Building Carrier-Grade On-Device Network Management Systems. An Enterprise Management Associates White Paper October 2007

Size: px
Start display at page:

Download "Building Carrier-Grade On-Device Network Management Systems. An Enterprise Management Associates White Paper October 2007"

Transcription

1 On-Device Network Management Systems An Enterprise Management Associates White Paper October 2007

2 Table of Contents Introduction...1 New Services Increase Network Complexity...1 Enterprise and Carrier Requirements are Converging...1 Network Management Design Challenges...1 High Availability...1 Scalability and Performance...2 Security...2 Fine-grained Control and Logging...3 Data Consistency and Integrity...3 Change Automation...4 Rapid Development...5 Conclusion...5

3 Introduction The key issues involved in developing on-device network management systems for carrier-grade enterprise and operator networks are the same for any other networked resource, only with more complexity and built-in restrictions due to the limited space and processing capabilities inherent to these types of devices. The requirements for on-device network management systems will be reviewed in the context of the business and technical expectations of network operators that drive these requirements and their ever changing network environmental demands. Increasing levels of complexity and converging industry requirements are the key factors that are continuing to shape this unique industry segment. New Services Increase Network Complexity Modern networks have become increasingly sophisticated platforms for delivering data, voice, video, and wireless services. Network management systems must adapt to meet new challenges. The old paradigm of humans administering networks with a set and forget approach is long gone. Customer expectations for network performance have never been higher. Users want applications and services available in their homes, offices, and everywhere between without interruption or limitations. Network operators and equipment vendors are working hard to make this a reality. Competitive and economic forces are also affecting the networking industry. While the cost for the network equipment itself has been squeezed over many years, the cost for deploying new services and maintaining the networks has increased dramatically. Service providers and enterprises are constantly looking to reduce the operating cost of their networks as a means to become more competitive. Enterprise and Carrier Requirements are Converging Interestingly, the challenges facing CIOs of enterprises often mirror those of commercial service providers. Larger enterprise networks have many similarities with service provider networks. For example, the five-nines expectation for telco equipment has now crossed into the enterprise as Voice over Internet Protocol (VoIP) penetration explodes. Users rightly expect a dial tone every time they pick up the phone whether it comes over a Time-Division Multiplexing (TDM) or an IP network. Network Management Design Challenges The developers of networking equipment and their network management systems must meet or exceed the expectations of network operators in an environment that is increasingly complicated. The number of network devices and their form factors are proliferating. In addition to appliances and Advanced Telecommunications Computing Architecture (ATCA) compliant chassis products, blade servers are being increasingly adopted for networking applications. The growth in the number of network devices requires multiple devices to be configured and supported for flexible high availability frameworks. The number and complexity of required northbound management interfaces is also increasing. In addition to simple network management protocol (SNMP) and command line interface (CLI) agents, web and NETCONF/ Extensible Markup Language (XML) interfaces are increasingly expected on most network devices. All these management interfaces must be synchronized to ensure consistency. Flexible provisioning and frequent re-configuration is needed to support multi-service networks. As if this was not enough, developers of networking equipment must bring complete solutions to market in less time, with constrained resources, and often using distributed teams responsible for modular components of the overall system. High Availability Up until recently, network management was not high on a network operator s punch list for ensuring continuous availability. However, as networks become dependent on frequent software updates and dynamic service provisioning, this is changing. Building a highly available network management application requires a powerful software fabric with capabilities including database replication, support for masterslave heart beat, full redundancy, hot failover, multiple levels of security access controls, complete analytical drill-down functionality and of course a full line of reporting capabilities.

4 It is common for chassis-based network devices to have a separate management card managing individual line cards as shown in Figure 1. This capability requires an application programming interface (API) to make it possible for the management cards to manage resources on other hosts. Figure 1 Dual management cards should have the capability to be configured to ensure high availability, master-slave heart beat, and full redundancy. All configuration changes are always written to both management cards and when re-configuring the master all data is also replicated to the slave. Upon a failure of the master, the system will switch over to the slave and the slave will become active in the system. Some form of alerting, or warning, mechanism is necessary to notify network operations staff of the event and subsequent change in operational status of the device. Additionally, drill-down analytics is a necessity for the network operations staff enabling them to dive into the heart of any network event and ascertain the true cause and nature of the event. With this type of architecture it is also possible to upgrade the system without bringing down the entire service or device. To deliver redundancy in a scalable fashion, data replication should be possible from a single master to N number of slaves where N is not arbitrarily limited. Slave units or redundant devices could be physically located anywhere on the network. Control of the master, slaves, and redundant devices should be from a single console window. The same console window will also be the central alert / notification display mechanism for this type of network management architecture. Scalability and Performance Carrier-grade network management applications must have the capability to monitor, provision, and configure very large networks without impacting service delivery. The first problem is storing large numbers of configuration parameters. In a large complex network the number of configuration parameters can be in the millions. This implies the need for a large, robust, real-time data store that can scale linearly without performance degradation. The problem is much more difficult at the network device level where memory and processing resources are limited and not easily expanded without additional hardware additions. The best solution is to use a data store that is optimized for configuration and operational data as well as the types and database transactions specific to network management. The second issue is the performance and scalability of the transaction engine that manages the communication stream to end devices. To implement a configuration change in a large network implies the need for a transaction engine that can scale to tens of thousands of operations per minute. The growing use of XML data for configuration management requires the data streaming process in the transaction engine be highly tuned to these performance needs. In order to address growing need for scalable performance, some networking products are based on blade servers and stackable appliances as a means of delivering scalable performance. Both these approaches share the benefit of having the capability to add capacity without disrupting the network. The challenge is for the configuration management system to operate without any dependency on the hardware configuration. For example, each blade in a cluster should be unaware of the fact that it is running in a clustered environment. One of the blades must be dynamically assigned a management role and network administrators must have visibility to all network devices as they are added on the fly. This later capability is sometimes referred to as a cluster join. Security Simple password protection is not enough for a carrier-grade network management system. With a high incidence of severe threats and attacks on information assets, security has become a priority at the highest levels inside an organization. In addition to mitigating threats to mission-critical network systems, network operators and enterprises must also comply with a wide range of regula-

