programmig tools ProxView programmig software iprox the world s most versatile proximity sesor The world s most versatile proximity sesor Eato s iproxe is syoymous
CREATIVE MARKETING PROJECT 2016 The Creative Marketig Project is a chapter project that develops i chapter members a aalytical ad creative approach to the marketig process, actively egages chapter members
The Forgotte Middle Esurig that All Studets Are o Target for College ad Career Readiess before High School Executive Summary Today, college readiess also meas career readiess. While ot every high school
QUADRO tech FSA Migrator 2.6 File Server Migratios - Made Easy FSA Migrator Cosolidate your archived ad o-archived File Server data - with ease! May orgaisatios struggle with the cotiuous growth of their
Public Procuremet Practice STANDARD The decisio to lease or purchase should be cosidered o a case-by case evaluatio of comparative costs ad other factors. 1 Procuremet should coduct a cost/ beefit aalysis
Professioal Networkig 1. Lear from people who ve bee where you are. Oe of your best resources for etworkig is alumi from your school. They ve take the classes you have take, they have bee o the job market
FPO A global telecom s strategy for Caada A global telecom s strategy for Caada Global telecommuicatios compaies that support multi-atioal corporatios (MNC) are tasked with providig a cosistet cliet experiece
GOOD PRACTICE CHECKLIST FOR INTERPRETERS WORKING WITH DOMESTIC VIOLENCE SITUATIONS I the sprig of 2008, Stadig Together agaist Domestic Violece carried out a piece of collaborative work o domestic violece
Hadlig the Collectio Calls We do everythig we ca to stop collectio calls; however, i the early part of our represetatio, you ca expect some of these calls to cotiue. We uderstad that the first few moths
Desktop Maagemet 9 Desktop Maagemet Tools Mac OS X icludes three desktop maagemet tools that you might fid helpful to work more efficietly ad productively: u Stacks puts expadable folders i the Dock. Clickig
18 fast-track 18-Moth BACHELOR S DEGREE completio PROGRAMS Oe Goal. 18-Moths. Ulimited Opportuities. www.ortheaster.edu/cps Fast-Track Your Bachelor s Degree ad Career Goals Complete your bachelor s degree
For customers Key features of the Guarateed Pesio Auity The Fiacial Coduct Authority is a fiacial services regulator. It requires us, Aego, to give you this importat iformatio to help you to decide whether
Busiess Applicatio Services Busiess Applicatios that provide value to your eterprise. Sesiple s expertise ca help orgaizatio decode the performace issues ad trasform them ito valuable beefits that meet
Determiig the sample size Oe of the most commo questios ay statisticia gets asked is How large a sample size do I eed? Researchers are ofte surprised to fid out that the aswer depeds o a umber of factors
BaaERP A publicatio of: Baa Developmet B.V. P.O.Box 143 3770 AC Bareveld The Netherlads Prited i the Netherlads Baa Developmet B.V. 1999. All rights reserved. The iformatio i this documet is subject to
RealSetry TM SSL overview Advaced Protectio for Web Services SSL Accelerator Itrusio Detectio System Reverse Proxy Applicatio-Firewall Web services deploymet The pricipal reasos which delay the deploymet
CCH Accoutats Starter Pack We may be a bit smaller, but fudametally we re o differet to ay other accoutig practice. Util ow, smaller firms have faced a stark choice: Buy cheaply, kowig that the practice
BaaERP 5.0c A publicatio of: Baa Developmet B.V. P.O.Box 143 3770 AC Bareveld The Netherlads Prited i the Netherlads Baa Developmet B.V. 1999. All rights reserved. The iformatio i this documet is subject
Trustwave Leverages OEM Parterships to Deepe SIEM Market Peetratio Accelerated lauch of ew security appliaces delivers reveue growth with assist from UNICOM Egieerig ad Dell OEM Solutios Itroductio Trustwave
Departmet of Global Busiess ad Trasportatio A Itroductio to Logistics ad the Supply Chai Itroductio Cosider bottled water. Abstract Oft times I have foud that studets come ito a course that assumes they
