headtop

August 2008 Entries

What Data Domain does not want you to know about - Storwize Primary Storage Compression Appliances - August 19, 2008

Orlando Florida – Storwize Inc., the only provider of real-time primary storage data compression solutions, today introduced the next generation edition of its award-winning STN-6000™ product family. The Storwize P Series encompasses a family of products tailored for different customer environments, ranging from entry-level operations, to data center environments with tens of thousands of users in the most data-intensive industries, as well as oil and gas exploration and financial services.
Storwize has transitioned to a 64-bit architecture and is rolling out its high end appliance, the STN-6800p completing its solutions coverage for all market segments. The STN-6800p is designed to work with large-scale enterprise storage platforms such as the NetApp FAS6070 and the EMC Celerra NSX.

The three P Series models are application agnostic and provide optimized solutions across a range of environments:
•  STN-6300p is the company’s entry-level model providing the same availability, reliability and efficiency of higher-end models
•  STN-6500p is optimized for enterprise environments
•  STN-6800p expands enterprise functionality to high-end environments performing large file processing on huge volumes of files

All three new models are also available in an optional High Availability configuration, which provides the highest level of mission critical information availability and ensures data integrity and business continuity.

“The P Series platform addresses all the distinct user requirements for cost, performance and application optimization across the full spectrum of IT users,” said Gal Naor, Storwize CEO. “Storwize now offers end to end solutions to all market segments from entry-level to high performance computing data center environments yielding dramatic data foot print reductions regardless of the vertical or data type at stake. Our customer successes validate the maturity, leadership and industry recognition that Storwize has well earned by creating the primary optimization market.”

According to Brian McCarthy President and a 25 year Storage veteran for Sencilo solutions of Orlando Florida, “Without question, Storwize is leading the way for primary storage capacity optimization and the P Series enhancements certainly raise the performance bar for this class of products. Most of the attention about data reduction technologies has been focused on secondary storage platforms but given the vast amounts of storage that companies are still struggling to manage, the substantial cost benefits of properly applied primary compression should cause IT departments everywhere to take a hard look at the advantages of the new STN-6000 Series.” 

The Storwize family of real-time compression appliances allows companies to extend the lifecycle of their data center. All appliances in the Series are transparent to end users and applications, ensure data integrity and are vendor-agnostic. Simple plug-and-play, the P Series products are complementary to other solutions and technologies intended to reduce storage consumption, such as de-duplication, virtualization and thin provisioning.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/data-compression.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

How to deal with SQL Injection Attacks - August 17, 2008

Orlando Florida -- It’s not like SQL injection attacks are new. They go back to at least late 2004, when they appeared in Europe and Asia.  A German TV station was attacked, then a Taiwanese security magazine.  In 2006, Russian hackers broker into a Rhode Island government website and stole credit card data.

The attacks were proliferating.  In 2007, a hacker defaced the Microsoft UK web site.  Later on that year, the UN website was defaced with a SQL injunction attack.  Have they no shame?

In January 2008, tens of thousands of PC websites were defaced by automated SQL injection attacks that exploited the vulnerability of Microsoft SQL server.

In April 2008, the social security numbers of the sex offenders on the Sexual Offender Registry of Oklahoma were stolen by an injection attack.

In May 2008, a server farm in China used automated queries to Google’s search engine to identify SQL server websites that were vulnerable.

In July 2008, the Malaysian site for Kaspersky, a Russian computer security company, was hacked using a SQL injection.

From April 2008 to the present, there have been increasing SQL injection attacks exploiting the SQL injection vulnerability of Microsoft Internet Information Services and SQL server.

HOW THE INJECTION ATTACK WORKS

These attacks don’t require the hacker to have access to the server or, for that matter, the names of database fields.  The attack is on all text fields in all tables with a single hacked SQL request.  The attack attaches an html string to each field that activates a malware javascript file called from a remote location.  When that value is later displayed to a user of the hacked site, the script tries to gain control over the user’s system.  When in fact the purchase of a a Barracuda Web Site Firewall protects Web applications and Web services from malicious attacks, and can also increase the performance and scalability of these applications. The Barracuda Web Site Firewall offers every capability needed to deliver, secure and manage enterprise Web applications from a single appliance through an intuitive, real-time user interface.

The number of exploited web pages is estimated at 500,000 so far, and growing daily.  These attacks are across the board, against government sites and well as commercial sites, and against open source SQL as well as Microsoft SQL.  The attacking mechanisms can be manual or by automated spiders or by modified versions of popular software such as QuickTime and RealPlayer.

SQL is a rich and complex language, so there are many techniques by which the attack can be accomplished.  The common approach is for the hacker to modify a variable being passed from the user’s browser URL address line or from a form on the browser to a SQL search string which is being processed on the website.

With this approach, hackers or their automated spiders can inject draconian instructions into the SQL commands written for the site, and these can do any number of awful things, like stealing all the data from the SQL database, destroying the database altogether or modifying the records by adding references to remote malware that spreads the attack through innocent visitors using the site, in a kind of Trojan horse virus.

HOW DO YOU KNOW YOU’VE BEEN HIT

Don’t think you’re somehow exempt.  If you’re using SQL in any form you’re vulnerable.  Most websites are data driven these days, and most of those use SQL in one form or another.  The hackers and their spiders may very well visit an attack on your site any time.

It goes without saying you need to back up your SQL database, all of it, every day and keep those backups for perhaps a longer period of time than before.  If you have 10 days of backup but you don’t watch your site and 10 days go by, you won’t have a useable backup and you’ll be SOL.