5 tions that require them to implement and verify the effectiveness of security information management controls. The first step in providing appropriate security is user authentication. A user must present credentials, such as a password or a public key, in order to gain access. The ability to support security solutions based on protocols such as Remote Authentication Dial-In User Service (RADIUS) and Lightweight Directory Access Protocol (LDAP) is an important option for any good authentication system. A remote authentication server will typically store both the users login credentials and their group information that can be applied to authorizing their access rights. The second step in the security model is for authorization to be performed. Even though a set of credentials are presented and confirmed as being acceptable, there s still the question of what actions, tasks, changes, etc. are to be allowed under the scope of those credentials. Once a user is properly and successfully authenticated, all operations performed by that user must be authorized by the appropriate access control source inside the organization. The internal access control source must confirm that the credentials presented are in fact authorized to perform the operation intended. If they are, then the intended operation is allowed to be performed. If those credentials don t have the necessary permissions or access control rights to perform the requested operation, then the request is denied. Accounting and auditing is the third major leg of the traditional AAA (authentication, authorization and accounting) services needed for robust security. When logins fail, access controls are denied, or unauthorized changes are attempted, those events must be recorded and reported to the appropriate authorities. There in lies the need for strong, robust, reporting and auditing capabilities that can take on many forms, i.e. compliance reports (Sarbanes-Oxley, HIPPA), forensic analysis, and billing. Since many network managements systems include a web interface, it is also important that the embedded web server does not expose the system to security vulnerabilities. Considerations here include using HTTPS for all secure communications between the client and the server plus avoiding cross-site scripting and caching configuration values. Fine-grained Control and Logging The ability to allow identified users or user groups to perform specific tasks is important in any large network and is the corner stone of a role-based system of administration. To provide true fine-grained control over which users or groups can execute particular actions requires authorization control of commands, data access and device access. Figure 2 As illustrated in Figure 2, role-based access control allows users to change while roles remain constant. When responsibilities for network administration are organized by seniority, geography, or line of business, role-based access control is very beneficial. Providers of managed services also need such granular control. Here the need is for multi-tenanted access to the network management application. Individual clients of a managed security gateway, for example, must be able to view their virtualized security policies and only make changes to rules and data that only affect their organization. Data Consistency and Integrity It is highly advantageous to have a single view, or window, of all sessions in all the northbound interfaces. As a result, access rules and audit trails can be uniformly applied by the CLI and web interfaces. To ensure data consistency, a carrier-grade network management system must guarantee that configuration changes made in any of the management interfaces are either entirely

6 completed or aborted and properly rolled back thereby ensuring that the integrity of the configuration, and ultimately the network, is maintained. Figure 3 Traditionally, network management applications have used stovepipe architecture as depicted in Figure 3. Here each management interface talks to managed objects using its own software adaptors and APIs. This cumbersome approach not only strains development resources, but also risks compromising configuration integrity. Ideally, backplane software should set up a transaction for every committed configuration change from northbound interfaces. It then should talk to all affected managed objects in a specific order, waiting for them to acknowledge that the change has been accepted and duly processed and successfully completed. If any of the managed objects returns an error (e.g., failed to set a specific configuration parameter in the routing stack), the backplane ensures that any changes made up to that point are completely and successfully rolled back. Figure 4 illustrates an architecture based on a single unified backplane or transaction engine. Figure 4 The use of a synchronous subscription API plays a useful role in ensuring data integrity. This allows managed objects to receive a notification over a subscription socket when configuration data changes. Each subscription should have a priority and the subscribers are notified in that priority order. A Dynamic Host Configuration Protocol (DHCP) server configuration change is an example of where ordered notifications are of significant value to the integrity of the network as a whole. If both the IP address of the network device, as well as some additional changes to the DHCP server configuration are performed in a single configuration change, it is imperative that the DHCP configuration code receives the configuration change after the IP interface manager code has acted on the change and changed address on the network device. Otherwise, there is a potential conflict in the consistency and overall integrity of the configuration of network devices versus the information contained in any particular server or configuration source. Change Automation Managing operating expenses is critical to the success of both service providers and IT organizations responsible to enterprise networks. Network administration is one of the many functions that make up the planning, deployment, management, and maintenance of networks. Network administration costs are significant both as direct expenses and as a by-product of configuration errors that can cause service outages or severe performance impacts. Service disruptions carry a significant toll in terms of organizational productivity, negative PR, and potential customer churn. Until recently the alternatives for configuration management such as manual configuration, CLI scripting, and SNMP faced multiple limitations. For a complete discussion of these issues read Tail-f Systems whitepaper Next Generation Network Management with NETCONF. The NETCONF standard for automated configuration was finalized by the Internet Engineering Task Force (IETF) in December of 2006 as Requests for Comment (RFC) This Remote Procedure Call (RPC)- based protocol uses XML data encoding for configuration data and protocol messages that are exchanged between a manager and an agent. NETCONF includes robust features to ensure that configuration changes are made consistently across all network devices. For example, a configuration change will only be committed if no errors occur. If errors

