Network vulnerabilities

* Interception: Data that is being transmitted over the network is vulnerable to being intercepted by an unintended third party who could put the data to harmful use.

* Availability: Networks have become wide-spanning, crossing hundreds or thousands of miles which many rely on to access company information, and lost connectivity could cause business interruption.

* Access/entry point: Networks are vulnerable to unwanted access. A weak point in the network can make that information available to intruders. It can also provide an entry point for viruses and Trojan horses.

Controls

*Interception controls: Interception can be partially deterred by physical access controls at data centers and offices, including where communication links terminate and where the network wiring and distributions are located. Encryption also helps to secure wireless networks.

*Availability controls: The best control for this is to have excellent network architecture and monitoring. The network should have redundant paths between every resource and an access point and automatic routing to switch the traffic to the available path without loss of data or time.

*Access/entry point controls: Most network controls are put at the point where the network connects with external network. These controls limit the traffic that pass through the network. These can include firewalls, intrusion detection systems, and antivirus software.

The auditor should ask certain questions to better understand the network and its vulnerabilities. The auditor should first assess what the extent of the network is and how it is structured. A network diagram can assist the auditor in this process. The next question an auditor should ask is what critical information this network must protect. Things such as enterprise systems, mail servers, web servers, and host applications accessed by customers are typically areas of focus. It is also important to know who has access and to what parts. Do customers and vendors have access to systems on the network? Can employees access information from home? Lastly the auditor should assess how the network is connected to external networks and how it is protected. Most networks are at least connected to the internet, which could be a point of vulnerability. These are critical questions in protecting networks.

Encryption and IT audit

In assessing the need for a client to implement encryption policies for their organization, the Auditor should conduct an analysis of the client’s risk and data value. Companies with multiple external users, e-commerce applications, and sensitive customer/employee information should maintain rigid encryption policies aimed at encrypting the correct data at the appropriate stage in the data collection process.

Auditors should continually evaluate their client’s encryption policies and procedures. Companies that are heavily reliant on e-commerce systems and wireless networks are extremely vulnerable to the theft and loss of critical information in transmission. Policies and procedures should be documented and carried out to ensure that all transmitted data is protected. Companies can base their policies on the Control Objectives for Information and related Technology (COBIT) guidelines established by the IT Governance Institute (ITGI) and Information Systems Audit and Control Association (ISACA). The IT auditor should be adequately informed about COBIT guidelines.

The auditor should verify that management has controls in place over the data encryption management process. Access to keys should require dual control, keys should be composed of two separate components and should be maintained on a computer that is not accessible to programmers or outside users. Furthermore, management should attest that encryption policies ensure data protection at the desired level and verify that the cost of encrypting the data does not exceed the value of the information itself. All data that is required to be maintained for an extensive amount of time should be encrypted and transported to a remote location. Procedures should be in place to guarantee that all encrypted sensitive information arrives at its location and is stored properly. Finally the auditor should attain verification from management that the encryption system is strong, not attackable and compliant with all local and international laws and regulations.

Logical security audit

The first step in an audit of any system is to seek to understand its components and its structure. When auditing logical security the auditor should investigate what security controls are in place, and how they work. In particular, the following areas are key points in auditing logical security:

*Passwords: Every company should have written policies regarding passwords, and employee’s use of them. Passwords should not be shared and employees should have mandatory scheduled changes. Employees should have user rights that are in line with their job functions. They should also be aware of proper log on/ log off procedures. Also helpful are security tokens, small devices that authorized users of computer programs or networks carry to assist in identity confirmation. They can also store cryptographic keys and biometric data. The most popular type of security token (RSA’s SecurID) displays a number which changes every minute. Users are authenticated by entering a personal identification number and the number on the token.

*Termination Procedures: Proper termination procedures so that old employees can no longer access the network. This can be done by changing passwords and codes. Also, all id cards and badges that are in circulation should be documented and accounted for.

*Special User Accounts: Special User Accounts and other privileged accounts should be monitored and have proper controls in place.

*Remote Access: Remote access is often a point where intruders can enter a system. The logical security tools used for remote access should be very strict. Remote access should be logged.

Specific tools used in network security

Network security is achieved by various tools including firewalls and proxy servers, encryption, logical security and access controls, anti-virus software, and auditing systems such as log management.