How do you know you’ve been attacked?  "Well, the data on your screen is truncated and you get strange characters like hanging apostrophes and angle brackets on your screen where database information ought to be.  Sometimes you get wise guy jokes there too.  Don’t click on what appear to be links - that’ll get you in more trouble and infect your machine too", says Brian McCarthy President of a Security VAR in Central Florida Sencilo Solutions.

HOW TO DEAL WITH THEM

If you’ve been attacked, you need to go to Internet Information Services (IIS) on your server and cut user connections, and stop the site.  Then you need to find a good backup file to restore your database.  For that, you need to figure out when the attack happened so you can use a backup from before it happened.  "If you don’t have a good backup, you’ll probably have to clean the database manually to recover the data for your site," says McCarthy. 

That means stripping out all the bad values and references that were injected.  You have to painstakingly go through every field, record and table.  In a big database, this can take forever, and it’s tedious and gut-wrenching work.  Worse, it may not be a complete solution.  The injection values are usually injected at the end of the existing values in the field, but if the injection values are longer than the field, they may write over the existing values, and that means the original data is lost.

When you’re done, you would turn IIS back on and see if you’ve done a good job, and whether there is some other gift they left for you.  You don’t know until you bring the site up again and watch it work.

There are some scripts out there that say they can reverse the attack and clean the injected values out of your database. Here’s an example:

http://hackademix.net/2008/04/26/mass-attack-faq/#webdev

Different hackers inject different values, so there’s no guarantee that this will work.

Even assuming you can restore your database, you could have another attack any time with similar result.  So if you have a good backup file of your database, make a protected copy of it for future use if necessary.

CLOSING THE VULNERABILITIES

Beyond that, you or your web designers need to close the vulnerabilities.  You can do that in a variety of ways, all of which involve new coding.  Go slowly and carefully, file by file, so you do it right and don’t miss anything.

When you recode, you need to write routines to clean all the parameters that are being fed into your SQL queries.  To do this, you need to strip out any questionable SQL commands that could be part of an injection attack, including DECLARE, SELECT, SET, CAST, DROP, EXEC,”;”, “–”, INSERT, DELETE, XP_, VARCHAR and CHAR, among others.

WILL WE EVER CATCH THESE GUYS

Maybe not be in the meant time the Barracuda Web Site Firewall is a complete and powerful security solution for Web applications and Web sites. The Barracuda Web Site Firewall provides award-winning protection against hackers leveraging protocol or application vulnerabilities to instigate data theft, denial of service or defacement of your Web site.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/products-security.php
 
Sencilo Solutions is a Florida-based integrator specializing in network storage and information security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, RSA, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
 
Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Kissimmee, Lakeland, Maitland, Cape Canaveral, Lake Mary

Other products include Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp Compliance vs. Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage enVision Data Loss Prevention Encryption and Key Management CA Symantec Juniper Symantec Norton SPAM

NetApp Adds De-Dupe Capabilities for Primary Storage but Storwize has something Better - August 5, 2008

Orlando Flordia --Network Appliance (NSDQ:NTAP) this week is bringing its data de-duplication technology to a wider channel and customer base by making it available for use with a wide range of data management applications.
De-duplication, also called "de-dupe," removes duplicate information as data is backed up or archived. It can be done on the file level, where duplicate files are replaced with a marker pointing to one copy of the file, and/or at the sub-file or byte level, where duplicate bytes of data are removed, resulting in a significant decrease in storage capacity requirements.

NetApp has had de-dupe technology for a couple of years as part of the NetApp advanced single-instance storage (A-SIS) technology for its NearStore and FAS storage systems, said Ravi Thota, director of the vendor's product marketing for data protection and retention.

A-SIS was part of the company's SnapVault for NetBackup, an application on which it cooperated with Symantec (NSDQ:SYMC). However, Thota said, it was limited to the NetBackup environment only.

Starting this week, however, NetApp is making de-dupe available on its FAS and its NearStore R200 storage systems regardless of which data management software is used, Thota said.

"It has been tested with CommVault, but works with others," he said. "And it works not just with backups, but with archival and primary storage, and it works in both file and block environments."

When used with a NetApp storage device, the software enables de-dupe of data once it arrives at the device, Thota said. Because de-dupe is done at the storage device, it can work with any vendor's software, he said.

Merrill Likes, president of UpTime, an Edmond, Okla.-based NetApp solution provider, said he is glad to see NetApp finally opening its de-dupe technology to non-NetBackup environments. "It will be very important with VTL (virtual tape library) technology going forward," Likes said. But not all resellers agree, Brian McCarthy President of Sencilo Solutions and 30 year storage veteran says "several of his NetApp customer have turned off A-SIS sighting very poor performance and data recovery issues."  NetApp is just trying to play catch up and is doing a very poor job at it, says McCarthy.

However, Likes said he expects his customers to focus de-dupe on secondary storage for now, and stay away from using it with primary storage until the technology has a chance to prove itself, to this McCarthy agrees.  NetApp is actually letting customers know this in a written bulletin and asking them to sign it, that they are a where of low performance issues."

"If de-dupe is used on primary storage, there will be overhead when rebuilding the data if there is a problem," he said. "Secondary storage provides fairly linear access to data, but on primary storage, there is more random access to the data."

The de-dupe feature is available free-of-charge on NetApp's NearStore R200 appliance, and as a $3,000 option for its FAS appliances.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/data-compression.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ



headerbottomrounded