Microsoft Exchange in the Cloud: Four Migration Tips
Get Added Security, Not Just Savings
McGuire's Law of Mobility: A Product's Value Increases with Mobility: Download now
Though reluctant to discuss specific costs, Day says the value in moving to BPOS is to gain more capabilities without a huge increase in the cost.
"We did a very detailed cost comparison between re-architecting what we have on-premise versus a Microsoft BPOS solution and the cloud option won," says Day.
Slideshow: Fighting the Dark Side: Tech's Heroes and Villains
Dow is doing a big uplift from Exchange 2003, with its limited mailbox sizes and quotas that just don't cut it in today's corporate e-mail environment. The BPOS advantage is that Dow will get Live Meeting and OCS for its worldwide workforce and Exchange mailboxes that can compete with Gmail on capacity, says Day.
Another advantage in moving to the cloud, says Day, is the savings culled from letting Microsoft handle security measures such as intrusion protection and spam filtering.
"Nobody can run Exchange like Microsoft," he says. "From a security perspective, I can't afford to spend as much on securing an Exchange environment as Microsoft can."
On the other hand, says Day, IT departments need to work with their cloud vendor to ensure compliance regulations are being met. "We're not going to just toss all our data over the wall to Microsoft. We're going to engage with them regularly."
Push the Vendor to Do More on Compliance
Day understands that although Microsoft has been providing services via the Internet for years with its MSN mailboxes, it's quite a different thing to provide e-mail services to a Fortune 50 company.
"Microsoft is going through a paradigm shift," says Day. "We're going to have to coordinate with them a lot and learn together."
But one thing Microsoft must do is deliver on its cloud customers' compliance needs.
Day has been adamant that Microsoft not just provide a console for Dow to monitor its own data, but to provide near real-time information flow through an automation interface.
"So we're pushing Microsoft to feed us all available data through an automation framework so we can take immediate action for compliance reasons."
No matter what vendor you choose, Days adds, never enter into a cloud partnership lightly.
"You have to push them. That's critical."
Shane O'Neill is a senior writer at CIO.com. Follow him on Twitter at twitter.com/smoneill. Follow everything from CIO.com on Twitter at twitter.com/CIOonline.
CompTIA A+ certification validates the latest skills needed by today's computer support professionals. It is an international, vendor-neutral certification recognized by major hardware and software vendors, distributors
Saturday, August 28, 2010
Microsoft Exchange in the Cloud: Four Migration Tips
Microsoft Exchange in the Cloud: Four Migration Tips
Get Added Security, Not Just Savings
McGuire's Law of Mobility: A Product's Value Increases with Mobility: Download now
Though reluctant to discuss specific costs, Day says the value in moving to BPOS is to gain more capabilities without a huge increase in the cost.
"We did a very detailed cost comparison between re-architecting what we have on-premise versus a Microsoft BPOS solution and the cloud option won," says Day.
Slideshow: Fighting the Dark Side: Tech's Heroes and Villains
Dow is doing a big uplift from Exchange 2003, with its limited mailbox sizes and quotas that just don't cut it in today's corporate e-mail environment. The BPOS advantage is that Dow will get Live Meeting and OCS for its worldwide workforce and Exchange mailboxes that can compete with Gmail on capacity, says Day.
Another advantage in moving to the cloud, says Day, is the savings culled from letting Microsoft handle security measures such as intrusion protection and spam filtering.
"Nobody can run Exchange like Microsoft," he says. "From a security perspective, I can't afford to spend as much on securing an Exchange environment as Microsoft can."
On the other hand, says Day, IT departments need to work with their cloud vendor to ensure compliance regulations are being met. "We're not going to just toss all our data over the wall to Microsoft. We're going to engage with them regularly."
Push the Vendor to Do More on Compliance
Day understands that although Microsoft has been providing services via the Internet for years with its MSN mailboxes, it's quite a different thing to provide e-mail services to a Fortune 50 company.
"Microsoft is going through a paradigm shift," says Day. "We're going to have to coordinate with them a lot and learn together."
But one thing Microsoft must do is deliver on its cloud customers' compliance needs.
Day has been adamant that Microsoft not just provide a console for Dow to monitor its own data, but to provide near real-time information flow through an automation interface.
"So we're pushing Microsoft to feed us all available data through an automation framework so we can take immediate action for compliance reasons."
No matter what vendor you choose, Days adds, never enter into a cloud partnership lightly.
"You have to push them. That's critical."
Shane O'Neill is a senior writer at CIO.com. Follow him on Twitter at twitter.com/smoneill. Follow everything from CIO.com on Twitter at twitter.com/CIOonline.
Get Added Security, Not Just Savings
McGuire's Law of Mobility: A Product's Value Increases with Mobility: Download now
Though reluctant to discuss specific costs, Day says the value in moving to BPOS is to gain more capabilities without a huge increase in the cost.
"We did a very detailed cost comparison between re-architecting what we have on-premise versus a Microsoft BPOS solution and the cloud option won," says Day.
Slideshow: Fighting the Dark Side: Tech's Heroes and Villains
Dow is doing a big uplift from Exchange 2003, with its limited mailbox sizes and quotas that just don't cut it in today's corporate e-mail environment. The BPOS advantage is that Dow will get Live Meeting and OCS for its worldwide workforce and Exchange mailboxes that can compete with Gmail on capacity, says Day.
Another advantage in moving to the cloud, says Day, is the savings culled from letting Microsoft handle security measures such as intrusion protection and spam filtering.
"Nobody can run Exchange like Microsoft," he says. "From a security perspective, I can't afford to spend as much on securing an Exchange environment as Microsoft can."
On the other hand, says Day, IT departments need to work with their cloud vendor to ensure compliance regulations are being met. "We're not going to just toss all our data over the wall to Microsoft. We're going to engage with them regularly."
Push the Vendor to Do More on Compliance
Day understands that although Microsoft has been providing services via the Internet for years with its MSN mailboxes, it's quite a different thing to provide e-mail services to a Fortune 50 company.
"Microsoft is going through a paradigm shift," says Day. "We're going to have to coordinate with them a lot and learn together."
But one thing Microsoft must do is deliver on its cloud customers' compliance needs.
Day has been adamant that Microsoft not just provide a console for Dow to monitor its own data, but to provide near real-time information flow through an automation interface.
"So we're pushing Microsoft to feed us all available data through an automation framework so we can take immediate action for compliance reasons."
No matter what vendor you choose, Days adds, never enter into a cloud partnership lightly.
"You have to push them. That's critical."
Shane O'Neill is a senior writer at CIO.com. Follow him on Twitter at twitter.com/smoneill. Follow everything from CIO.com on Twitter at twitter.com/CIOonline.
Saturday, August 21, 2010
Is offering too many products or features a bad thing?
Is offering too many products or features a bad thing?
My friend and I got into a very interesting conversation the other day about how companies tend to focus a large amount of energy creating products or versions of their products for particular market segments. Now, I’m not talking about the act of language localization. Instead, what I’m referring to is how companies actively pursue any of the following Comptia A+ Training :
1. Create a product for a very particular market space. For example many Japanese electronic manufactures tend to create products that only make sense within the Japanese marketplace. In Japan this called Galápagos syndrome. A really good example of this syndrome can be found with Japanese cell phones manufacturers. Despite being way ahead of their time in the 1990s, they first defined and adopted cell standards that were rejected everywhere else and then created fenced-in Web services that only provided content within Japan. Then in early 2000 they focused on 3G too fast, which left their phones too advanced for the rest of the world markets. Lastly, because they initially had a huge market within Japan, they had very little incentive to tackle overseas markets.
2. Create many different versions of a product to fit many different market spaces. This one particularly bothers me. Rather than making a really good product that should meet almost everyone’s needs, companies will pump out a bunch of different models of the product in an attempt to meet everyone’s needs. A perfect example of this can be found on Panasonic's Web site. This link gives you a list of around 64 new camera models for the year 2010. Really, 64 new camera models and this is just for the USA region.
3. Lastly, modify an existing product to make it more appealing to a particular market segment. This can range from needed changes like Google addressing Google Maps privacy issues to silly changes like modify the name of a movie as shown in the following image. You will notice that the name Karate Kid has been replaced with Best Kid (in Katakana).
So just how does this relate to information technology or even Microsoft for that matter? Well, my friend is a product designer. In a sense, he is kind of responsible for “The Too Many” product syndrome and made the argument that companies need to design products that fit or can be adapted to the needs of the market place. I on the other hand like to design IT infrastructure architecture (it’s a hobby of sorts). Naturally, I advocate standardization and economies of scale for anything and everything. :>)
In other words, if a product (hardware and software) is presented to me that suffers from any of the three detractors that I noted, then these are solutions that I might choose to pass on. After all, there is a very fine line between being feature rich and being a POS Comptia A+ Certification.
What are your thoughts?
My friend and I got into a very interesting conversation the other day about how companies tend to focus a large amount of energy creating products or versions of their products for particular market segments. Now, I’m not talking about the act of language localization. Instead, what I’m referring to is how companies actively pursue any of the following Comptia A+ Training :
1. Create a product for a very particular market space. For example many Japanese electronic manufactures tend to create products that only make sense within the Japanese marketplace. In Japan this called Galápagos syndrome. A really good example of this syndrome can be found with Japanese cell phones manufacturers. Despite being way ahead of their time in the 1990s, they first defined and adopted cell standards that were rejected everywhere else and then created fenced-in Web services that only provided content within Japan. Then in early 2000 they focused on 3G too fast, which left their phones too advanced for the rest of the world markets. Lastly, because they initially had a huge market within Japan, they had very little incentive to tackle overseas markets.
2. Create many different versions of a product to fit many different market spaces. This one particularly bothers me. Rather than making a really good product that should meet almost everyone’s needs, companies will pump out a bunch of different models of the product in an attempt to meet everyone’s needs. A perfect example of this can be found on Panasonic's Web site. This link gives you a list of around 64 new camera models for the year 2010. Really, 64 new camera models and this is just for the USA region.
3. Lastly, modify an existing product to make it more appealing to a particular market segment. This can range from needed changes like Google addressing Google Maps privacy issues to silly changes like modify the name of a movie as shown in the following image. You will notice that the name Karate Kid has been replaced with Best Kid (in Katakana).
So just how does this relate to information technology or even Microsoft for that matter? Well, my friend is a product designer. In a sense, he is kind of responsible for “The Too Many” product syndrome and made the argument that companies need to design products that fit or can be adapted to the needs of the market place. I on the other hand like to design IT infrastructure architecture (it’s a hobby of sorts). Naturally, I advocate standardization and economies of scale for anything and everything. :>)
In other words, if a product (hardware and software) is presented to me that suffers from any of the three detractors that I noted, then these are solutions that I might choose to pass on. After all, there is a very fine line between being feature rich and being a POS Comptia A+ Certification.
What are your thoughts?
Sunday, August 15, 2010
Obtaining an OID for a Certificate Issuing Policy (CAPolicy.inf)
Obtaining an OID for a Certificate Issuing Policy (CAPolicy.inf)
In the happy fairy land that is PKI there comes a time when an OID is needed. Such a time is when you want to specify a Certificate Issuing Policy within a CAPolicy.inf for Microsoft’s Certificates Services. However, how to obtain an OID tends to be a coveted mystery among the security gods.
So… in my quest to provide knowledge to the masses here are some methods to obtain an OID that may be placed within your CAPolicy.inf.
Method One:
If you already have a valid OID obtain a CPS arc from you OID overlord.
Method Two:
Don’t have a valid OID. Go to the following Web site and after paying lots of money you too can become an evil OID overlord: http://web.ansi.org/other_services/registration_programs/reg_org.aspx?menuid=10
Method Three:
Go to the following site, and get oidgen.vbs: http://gallery.technet.microsoft.com/ScriptCenter/en-us/56b78004-40d0-41cf-b95e-6e795b2e8a06. This script generates unique OIDs in the Microsoft number sequence (1.2.840.113556).
Method Four:
Cheat create your own. Bring up a backup of your Active Directory environment in a lab. Install certificate services as an Enterprise Root on a domain controller. At a command prompt on the domain controller type certtmpl.msc and press Enter. The Certificate Templates MMC will open. In the right pane select the Workstation Authentication template. Alternatively, you can select any other V2 template. From the Action menu select Properties. Click the Extensions tab. Select the Issuance Policies from the list box and click Edit. In the Edit Issuance Policies Extension dialog click Add. Click New... in the next dialog. A unique object identifier is generated and shown in the New Issuance Policy dialog. Select the complete OID and press + to copy the content into the clipboard. Copy the OID into a document for future reference.
Again… this yet another procedure I wouldn’t recommend for a “real” PKI deployment.
In the happy fairy land that is PKI there comes a time when an OID is needed. Such a time is when you want to specify a Certificate Issuing Policy within a CAPolicy.inf for Microsoft’s Certificates Services. However, how to obtain an OID tends to be a coveted mystery among the security gods.
So… in my quest to provide knowledge to the masses here are some methods to obtain an OID that may be placed within your CAPolicy.inf.
Method One:
If you already have a valid OID obtain a CPS arc from you OID overlord.
Method Two:
Don’t have a valid OID. Go to the following Web site and after paying lots of money you too can become an evil OID overlord: http://web.ansi.org/other_services/registration_programs/reg_org.aspx?menuid=10
Method Three:
Go to the following site, and get oidgen.vbs: http://gallery.technet.microsoft.com/ScriptCenter/en-us/56b78004-40d0-41cf-b95e-6e795b2e8a06. This script generates unique OIDs in the Microsoft number sequence (1.2.840.113556).
Method Four:
Cheat create your own. Bring up a backup of your Active Directory environment in a lab. Install certificate services as an Enterprise Root on a domain controller. At a command prompt on the domain controller type certtmpl.msc and press Enter. The Certificate Templates MMC will open. In the right pane select the Workstation Authentication template. Alternatively, you can select any other V2 template. From the Action menu select Properties. Click the Extensions tab. Select the Issuance Policies from the list box and click Edit. In the Edit Issuance Policies Extension dialog click Add. Click New... in the next dialog. A unique object identifier is generated and shown in the New Issuance Policy dialog. Select the complete OID and press + to copy the content into the clipboard. Copy the OID into a document for future reference.
Again… this yet another procedure I wouldn’t recommend for a “real” PKI deployment.
Friday, August 13, 2010
A+ update
A+ update
The Computing Technology Industry Association (CompTIA) is overhauling its A+ certification to reflect the need for security and soft skills. "IT workers who understand how to use technology to meet business goals, and who can articulate this understanding, are golden in the eyes of employers," says Neill Hopkins, vice president of skills development for CompTIA A+ Training.
CompTIA MCITP Certification updated A+ certification will feature two exams - one covers core competencies on technology, and the other focuses on how to apply the skills in specific job environments. For more information on when the current exam will be phased out as well as launch of the new exams, go here.
I won't keep you in suspense. I'll go ahead and name them right here, at the top of my post -- the six free security tools that all IT folks should know about and use. (But, you'll have to click through this nifty mult-page post to let me explain my choices.) And the winners are ... MetaSploit, Splunk, Google (don't laugh -- it's true!), KeePass, Helix and Netwox. Now read on to learn why ...
MetaSploitFree
It has a strange name, but MetaSploit is a very cool development platform that assists information security professionals in creating tools and exploits. Using the framework (its built-in tools), you can conduct penetration tests, verify patch installations and even perform regression testing. Written using Ruby, the current 3.1 version comes with over 450 modules, including 265 remote exploits that can be targeted against various releases of Windows, Linux, BSD, Unix, and the Mac OS. If that isn't enough built-in functionality for your tastes, you can also use MetaSploit to create your own modules or scour around for ones that have already been created.
Overall this is a great tool and in the hands of system administrations it can be put to good use testing your organization’s defenses. However, there are always two-sides to a shiny coin. MetaSploit is also an effective tool for conducting attacks.
Click to enlarge.
MetSploit
For more information see: www.metasploit.com
SplunkFree
I first talked about Splunk when I wrote about the 2008 RSA Conference. Yes, the Security Incident and Event Manager (SIEM) space is crowded. But Splunk is not a SIEM per se. Its approach is slightly different in that it is, like Google, primarily a search engine. As such its developers have focused much of their effort on making Splunk into a good information aggregator for IT-related information and events. So Splunk is different from other SIEMs in that it is able to provide a very good platform for correlation and analysis. From the get go, by some hidden method, Splunk takes in data and provides order where there was once chaos. In my opinion, being able to dynamically figure out different logging structures (provided you can feed Splunk data via a known basis – text primarily) is a very powerful feature which makes this tool a must-have.
Note: Splunk is not open source but you can download it for free under its developer's freeware license.
PasswordSafe - a simpler Open Source alternative to KeePass
By pwsafe-user (not verified) on Thu, 05/22/2008 - 9:06am.
PasswordSafe is another open source password management utility. It's originally from security expert Bruce Schneier's firm, but has since been made open source and actively maintained and improved upon. It's emphasis is on simplicity as well as rock-solid security, and worth a look for those who consider KeePass too daunting.
Password sharing between co-workers
By Joe Schmoe (not verified) on Thu, 05/22/2008 - 6:52pm.
How about a program to securely share passwords between co-workers? I can't tell you how many people use E-mail to communicate/share passwords to just about every system under the sun.
Ideally, the secure password share software should allow a corporation's security officer to see who's sharing what passwords with whom.
Anybody know of a tool like this, free or otherwise?
Thanks,
Joe
Password protecting/sharing
By StaticFlux (not verified) on Tue, 05/27/2008 - 10:59am.
We use: Network Password Manager
check it out at: www.sowsoft.com
Regards,
-Static-
Password Manager Pro
By asdfasdf (not verified) on Fri, 05/30/2008 - 10:31am.
We use Password Manager Pro. http://manageengine.adventnet.com/products/passwordmanagerpro/index.html
It ties into Active Directory and does a good job. It keeps an audit log of password access and allows us to share passwords out to groups of people quickly.
Looks good, but very
By Alexei (not verified) on Sun, 08/17/2008 - 3:14am.
Looks good, but very expensive :(
Password sharing
By Fabio (not verified) on Sun, 06/08/2008 - 2:54pm.
We use Secret Server.
Have a look at
http://www.thycotic.com/products_secretserver_overview.html
Fabio
re: PasswordSafe - a simpler Open Source alternative to KeePass
By CubsFan (not verified) on Wed, 05/28/2008 - 8:56pm.
One thing about KeePass that PasswordSafe can't do is run on Windows Mobile. Along with KeePass, my team keeps disaster recovery and business continuity docs on our phones. Should a disaster strike, each of us has everything needed to get the DR site up and running.
For Mac the best app is Info.xhead...
By Nazzdeq (not verified) on Fri, 05/30/2008 - 9:31pm.
Try info.xhead for Mac....
By Nazzdeq (not verified) on Fri, 05/30/2008 - 10:32pm.
Info.xhead It is not open source, but it is one of the best password/personal data storage for Macs.
Yes passwordsafe is easier i guess
By Security Procedure (not verified) on Sat, 05/31/2008 - 5:33pm.
Yes, i used passwordsafe for maintain my password, easy to used and strong security protection. Highly recommended
The Computing Technology Industry Association (CompTIA) is overhauling its A+ certification to reflect the need for security and soft skills. "IT workers who understand how to use technology to meet business goals, and who can articulate this understanding, are golden in the eyes of employers," says Neill Hopkins, vice president of skills development for CompTIA A+ Training.
CompTIA MCITP Certification updated A+ certification will feature two exams - one covers core competencies on technology, and the other focuses on how to apply the skills in specific job environments. For more information on when the current exam will be phased out as well as launch of the new exams, go here.
I won't keep you in suspense. I'll go ahead and name them right here, at the top of my post -- the six free security tools that all IT folks should know about and use. (But, you'll have to click through this nifty mult-page post to let me explain my choices.) And the winners are ... MetaSploit, Splunk, Google (don't laugh -- it's true!), KeePass, Helix and Netwox. Now read on to learn why ...
MetaSploitFree
It has a strange name, but MetaSploit is a very cool development platform that assists information security professionals in creating tools and exploits. Using the framework (its built-in tools), you can conduct penetration tests, verify patch installations and even perform regression testing. Written using Ruby, the current 3.1 version comes with over 450 modules, including 265 remote exploits that can be targeted against various releases of Windows, Linux, BSD, Unix, and the Mac OS. If that isn't enough built-in functionality for your tastes, you can also use MetaSploit to create your own modules or scour around for ones that have already been created.
Overall this is a great tool and in the hands of system administrations it can be put to good use testing your organization’s defenses. However, there are always two-sides to a shiny coin. MetaSploit is also an effective tool for conducting attacks.
Click to enlarge.
MetSploit
For more information see: www.metasploit.com
SplunkFree
I first talked about Splunk when I wrote about the 2008 RSA Conference. Yes, the Security Incident and Event Manager (SIEM) space is crowded. But Splunk is not a SIEM per se. Its approach is slightly different in that it is, like Google, primarily a search engine. As such its developers have focused much of their effort on making Splunk into a good information aggregator for IT-related information and events. So Splunk is different from other SIEMs in that it is able to provide a very good platform for correlation and analysis. From the get go, by some hidden method, Splunk takes in data and provides order where there was once chaos. In my opinion, being able to dynamically figure out different logging structures (provided you can feed Splunk data via a known basis – text primarily) is a very powerful feature which makes this tool a must-have.
Note: Splunk is not open source but you can download it for free under its developer's freeware license.
PasswordSafe - a simpler Open Source alternative to KeePass
By pwsafe-user (not verified) on Thu, 05/22/2008 - 9:06am.
PasswordSafe is another open source password management utility. It's originally from security expert Bruce Schneier's firm, but has since been made open source and actively maintained and improved upon. It's emphasis is on simplicity as well as rock-solid security, and worth a look for those who consider KeePass too daunting.
Password sharing between co-workers
By Joe Schmoe (not verified) on Thu, 05/22/2008 - 6:52pm.
How about a program to securely share passwords between co-workers? I can't tell you how many people use E-mail to communicate/share passwords to just about every system under the sun.
Ideally, the secure password share software should allow a corporation's security officer to see who's sharing what passwords with whom.
Anybody know of a tool like this, free or otherwise?
Thanks,
Joe
Password protecting/sharing
By StaticFlux (not verified) on Tue, 05/27/2008 - 10:59am.
We use: Network Password Manager
check it out at: www.sowsoft.com
Regards,
-Static-
Password Manager Pro
By asdfasdf (not verified) on Fri, 05/30/2008 - 10:31am.
We use Password Manager Pro. http://manageengine.adventnet.com/products/passwordmanagerpro/index.html
It ties into Active Directory and does a good job. It keeps an audit log of password access and allows us to share passwords out to groups of people quickly.
Looks good, but very
By Alexei (not verified) on Sun, 08/17/2008 - 3:14am.
Looks good, but very expensive :(
Password sharing
By Fabio (not verified) on Sun, 06/08/2008 - 2:54pm.
We use Secret Server.
Have a look at
http://www.thycotic.com/products_secretserver_overview.html
Fabio
re: PasswordSafe - a simpler Open Source alternative to KeePass
By CubsFan (not verified) on Wed, 05/28/2008 - 8:56pm.
One thing about KeePass that PasswordSafe can't do is run on Windows Mobile. Along with KeePass, my team keeps disaster recovery and business continuity docs on our phones. Should a disaster strike, each of us has everything needed to get the DR site up and running.
For Mac the best app is Info.xhead...
By Nazzdeq (not verified) on Fri, 05/30/2008 - 9:31pm.
Try info.xhead for Mac....
By Nazzdeq (not verified) on Fri, 05/30/2008 - 10:32pm.
Info.xhead It is not open source, but it is one of the best password/personal data storage for Macs.
Yes passwordsafe is easier i guess
By Security Procedure (not verified) on Sat, 05/31/2008 - 5:33pm.
Yes, i used passwordsafe for maintain my password, easy to used and strong security protection. Highly recommended
A+ update
A+ update
The Computing Technology Industry Association (CompTIA) is overhauling its A+ certification to reflect the need for security and soft skills. "IT workers who understand how to use technology to meet business goals, and who can articulate this understanding, are golden in the eyes of employers," says Neill Hopkins, vice president of skills development for CompTIA A+ Training.
CompTIA MCITP Certification updated A+ certification will feature two exams - one covers core competencies on technology, and the other focuses on how to apply the skills in specific job environments. For more information on when the current exam will be phased out as well as launch of the new exams, go here.
I won't keep you in suspense. I'll go ahead and name them right here, at the top of my post -- the six free security tools that all IT folks should know about and use. (But, you'll have to click through this nifty mult-page post to let me explain my choices.) And the winners are ... MetaSploit, Splunk, Google (don't laugh -- it's true!), KeePass, Helix and Netwox. Now read on to learn why ...
MetaSploitFree
It has a strange name, but MetaSploit is a very cool development platform that assists information security professionals in creating tools and exploits. Using the framework (its built-in tools), you can conduct penetration tests, verify patch installations and even perform regression testing. Written using Ruby, the current 3.1 version comes with over 450 modules, including 265 remote exploits that can be targeted against various releases of Windows, Linux, BSD, Unix, and the Mac OS. If that isn't enough built-in functionality for your tastes, you can also use MetaSploit to create your own modules or scour around for ones that have already been created.
Overall this is a great tool and in the hands of system administrations it can be put to good use testing your organization’s defenses. However, there are always two-sides to a shiny coin. MetaSploit is also an effective tool for conducting attacks.
Click to enlarge.
MetSploit
For more information see: www.metasploit.com
SplunkFree
I first talked about Splunk when I wrote about the 2008 RSA Conference. Yes, the Security Incident and Event Manager (SIEM) space is crowded. But Splunk is not a SIEM per se. Its approach is slightly different in that it is, like Google, primarily a search engine. As such its developers have focused much of their effort on making Splunk into a good information aggregator for IT-related information and events. So Splunk is different from other SIEMs in that it is able to provide a very good platform for correlation and analysis. From the get go, by some hidden method, Splunk takes in data and provides order where there was once chaos. In my opinion, being able to dynamically figure out different logging structures (provided you can feed Splunk data via a known basis – text primarily) is a very powerful feature which makes this tool a must-have.
Note: Splunk is not open source but you can download it for free under its developer's freeware license.
PasswordSafe - a simpler Open Source alternative to KeePass
By pwsafe-user (not verified) on Thu, 05/22/2008 - 9:06am.
PasswordSafe is another open source password management utility. It's originally from security expert Bruce Schneier's firm, but has since been made open source and actively maintained and improved upon. It's emphasis is on simplicity as well as rock-solid security, and worth a look for those who consider KeePass too daunting.
Password sharing between co-workers
By Joe Schmoe (not verified) on Thu, 05/22/2008 - 6:52pm.
How about a program to securely share passwords between co-workers? I can't tell you how many people use E-mail to communicate/share passwords to just about every system under the sun.
Ideally, the secure password share software should allow a corporation's security officer to see who's sharing what passwords with whom.
Anybody know of a tool like this, free or otherwise?
Thanks,
Joe
Password protecting/sharing
By StaticFlux (not verified) on Tue, 05/27/2008 - 10:59am.
We use: Network Password Manager
check it out at: www.sowsoft.com
Regards,
-Static-
Password Manager Pro
By asdfasdf (not verified) on Fri, 05/30/2008 - 10:31am.
We use Password Manager Pro. http://manageengine.adventnet.com/products/passwordmanagerpro/index.html
It ties into Active Directory and does a good job. It keeps an audit log of password access and allows us to share passwords out to groups of people quickly.
Looks good, but very
By Alexei (not verified) on Sun, 08/17/2008 - 3:14am.
Looks good, but very expensive :(
Password sharing
By Fabio (not verified) on Sun, 06/08/2008 - 2:54pm.
We use Secret Server.
Have a look at
http://www.thycotic.com/products_secretserver_overview.html
Fabio
re: PasswordSafe - a simpler Open Source alternative to KeePass
By CubsFan (not verified) on Wed, 05/28/2008 - 8:56pm.
One thing about KeePass that PasswordSafe can't do is run on Windows Mobile. Along with KeePass, my team keeps disaster recovery and business continuity docs on our phones. Should a disaster strike, each of us has everything needed to get the DR site up and running.
For Mac the best app is Info.xhead...
By Nazzdeq (not verified) on Fri, 05/30/2008 - 9:31pm.
Try info.xhead for Mac....
By Nazzdeq (not verified) on Fri, 05/30/2008 - 10:32pm.
Info.xhead It is not open source, but it is one of the best password/personal data storage for Macs.
Yes passwordsafe is easier i guess
By Security Procedure (not verified) on Sat, 05/31/2008 - 5:33pm.
Yes, i used passwordsafe for maintain my password, easy to used and strong security protection. Highly recommended
The Computing Technology Industry Association (CompTIA) is overhauling its A+ certification to reflect the need for security and soft skills. "IT workers who understand how to use technology to meet business goals, and who can articulate this understanding, are golden in the eyes of employers," says Neill Hopkins, vice president of skills development for CompTIA A+ Training.
CompTIA MCITP Certification updated A+ certification will feature two exams - one covers core competencies on technology, and the other focuses on how to apply the skills in specific job environments. For more information on when the current exam will be phased out as well as launch of the new exams, go here.
I won't keep you in suspense. I'll go ahead and name them right here, at the top of my post -- the six free security tools that all IT folks should know about and use. (But, you'll have to click through this nifty mult-page post to let me explain my choices.) And the winners are ... MetaSploit, Splunk, Google (don't laugh -- it's true!), KeePass, Helix and Netwox. Now read on to learn why ...
MetaSploitFree
It has a strange name, but MetaSploit is a very cool development platform that assists information security professionals in creating tools and exploits. Using the framework (its built-in tools), you can conduct penetration tests, verify patch installations and even perform regression testing. Written using Ruby, the current 3.1 version comes with over 450 modules, including 265 remote exploits that can be targeted against various releases of Windows, Linux, BSD, Unix, and the Mac OS. If that isn't enough built-in functionality for your tastes, you can also use MetaSploit to create your own modules or scour around for ones that have already been created.
Overall this is a great tool and in the hands of system administrations it can be put to good use testing your organization’s defenses. However, there are always two-sides to a shiny coin. MetaSploit is also an effective tool for conducting attacks.
Click to enlarge.
MetSploit
For more information see: www.metasploit.com
SplunkFree
I first talked about Splunk when I wrote about the 2008 RSA Conference. Yes, the Security Incident and Event Manager (SIEM) space is crowded. But Splunk is not a SIEM per se. Its approach is slightly different in that it is, like Google, primarily a search engine. As such its developers have focused much of their effort on making Splunk into a good information aggregator for IT-related information and events. So Splunk is different from other SIEMs in that it is able to provide a very good platform for correlation and analysis. From the get go, by some hidden method, Splunk takes in data and provides order where there was once chaos. In my opinion, being able to dynamically figure out different logging structures (provided you can feed Splunk data via a known basis – text primarily) is a very powerful feature which makes this tool a must-have.
Note: Splunk is not open source but you can download it for free under its developer's freeware license.
PasswordSafe - a simpler Open Source alternative to KeePass
By pwsafe-user (not verified) on Thu, 05/22/2008 - 9:06am.
PasswordSafe is another open source password management utility. It's originally from security expert Bruce Schneier's firm, but has since been made open source and actively maintained and improved upon. It's emphasis is on simplicity as well as rock-solid security, and worth a look for those who consider KeePass too daunting.
Password sharing between co-workers
By Joe Schmoe (not verified) on Thu, 05/22/2008 - 6:52pm.
How about a program to securely share passwords between co-workers? I can't tell you how many people use E-mail to communicate/share passwords to just about every system under the sun.
Ideally, the secure password share software should allow a corporation's security officer to see who's sharing what passwords with whom.
Anybody know of a tool like this, free or otherwise?
Thanks,
Joe
Password protecting/sharing
By StaticFlux (not verified) on Tue, 05/27/2008 - 10:59am.
We use: Network Password Manager
check it out at: www.sowsoft.com
Regards,
-Static-
Password Manager Pro
By asdfasdf (not verified) on Fri, 05/30/2008 - 10:31am.
We use Password Manager Pro. http://manageengine.adventnet.com/products/passwordmanagerpro/index.html
It ties into Active Directory and does a good job. It keeps an audit log of password access and allows us to share passwords out to groups of people quickly.
Looks good, but very
By Alexei (not verified) on Sun, 08/17/2008 - 3:14am.
Looks good, but very expensive :(
Password sharing
By Fabio (not verified) on Sun, 06/08/2008 - 2:54pm.
We use Secret Server.
Have a look at
http://www.thycotic.com/products_secretserver_overview.html
Fabio
re: PasswordSafe - a simpler Open Source alternative to KeePass
By CubsFan (not verified) on Wed, 05/28/2008 - 8:56pm.
One thing about KeePass that PasswordSafe can't do is run on Windows Mobile. Along with KeePass, my team keeps disaster recovery and business continuity docs on our phones. Should a disaster strike, each of us has everything needed to get the DR site up and running.
For Mac the best app is Info.xhead...
By Nazzdeq (not verified) on Fri, 05/30/2008 - 9:31pm.
Try info.xhead for Mac....
By Nazzdeq (not verified) on Fri, 05/30/2008 - 10:32pm.
Info.xhead It is not open source, but it is one of the best password/personal data storage for Macs.
Yes passwordsafe is easier i guess
By Security Procedure (not verified) on Sat, 05/31/2008 - 5:33pm.
Yes, i used passwordsafe for maintain my password, easy to used and strong security protection. Highly recommended
Monday, August 9, 2010
10 best IT jobs right now
10 best IT jobs right now
IT professionals looking to find new employment or upgrade their current positions should investigate job opportunities that address growing demand for technologies such as virtualization, cloud, network security and social computing skills.
20 most useful career sites for IT professionals
The Guide to IT Search: Download now
Industry watchers report that while an economic recovery won't guarantee that IT jobs return to pre-recession levels, increased interest in emerging and existing technologies will drive internal training and external hiring decisions.
"IT staffing got hit in 2009, but it didn't get decimated they way it did back in 2002. Companies were renegotiating contracts, freezing salaries and delaying projects, so this year we won't see a flood of IT employment back," says Mark McDonald, group vice president and head of research, Gartner Executive Programs. "But we will see a skills shift from IT personnel that operates only in the old, slow expensive ways to IT pros that can adopt agile methods. There will continue to be opportunities in analytics, for people who understand lean IT, Six Sigma, business processes and improvements -- it's going to be about information, connectivity and collaboration."
Here we examine 10 IT job titles that could gain traction in 2010 as new technology demands require evolving IT skills.
1. Security specialist/ethical hacker
Disturbing new facts and figures appear almost daily about companies falling victim to hackers and experiencing security and/or data breaches. That won't change in 2010 and IT training and employment industry specialists report that interest in acquiring new security skills continues to grow among IT pros and hiring managers who seek the latest skill sets to better secure their environments.
"If you know how to keep your company's data secure, you were in demand yesterday, are in demand today and will be in demand tomorrow," Tom Silver, senior vice president with Dice.com, said in a recent interview with Network World.
The Computing Technology Industry Association, or CompTIA, in late 2009 polled some 1,537 high-tech workers and found 37% intend to pursue a security certification over the next five years. Separately, nearly 20% indicated they would seek ethical hacking certification over the same time period. And another 13% pinpointed forensics as the next certification goal in their career development.
"When you add the results, you will see that about two-thirds of IT workers intend to add some type of security certification to their portfolio," said Terry Erdle, senior vice president of skills certifications at CompTIA, in an earlier Network World interview. "This trend is driven by two factors: one, security issues are pervasive, and two, more and more people are moving to managed services and software-as-a-service models, which involves more complex networking. That level of non-enterprise data center computing has people looking more closely at their security infrastructure."
2. Virtual systems manager
While many systems managers might not yet have the word "virtual" officially in their titles, it is just a matter of time, according to industry experts.
"Virtualization and automation technologies are directly related to the cloud. Virtual servers comprise the computing environment and automation is responsible for the cloud being monitoring, management, secured and made compliant," says Andi Mann, research director at Enterprise Management Associates. "Virtualization is fundamentally mainstream now, and there is a lot of activity around virtual systems management."
Like high-tech vendors, IT pros will have to incorporate virtual systems knowledge into their repertoire in order to compete for open positions in 2010. Virtualization not only impacts current data center plans, but also future cloud computing efforts and while companies look to adopt such technologies, they will expect staff to be versed in the tools required to support new environments.
"We get several calls per week around SaaS, cloud and virtual skills that companies want guidance on, considering we are the vendor-neutral party," CompTIA's Erdle explained in late 2009. "CompTIA is working now on building certifications programs to release in 2010 and get in front of this growing demand."
3. Capacity manager
Companies that don't properly prepare for needed resources could lose money or fail to respond to business needs. That's why industry watchers from Forrester Research and Gartner have tagged capacity planning skills as in demand, especially considering the down economy.
Forrester says the role of capacity manager will be in demand for companies looking to optimize resources and accurately assign financial values to technology resources.
"Due to the current economic environment, downsizing (or rightsizing) of infrastructure, resources and capabilities is a top priority for IT," Forrester Senior Analyst Evelyn Hubbert stated in the Forrester Research report "Role Overview: Capacity Manager."
Gartner identifies a similar skill set in its IT resource planning position. By combining the tenets of capacity planning with financial management as well as usage and service measurement, IT resource planning experts will help IT departments understand how services and resources are consumed. This knowledge will help IT respond to business demands quickly.
"Capacity planning today is all about trying to ensure that you have enough capacity and memory cycles to meet workload demand. But virtualization causes new variables to be taken into consideration, and power consumption is just one among many," said Cameron Haight, research vice president at Gartner, in an interview with Network World. "For IT resource planning (ITRP) there are several more elements to consider and the process must become much more strategic within an enterprise."
4. Network engineer
As retro as it may sound, network know-how won't go out of style in 2010. According to Gartner, interest in networking, voice and data communications technologies increased for 2010, meaning skills in that high-tech area will also be in demand.
"The future of IT and enhanced competitive advantage requires social interactions and greater collaboration and that is why the importance of the network continues to grow," Gartner's McDonald says. "Even though revenue was down in 2009, CIOs reported that transaction volumes and communications requirements continued to grow, making it imperative to focus on network technologies."
Comptia A+ Training and Comptia A+ certification
IT professionals looking to find new employment or upgrade their current positions should investigate job opportunities that address growing demand for technologies such as virtualization, cloud, network security and social computing skills.
20 most useful career sites for IT professionals
The Guide to IT Search: Download now
Industry watchers report that while an economic recovery won't guarantee that IT jobs return to pre-recession levels, increased interest in emerging and existing technologies will drive internal training and external hiring decisions.
"IT staffing got hit in 2009, but it didn't get decimated they way it did back in 2002. Companies were renegotiating contracts, freezing salaries and delaying projects, so this year we won't see a flood of IT employment back," says Mark McDonald, group vice president and head of research, Gartner Executive Programs. "But we will see a skills shift from IT personnel that operates only in the old, slow expensive ways to IT pros that can adopt agile methods. There will continue to be opportunities in analytics, for people who understand lean IT, Six Sigma, business processes and improvements -- it's going to be about information, connectivity and collaboration."
Here we examine 10 IT job titles that could gain traction in 2010 as new technology demands require evolving IT skills.
1. Security specialist/ethical hacker
Disturbing new facts and figures appear almost daily about companies falling victim to hackers and experiencing security and/or data breaches. That won't change in 2010 and IT training and employment industry specialists report that interest in acquiring new security skills continues to grow among IT pros and hiring managers who seek the latest skill sets to better secure their environments.
"If you know how to keep your company's data secure, you were in demand yesterday, are in demand today and will be in demand tomorrow," Tom Silver, senior vice president with Dice.com, said in a recent interview with Network World.
The Computing Technology Industry Association, or CompTIA, in late 2009 polled some 1,537 high-tech workers and found 37% intend to pursue a security certification over the next five years. Separately, nearly 20% indicated they would seek ethical hacking certification over the same time period. And another 13% pinpointed forensics as the next certification goal in their career development.
"When you add the results, you will see that about two-thirds of IT workers intend to add some type of security certification to their portfolio," said Terry Erdle, senior vice president of skills certifications at CompTIA, in an earlier Network World interview. "This trend is driven by two factors: one, security issues are pervasive, and two, more and more people are moving to managed services and software-as-a-service models, which involves more complex networking. That level of non-enterprise data center computing has people looking more closely at their security infrastructure."
2. Virtual systems manager
While many systems managers might not yet have the word "virtual" officially in their titles, it is just a matter of time, according to industry experts.
"Virtualization and automation technologies are directly related to the cloud. Virtual servers comprise the computing environment and automation is responsible for the cloud being monitoring, management, secured and made compliant," says Andi Mann, research director at Enterprise Management Associates. "Virtualization is fundamentally mainstream now, and there is a lot of activity around virtual systems management."
Like high-tech vendors, IT pros will have to incorporate virtual systems knowledge into their repertoire in order to compete for open positions in 2010. Virtualization not only impacts current data center plans, but also future cloud computing efforts and while companies look to adopt such technologies, they will expect staff to be versed in the tools required to support new environments.
"We get several calls per week around SaaS, cloud and virtual skills that companies want guidance on, considering we are the vendor-neutral party," CompTIA's Erdle explained in late 2009. "CompTIA is working now on building certifications programs to release in 2010 and get in front of this growing demand."
3. Capacity manager
Companies that don't properly prepare for needed resources could lose money or fail to respond to business needs. That's why industry watchers from Forrester Research and Gartner have tagged capacity planning skills as in demand, especially considering the down economy.
Forrester says the role of capacity manager will be in demand for companies looking to optimize resources and accurately assign financial values to technology resources.
"Due to the current economic environment, downsizing (or rightsizing) of infrastructure, resources and capabilities is a top priority for IT," Forrester Senior Analyst Evelyn Hubbert stated in the Forrester Research report "Role Overview: Capacity Manager."
Gartner identifies a similar skill set in its IT resource planning position. By combining the tenets of capacity planning with financial management as well as usage and service measurement, IT resource planning experts will help IT departments understand how services and resources are consumed. This knowledge will help IT respond to business demands quickly.
"Capacity planning today is all about trying to ensure that you have enough capacity and memory cycles to meet workload demand. But virtualization causes new variables to be taken into consideration, and power consumption is just one among many," said Cameron Haight, research vice president at Gartner, in an interview with Network World. "For IT resource planning (ITRP) there are several more elements to consider and the process must become much more strategic within an enterprise."
4. Network engineer
As retro as it may sound, network know-how won't go out of style in 2010. According to Gartner, interest in networking, voice and data communications technologies increased for 2010, meaning skills in that high-tech area will also be in demand.
"The future of IT and enhanced competitive advantage requires social interactions and greater collaboration and that is why the importance of the network continues to grow," Gartner's McDonald says. "Even though revenue was down in 2009, CIOs reported that transaction volumes and communications requirements continued to grow, making it imperative to focus on network technologies."
Comptia A+ Training and Comptia A+ certification
10 best IT jobs right now
10 best IT jobs right now
IT professionals looking to find new employment or upgrade their current positions should investigate job opportunities that address growing demand for technologies such as virtualization, cloud, network security and social computing skills.
20 most useful career sites for IT professionals
The Guide to IT Search: Download now
Industry watchers report that while an economic recovery won't guarantee that IT jobs return to pre-recession levels, increased interest in emerging and existing technologies will drive internal training and external hiring decisions.
"IT staffing got hit in 2009, but it didn't get decimated they way it did back in 2002. Companies were renegotiating contracts, freezing salaries and delaying projects, so this year we won't see a flood of IT employment back," says Mark McDonald, group vice president and head of research, Gartner Executive Programs. "But we will see a skills shift from IT personnel that operates only in the old, slow expensive ways to IT pros that can adopt agile methods. There will continue to be opportunities in analytics, for people who understand lean IT, Six Sigma, business processes and improvements -- it's going to be about information, connectivity and collaboration."