7 do occur the changes will be automatically rolled back. This is illustrated in Figure 5. NETCONF frees network management applications and data stores from the overhead and complexity of dealing with data consistency safeguards at the protocol level. Equipment vendors and network operators are adopting NETCONF to facilitate scalable deployments of networks without the risks of disruptive configuration errors. The need for NETCONF is also being driven by the inherent complexity of networks and the explosion in the number and variety of network devices. Today many services require network devices to be changed in one single transaction. Rapid Development Network operators are under pressure to quickly bring innovative services to their customers and users. Network equipment vendors therefore require enabling technologies to shorten development time and minimize sustaining engineering overhead. There are several time-to-market bottlenecks affecting network management software. Where northbound interfaces are not tightly coupled, additions and changes to applications and managed objects are multiplied several fold as each management interface must be addressed independently. The need for increased code integration and testing among management interfaces is another negative byproduct of a stovepipe architecture. Interfaces between software modules usually have higher than average bug rates. In addition, an uncoupled architecture undermines the benefits of using distributed development teams by creating interdependencies at every stage of the development process. Ideally, developers share the same data store of managed objects and that data store allows individual developers to add or delete items in the configuration without impacting other developers. But at the same time, there s a need to monitor and control items that are changed in the configuration. The time to develop new network management functionality can also be accelerated by integrating new functions with existing applications and data stores. Reusing legacy software modules has trade-offs, but existence of well-defined APIs provides a practical option to pursue this approach vs. reinventing everything from scratch. Conclusion Carrier-grade networks are larger and more complex than ever before, and growing more complex all the time. The software that monitors, configures, and controls these networks must be designed for high performance, continuous service, comprehensive security, low cost and reliable operations. This is best achieved with a unified transaction based architecture that ensures consistent execution, fine-grained control, and rapid application development. This unified architecture will also need to be flexible to absorb the constant change brought about in today s networking environments due to changes in mission scope, mergers and acquisitions, as well as the Figure 5

8 constant application and network performance improvements required to keep pace with competition. That flexibility will also need to extended to those areas where the applications, or network devices, interact or interface with other platform and tool architectures already present in the network environment. The ability to interact and play with other applications and devices in today s market is imperative. Executive management wants everything to work in a homogenous manner so that past, present, and future investments can be utilized together without significant effort or loss of capability or service delivery. Software applications and network devices will increasing need to route their AAA activities and operational events through a highly reliable, robust, intelligent, and centralized data repository. A centralized data repository allows for a consolidated and improved analytic functionality to be provided for enhanced true cause troubleshooting along with incorporating a robust auditing and reporting feature set to aid in current and future compliance adoption. A centralized data repository also provides the enterprise or telco staff with a complete and cohesive view into their network environment that allows everyone to see the same information at the same time. Not only across the organization, but also up and down the various organizational levels as well.

9 About Enterprise Management Associates, Inc. Enterprise Management Associates is an advisory and research firm providing market insight to solution providers and technology guidance to Fortune 1000 companies. The EMA team is composed of industry respected analysts who deliver strategic awareness about computing and communications infrastructure. Coupling this team of experts with an ever-expanding knowledge repository gives EMA clients an unparalleled advantage against their competition. The firm has published hundreds of articles and books on technology management topics and is frequently requested to share their observations at management forums worldwide. This report in whole or in part may not be duplicated, reproduced, stored in a retrieval system or retransmitted without prior written permission of Enterprise Management Associates, Inc. All opinions and estimates herein constitute our judgement as of this date and are subject to change without notice. Product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. Corporate Headquarters: 5777 Central Avenue, Suite 105. Boulder, CO Phone: Fax:

Replication and High-Availability

Replication and High-Availability ConfD XML-Based Network Management Software Next-Generation Configuration Management The increasing complexity of operator and enterprise networks and the requirement to deliver new services is driving

More information

Faster, Cheaper, Safer: Improving Agility, TCO, and Security with Agentless Job Scheduling. A White Paper Prepared for BMC Software August 2006

