Read up on the latest ideas and technologies from companies that sell hardware, software and services. Radicati Market Quadrant 2008 on Corporate Web Security
Still Sneaking In: The Threats Your Security Tools Aren't Telling You About
Wireless LANs: Is my enterprise at risk?
A Guide to Next-Generation Backup, Recovery and Archive
Understanding Email Marketing: A Guide for SMBs
Solve Exchange Mailbox Storage Issues Once and for All
Taking On Demand CRM Integration to the Next Level
Strategies for Eliminating .PST Files
Newsletter Subscription
Containing costs in VPNs
As inexpensive as centrally managed firewall-VPN devices are, the cost to build a large-scale, site-to-site VPN can be high. Sometimes the problem is the vendor mix, because vendor-supplied firewall management tools can't handle multiple vendors. Other times, it's a question of a company being stuck with perfectly good branch-office firewalls that don't do VPN very well.
The best open source alternative is OpenVPN, an SSL-based VPN tool that easily and quickly links broadband-connected remote sites to a central data center. As a technology, OpenVPN has advantages, even over some commercial VPN products based on the more efficient and better-behaved IPSec protocols. Because most broadband ISPs use network address translation (NAT), businesses using low-cost connections without statically assigned IP addresses have found that the complex IPSec protocols don't always work reliably through NAT devices. Encapsulating traffic inside a single TCP connection is a good way to get around the problem, and SSL-based VPNs such as OpenVPN have always done this.
From the point of view of cost, OpenVPN is even more attractive. If there's a remote server running Windows, almost any flavor of Unix, or Mac OS X, the server can be used as a VPN gateway to connect the remote site securely using OpenVPN. Because the software works with the servers already deployed at remote sites, it can be retrofitted easily into existing networks without requiring new hardware.
OpenVPN isn't the answer to all ills. High-speed connections work better over IPSec, and the idea of running VPN traffic through a server won't go over well in many environments. In addition, OpenVPN is not suitable for large, meshed VPNs because it lacks a large-scale management system.
Like many open source tools, the OpenVPN management interface is a command line. Because of the popularity of the product and the well-documented API in OpenVPN, a number of open source, GUI-based tools are available to help in configuration and system monitoring.
In hub-and-spoke VPN configurations of small branch offices - broadband connections coming into a central data center - OpenVPN works well and has high availability and scalability features that wouldn't normally be expected in open source products.
Great open source options in four security areas
Mail security gateway
- SpamAssassin
- DSPAM
- Bogofilter
- MailWasher Server
- Maia Mailguard
- Clam AntiVirus
Intrusion detection
- Snort
- IDS Policy Manager
Vulnerability scanning
- ACID BASE
Site-to-site SSL VPN
- Nessus
- OpenVPN
Snyder, a Network World Test Alliance member, is a senior partner at Opus One. He can be reached at Joel.Snyder@opus1.com.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00
Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00
Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05
Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
- +
10 steps to loading dock security 07 October, 2008 11:30:00
Companies in all industries struggle to secure the loading dock, that sensitive spot where goods come in and go out. Follow these best practices and sleep better tonight.It's the stuff of CSO nightmares. Early on the morning of September 2, while most folks were home sleeping off the hot dogs, thieves used bolt cutters to break into an Alltel Communications warehouse and four of its loading docks in Fort Smith, Ark. Sources say they escaped with an estimated US$10 million worth of cell phones, not a bad haul for their Labor Day efforts. - +
Corporate security and the climate crisis 03 October, 2008 11:21:00
How to adapt security and risk management policies - including IT security - to deal with climate change.US military strategists, CIA analysts, international agency officials and Nobel Prize winning economists concur with the consensus of the world's scientific community: the Climate Crisis is a planetary security issue, as well as a national security issue for each of the one hundred ninety two countries that belong to the United Nations. But the Climate Crisis is also, by extension, a corporate security issue, as well as, yes, a cyber security issue. - +
Companies own up to virtual security blind spot 02 October, 2008 11:05:00
VMWorld attendees reveal vast majority of companies have little or no security in place for their virtual systems.The vast majority of companies have little or no security in place for their virtual systems. That is a scary statistic revealed in a survey of attendees at the recent VMWorld 2008 conference in Las Vegas. - +
How to minimize the impact of a data breach 01 October, 2008 08:54:00
ID Experts' Rick Kam describes a customer-centric action planThirty-one percent of customers--nearly one-third of a company's client base and revenue source--are terminating their relationship with organizations following a data breach, according to a recent study by the Ponemon Institute. - +
Five mistakes security pros would make again 30 September, 2008 10:18:00
Whether it's getting fired for standing up for what's right or making a network configuration mistake that leads to better security, there are some mistakes worth making. Five security pros offer personal examples.Ten years ago, Michael Riva was network administrator for a top-five American consultancy. Employees were downloading graphic pictures and videos onto the network. Riva told his boss a proxy server with content filtering might be in order; his boss laughed and suggested they put in a bigger file server instead.
Symantec State of Spam Report - October 2008 07 October, 2008 11:58:00
AIIA to Reward Sustainability and Green IT Champions at the 2009 iAwards 07 October, 2008 11:56:00
Yellowfin Achieves BI Success with Asia Pacific Telcos 07 October, 2008 09:46:00
Frost & Sullivan Gears up for Annual IT Industry Gala Awards Event 07 October, 2008 08:29:00
Multimedia Technology & EVERKI sign exclusive distribution agreement. 06 October, 2008 14:34:00
|
||
|
||
|
|
||
|
Strategies for Eliminating .PST Files
Join industry expert Martin Tuip to discover best practice strategy for the archival and removal of .PST files using email archiving. Learn how to ensure long-term email records are there when needed, and reduce the risk to your business and clients.
Subscribe to CIO
