Cybersecurity regulation will take its place alongside environmental regulation, health and safety regulation and financial regulation as a major federal activity. What is not yet clear is what form the regulations will take. FISMA controls, performance standards, consensus standards and industry-specific consortia standards are all possible regulatory approaches. What is not likely is an extended continuation of the current situation in which federal authorities have only limited, informal oversight of private sector cyberdefenses (or lack thereof). more
Studies have found only limited, insufficient agency adherence with FISMA's (Federal Information Security Management Act) continuous monitoring mandates. One survey found almost half of federal IT professionals were unaware of continuous monitoring requirements. A recent GAO report found that two-thirds of agencies "did not adequately monitor networks" to protect them "from intentional or unintentional harm." more
Cloud computing, from a business and management perspective, has a great deal in common with mainframe computing. Mainframes are powerful, expensive and centralized pieces of computing equipment. This is in line with their role as infrastructure for mission-critical applications. For these types of applications, mainframes can be fairly efficient, even though they tend to need large teams of support specialists... Cloud computing is a new style of computing... more
The Domain Name System, or DNS, has come a long way since its early days and the constant expansion of consumer activity and security concerns has raised further awareness about the critical role of the DNS. However, as the Yankee Group Research points out in a recent report, "there are more changes coming that are also raising the profile of DNS -- notably the move to cloud computing and the migration to IPv6." Suffice to say this is "Not Your Father's DNS". The report titled, "DNS: Risk, Reward and Managed Services" takes a fresh look at today's state of the DNS and the pros and cons of in-house, ISP and managed service provider DNS management options. more
"As flood waters from Tropical Storm Irene swamped the Waterbury state office complex, seven employees from the Vermont Agency of Human Services rushed inside to rescue computer servers that are critical for processing welfare checks and keeping track of paroled prisoners living around the state," according to a story by Shay Totten on the 7days blog Blurt. Two of the employees - network administrator Andrew Matt and deputy chief information officer Darin Prail - lost their cars in the parking lot as the river rose but kept on working to assure that our servers were not lost. "We didn't know how much time we had," Matt said, "and our job was to save the servers." more
The market for cloud computing is getting more interesting every day. There is still a long way to go, as the success of cloud computing depends not only on high-speed networks, but also on capacity, robustness, affordability, low latency, ubiquity, security, privacy and reliability. Of course, the ideal infrastructure would be nationwide FttH networks, but obviously we can't wait for that... more
Wout de Natris writes to report: "EU Commissioner for the Information Society Neelie Kroes today launched the EU co-funded project for the Internet of the future in which everything will be connected to everyone in the cloud. Here's the link to Mrs. Kroes' speech." more
Over the last ten years we have heard a lot about edge-based services. These were needed to enable the operation of applications at the edge of the network, as the lack of available bandwidth capacity made it difficult to do so over the core network. However, with the prospect of limitless bandwidth the design of the network is changing again. more
IBM today released the results from its annual X-Force 2010 Trend and Risk Report, identifying more targeted phishing, spam and mobile attacks. The report also finds cloud security continuing to evolve. "From Stuxnet to Zeus Botnets to mobile exploits, a widening variety of attack methodologies is popping up each day," says Tom Cross, threat intelligence manager, IBM X-Force. "The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical." more
In September 2009, the Obama Administration announced the Federal Cloud Computing Initiative. As the government's CIO explained, cloud computing "has the potential to greatly reduce waste, increase data center efficiency and utilization rates, and lower operating costs." The Federal Risk and Authorization Management Program (FedRAMP) addresses the key elements of a cloud computing framework for federal agencies. more
Research from Infonetics shows that last year was a strong year for data centre network equipment sales, due to a rebound from bare-bones 2009 spending levels and, more importantly, fundamental trends favouring investments in the data centre, such as the explosion of content and traffic, use of virtualization, and increasingly, cloud-based services and architectures. more
Images of clouds have been used when discussing networks for quite some time. When traditional telecoms companies were selling point-to-point circuits a drawing of a cloud was sometimes used. The cloud symbol helped indicate the provider?s domain of responsibility, effectively hid the internal complexity of the network and focused on the end user. This was all fine when the product offered was an end-to-end circuit. more
The importance of online presence continues to grow exponentially. More and more of our personal and professional endeavors are conducted online. Because of this, the ability to ensure a good experience for our online friends and customers also is increasing rapidly. At its core, load testing is nothing more than ensuring your online presence is ready for the number of visitors you expect. It's simple to explain, but historically it's been anything but simple, or easy to afford. more
Bill St Arnoud blogs that he is a big advocate of using commercial cloud services rather than rolling out a do-it-yourself cloud for a number of reasons... The cloud market is intensively competitive and innovative, where scale can make a huge difference in terms of reliability and accessibility. It is much easier to develop a set of common contractual service and interface requirements with commercial suppliers in regards to privacy, reliability etc. more
This year's Cisco Collaboration Summit was a step up from last year, and I say that for good reason. Last year's event was good -- all of Cisco's events are good -- but the venue was too small and it took away from the messaging. For 2010, Cisco went out of town to the classy and classic Arizona Biltmore in Phoenix. They don't build them like this anymore, and to me, this setting did far more justice for what Cisco has to say about collaboration. more