Faster, Cheaper, Safer: Improving Agility, TCO, and Security with Agentless Job Scheduling. A White Paper Prepared for BMC Software August 2006 A White Paper Prepared for BMC Software August 2006 Table of Contents Executive Summary...1 Introduction...1 The Current Standard Agent-Based Scheduling...1 The Revolution Agentless Job Scheduling...1

More information

Veritas Configuration Manager Profile. A Profile Prepared by EMA October 2006

Veritas Configuration Manager Profile. A Profile Prepared by EMA October 2006 Veritas Configuration Manager Profile A Profile Prepared by EMA October 2006 Table of Contents Corporate Information...1 CMDB Type:...1 Areas Supported:...1 IT Domain:...2 Target customers:...2 Product

More information

Enhance visibility into and control over software projects IBM Rational change and release management software

Enhance visibility into and control over software projects IBM Rational change and release management software Enhance visibility into and control over software projects IBM Rational change and release management software Accelerating the software delivery lifecycle Faster delivery of high-quality software Software

More information

Alcatel-Lucent Services

Alcatel-Lucent Services SOLUTION DESCRIPTION Alcatel-Lucent Services Security Introduction Security is a sophisticated business and technical challenge, and it plays an important role in the success of any network, service or

More information

NCS. EMS/NMS Platforms for Network Equipment Providers

NCS. EMS/NMS Platforms for Network Equipment Providers NCS EMS/NMS Platforms for Network Equipment Providers NCS Overview Tail-f s Network Control System (NCS) is a powerful solution for developing centralized management platforms that configure and element

More information

IBM Software InfoSphere Guardium. Planning a data security and auditing deployment for Hadoop

IBM Software InfoSphere Guardium. Planning a data security and auditing deployment for Hadoop Planning a data security and auditing deployment for Hadoop 2 1 2 3 4 5 6 Introduction Architecture Plan Implement Operationalize Conclusion Key requirements for detecting data breaches and addressing

More information

Data Security and Governance with Enterprise Enabler

Data Security and Governance with Enterprise Enabler Copyright 2014 Stone Bond Technologies, L.P. All rights reserved. The information contained in this document represents the current view of Stone Bond Technologies on the issue discussed as of the date

More information

Grid and Multi-Grid Management

Grid and Multi-Grid Management Key Benefits High Availability, Massive Scalability Infoblox Provides always on network services through scalable, redundant, reliable and faulttolerant architecture Guarantees data integrity and availability

More information

CA Service Desk On-Demand

CA Service Desk On-Demand PRODUCT BRIEF: CA SERVICE DESK ON DEMAND -Demand Demand is a versatile, ready-to-use IT support solution delivered On Demand to help you build a superior Request, Incident, Change and Problem solving system.

More information

Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments

Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments What You Will Learn In many enterprises, physical security departments are making a notable

More information

Optimally Manage the Data Center Using Systems Management Tools from Cisco and Microsoft

Optimally Manage the Data Center Using Systems Management Tools from Cisco and Microsoft White Paper Optimally Manage the Data Center Using Systems Management Tools from Cisco and Microsoft What You Will Learn Cisco is continuously innovating to help businesses reinvent the enterprise data

More information

ConfD. Powerful On-Device Management Software for Networking Equipment

ConfD. Powerful On-Device Management Software for Networking Equipment ConfD Powerful On-Device Management Software for Networking Equipment ConfD Overview ConfD is a software solution for building on-device management systems for all kinds of networking equipment. Development

More information

Introduction to the HP Server Automation system security architecture

Introduction to the HP Server Automation system security architecture Introduction to the HP Server Automation system security architecture Technical white paper Table of contents Introduction to the HP Server Automation system security architecture... 2 Enforcing strict

More information

Policy Management: The Avenda Approach To An Essential Network Service

Policy Management: The Avenda Approach To An Essential Network Service End-to-End Trust and Identity Platform White Paper Policy Management: The Avenda Approach To An Essential Network Service http://www.avendasys.com email: [email protected] email: [email protected] Avenda

More information

Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds.

Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds. ENTERPRISE MONITORING & LIFECYCLE MANAGEMENT Unify IT Operations Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid

More information

Vistara Lifecycle Management

Vistara Lifecycle Management Vistara Lifecycle Management Solution Brief Unify IT Operations Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid

More information

CA Service Desk Manager

CA Service Desk Manager PRODUCT BRIEF: CA SERVICE DESK MANAGER CA Service Desk Manager CA SERVICE DESK MANAGER IS A VERSATILE, COMPREHENSIVE IT SUPPORT SOLUTION THAT HELPS YOU BUILD SUPERIOR INCIDENT AND PROBLEM MANAGEMENT PROCESSES

More information

COMPUTING. Centellis Virtualization Platform An open hardware and software platform for implementing virtualized applications

COMPUTING. Centellis Virtualization Platform An open hardware and software platform for implementing virtualized applications COMPUTING Data Sheet Centellis VP provides the hardware and software platform to deploy carrier grade virtualized applications. Application virtualization software framework based on industry standard

More information

An Overview of the SaskTel Hosted Contact Centre Solution Design and Delivery Principles, and Core Architecture

