Three basic IP VPN technologies are used today to create network architectures: Multi Protocol Label Switching (MPLS), IP Security (IPSec), and Secure Socket Layer (SSL). Many companies are using combinations of these technologies to develop unique solutions for specific business needs. Understanding the options can help network managers make good choices, and design an optimized infrastructure that effectively uses the available technologies. Businesses that want to protect their networks from external attacks have a number of powerful tools at their disposal. Firewalls , for example, do a very good job of filtering and, in many cases, analyzing data packets to ensure that potentially destructive data is caught before it can do any harm. But most companies that are really serious about keeping troublemakers off of their networks also employ a technology that is specifically designed to target the presence of potential attackers: IDPS (Intrusion Detection and Prevention Systems).IDP...

One of the things that distinguishes security from other IT disciplines is its massive scope. In simple terms, if you own the corporate network, you care about switches, routers, and traffic going from Point A to Point B. If you own security, you have to look up and down the old "technology stack" while keeping an eye of physical security and cross-company business processes. Little wonder why so many companies experience so many data breaches. For years, the security industry seemed to disregard the broad scope of problems faced by enterprise organizations. Instead, even the biggest security firms like Check Point and McAfee simply offered the threat management widget du jour. This is like your local This is like your local tire store saying that it is in the business of selling automobiles. Something had to give which is why big enterprise-savvy companies like EMC, Hewlett-Packard, and IBM entered the market. During a RSA Conference in San Francisco, Rather than talk abo...

Is the Chinese military responsible for recent attacks on Pentagon computers? That's the question after numerous reports surfaced claiming that the People's Liberation Army of China hacked into a system in the office of U.S. Defense Secretary Robert Gates in June. In a statement published Tuesday, Pentagon spokesman Bryan Whitman confirmed that a system in Gates' office was hacked in June.He declined, however, to identify the origin of the attack. China has denied any involvement in the attacks. "Cyber- or non-kinetic type threats to military computer networks are viewed as just as real and just as significant as physical or kinetic threats," Whitman said in the statement. "The department aggressively responds to deter all intrusions to defend what is known as the GIG, the global information grid."Herb Strauss, vice president and national security analyst at Gartner , told SCMagazineUS.com today that finding the origin of possible state-sponsored cybera...

Sunbelt Software discovered Thursday afternoon that the Bank of India's website had been compromised and was distributing about 30 types of malware, Alex Eckelberry, Sunbelt CEO, told SCMagazine.com. Sunbelt learned that the site had become compromised while researching another malware issue. The company contacted the Bank of India, which shut the site down about 2 a.m. EST Friday to clean the server, he said. The site is up and running again."We tracked communication with [the other malware] to the Bank of India site," Eckelberry said. "We're fairly certain this was done by the Russian Business Network (RBN), an underground criminal gang in Russia responsible for lot of bad things on the internet."The exploit appeared to be a malicious IFRAME , which took advantage of a Microsoft Windows 2003 server running the Bank of India site, he added. The IFRAME downloaded a wide variety of malware to PCs that have not been patched since August 2006, Eckelberry sa...

The costly build-to-order approach of typical IT infrastructures may soon be a thing of the past, thanks to advances in technology and to new management practices. Leading companies are moving toward a less complex model characterized by standard and reusable products, transparent pricing, and better use of IT resources. Companies can make their information technology systems up to 30 percent more productive by adopting a standardized model. To undertake this shift, CIOs must rethink the organization, architecture, and procurement processes of their IT organizations

Chief executives have been disappointed that IT hasn't done more to improve corporate performance. Some chief information officers are stepping up to that challenge, going beyond their traditional IT-management role and working closely with business-unit leaders to make the most of technology investments. To step up to the new responsibilities of an IT leader, CIOs must delegate or shed some operational duties and spend more time helping business leaders identify and use technologies that will help companies innovate.

Largely to improve current earnings, companies are now taking an axe to IT spending. A few of them, however, view the reduction of IT costs as an opportunity to tidy up their act. Rather than deciding what IT they can or can't live without today—continuing to manage IT as they always have while merely managing less of it—they are changing their business activities and IT processes to eliminate the deeper-rooted causes of IT spending. Companies can do more than just lower their costs if they attack the deeper causes of soaring IT expenditures by streamlining the tangle of uncoordinated systems that many of them installed during the heady late 1990s. Where possible, they should coordinate their IT systems so that these systems no longer support only one channel or portfolio as well as consolidate their database-management and other infrastructure technologies, redraw their IT architectures, and exploit new outsourcing opportunities.