The ERP Card-Solutio Xpoetial - It's about Itegratio The power, cotrol ad efficiecy of ERP combied with the ease-of-use ad fiacial beefits of a P-Card. TM poetial The ERP-Card Solutio P-Cards ad ERP For
Flood Emergecy Respose Pla This reprit is made available for iformatioal purposes oly i support of the isurace relatioship betwee FM Global ad its cliets. This iformatio does ot chage or supplemet policy
PUBLIC RELATIONS PROJECT 2016 The purpose of the Public Relatios Project is to provide a opportuity for the chapter members to demostrate the kowledge ad skills eeded i plaig, orgaizig, implemetig ad evaluatig
A Guide to Better Postal Services Procuremet A GUIDE TO better POSTAL SERVICES PROCUREMENT itroductio The NAO has published a report aimed at improvig the procuremet of postal services i the public sector
Ivestig i Stocks Ivestig i Stocks Busiesses sell shares of stock to ivestors as a way to raise moey to fiace expasio, pay off debt ad provide operatig capital. Ecoomic coditios: Employmet, iflatio, ivetory
STRATEGIC OUTCOMES PRACTICE TECHNICAL ADVISORY BULLETIN February 2011 FIRE PROTECTION SYSTEM INSPECTION, TESTING AND MAINTENANCE PROGRAMS www.willis.com Natioal Fire Protectio Associatio (NFPA) #25 a mai
Capgemii Immediate Istat. Flexible. Revolutioary. the way we see it Puttig Cloud security i perspective The move towards Cloud Computig will be see as oe of the defiig treds of 2010. There is growig acceptace
INVESTMENT PEFOMANCE COUNCIL (IPC) INVITATION TO COMMENT: Global Ivestmet Performace Stadards (GIPS ) Guidace Statemet o Calculatio Methodology The Associatio for Ivestmet Maagemet ad esearch (AIM) seeks
Research Method (I) --Kowledge o Samplig (Simple Radom Samplig) 1. Itroductio to samplig 1.1 Defiitio of samplig Samplig ca be defied as selectig part of the elemets i a populatio. It results i the fact
Predictive Modelig Data i the ACT Electroic Studet Record overview Predictive Modelig Data Added to the ACT Electroic Studet Record With the release of studet records i September 2012, predictive modelig
ANALYTICS Isights that drive your busiess Eterprises are trasformig their busiesses by supplemetig their databases with real ad up-to-date customer data. Aalytics, as a catalyst, refies raw data ad aligs
Idetity Theft is a form of fraud or Idetity theft cotiues to icrease every year ad has impacted millios of Americas. cheatig of aother perso s idetity i which someoe preteds to be someoe else by assumig
8 th Iteratioal Coferece o DEVELOPMENT AND APPLICATION SYSTEMS S u c e a v a, R o m a i a, M a y 25 27, 2 6 ADAPTIVE NETWORKS SAFETY CONTROL ON FUZZY LOGIC Vadim MUKHIN 1, Elea PAVLENKO 2 Natioal Techical
Office of the Privacy Commissioer of Caada PIPEDA Privacy Guide for Small Busiesses: The Basics Privacy is the best policy Hadlig privacy cocers correctly ca help improve your orgaizatio s reputatio. Whe
Skytro Asset Maager Meet Asset Maager Skytro Asset Maager is a wireless, pateted RFID asset trackig techology specifically desiged for hospital facilities to deliver istat ROI withi a easy to istall, fully
, pp.180-184 http://dx.doi.org/10.14257/astl.2014.53.39 Evaluatig Model for B2C E- commerce Eterprise Developmet Based o DEA Weli Geg, Jig Ta Computer ad iformatio egieerig Istitute, Harbi Uiversity of
1/5 The Frech Govermet has three objectives : > improve Frace s fiscal competitiveess > cosolidate R&D activities > make Frace a attractive coutry for iovatio Tax icetives have become a key elemet of public
TruStore: The storage system that grows with you Machie Tools / Power Tools Laser Techology / Electroics Medical Techology Everythig from a sigle source. Cotets Everythig from a sigle source. 2 TruStore
Verizo Wireless Broadbad Network Coectivity ad Data Trasport Solutios Verizo Wireless White Paper Cotets 1. Itroductio......................................................................................
Iformatio about Bakruptcy Isolvecy Service of Irelad Seirbhís Dócmhaieachta a héirea Isolvecy Service of Irelad Seirbhís Dócmhaieachta a héirea What is the? The Isolvecy Service of Irelad () is a idepedet