Firewalls are a very basic part of network security. They are often placed between the private local network and the internet. Firewalls provide a flow through for traffic in which it can be authenticated, monitored, logged, and reported. Some different types of firewalls include: network layer firewalls, screened subnet firewalls, packet filter firewalls, dynamic packet filtering firewalls, hybrid firewalls, transparent firewalls, and application-level firewalls.

The process of encryption involves converting plain text into a series of unreadable characters known as the ciphertext. If the encrypted text is stolen or attained while in transit, the content is unreadable to the viewer. This guarantees secure transmission and is extremely useful to companies sending/receiving critical information. Once encrypted information arrives at its intended recipient, the decryption process is deployed to restore the ciphertext back to plaintext.

Proxy servers hide the true address of the client workstation and can also act as a firewall. Proxy server firewalls have special software to enforce authentication. Proxy server firewalls act as a middle man for user requests.

Antivirus software programs such as McAfee and Symantec software locate and dispose of malicious content. These virus protection programs run live updates to ensure they have the latest information about known computer viruses.

Logical security includes software safeguards for an organization’s systems, including user ID and password access, authentication, access rights and authority levels. These measures are to ensure that only authorized users are able to perform actions or access information in a network or a workstation.

Auditing systems, track and record what happens over an organization’s network. Log Management solutions are often used to centrally collect audit trails from heterogeneous systems for analysis and forensics. Log management is excellent for tracking and identifying unauthorized users that might be trying to access the network, and what authorized users have been accessing in the network and changes to user authorities. Software that record and index user activities within window sessions such as ObserveIT provide comprehensive audit trail of user activities when connected remotely through terminal services, Citrix and other remote access software.

According to a 2006 survey of 3243 Nmap users by Insecure.Org, Nessus, Wireshark, and Snort were some top-rated network security tools. According to the same survey, the BackTrack Live CD is the top rated information security auditing and penetration testing distribution. Nessus is a remote security scanner that performs over 1200 security checks for Linux, BSD, and Solaris. Wireshark analyzes network protocol for Unix and Windows, and Snort is an intrusion detection system that also supports Microsoft Windows. Nessus, Wireshark, and Snort are free. Some other popular products for network security include OmniGuard, Guardian, and LANGuard. Omniguard is a firewall, as is Guardian which also provides virus protection. LANGuard provides network auditing, intrusion detection, and network management. For log management, solutions from vendors such as SenSage and others are the choice for government agencies and highly regulated industries.

Adapted from the Wikipedia article Information security audit, under the G. N. U. Free Documentation License. Please also see http://en.wikipedia.org/wiki

No related posts.

As the name implies, Edge computing pushes applications, data and computing power (services) away from centralized points to the logical extremes of a network. Edge computing replicates fragments of information across distributed networks of web servers, which may be vast and include many networks. As a topological paradigm, Edge computing is also referred to as mesh computing, peer-to-peer computing, autonomic computing, grid computing, and other names implying non-centralized, nodeless availability.

To ensure acceptable performance of widely-dispersed distributed services, large organizations typically implement Edge computing by deploying Web server farms with clustering. Previously available only to very large corporate and government organizations, technology advancement and cost reduction for large-scale implementations have made the technology available to small and medium-sized business.

The target end-user is any Internet client making use of commercial Internet application services.

Edge computing imposes certain limitations on the choices of technology platforms, applications or services, all of which need to be specifically developed or configured for edge computing.

Edge computing has many advantages:

# Edge application services significantly decrease the data volume that must be moved, the consequent traffic, and the distance the data must go, thereby reducing transmission costs, shrinking latency, and improving quality of service (QoS).

# Edge computing eliminates, or at least de-emphasizes, the core computing environment, limiting or removing a major bottleneck and a potential point of failure.

# Security is also improved as encrypted data moves further in, toward the network core. As it approaches the enterprise, the data is checked as it passes through protected firewalls and other security points, where viruses, compromised data, and active hackers can be caught early on.

# Finally, the ability to “virtualize” (i.e., logically group CPU capabilities on an as-needed, real-time basis) extends scalability. The Edge computing market is generally based on a “charge for network services” model, and it could be argued that typical customers for Edge services are organizations desiring linear scale of business application performance to the growth of, e.g., a subscriber base.

Grid computing

Edge computing and Grid computing are related. Whereas Grid computing would be hardcoded into a specific application to distribute its complex and resource intensive computational needs across a global grid of cheap networked machines, Edge computing provides a generic template facility for any type of application to spread its execution across a dedicated grid of prepared expensive machines.

