Archive

Archive for April, 2012

Analysis: Microsoft Moves To End iPad’s Free Ride On Windows

April 30, 2012 Leave a comment

By Kevin McLaughlin, CRN
April 27, 2012    7:51 PM ET

Microsoft (NSDQ:MSFT) believes the iPads and Android tablets its customers are using to access Windows desktops using virtual desktop infrastructure are under-licensed, and its new Windows 8 Companion Device License aims to plug this loophole.

“When you look at the number of iPad devices in the enterprise that are basically accessing and running Windows 7, using and getting the value of the software, there wasn’t a monetization of that for us that was associated with those things,” Ross Brown, vice president of solution partners and independent software vendors in Microsoft’s Worldwide Partner Group, told CRN earlier this week.

Microsoft’s unveiling of the CDL did not go over well, as some partners and customers interpreted it as a naked attempt to slow the iPad’s march into the enterprise — understandable since Microsoft isn’t requiring it for Windows RT tablets — while others predicted it would put a damper on VDI business.

Most surprising, though, was that some people interpreted the CDL as some sort of new, hardball tactic on Microsoft’s part. Truth be told, Microsoft has always had a skittish view toward VDI, and has always been unapologetic about its Windows licensing terms.

For example, Microsoft does not offer its hosting partnersa Service Provider License Agreement (SPLA) for Windows 7, but partners can offer desktops-as-a-service using Windows Server and Remote Desktop Services.

Microsoft partners can sell hosted Windows 7 desktop-as-a-service through VDI as long as the end customer has an existing licensing agreement with Microsoft. However, partners must also have dedicated physical hosts for each customer, and this extra hurdle negates multi-tenancy and essentially renders this option moot.

What’s ironic about the hubbub over the CDL is that it actually represents a sort of compromise on Microsoft’s part. And that’s unusual, because the words “compromise” and “Windows” usually don’t occur in any conversation about Microsoft licensing.

Here’s the situation Microsoft faces: Under its current VDI licensing terms, customers who use devices not covered by Software Assurance — like iPads, thin clients, and contractor or employee-owned PCs — must buy the Virtual Desktop Access license subscription, which costs $100 per device annually.

But according to virtualization experts, many Microsoft customers are not adhering to the VDA requirement — some willingly, others because they simply don’t realize it is required.

“The complexity of licensing with respect to VDI is now such that Microsoft has effectively made it impossible for any enterprise IT manager to ensure compliance,” said Simon Bramfitt, founder and research director at Entelechy Associates, a Concord, Calif.-based virtualization consultancy.

Next >> 

Advertisements

Analysis: Microsoft Moves To End iPad’s Free Ride On Windows

April 30, 2012 Leave a comment

Image representing Microsoft as depicted in Cr...

Image via CrunchBase

Microsoft has no mechanism in place to remotely track whether or not they are in compliance, but some customers could be looking at much higher licensing costs if they were to face an audit.

“There are many organizations out there that have deployed VDI and do not understand the licensing, and they are all out of compliance,” said Mike Strohl, president of Entisys, a Concord, Calif.-based solution provider. “They’re not thinking about iPads and smartphones and all the extra endpoints.”

The CDL could clear things up, partners say, as it gives customers the right to access corporate desktops through VDI on up to four personally owned devices. Microsoft has not said how much the CDL will cost, but customers with large numbers of VDI-equipped iPads are obviously going to be fine with the CDL if it costs less than the VDA.

The alternative for Microsoft would be to stage mass audits of customers that use VDI with tablets to ensure compliance with the VDA. Such a move would likely be a PR disaster for Microsoft, though — one that would make the recent uproar over the CDL look tame by comparison.

Jon Roskill, Microsoft’s vice president of worldwide partner sales and marketing, told CRN earlier this week that the company will rely on customers to do the right thing. “Our whole software licensing methodology is based on trust and will continue to be,” he said.

There is no doubt that Microsoft is favoring Windows RT tablets by not requiring the CDL, but this isn’t part of a strategy to keep Appleout of the enterprise: Microsoft just

Image representing iPad as depicted in CrunchBase

Image via CrunchBase

wants to get paid. Partners want Microsoft to get paid, too, and no one is advocating that Microsoft give Windows away for free.

According to one solution provider with nationwide reach, the issue is not whether Microsoft has a right to monetize Windows VDI more aggressively; it is the impact on the channel of having to learn yet another licensing option.

“What is getting to organizations is the layers and layers of licensing: The Remote Desktop Services CAL, the VDI Suite, and the Microsoft Desktop Optimization Pack. All of these are on top of VDA and CDL licensing,” said the source, who requested anonymity.

<< Previous 

Most IT, security pros see Anonymous as serious threat

April 30, 2012 Leave a comment

Anonymous Español: Anonymous

Anonymous Español: Anonymous (Photo credit: Wikipedia)

By Lucian Constantin

April 23, 2012 10:12 AM ET

IDG News Service – The majority of IT and security professionals believe that Anonymous and hacktivists are among the groups that are most likely to attack their organizations during the next six months, according to the results of a survey sponsored by security vendor Bit9.