An Overview of the SaskTel Hosted Contact Centre Solution Design and Delivery Principles, and Core Architecture 23082011 An Overview of the SaskTel Hosted Contact Centre Solution Design and Delivery Principles, and Core Architecture TABLE OF CONTENTS The SaskTel Hosted Contact Centre Solution... 3 Benefits of the

More information

Achieving PCI Compliance for: Privileged Password Management & Remote Vendor Access

Achieving PCI Compliance for: Privileged Password Management & Remote Vendor Access edmz Introduces Achieving PCI Compliance for: & Remote Vendor Access [ W H I T E P A P E R ] Written by e-dmz Security, LLC February 2010 C o p y r ig h t 2 0 1 0 e - D M Z S e c u r i t y, LL C. A l l

More information

Highly Available Mobile Services Infrastructure Using Oracle Berkeley DB

Highly Available Mobile Services Infrastructure Using Oracle Berkeley DB Highly Available Mobile Services Infrastructure Using Oracle Berkeley DB Executive Summary Oracle Berkeley DB is used in a wide variety of carrier-grade mobile infrastructure systems. Berkeley DB provides

More information

Reliable DNS and DHCP for Microsoft Active Directory

Reliable DNS and DHCP for Microsoft Active Directory WHITEPAPER Reliable DNS and DHCP for Microsoft Active Directory Protecting and Extending Active Directory Infrastructure with Infoblox Appliances Microsoft Active Directory (AD) is the distributed directory

More information

Understanding Enterprise Cloud Governance

Understanding Enterprise Cloud Governance Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination

More information

The Sumo Logic Solution: Security and Compliance

The Sumo Logic Solution: Security and Compliance The Sumo Logic Solution: Security and Compliance Introduction With the number of security threats on the rise and the sophistication of attacks evolving, the inability to analyze terabytes of logs using

More information

Business Case for Data Center Network Consolidation

Business Case for Data Center Network Consolidation Business Case for Data Center Network Consolidation Executive Summary Innovations in cloud, big data, and mobility as well as users expectations for anywhere, anytime, and any device access are defining

More information

Automating ITIL v3 Event Management with IT Process Automation: Improving Quality while Reducing Expense

Automating ITIL v3 Event Management with IT Process Automation: Improving Quality while Reducing Expense Automating ITIL v3 Event Management with IT Process Automation: Improving Quality while Reducing Expense An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for NetIQ November 2008 IT Management

More information

RSA SecurID Two-factor Authentication

RSA SecurID Two-factor Authentication RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial

More information

The IBM Cognos Platform

The IBM Cognos Platform The IBM Cognos Platform Deliver complete, consistent, timely information to all your users, with cost-effective scale Highlights Reach all your information reliably and quickly Deliver a complete, consistent

More information

Remote Access Platform. Architecture and Security Overview

Remote Access Platform. Architecture and Security Overview Remote Access Platform Architecture and Security Overview NOTICE This document contains information about one or more ABB products and may include a description of or a reference to one or more standards

More information

HP Service Manager software

HP Service Manager software HP Service Manager software The HP next generation IT Service Management solution is the industry leading consolidated IT service desk. Brochure HP Service Manager: Setting the standard for IT Service

More information

Cisco Application Networking Manager Version 2.0

Cisco Application Networking Manager Version 2.0 Cisco Application Networking Manager Version 2.0 Cisco Application Networking Manager (ANM) software enables centralized configuration, operations, and monitoring of Cisco data center networking equipment

More information

identity management in Linux and UNIX environments

identity management in Linux and UNIX environments Whitepaper identity management in Linux and UNIX environments EXECUTIVE SUMMARY In today s IT environments everything is growing, especially the number of users, systems, services, applications, and virtual

More information

EMA Radar for Workload Automation (WLA): Q2 2012

EMA Radar for Workload Automation (WLA): Q2 2012 EMA Radar for Workload Automation (WLA): Q2 2012 Cisco Software Profile By Torsten Volk, Senior Analyst Enterprise Management Associates (EMA) June 2012 Cisco Systems Profile Introduction Cisco Systems

More information

Service Catalog: Dramatically Improving the IT/Business Relationship

Service Catalog: Dramatically Improving the IT/Business Relationship Service Catalog: Dramatically Improving the IT/Business Relationship An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for Numara Software February 2009 IT MANAGEMENT RESEARCH, Table of Contents

More information

Consolidating IT Infrastructure Management: Unifying Data Center Hardware and Software Administration

Consolidating IT Infrastructure Management: Unifying Data Center Hardware and Software Administration Consolidating IT Infrastructure Management: Unifying Data Center Hardware and Software Administration An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for Emerson Network Power October 2014

More information

PERFORMANCE MANAGER. Carrier-grade voice performance monitoring tools for the enterprise. Resolve service issues before they impact your business.

PERFORMANCE MANAGER. Carrier-grade voice performance monitoring tools for the enterprise. Resolve service issues before they impact your business. PERFORMANCE MANAGER Carrier-grade voice performance monitoring tools for the enterprise. Resolve service issues before they impact your business. The ETM Performance Manager provides unified, realtime,

More information

HP SiteScope software

HP SiteScope software HP SiteScope software When you can see availability and performance, you can improve it. Improve the availability and performance of your IT environment HP SiteScope software helps you to agentlessly monitor

More information

RAID for the 21st Century. A White Paper Prepared for Panasas October 2007

RAID for the 21st Century. A White Paper Prepared for Panasas October 2007 A White Paper Prepared for Panasas October 2007 Table of Contents RAID in the 21 st Century...1 RAID 5 and RAID 6...1 Penalties Associated with RAID 5 and RAID 6...1 How the Vendors Compensate...2 EMA

More information

GHEM Secure Access Control

GHEM Secure Access Control White Paper Copyright 2013. Valbrea Technologies Inc. All rights reserved. Table of Contents Contents Executive Summary 3 Background 3 Price of a Security Breach 3 Cost of Neglect 4 Solution 4 Manage Access

More information

Drawbacks to Traditional Approaches When Securing Cloud Environments

Drawbacks to Traditional Approaches When Securing Cloud Environments WHITE PAPER Drawbacks to Traditional Approaches When Securing Cloud Environments Drawbacks to Traditional Approaches When Securing Cloud Environments Exec Summary Exec Summary Securing the VMware vsphere

More information

Overcoming CMDB Deployment Challenges. A White Paper Prepared for SunView Software Inc. January 2008

Overcoming CMDB Deployment Challenges. A White Paper Prepared for SunView Software Inc. January 2008 Overcoming CMDB Deployment Challenges A White Paper Prepared for SunView Software Inc. January 2008 Table of Contents Executive Summary...1 Introduction...1 Clearing the CMDB Adoption Hurdles...2 EMA s

More information

How Proactive Business Continuity Can Protect and Grow Your Business. A CenturyLink White Paper

How Proactive Business Continuity Can Protect and Grow Your Business. A CenturyLink White Paper How Proactive Business Continuity Can Protect and Grow Your Business For most companies, business continuity planning is instantly equated with disaster recovery the reactive ability of a business to continue

More information

Technical Proposition. Security

Technical Proposition. Security Technical Proposition ADAM Software NV The global provider of media workflow and marketing technology software ADAM Software NV adamsoftware.net [email protected] Why Read this Technical Proposition?

More information

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities Identity and Access Management Integration with PowerBroker Providing Complete Visibility and Auditing of Identities Table of Contents Executive Summary... 3 Identity and Access Management... 4 BeyondTrust

More information

Secure Networks for Process Control

Secure Networks for Process Control Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than

More information

How To Create An Intelligent Infrastructure Solution

How To Create An Intelligent Infrastructure Solution SYSTIMAX Solutions Intelligent Infrastructure & Security Using an Internet Protocol Architecture for Security Applications White Paper July 2009 www.commscope.com Contents I. Intelligent Building Infrastructure

More information

Key Elements of a Successful SIP Device Provisioning System

Key Elements of a Successful SIP Device Provisioning System Key Elements of a Successful SIP Device Provisioning System A white paper by Incognito Software April, 2006 2006 Incognito Software Inc. All rights reserved. Page 1 of 6 Key Elements of a Successful SIP

More information

How to Achieve Operational Assurance in Your Private Cloud

How to Achieve Operational Assurance in Your Private Cloud How to Achieve Operational Assurance in Your Private Cloud As enterprises implement private cloud and next-generation data centers to achieve cost efficiencies and support business agility, operational

More information

SP Monitor. nfx One gives MSPs the agility and power they need to confidently grow their security services business. NFX FOR MSP SOLUTION BRIEF

SP Monitor. nfx One gives MSPs the agility and power they need to confidently grow their security services business. NFX FOR MSP SOLUTION BRIEF NFX FOR MSP SOLUTION BRIEF SP Monitor Jump Start Security-as-a-Service Designed to give you everything you need to get started immediately providing security-as-a service, SP Monitor is a real-time event

More information

Desktop Automation: Effective Desktop Operations & Management with Cloud Orchestration

Desktop Automation: Effective Desktop Operations & Management with Cloud Orchestration Desktop Automation: Effective Desktop Operations & Management with Cloud Orchestration An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for Citrix August 2014 IT & DATA MANAGEMENT RESEARCH,

More information

Strengthen security with intelligent identity and access management

Strengthen security with intelligent identity and access management Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers

More information

Opengear Technical Note

Opengear Technical Note - Solutions for Avaya Installations Opengear Technical Note Jared Mallett - Product Marketing Manager Opengear solutions deliver cost-effective universal access to Avaya equipment and converged devices

More information

Best Practices from Deployments of Oracle Enterprise Operations Monitor

Best Practices from Deployments of Oracle Enterprise Operations Monitor Best Practices from Deployments of Oracle Enterprise Operations Monitor September 2014 Prepared by: Zeus Kerravala Best Practices from Deployments of Oracle Enterprise Operations Monitor by Zeus Kerravala

More information

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011

More information

Symphony Plus Cyber security for the power and water industries

Symphony Plus Cyber security for the power and water industries Symphony Plus Cyber security for the power and water industries Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 1 01/10/12 10:15 Symphony Plus Cyber security for the power and water industries

More information

BeyondInsight Version 5.6 New and Updated Features

BeyondInsight Version 5.6 New and Updated Features BeyondInsight Version 5.6 New and Updated Features BeyondInsight 5.6 Expands Risk Visibility Across New Endpoint, Cloud and Firewall Environments; Adds Proactive Threat Alerts The BeyondInsight IT Risk

More information

White Paper. Ensuring Network Compliance with NetMRI. An Opportunity to Optimize the Network. Netcordia

White Paper. Ensuring Network Compliance with NetMRI. An Opportunity to Optimize the Network. Netcordia White Paper Ensuring Network Compliance with NetMRI An Opportunity to Optimize the Network Netcordia Copyright Copyright 2006 Netcordia, Inc. All Rights Reserved. Restricted Rights Legend This document

More information

Reliable DNS and DHCP for Microsoft Active Directory Protecting and Extending Active Directory Infrastructure with Infoblox Appliances

Reliable DNS and DHCP for Microsoft Active Directory Protecting and Extending Active Directory Infrastructure with Infoblox Appliances Reliable DNS and DHCP for Protecting and Extending Active Directory Infrastructure with Infoblox Appliances Reliable DNS and DHCP for (AD) is the distributed directory service and the information hub of

More information

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption THE DATA PROTECTIO TIO N COMPANY Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption whitepaper Executive Summary Long an important security measure, encryption has

More information

Complying with PCI Data Security

Complying with PCI Data Security Complying with PCI Data Security Solution BRIEF Retailers, financial institutions, data processors, and any other vendors that manage credit card holder data today must adhere to strict policies for ensuring

More information

IBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security

IBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security IBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security INTC-8608-01 CE 12-2010 Page 1 of 8 Table of Contents 1. Scope of Services...3 2. Definitions...3

More information

Secret Server Qualys Integration Guide

Secret Server Qualys Integration Guide Secret Server Qualys Integration Guide Table of Contents Secret Server and Qualys Cloud Platform... 2 Authenticated vs. Unauthenticated Scanning... 2 What are the Advantages?... 2 Integrating Secret Server

More information

Network Access Control ProCurve and Microsoft NAP Integration

Network Access Control ProCurve and Microsoft NAP Integration HP ProCurve Networking Network Access Control ProCurve and Microsoft NAP Integration Abstract...2 Foundation...3 Network Access Control basics...4 ProCurve Identity Driven Manager overview...5 Microsoft

More information

Virtualization 101: Technologies, Benefits, and Challenges. A White Paper by Andi Mann, EMA Senior Analyst August 2006

Virtualization 101: Technologies, Benefits, and Challenges. A White Paper by Andi Mann, EMA Senior Analyst August 2006 Virtualization 101: Technologies, Benefits, and Challenges A White Paper by Andi Mann, EMA Senior Analyst August 2006 Table of Contents Introduction...1 What is Virtualization?...1 The Different Types

More information

PRODUCT GUIDE Version 1.2 HELPDESK EXPRESS 1.0

PRODUCT GUIDE Version 1.2 HELPDESK EXPRESS 1.0 Version 1.2 HELPDESK EXPRESS 1.0 Revision 1 - March 2005 PRODUCT GUIDE HELPDESK EXPRESS 1.0 Version 1.2 Revision 1 - February 2005 ProTel Communications Ltd. follows a policy of continuous development

More information

High Availability for Citrix XenApp

High Availability for Citrix XenApp WHITE PAPER Citrix XenApp High Availability for Citrix XenApp Enhancing XenApp Availability with NetScaler Reference Architecture www.citrix.com Contents Contents... 2 Introduction... 3 Desktop Availability...

More information

Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH. White Paper February 2010 www.alvandsolutions.

Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH. White Paper February 2010 www.alvandsolutions. Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH White Paper February 2010 www.alvandsolutions.com Overview Today s increasing security threats and regulatory

More information

Online Transaction Processing in SQL Server 2008

Online Transaction Processing in SQL Server 2008 Online Transaction Processing in SQL Server 2008 White Paper Published: August 2007 Updated: July 2008 Summary: Microsoft SQL Server 2008 provides a database platform that is optimized for today s applications,

More information

Network Access Control in Virtual Environments. Technical Note

Network Access Control in Virtual Environments. Technical Note Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved

More information

Management of VMware ESXi. on HP ProLiant Servers

Management of VMware ESXi. on HP ProLiant Servers Management of VMware ESXi on W H I T E P A P E R Table of Contents Introduction................................................................ 3 HP Systems Insight Manager.................................................

More information

The Challenges of Administering Active Directory

The Challenges of Administering Active Directory The Challenges of Administering Active Directory As Active Directory s role in the enterprise has drastically increased, so has the need to secure the data it stores and to which it enables access. The

More information

Unified network traffic monitoring for physical and VMware environments

Unified network traffic monitoring for physical and VMware environments Unified network traffic monitoring for physical and VMware environments Applications and servers hosted in a virtual environment have the same network monitoring requirements as applications and servers

More information

Multi-Domain Security Management

Multi-Domain Security Management Multi-Domain Security Management R77 Versions Administration Guide 20 May 2014 Classification: [Protected] 2014 Check Point Software Technologies Ltd. All rights reserved. This product and related documentation

More information

QRadar SIEM 6.3 Datasheet

QRadar SIEM 6.3 Datasheet QRadar SIEM 6.3 Datasheet Overview Q1 Labs flagship solution QRadar SIEM is unrivaled in its ability to provide an organization centralized IT security command and control. The unique capabilities of QRadar

More information

Business Case for a DDoS Consolidated Solution

Business Case for a DDoS Consolidated Solution Business Case for a DDoS Consolidated Solution Executive Summary Distributed denial-of-service (DDoS) attacks are becoming more serious and sophisticated. Attack motivations are increasingly financial

More information

Securing Virtual Applications and Servers

Securing Virtual Applications and Servers White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating

More information

Skynax. Mobility Management System. System Manual

Skynax. Mobility Management System. System Manual Skynax Mobility Management System System Manual Intermec by Honeywell 6001 36th Ave. W. Everett, WA 98203 U.S.A. www.intermec.com The information contained herein is provided solely for the purpose of

More information

How To Manage A Network Security Risk

How To Manage A Network Security Risk Scanless Vulnerability Assessment: Skybox Security whitepaper July 2014 1 Overview Vulnerability scanning, or the process of identifying a list of known security gaps in the network environment, is the

More information

VoIP-Enabling A Class 4/5 Switch Network Integrated Media Gateway 1010 Chris Lengyel

VoIP-Enabling A Class 4/5 Switch Network Integrated Media Gateway 1010 Chris Lengyel VoIP-Enabling A Switch Network Integrated Media Gateway 1010 Chris Lengyel Market Development Manager table of contents VoIP Enabling a Wholesale Network: Before VoIP 3 Limitations of the First Generation

More information

Beyond High Availability for Asterisk Based Contact Centers

Beyond High Availability for Asterisk Based Contact Centers Beyond High Availability for Asterisk Based Contact Centers Voice Solutions for Mission-Critical Contact Centers That Offer More than High Availability Voice communication is the primary medium in multi-channel

More information

Pluribus Netvisor Solution Brief

Pluribus Netvisor Solution Brief Pluribus Netvisor Solution Brief Freedom Architecture Overview The Pluribus Freedom architecture presents a unique combination of switch, compute, storage and bare- metal hypervisor OS technologies, and

More information

HP-UX 11i software deployment and configuration tools

HP-UX 11i software deployment and configuration tools HP-UX 11i software deployment and configuration tools Simplifying management of servers in a virtualized environment Introduction... 2 Simplifying management in dynamic, virtualized environments... 2 HP-UX

More information

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance White Paper Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance Troy Herrera Sr. Field Solutions Manager Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA

More information

SCADA SYSTEMS AND SECURITY WHITEPAPER

SCADA SYSTEMS AND SECURITY WHITEPAPER SCADA SYSTEMS AND SECURITY WHITEPAPER Abstract: This paper discusses some of the options available to companies concerned with the threat of cyber attack on their critical infrastructure, who as part of

More information

Simply Sophisticated. Information Security and Compliance

Simply Sophisticated. Information Security and Compliance Simply Sophisticated Information Security and Compliance Simple Sophistication Welcome to Your New Strategic Advantage As technology evolves at an accelerating rate, risk-based information security concerns

More information

Managing SIP-based Applications With WAN Optimization

Managing SIP-based Applications With WAN Optimization Managing SIP-based Applications With WAN Optimization Worry-Proof Internet 2800 Campus Drive Suite 140 Plymouth, MN 55441 Phone (763) 694-9949 Toll Free (800) 669-6242 Managing SIP-based Applications With

More information

Simplify SSL Certificate Management Across the Enterprise

Simplify SSL Certificate Management Across the Enterprise WHITE PAPER White Paper Simplify SSL Certificate Management Across the Enterprise Simplify SSL Certificate Management Across the Enterprise Contents introduction 1 A Platform for Single-Point Control and

More information

Web Applications Access Control Single Sign On

Web Applications Access Control Single Sign On Web Applications Access Control Single Sign On Anitha Chepuru, Assocaite Professor IT Dept, G.Narayanamma Institute of Technology and Science (for women), Shaikpet, Hyderabad - 500008, Andhra Pradesh,

More information

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems Proactively address regulatory compliance requirements and protect sensitive data in real time Highlights Monitor and audit data activity

More information

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies

More information

PCI DSS Reporting WHITEPAPER

PCI DSS Reporting WHITEPAPER WHITEPAPER PCI DSS Reporting CONTENTS Executive Summary 2 Latest Patches not Installed 3 Vulnerability Dashboard 4 Web Application Protection 5 Users Logging into Sensitive Servers 6 Failed Login Attempts

More information

Improve Your Business Through Best Practice IT Management. A White Paper Prepared for Kaseya September 2007

Improve Your Business Through Best Practice IT Management. A White Paper Prepared for Kaseya September 2007 A White Paper Prepared for Kaseya September 2007 Table of Contents Executive Summary...1 Introduction...1 The Role of Best Practices in Managing IT Services...1 Profitability...1 Reliability...2 Best Practices

More information