Here we examine 10 IT job titles that could gain traction in 2010 as new technology demands require evolving IT skills.
1. Security specialist/ethical hacker
Disturbing new facts and figures appear almost daily about companies falling victim to hackers and experiencing security and/or data breaches. That won't change in 2010 and IT training and employment industry specialists report that interest in acquiring new security skills continues to grow among IT pros and hiring managers who seek the latest skill sets to better secure their environments.
"If you know how to keep your company's data secure, you were in demand yesterday, are in demand today and will be in demand tomorrow," Tom Silver, senior vice president with Dice.com, said in a recent interview with Network World.
The Computing Technology Industry Association, or CompTIA, in late 2009 polled some 1,537 high-tech workers and found 37% intend to pursue a security certification over the next five years. Separately, nearly 20% indicated they would seek ethical hacking certification over the same time period. And another 13% pinpointed forensics as the next certification goal in their career development.
"When you add the results, you will see that about two-thirds of IT workers intend to add some type of security certification to their portfolio," said Terry Erdle, senior vice president of skills certifications at CompTIA, in an earlier Network World interview. "This trend is driven by two factors: one, security issues are pervasive, and two, more and more people are moving to managed services and software-as-a-service models, which involves more complex networking. That level of non-enterprise data center computing has people looking more closely at their security infrastructure."
2. Virtual systems manager
While many systems managers might not yet have the word "virtual" officially in their titles, it is just a matter of time, according to industry experts.
"Virtualization and automation technologies are directly related to the cloud. Virtual servers comprise the computing environment and automation is responsible for the cloud being monitoring, management, secured and made compliant," says Andi Mann, research director at Enterprise Management Associates. "Virtualization is fundamentally mainstream now, and there is a lot of activity around virtual systems management."
Like high-tech vendors, IT pros will have to incorporate virtual systems knowledge into their repertoire in order to compete for open positions in 2010. Virtualization not only impacts current data center plans, but also future cloud computing efforts and while companies look to adopt such technologies, they will expect staff to be versed in the tools required to support new environments.
"We get several calls per week around SaaS, cloud and virtual skills that companies want guidance on, considering we are the vendor-neutral party," CompTIA's Erdle explained in late 2009. "CompTIA is working now on building certifications programs to release in 2010 and get in front of this growing demand."
3. Capacity manager
Companies that don't properly prepare for needed resources could lose money or fail to respond to business needs. That's why industry watchers from Forrester Research and Gartner have tagged capacity planning skills as in demand, especially considering the down economy.
Forrester says the role of capacity manager will be in demand for companies looking to optimize resources and accurately assign financial values to technology resources.
"Due to the current economic environment, downsizing (or rightsizing) of infrastructure, resources and capabilities is a top priority for IT," Forrester Senior Analyst Evelyn Hubbert stated in the Forrester Research report "Role Overview: Capacity Manager."
Gartner identifies a similar skill set in its IT resource planning position. By combining the tenets of capacity planning with financial management as well as usage and service measurement, IT resource planning experts will help IT departments understand how services and resources are consumed. This knowledge will help IT respond to business demands quickly.
"Capacity planning today is all about trying to ensure that you have enough capacity and memory cycles to meet workload demand. But virtualization causes new variables to be taken into consideration, and power consumption is just one among many," said Cameron Haight, research vice president at Gartner, in an interview with Network World. "For IT resource planning (ITRP) there are several more elements to consider and the process must become much more strategic within an enterprise."
4. Network engineer
As retro as it may sound, network know-how won't go out of style in 2010. According to Gartner, interest in networking, voice and data communications technologies increased for 2010, meaning skills in that high-tech area will also be in demand.
"The future of IT and enhanced competitive advantage requires social interactions and greater collaboration and that is why the importance of the network continues to grow," Gartner's McDonald says. "Even though revenue was down in 2009, CIOs reported that transaction volumes and communications requirements continued to grow, making it imperative to focus on network technologies."
Comptia A+ Training and Comptia A+ certification
IT professionals looking to find new employment or upgrade their current positions should investigate job opportunities that address growing demand for technologies such as virtualization, cloud, network security and social computing skills.
20 most useful career sites for IT professionals
The Guide to IT Search: Download now
Industry watchers report that while an economic recovery won't guarantee that IT jobs return to pre-recession levels, increased interest in emerging and existing technologies will drive internal training and external hiring decisions.
"IT staffing got hit in 2009, but it didn't get decimated they way it did back in 2002. Companies were renegotiating contracts, freezing salaries and delaying projects, so this year we won't see a flood of IT employment back," says Mark McDonald, group vice president and head of research, Gartner Executive Programs. "But we will see a skills shift from IT personnel that operates only in the old, slow expensive ways to IT pros that can adopt agile methods. There will continue to be opportunities in analytics, for people who understand lean IT, Six Sigma, business processes and improvements -- it's going to be about information, connectivity and collaboration."
Here we examine 10 IT job titles that could gain traction in 2010 as new technology demands require evolving IT skills.
1. Security specialist/ethical hacker
Disturbing new facts and figures appear almost daily about companies falling victim to hackers and experiencing security and/or data breaches. That won't change in 2010 and IT training and employment industry specialists report that interest in acquiring new security skills continues to grow among IT pros and hiring managers who seek the latest skill sets to better secure their environments.
"If you know how to keep your company's data secure, you were in demand yesterday, are in demand today and will be in demand tomorrow," Tom Silver, senior vice president with Dice.com, said in a recent interview with Network World.
The Computing Technology Industry Association, or CompTIA, in late 2009 polled some 1,537 high-tech workers and found 37% intend to pursue a security certification over the next five years. Separately, nearly 20% indicated they would seek ethical hacking certification over the same time period. And another 13% pinpointed forensics as the next certification goal in their career development.
"When you add the results, you will see that about two-thirds of IT workers intend to add some type of security certification to their portfolio," said Terry Erdle, senior vice president of skills certifications at CompTIA, in an earlier Network World interview. "This trend is driven by two factors: one, security issues are pervasive, and two, more and more people are moving to managed services and software-as-a-service models, which involves more complex networking. That level of non-enterprise data center computing has people looking more closely at their security infrastructure."
2. Virtual systems manager
While many systems managers might not yet have the word "virtual" officially in their titles, it is just a matter of time, according to industry experts.
"Virtualization and automation technologies are directly related to the cloud. Virtual servers comprise the computing environment and automation is responsible for the cloud being monitoring, management, secured and made compliant," says Andi Mann, research director at Enterprise Management Associates. "Virtualization is fundamentally mainstream now, and there is a lot of activity around virtual systems management."
Like high-tech vendors, IT pros will have to incorporate virtual systems knowledge into their repertoire in order to compete for open positions in 2010. Virtualization not only impacts current data center plans, but also future cloud computing efforts and while companies look to adopt such technologies, they will expect staff to be versed in the tools required to support new environments.
"We get several calls per week around SaaS, cloud and virtual skills that companies want guidance on, considering we are the vendor-neutral party," CompTIA's Erdle explained in late 2009. "CompTIA is working now on building certifications programs to release in 2010 and get in front of this growing demand."
3. Capacity manager
Companies that don't properly prepare for needed resources could lose money or fail to respond to business needs. That's why industry watchers from Forrester Research and Gartner have tagged capacity planning skills as in demand, especially considering the down economy.
Forrester says the role of capacity manager will be in demand for companies looking to optimize resources and accurately assign financial values to technology resources.