Sixty-four percent of the nearly 2,000 IT professionals who participated in Bit9’s 2012 Cyber Security Survey believe that their companies will suffer a cyberattack during the next six months and sixty-one percent of them chose hacktivists as the likely attackers.

Respondents had the option to select up to three groups of attackers who they believe are most likely to target their organizations. The choices were Anonymous/hacktivists, cybercriminals, nation states, corporate competitors and disgruntled employees.

Anonymous was chosen by the largest number of IT professionals overall, but there were some differences based on the type of organization. For example, nation states was the top choice for people working in the government sector, while those working in retail selected cybercriminals as the top threat.

According to Verizon’s 2012 Data Breach Investigations Report, hacktivists stole the largest quantity of data in 2011, but they were responsible for only 3 percent of the total number of breaches.

Respondents choosing hacktivists as a more likely source of cyberattacks than cybercriminals is similar to how most people fear flying more than driving, even though, statistically speaking, it’s far more likely for someone to be involved in a car accident than in a plane crash, said Bit9 chief technology officer Harry Sverdlove.

The truth is that you are less likely to be attacked by Anonymous or hacktivists — depending on what public statements you make — than to be attacked by a cybercriminal enterprise or a nation state, he said.

Despite considering Anonymous the top threat, when selecting the method of attack they are most worried about, 45 percent of respondents chose malware, which is generally associated with cybercrime rather than hacktivism.

Distributed denial-of-service (DDoS) and SQL injection, two attack types most commonly favored by hacktivists, worried only 11 percent and 6 percent of respondents, respectively.

Sverdlove believes that the reason why most IT professionals fear attacks from Anonymous is the bad publicity such attacks generate. If you’re attacked by Anonymous the world is going to know because the announcement will be on Pastebin in 24 hours, whereas if you’re attacked by cybercriminals, people might never find out, he said.

Despite this, almost 95 percent of respondents feel that data breaches should be disclosed to customers and the public. Forty-eight percent believe that companies should disclose the breach occurrence as well as what was stolen, while an additional 29 percent believe that companies should also disclose how the breach occurred.

Next >>

Most IT, security pros see Anonymous as serious threat

April 30, 2012 1 comment

Over half of those surveyed, 54 percent, believe that the most important machines in their business environment are the infrastructure servers. Forty-eight percent selected file and database servers, 46 percent selected Web and application servers and 45 percent chose email servers. Multiple choices were allowed.

When asked on which business machines they believe their cybersecurity protections to be most effective, the surveyed IT professionals chose them in a similar order. Forty percent believe their cybersecurity is strongest on infrastructure servers and only 26 percent believe it’s strongest on endpoint machines.

Sverdlove thinks that respondents over-evaluated the strength of cybersecurity on their Web and database servers. As validated by a recent report from Hewlett-Packard, a lot of companies are far more vulnerable on their servers than IT professionals realize, he said.

HP’s 2011 Top Cyber Security Risks Report, which was published on Wednesday, said that 86 percent of Web applications used by businesses are vulnerable to some type of injection attack that can be exploited by hackers to access internal databases.

More than half of IT professionals who participated in Bit9’s survey believe that implementing best security practices and better security policies can have the biggest impact on the strength of an organization’s cybersecurity. Only 15 percent of respondents felt that better technology will have a better impact and only 6 percent favored government regulation over other actions

1 <<

Avaya answers Cisco, Alcatel-Lucent with SMB switches

April 30, 2012 1 comment

By Jim Duffy
April 24, 2012 11:40 AM ET

Network World – Avaya has unveiled low-end Ethernet switches for small and medium-sized enterprises and remote branches that include features usually found in higher-end enterprise-class switches.

The new switches were expected.

The Avaya ERS 3500 line provides quick discovery and configuration of Avaya IP phones and centralized, Web-based GUI management of large branch office deployments. The line includes six Fast and Gigabit Ethernet switches available in 10- and 24-port configurations, with some featuring PoE+ and fanless operation.

The 24-port models will feature stacking in a future software release. Up to eight of the 24-port ERS 3500s can be stacked for up to 80Gbps of virtual backplane capacity, Avaya says.

PoE+ will power advanced IP phones, wireless access points and video surveillance cameras, Avaya says.

The line includes two 24-port Fast Ethernet switches and four Gigabit Ethernet switches — two of which have 10 ports and the other two 24 ports. The Fast Ethernet switches are the ERS 3526 T and 3526 T-PWR+. The ERS 3526 T features 24 x 10/100Mbps, plus two combo 10/100/1000 or SFP ports, plus two SFP/2.5Gbps rear ports. It is fanless.

The T-PWR+ boasts 24 x 10/100Mbps PoE+ ports, plus the same combination of rear ports as the 3526 T. PoE+ power on the T-PWR+ is 370 watts.

The Gigabit switches include the ERS 3524GT, 3524GT-PWR+, the 3510GT and 3510GT-PWR+. The latter two are the 10-port configurations.