==Companies providing edge computing services

*Akamai Technologies

*Limelight Networks

*EdgeCast Networks

Category:Network performance

Category:Distributed computing architecture
Adapted from the Wikipedia article Edge computing, under the G. N. U. Free Documentation License. Please also see http://en.wikipedia.org/wiki

No related posts.

Barracuda Networks, Inc. is a privately held company providing security, networking and storage solutions based on appliances and cloud services. The company’s security products include solutions for protection against email, web surfing, web hackers and instant messaging threats such as spam, spyware, trojans, and viruses. The company’s networking and storage solutions include web filtering, load balancing, application delivery controllers, message archiving, NG firewalls, backup services and data protection.

Barracuda Networks was established in 2003 and introduced the Barracuda Spam and Virus Firewall. In 2007 the company moved its headquarters to Campbell, California, and opened an office in Ann Arbor, Michigan.

In January 2006, it closed its first outside investment of $40 million from Sequoia Capital and Francisco Partners. Sequoia Capital had previously provided financing to Cisco Systems, Google, Netscreen, and Yahoo!.

On January 29, 2008, Barracuda Networks was sued by Trend Micro over their use of the open source anti-virus software Clam AntiVirus, which Trend Micro claimed to be in violation of their patent on ‘anti-virus detection on an SMTP or FTP gateway’. In addition to providing samples of prior art in an effort to render Trend Micro’s patent invalid, in July 2008 Barracuda launched a countersuit against Trend Micro claiming Trend Micro violated several antivirus patents Barracuda Networks had acquired from IBM.

In December 2008, the company launched the BRBL (Barracuda Reputation Block List), its proprietary and dynamic list of known spam servers, for free and public use in blocking spam at the gateway.

Soon after opening BRBL many IP addresses got blacklisted without apparent reason and without any technical explanation.

As of October 2009, Barracuda had over 85,000 customers.

Adapted from the Wikipedia article Barracuda Networks, under the G. N. U. Free Documentation License. Please also see http://en.wikipedia.org/wiki

No related posts.

There are several different types of software architecture in common use.

Simple control loop

In this design, the software simply has a loop. The loop calls subroutines, each of which manages a part of the hardware or software.

Interrupt controlled system

Some embedded systems are predominantly interrupt controlled. This means that tasks performed by the system are triggered by different kinds of events. An interrupt could be generated for example by a timer in a predefined frequency, or by a serial port controller receiving a byte.

These kinds of systems are used if event handlers need low latency and the event handlers are short and simple.

Usually these kinds of systems run a simple task in a main loop also, but this task is not very sensitive to unexpected delays.

Sometimes the interrupt handler will add longer tasks to a queue structure. Later, after the interrupt handler has finished, these tasks are executed by the main loop. This method brings the system close to a multitasking kernel with discrete processes.

Cooperative multitasking

A nonpreemptive multitasking system is very similar to the simple control loop scheme, except that the loop is hidden in an API. The programmer defines a series of tasks, and each task gets its own environment to “run” in. When a task is idle, it calls an idle routine, usually called “pause”, “wait”, “yield”, “nop” (stands for ”no operation”), etc.

The advantages and disadvantages are very similar to the control loop, except that adding new software is easier, by simply writing a new task, or adding to the queue-interpreter.

Preemptive multitasking or multi-threading

In this type of system, a low-level piece of code switches between tasks or threads based on a timer (connected to an interrupt). This is the level at which the system is generally considered to have an “operating system” kernel. Depending on how much functionality is required, it introduces more or less of the complexities of managing multiple tasks running conceptually in parallel.

As any code can potentially damage the data of another task (except in larger systems using an MMU) programs must be carefully designed and tested, and access to shared data must be controlled by some synchronization strategy, such as message queues, semaphores or a non-blocking synchronization scheme.

Because of these complexities, it is common for organizations to use a real-time operating system (RTOS), allowing the application programmers to concentrate on device functionality rather than operating system services, at least for large systems; smaller systems often cannot afford the overhead associated with a ”generic” real time system, due to limitations regarding memory size, performance, and/or battery life.The choice that a RTOS is required brings in its own issues however as the selection must be done prior to starting to the application development process. This timing forces developers to choose the embedded operating system for their device based upon current requirements and so restricts future options to a large extent.The restriction of future options becomes more of an issue as product life decreases. Additionally the level of complexity is continuously growing as devices are required to manage many variables such as serial, USB, TCP/IP, Bluetooth, Wireless LAN, trunk radio, multiple channels, data and voice, enhanced graphics, multiple states, multiple threads, numerous wait states and so on. These trends are leading to the uptake of embedded middleware in addition to a real time operating system.

Microkernels and exokernels

A microkernel is a logical step up from a real-time OS. The usual arrangement is that the operating system kernel allocates memory and switches the CPU to different threads of execution. User mode processes implement major functions such as file systems, network interfaces, etc.

In general, microkernels succeed when the task switching and intertask communication is fast, and fail when they are slow.

Exokernels communicate efficiently by normal subroutine calls. The hardware, and all the software in the system are available to, and extensible by application programmers.

Monolithic kernels

In this case, a relatively large kernel with sophisticated capabilities is adapted to suit an embedded environment. This gives programmers an environment similar to a desktop operating system like Linux or Microsoft Windows, and is therefore very productive for development; on the downside, it requires considerably more hardware resources, is often more expensive, and because of the complexity of these kernels can be less predictable and reliable.

Common examples of embedded monolithic kernels are Embedded Linux and Windows CE.

Despite the increased cost in hardware, this type of embedded system is increasing in popularity, especially on the more powerful embedded devices such as Wireless Routers and GPS Navigation Systems. Here are some of the reasons:

* Ports to common embedded chip sets are available.

* They permit re-use of publicly available code for Device Drivers, Web Servers, Firewalls, and other code.

* Development systems can start out with broad feature-sets, and then the distribution can be configured to exclude unneeded functionality, and save the expense of the memory that it would consume.

* Many engineers believe that running application code in user mode is more reliable, easier to debug and that therefore the development process is easier and the code more portable.

* Many embedded systems lack the tight real time requirements of a control system. Although a system such as Embedded Linux may be fast enough in order to respond to many other applications.

* Features requiring faster response than can be guaranteed can often be placed in hardware.

* Many RTOS systems have a per-unit cost. When used on a product that is or will become a commodity, that cost is significant.

Exotic custom operating systems

A small fraction of embedded systems require safe, timely, reliable or efficient behavior unobtainable with the one of the above architectures. In this case an organization builds a system to suit.

In some cases, the system may be partitioned into a “mechanism controller” using special techniques, and a “display controller” with a conventional operating system. A communication system passes data between the two.

Additional software components

In addition to the core operating system, many embedded systems have additional upper-layer software components. These components consist of networking protocol stacks like CAN, TCP/IP, FTP, HTTP, and HTTPS, and also included storage capabilities like FAT and flash memory management systems. If the embedded devices has audio and video capabilities, then the appropriate drivers and codecs will be present in the system. In the case of the monolithic kernels, many of these software layers are included. In the RTOS category, the availability of the additional software components depends upon the commercial offering.

Adapted from the Wikipedia article Embedded system, under the G. N. U. Free Documentation License. Please also see http://en.wikipedia.org/wiki

No related posts.

If a user revisits a Web page after only a short interval, the page data may not need to be re-obtained from the source Web server. Almost all web browsers cache recently obtained data, usually on the local hard drive. HTTP requests sent by a browser will usually only ask for data that has changed since the last download. If the locally cached data are still current, it will be reused. Caching helps reduce the amount of Web traffic on the Internet. The decision about expiration is made independently for each downloaded file, whether image, stylesheet, JavaScript, HTML, or whatever other content the site may provide. Thus even on sites with highly dynamic content, many of the basic resources only need to be refreshed occasionally. Web site designers find it worthwhile to collate resources such as CSS data and JavaScript into a few site-wide files so that they can be cached efficiently. This helps reduce page download times and lowers demands on the Web server.

There are other components of the Internet that can cache Web content. Corporate and academic firewalls often cache Web resources requested by one user for the benefit of all. (See also Caching proxy server.) Some search engines also store cached content from websites. Apart from the facilities built into Web servers that can determine when files have been updated and so need to be re-sent, designers of dynamically generated Web pages can control the HTTP headers sent back to requesting users, so that transient or sensitive pages are not cached. Internet banking and news sites frequently use this facility. Data requested with an HTTP ‘GET’ is likely to be cached if other conditions are met; data obtained in response to a ‘POST’ is assumed to depend on the data that was POSTed and so is not cached.

Adapted from the Wikipedia article World Wide Web, under the G. N. U. Free Documentation License. Please also see http://en.wikipedia.org/wiki

No related posts.

Broadly, Linux distributions may be:

* Commercial or non-commercial;

* Designed for enterprise users, power users, or for home users;

* Supported on multiple types of hardware, or platform-specific, even to the extent of certification by the platform vendor;

* Designed for servers, desktops, or embedded devices;

* General purpose or highly specialized toward specific machine functionalities (e.g. firewalls, network routers, and computer clusters);

* Targeted at specific user groups, for example through language internationalization and localization, or through inclusion of many music production or scientific computing packages;

* Built primarily for security, usability, portability, or comprehensiveness.

The diversity of Linux distributions is due to technical, organizational, and philosophical variation among vendors and users. The permissive licensing of free software means that any user with sufficient knowledge and interest can customize an existing distribution or design one to suit his or her own needs.

Adapted from the Wikipedia article Linux distribution, under the G. N. U. Free Documentation License. Please also see http://en.wikipedia.org/wiki

No related posts.

Early on, spammers discovered that if they sent large quantities of spam directly from their ISP accounts, recipients would complain and ISPs would shut their accounts down. Thus, one of the basic techniques of sending spam has become to send it from someone else’s computer and network connection. By doing this, spammers protect themselves in several ways: they hide their tracks, get others’ systems to do most of the work of delivering messages, and direct the efforts of investigators towards the other systems rather than the spammers themselves. The increasing broadband usage gave rise to a great number of computers that are online as long as they are turned on, and whose owners do not always take steps to protect them from malware. A botnet consisting of several hundred compromised machines can effortlessly churn out millions of messages per day. This also complicates the tracing of spammers.

Open relays

In the 1990s, the most common way spammers did this was to use open mail relays. An open relay is an MTA, or mail server, which is configured to pass along messages sent to it from ”any” location, to ”any” recipient. In the original SMTP mail architecture, this was the default behavior: a user could send mail to practically any mail server, which would pass it along towards the intended recipient’s mail server.

The standard was written in an era before spamming when there were few hosts on the internet, and those on the internet abided by a certain level of conduct. While this cooperative, open approach was useful in ensuring that mail was delivered, it was vulnerable to abuse by spammers. Spammers could forward batches of spam through open relays, leaving the job of delivering the messages up to the relays.

In response, mail system administrators concerned about spam began to demand that other mail operators configure MTAs to cease being open relays. The first DNSBLs, such as [http://www.mail-abuse.org/rbl/ MAPS RBL] and the now-defunct ORBS, aimed chiefly at allowing mail sites to refuse mail from known open relays. By 2003 less than 1% of corporate mail servers were available as open relays, down from 91% in 1997.

Open proxies

Within a few years, open relays became rare and spammers resorted to other tactics, most prominently the use of open proxies. A proxy is a network service for making indirect connections to other network services. The client connects to the proxy and instructs it to connect to a server. The server perceives an incoming connection from the proxy, not the original client. Proxies have many purposes, including Web-page caching, protection of privacy, filtering of Web content, and selectively bypassing firewalls.

An ”open” proxy is one which will create connections for ”any” client to ”any” server, without authentication. Like open relays, open proxies were once relatively common, as many administrators did not see a need to restrict access to them.

A spammer can direct an open proxy to connect to a mail server, and send spam through it. The mail server logs a connection from the proxy—not the spammer’s own computer. This provides an even greater degree of concealment for the spammer than an open relay, since most relays log the client address in the headers of messages they pass. Open proxies have also been used to conceal the sources of attacks against other services besides mail, such as Web sites or IRC servers.

Besides relays and proxies, spammers have used other insecure services to send spam. One example is FormMail.pl, a CGI script to allow Web-site users to send e-mail feedback from an HTML form. Several versions of this program, and others like it, allowed the user to redirect e-mail to arbitrary addresses. Spam sent through open FormMail scripts is frequently marked by the program’s characteristic opening line: “Below is the result of your feedback form.”

As spam from proxies and other “spammable” resources grew, DNSBL operators started listing their IP addresses, as well as open relays.

Spammer viruses

In 2003, spam investigators saw a radical change in the way spammers sent spam. Rather than searching the global network for exploitable services such as open relays and proxies, spammers began creating “services” of their own. By commissioning computer viruses designed to deploy proxies and other spam-sending tools, spammers could harness hundreds of thousands of end-user computers. The widespread change from Windows 9x to Windows XP for many home computers, which started in early 2002 and was well under way by 2003, greatly accelerated the use of home computers to act as remotely-controlled spam proxies. The original version of Windows XP as well as XP-SP1 had several major vulnerabilities that allowed the machines to be compromised over a network connection without requiring actions on the part of the user or owner. While Windows 2000 had similar vulnerabilities, that operating system was never widely used on home computers.

Most of the major Windows e-mail viruses of 2003, including the Sobig and Mimail virus families, functioned as spammer viruses: viruses designed expressly to make infected computers available as spamming tools.

Besides sending spam, spammer viruses serve spammers in other ways. Beginning in July 2003, spammers started using some of these same viruses to perpetrate distributed denial-of-service (DDoS) attacks upon DNSBLs and other anti-spam resources. Although this was by no means the first time that illegal attacks have been used against anti-spam sites, it was perhaps the first wave of ”effective” attacks.

In August of that year, engineering company Osirusoft ceased providing DNSBL mirrors of the SPEWS and other blocklists, after several days of unceasing attack from virus-infected hosts. The very next month, DNSBL operator Monkeys.com succumbed to the attacks as well. Other DNSBL operators, such as Spamhaus, have deployed global mirroring and other anti-DDoS methods to resist these attacks.

Zombie networks are particularly active in North America where about half of the Internet users are on a broadband connection and many leave their computers on all the time. In January, 2008, 8% of all e-mail spam was sent by the Storm botnet, created by the Storm Worm, first released in January, 2007. It is estimated that as many as 1 million or more computers have been infected and their owners are unwilling and unknowing participants. In the 3rd quarter of 2008 almost one in every 400 email messages contained a dangerous attachment, designed to infect the recipient’s computer, eight times as often as in the previous quarter.

Adapted from the Wikipedia article Spam email delivery, under the G. N. U. Free Documentation License. Please also see http://en.wikipedia.org/wiki

No related posts.

ManageEngine Applications Manager

Applications Manager is an availability and performance monitoring software whose capabilities include server monitoring, application server monitoring, database monitoring, web services monitoring, ERP monitoring and Middleware monitoring . Applications manager comes in two editions – Professional edition aimed at small and medium businesses through which you can monitor 250 applications. The enterprise edition has a distributed architecture that helps enterprises monitor applications, servers, databases etc.

ManageEngine IT 360

ManageEngine IT360 is an Enterprise IT Management suite. It comes with an integrated network, server and application management solution. With ManageEngine IT360, IT Administrators will be able to monitor the availability and performance of IT networks, servers, databases, web applications and other custom services.It can monitor network devices such as routers, switches, desktops, printers; wireless components network traffic and bandwidth usage of various applications within IT infrasturcture using NetFlow, sFlow, jFlow and more. It has an in-built ITIL-based ServiceDesk solution. This integrated Service Desk has support for Trouble Ticketing, Problem management, Change Management, Knowledge Base and IT Asset Management .

ManageEngine Desktop Central

Desktop Central is a web-based windows server and Desktop Management software that manages number of servers/desktops from a central location. It automates the desktop management life cycle ranging from a simple system configuration to complex software deployment. With its network-neutral architecture, the administrator can easily manage any windows networks like Active Directory, Workgroup, or other directory services.

ManageEngine Desktop Central MSP

Desktop Central MSP is a web-based Windows Desktop Management software that helps managed service providers to efficiently manage their customers’ desktops and servers. It offers integrated desktop management functions like Software Distribution, Patch Management, IT Asset Management, Remote Control, Configurations, and System Tools.

ManageEngine Asset Explorer

ManageEngine AssetExplorer is an asset management software that provides insight about all enterprise IT assets, their state of affairs and working, for forecast and control. It manages asset deployment, specifications, monitoring, calibration, costing and tracking from a single system. It can also do resource optimization and manage vendor contracts.

ManageEngine ADManager Plus

ManageEngine ADManager Plus is a Windows Active Directory Management and reporting software that helps Active Directory administrators and help desk technicians with their day-to-day activities. With a centralized web-based UI, the software handles a variety of tasks like bulk management of user accounts and other Active Directory objects, delegate role based access to help desk technicians, and generates an exhaustive list of Active Directory Reports, which is necessary for compliance audits.

ManageEngine ADAudit Plus

ManageEngine ADAudit Plus is a web based Active Directory change audit and reporting software. It provides complete audit information on all Active Directory changes with the help of reports and alerts. Detailed change information on: user and computer accounts, user activity, user and group history, group memberships, logon activity, GPO changes, OU changes, administrative changes and domain policy changes. ADAudit Plus helps IT administrators to meet security challenges related to Active Directory changes and compliance demands like SOX, HIPAA, GLBA etc., that are demanded by regulatory authorities.

ManageEngine ServiceDesk Plus

ServiceDesk Plus is flagship IT help desk product from ManageEngine. It is web-based help desk software which has features like trouble ticketing, asset management, purchase order management, contracts management, self-service portal and knowledge base. ServiceDesk Plus is ITIL ready software which helps organizations to adopt ITIL best practices of Incident management, Problem Management, Change Management, Release Management and CMDB. ServiceDesk Plus comes in three editions – Standard, Professional and Enterprise. The licensing is based on technicians and assets.

ManageEngine ADSelfService Plus

ManageEngine ADSelfService Plus is a secure, web-based end user self service password reset program for domain users to perform self password reset, account unlock and update of personal details in Windows Active Directory. Thus it helps eliminate helpdesk calls and associated expenses by automating password resets and account unlocks to optimize employee productivity. ADSelfService Plus now supports Password Reset from a Windows Logon GINA / CP extension.

ManageEngine Exchange Reporter Plus

ManageEngine Exchange Reporter Plus is a web-based analysis and reporting solution for Microsoft Exchange Servers. It provides profound insights on an organization’s Exchange infrastructure. This solution offers email traffic statistics and analysis, mailbox size growth rate, server usage pattern, and other important data, using which an administrator can take informed decisions to optimize the efficiency of his organization’s Microsoft Exchange setup.

ManageEngine SupportCenter Plus

ManageEngine SupportCenter Plus is the customer help desk from the stable of Manageengine. It is web based software which is composed of customer trouble ticketing, account and contact management, knowledge base and solutions, self-service portal and remote desktop sharing. In addition to that, SupportCenter Plus supports Multitenancy where multiple business units of the same organization can provide their customer support through a single interface. SupportCenter Plus is integrated with Asterisk for computer telephony and also it is integrated with Twitter for giving customer support through the Micro-blogging platform.

ManageEngine ServiceDesk Plus MSP

ServiceDesk Plus MSP is the exclusive version of ServiceDesk Plus designed specifically for Managed Service Provider to provide support to their clients. It has major features of ServiceDesk Plus including Asset Management, Purchase Order Management, contracts management, Self-Service portal and Knowledge base. It is also an ITIL ready product.

ManageEngine OpManager

ManageEngine OpManager is the flagship product of ManageEngine; it is a network monitoring and network management software for single and multi-site networks. Apart from availability and performance monitoring using SNMP, WMI and CLI, OpManager uses other network management technologies like Cisco NetFlow, IP SLA, NBAR, CBQoS, sFlow, IP FIX, TFTP, SCP, Telnet, SSH & more. OpManager’s extended network fault management capabilities include processing of SNMP traps, event Logs and Sys logs.

ManageEngine Netflow Analyzer

ManageEngine NetFlow Analyzer is a web-based traffic analysis and bandwidth monitoring tool. NetFlow Analyzer make use of the flows, such as NetFlow, sFlow, jFlow, IPFIX etc., exported by routers / switches to carry out the analysis and give in-depth visibility into the network. It is used in enterprises for identifying which applications are being used and how the bandwidth is utilized in the organization’s network. It can also identify the top talkers, top applications, conversations in the network. NetFlow analyzer is strongly aligned to Cisco technologies and supports Cisco NetFlow, NBAR, CBQoS, IPSLA (VoIP).

ManageEngine EventLog Analyzer

EventLog Analyzer is a web based, real time, agent less, event log and application log management software. The event log analyzer software collects, analyzes, reports, and archives, event logs from distributed Windows hosts, SysLog from distributed Unix hosts, Routers, Switches, and other SysLog devices, Application logs from IIS web server, IIS FTP server, and MSSQL server. The event log analyzer application generates graphs and reports that help in privileged user activity monitoring, compliance audit readiness, forensic analysis and trouble shooting of network issues.

ManageEngine Firewall Analyzer

Firewall Analyzer is a web based, agentless, firewall log analysis and reporting software. The software application collects, analyzes, and archives logs from enterprise-wide network perimeter security devices and generates reports. The devices are Firewalls, Proxy servers, Intrusion Detection System (IDS) /Intrusion Prevention System (IPS), and Virtual Private Networks (VPN). The prominent features of the application are security event, employee internet usage and firewall performance monitoring.

ManageEngine OpUtils

OpUtils offers the ability to map your Switch Ports to devices to its physical location. The IP Address Manager tool automatically discovers the subnets and scan them periodically to get the details of Used & Available IP Address in your network. It also provides various tools for Bandwidth Monitoring, Network Monitoring, Wake on LAN, Detect Rogue Devices in the network, Cisco Config File Management, MAC-IP Resolver, SNMP Trap Receiver and more.

ManageEngine MSP Center Lite

MSP Center Lite is an agent based remote systems management solution, designed specially for Managed Service Provider (MSPs). It is built on a agent-central architecture, that helps MSPs manage Windows desktops and servers irrespective of their location.

ManageEngine IMS

ManageEngine Infrastructure Management Solution (IMS) is an integrated end-to-end IT Infrastructure monitoring solution that helps Infrastructure Management Service providers deliver IT Management Services to their customers. It offers advanced fault and performance management across network devices such as routers, switches and servers, applications, databases and other IT infrastructure components such as printers, UPS, Domain Controllers etc.,

ManageEngine On-Demand

Based on the market demand and experience with Zoho Office Suite, ManageEngine has introduced IT management software in the on-demand versions. The products which are available in the on-demand versions are

# ManageEngine Opmanager

# Site 24 X 7

# ManageEngine ServiceDesk Plus – Closed beta launched on April 28, 2010

Adapted from the Wikipedia article ManageEngine, under the G. N. U. Free Documentation License. Please also see http://en.wikipedia.org/wiki

No related posts.

Intel AMT is part of the Intel Management Engine. All access to the Intel AMT features is through the Intel Management Engine in the PC’s hardware and firmware. AMT communication depends on the state of the Management Engine, not the state of the PC’s OS.

As part of the Intel Management Engine, the AMT OOB communication channel is based on the TCP/IP firmware stack designed into system hardware. Because it is based on the TCP/IP stack, remote communication with AMT occurs via the network data path before communication is passed to the OS.

AMT out-of-band (OOB) communication for Wired vs. Wireless PCs

Intel AMT supports wired and wireless networks. For wireless notebooks on battery power, OOB communication is available when the system is awake and connected to the corporate network, even if the OS is down. OOB communication is also available for wireless or wired notebooks connected to the corporate network over a host OS-based virtual private network (VPN) when notebooks are awake and working properly.

AMT out-of-band (OOB) secure communication outside the corporate firewall

AMT version 4.0 and higher can establish a secure communication tunnel between a wired PC and an IT console outside the corporate firewall. In this scheme, a management presence server (Intel calls this a “vPro-enabled gateway”) authenticates the PC, opens a secure TLS tunnel between the IT console and the PC, and mediates communication. The scheme is intended to help the user or PC itself request maintenance or service when at satellite offices or similar places where there is no on-site proxy server or management appliance.

Technology that secures communications outside a corporate firewall is relatively new. It also requires that an infrastructure be in place, including support from IT consoles and firewalls.

How it works

An AMT PC stores system configuration information in protected memory. For PCs version 4.0 and higher, this information can include the name(s) of appropriate “whitelist” management servers for the company. When a user tries to initiate a remote session between the wired PC and a company server from an open LAN, AMT sends the stored information to a management presence server (MPS) in the “demilitarized zone” (“DMZ”) that exists between the corporate firewall and client (the user PC’s) firewalls. The MPS uses that information to help authenticate the PC. The MPS then mediates communication between the laptop and the company’s management servers.

Because communication is authenticated, a secure communication tunnel can then be opened using TLS encryption. Once secure communications are established between the IT console and Intel AMT on the user’s PC, a sys-admin can use the typical AMT features to remotely diagnose, repair, maintain, or update the PC.

Adapted from the Wikipedia article Intel Active Management Technology, under the G. N. U. Free Documentation License. Please also see http://en.wikipedia.org/wiki

No related posts.

FSP never reached the popularity of FTP for legitimate use (although wuarchive and id Software provided FSP service in addition to FTP for some time), but became very popular in the early-to-mid-1990s for underground sites containing pornography and/or warez. Because an FSP server only requires one process (as opposed to one process per client for most FTP servers), it is much harder for a system administrator to notice it in a process list; also, since it uses UDP, it is less likely to be noticed by a network administrator.

Eventually, however, an increased use of firewalls, a decreasing usage of the shell accounts required to run a server or most of the clients, and a lack of FSP support in web browsers caused its use to taper off, and the warez scene moved to HTTP and FXP while pornography moved to publicly-advertised web servers.

Adapted from the Wikipedia article File Service Protocol, under the G. N. U. Free Documentation License. Please also see http://en.wikipedia.org/wiki

No related posts.