"Due to the current economic environment, downsizing (or rightsizing) of infrastructure, resources and capabilities is a top priority for IT," Forrester Senior Analyst Evelyn Hubbert stated in the Forrester Research report "Role Overview: Capacity Manager."
Gartner identifies a similar skill set in its IT resource planning position. By combining the tenets of capacity planning with financial management as well as usage and service measurement, IT resource planning experts will help IT departments understand how services and resources are consumed. This knowledge will help IT respond to business demands quickly.
"Capacity planning today is all about trying to ensure that you have enough capacity and memory cycles to meet workload demand. But virtualization causes new variables to be taken into consideration, and power consumption is just one among many," said Cameron Haight, research vice president at Gartner, in an interview with Network World. "For IT resource planning (ITRP) there are several more elements to consider and the process must become much more strategic within an enterprise."
4. Network engineer
As retro as it may sound, network know-how won't go out of style in 2010. According to Gartner, interest in networking, voice and data communications technologies increased for 2010, meaning skills in that high-tech area will also be in demand.
"The future of IT and enhanced competitive advantage requires social interactions and greater collaboration and that is why the importance of the network continues to grow," Gartner's McDonald says. "Even though revenue was down in 2009, CIOs reported that transaction volumes and communications requirements continued to grow, making it imperative to focus on network technologies."
Comptia A+ Training and Comptia A+ certification
Monday, August 2, 2010
New books from Cisco Microsoft CompTIA RFID cert Cisco Binary Game
New books from Cisco Microsoft CompTIA RFID cert Cisco Binary Game
Today, we have a round-up of networking book releases and certification news that should be of interest to you.
First, James Macfarlane has released an entry-level book on routing. A networking course instructor, Macfarlane said he wrote the book entitled, "Networking Routing Basics: Understanding IP Routing in Cisco Systems", because he found little that gave enough of a thorough treatment to the topic.
A Green Architectural Strategy That Puts IT in the Black: Download now
The book was researched and written over three years and begins with a review of core networking. It discusses how routing works and explains static and dynamic routing. Among the routing protocols covered include the legacy RIP and IGRP protocols and the current EIGRP and OSPF protocols for large networks. It also briefly discusses Border Gateway Protocol.
Also new this month are three books from Cisco Press:
* "CCNA Official Exam Certification Library, Second Edition", featuring a series of short instructional videos that demonstrate how to accomplish various CCNA-level configuration tasks on Cisco routers and switches.
* "Storage Networking Protocol Fundamentals", which introduces network administrators to the requirements of storage protocols and compares and contrasts the basic functionality of Ethernet IP and Fibre Channel.
* "Advanced Host Intrusion Prevention with CSA", which explains the features and functions of Cisco Security Agent.
Microsoft MCTS Training Press has also recently released three books that could be of interest to networking pros preparing for Microsoft certification exams:
* "MCSE Self-Paced Training Kit (Exam 70-294): Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure"
* "MCSA/MCSE Self-Paced Training Kit (Exam 70-291): Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Second Edition"
* "MCSE Self-Paced Training Kit (Exams 70-290, 70-291, 70-293, 70-294): Microsoft Windows Server 2003 Core Requirements, Second Edition"
In certification news, CompTIA A+ Training has launched the worldwide availability of its RFID+ certification. Among the skills the certification exam will test are installation, configuration and maintenance of RFID hardware and device software, site surveys and site analysis, and tag selection, placement and tsting. The certification is intended for professionals with a minimum of six to 24 months of experience in RFID or related data collection technologies.
CompTIA says it launched the certification to address what businesses see as an insufficient "pool of talent" in RFID technology from which to hire. According to a CompTIA A+ Certification survey of 500 North American organizations, just over half said they either completed RFID implementations or plan to do so in the next 12 months. The most aggressive adoption of RFID is planned in the automotive industry, followed by consumer goods and the transportation and logistics sector. A quick search for RFID jobs on the Indeed job search aggregator (which you can access from NetworkWorld.com) netted almost 900 jobs in the country.
Finally, who says exams aren't full of fun and games? Cisco has added the Binary Game to its Cisco Certified Network Associate Prep Center. According to Cisco, the game teaches strategies related to the binary system, a foundation knowledge used by CCNAs to install, configure and operate networks. While playing the binary game, rows of 1s and 0s appear from the bottom of the screen. The player clicks the 1s and 0s to create binary numbers, and earns points when answering correctly, the company says. The challenge starts when rows begin to appear faster and faster. As players achieve higher sores and advanced levels, they begin to recognize patterns and develop conversion strategies, Cisco explains.
Today, we have a round-up of networking book releases and certification news that should be of interest to you.
First, James Macfarlane has released an entry-level book on routing. A networking course instructor, Macfarlane said he wrote the book entitled, "Networking Routing Basics: Understanding IP Routing in Cisco Systems", because he found little that gave enough of a thorough treatment to the topic.
A Green Architectural Strategy That Puts IT in the Black: Download now
The book was researched and written over three years and begins with a review of core networking. It discusses how routing works and explains static and dynamic routing. Among the routing protocols covered include the legacy RIP and IGRP protocols and the current EIGRP and OSPF protocols for large networks. It also briefly discusses Border Gateway Protocol.
Also new this month are three books from Cisco Press:
* "CCNA Official Exam Certification Library, Second Edition", featuring a series of short instructional videos that demonstrate how to accomplish various CCNA-level configuration tasks on Cisco routers and switches.
* "Storage Networking Protocol Fundamentals", which introduces network administrators to the requirements of storage protocols and compares and contrasts the basic functionality of Ethernet IP and Fibre Channel.
* "Advanced Host Intrusion Prevention with CSA", which explains the features and functions of Cisco Security Agent.
Microsoft MCTS Training Press has also recently released three books that could be of interest to networking pros preparing for Microsoft certification exams:
* "MCSE Self-Paced Training Kit (Exam 70-294): Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure"
* "MCSA/MCSE Self-Paced Training Kit (Exam 70-291): Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Second Edition"
* "MCSE Self-Paced Training Kit (Exams 70-290, 70-291, 70-293, 70-294): Microsoft Windows Server 2003 Core Requirements, Second Edition"
In certification news, CompTIA A+ Training has launched the worldwide availability of its RFID+ certification. Among the skills the certification exam will test are installation, configuration and maintenance of RFID hardware and device software, site surveys and site analysis, and tag selection, placement and tsting. The certification is intended for professionals with a minimum of six to 24 months of experience in RFID or related data collection technologies.
CompTIA says it launched the certification to address what businesses see as an insufficient "pool of talent" in RFID technology from which to hire. According to a CompTIA A+ Certification survey of 500 North American organizations, just over half said they either completed RFID implementations or plan to do so in the next 12 months. The most aggressive adoption of RFID is planned in the automotive industry, followed by consumer goods and the transportation and logistics sector. A quick search for RFID jobs on the Indeed job search aggregator (which you can access from NetworkWorld.com) netted almost 900 jobs in the country.
Finally, who says exams aren't full of fun and games? Cisco has added the Binary Game to its Cisco Certified Network Associate Prep Center. According to Cisco, the game teaches strategies related to the binary system, a foundation knowledge used by CCNAs to install, configure and operate networks. While playing the binary game, rows of 1s and 0s appear from the bottom of the screen. The player clicks the 1s and 0s to create binary numbers, and earns points when answering correctly, the company says. The challenge starts when rows begin to appear faster and faster. As players achieve higher sores and advanced levels, they begin to recognize patterns and develop conversion strategies, Cisco explains.
Subscribe to:
Comments (Atom)