The 3524GT and GT-PWR+ feature 24 x 10/100/1000Mbps with four shared SFP ports, plus two SFP / 2.5G rear ports. The GT-PWR+ offers 370 watts of PoE+.

The 3510s include 8 x 10/100/1000Mbps, plus two SFP ports. The GT is available standalone and fanless, while the GT-PWR+ includes 60 watts of PoE+ in fanless mode, and 170 watts in a fan version.

The 3526 switches cost $695, and $1,295 for the PoE+ version. The 3524s cost $1,895, and $2,395 for PoE+; and the 3510s cost $795 and $995.

The new Avaya SMB switches will go up against new SMB offerings from Alcatel-Lucent and Cisco‘s new Small Business 500 Series switches.

Read more about lan and wan in Network World’s LAN & WAN section.

802.11ac ‘Gigabit Wi-Fi’: What you need to know

April 30, 2012 Leave a comment

By Tony Bradley April 27, 2012 01:20 PM ET

The 802.11ac Wi-Fi standard is not yet finalized, but draft 802.11ac equipment will soon be available. Get ready with this primer.

What’s this?.

PC World – Your 802.11n wireless network and devices are about to become passe. Although the official 802.11ac specification won’t be finalized until sometime in 2013, wireless equipment will soon appear on store shelves sporting the faster wireless protocol. It’s been almost five years since 802.11n wireless routers and devices became available–also well ahead of the specification getting ratified. Now, IEEE is finalizing the 802.11ac standard. 802.11ac is also referred to as “gigabit Wi-Fi” and will be capable of significantly faster data transfer speeds than the current 802.11n. Here’s what you should know about the next generation Wi-Fi:

5GHz

802.11n works in both 5GHz and 2.4GHz frequency ranges. 802.11ac will be purely 5GHz. The higher frequency has less range when dealing with walls and other obstacles, but there is also far less interference in the 5GHz range. Many household devices ranging from cordless phones, to baby monitors, to microwave ovens can degrade the wireless signal in the 2.4GHz range.

Wider Channels

802.11ac uses wider channels to move more data. 802.11n relies on 40MHz channels. 802.11ac doubles that to 80MHz by default, with an option to use 160MHz channels. Coupled with QAM (check out this Wikipedia reference for a more detailed explanation of QAM) encoding that’s four times more efficient than 802.11n, the new Wi-Fi standard will be capable of transferring data at 433Mbps.

More Spatial Streams

There are twice as many spatial streams available in 802.11ac as there are in 802.11n. With eight spatial streams–each capable of a theoretical 433Mbps–802.11ac devices that use eight antennas can reach speeds up to nearly 7Gbps.

Beamforming

Signals reflected off different angles and surfaces arrive at the device out of phase from each other and cancel each other out. Beamforming resolves the phase conflicts for a stronger signal and more stable throughput. 802.11n is capable of beamforming, but the technique is rarely used. Beamforming is still optional in 802.11ac, but will likely be used much more commonly in 802.11ac devices.

Backward Compatibility

Although 802.11n has been around for years, there are still many routers and wireless devices in use that rely on the older 802.11b and 802.11g protocols. As we transition to 802.11ac, there will still be 802.11b-g devices, and it will take years for 802.11n to be replaced as the dominant Wi-Fi technology. 802.11ac will support fallback to older Wi-Fi standards to enable backwards compatibility. Some devices may only be capable of 5GHz, which means they’d only be able to revert to 802.11n. However, many devices will most likely still be dual-band, and be capable of switching to 2.4GHz and connecting with 802.11b or 802.11g if necessary.

Keep in mind that the 802.11ac specification is not yet finalized. Equipment and devices that come out this year will be based on the draft, and there is no guarantee they’ll work with other proprietary draft 802.11ac equipment, or that they’ll be fully compatible with the official 802.11ac standard once it’s finalized.

via: Computer World

Facebook hacker comes clean – Computerworld

April 26, 2012 5 comments

Glenn Mangham of York, England, said he meant no harm and hoped Facebook would let him off the hook

By Jeremy Kirk

April 26, 2012 12:00 PM ET1

What’s this?IDG News Service – The hacker who stole Facebook’s source code has gone public with a deeper explanation of how he penetrated the world’s most popular social network.

Glenn Mangham, of York, England, posted a lengthy writeup on his blog and a video, saying that he accepts full responsibility for his actions and that he did not think through the potential ramifications.

“Strictly speaking what I did broke the law because at the time and subsequently it was not authorized,” Mangham wrote. “I was working under the premise that sometimes it is better to seek forgiveness than to ask permission.”

Mangham implied he meant to contact Facebook once he had noticed the social-networking site had observed his intrusions, which he did little to hide. He didn’t use proxy servers because he said it made auditing take longer due to the time delay between each request made to a server. He was also hoping that even when he got caught, Facebook would let him off the hook.

That didn’t happen.

via Facebook hacker comes clean – Computerworld.

%d bloggers like this: