Categories

• Automation
• Compliance
• Consolidation
• Data Protection
• Networking News
• News
• RAID
• Security News
• Sencilo News
• Storage News
• Uncategorized
• Vendor News
• Virtualization

Archived by Date

• July 2010
• June 2010
• May 2010
• April 2010
• March 2010
• February 2010
• January 2010
• December 2009
• November 2009
• October 2009
• September 2009
• June 2009
• May 2009
• April 2009
• March 2009
• February 2009
• January 2009
• December 2008
• November 2008
• October 2008
• September 2008
• August 2008
• July 2008
• June 2008
• May 2008
• April 2008
• March 2008
• February 2008
• January 2008

January 2008 Entries

Missing Iron Mountain backup tapes prompts identity theft fears for J.C. Penny customers - January 18, 2008

GE Money, the firm hired by J.C. Penny to run its credit card operations, announced Thursday that it is missing backup tapes containing the personal information of about 650,000 J.C. Penny shoppers.

The personal information contains about 150,000 Social Security numbers. GE said the tape was discovered missing last October by a worker at a warehouse run by Boston-based data-protection and storage company, Iron Mountain Inc.

It is unclear if the data was encrypted. "When stolen data is encrypted, companies are quick to point it out as a way to ensure customers that their identities are safe," say Security Consultant Brian McCarthy for Sencilo Solutions. GE Money spokesman Richard C. Jones said the company was paying for 12 months of credit-monitoring service for customers whose Social Security numbers were on the tape.

"As is standard practice in our industry, we rarely know the nature of the information stored on the media we transport, nor the level of encryption or security our customers use," said Iron Mountain spokesman, Dan O'Neill in an email exchange. "We understand the tape was created in such a manner that unauthorized access to the data is extremely unlikely and difficult, even for its with specialized knowledge and technology."  Un-true says, McCarthy, 30 day demo backup software is available from most vendors as a free download, and the tape drives are common place via E-Bay", Iron Mountain again is trying to cover its tracks".  The only true and compliance way it to encrypt the tapes using encryption appliances or up-grade to the latest LTO-4 tape drives that have built-in encryption." 

It's the second time in recent months that Iron Mountain lost customer data. In October, Iron Mountain said it lost a decade's worth of bank account data and Social Security numbers for almost all Louisiana college applicants and their parents. The company was moving the backup tapes containing the information. A driver reportedly lost a case full of backup data for every Louisiana application for federal student aid from 1998 through Sept. 13, 2007.

Greg Schulz, an industry analyst with the Stillwater Minn.-based StorageIO Group downplayed the J.C Penny incident saying that it would be too labor intensive for a cybercriminal to steal the data off any missing tapes. 

"A penny theft criminal is not going to target an individual tape," Schulz said.

If the tape was targeted, a sophisticated cybercriminal would need to know the type of tape it is and have a specific device to read the data. Once cracked, the hacker would need to determine how the data was formatted. The work would be labor and financially intensive and therefore not a viable way for a cybercriminal to make money stealing identities, he said.

"Tapes have been lost and misplaced and have never left the building and the reality is that there are probably fewer tapes being lost today than there have been in the past," Schulz said. "Whether they're putting data on a tape or CDs or removable hard drives, the chance of that data getting lost is there."

"To bolster security in the wake of many high profile data breaches, some companies are encrypting data on backup tapes. Some firms are also using radio frequency identification and global positioning to track and maintain a handle on backup data", McCarthy of Sencilo Solutions said.

IBM has introduced encrypting tape drives and most back up software can encrypt but it still has to be turned on, said Eric Maiwald, an analyst at Midvale, Utah-based Burton Group.The potential for losing data because of a failed key management system must also be taken into account, Maiwald said.

"Encryption mechanisms that use appropriate algorithms with appropriate key lengths are effectively impossible to break. However, we have seen poor implementations that are breakable (such as WEP),"  McCarthy said.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-area-network.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words:  DR BC Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant LTO Backup Exc NetBackup Legato TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell

 

---

EXPAND NETWORKS POSITIONED IN THE LEADERS QUADRANT IN MAGIC QUADRANT REPORT FOR WAN OPTIMIZATION CONTROLLERS, 2007 - January 12, 2008

Evaluation Based on Completeness of Vision and Ability to Execute

ROSELAND, NJ – December 20, 2007 – Expand Networks, a leading provider of application acceleration solutions over the Wide Area Network (WAN), today announced that it has been positioned by Gartner, Inc. in the “Leaders” quadrant in their Magic Quadrant for WAN Optimization Controllers, 2007 [i] report. Gartner reviewed more than a dozen vendors in this report and based the evaluation according to criteria which focuses on the completeness of vision and ability to execute.

According to Gartner, “Leaders exhibit an ability to shape the market by introducing additional capabilities in their product offerings and by raising awareness of the importance of these features. Gartner expects a Leader to be growing the market as a whole, and to have solutions that resonate with an increasing number of enterprises.”

The report further clarifies the definition of a Leader: “Leaders in the WOC market need to have a broad feature set, including QOS, generic compression, protocol acceleration and file system acceleration, with the majority of features proven in substantial real-world implementations. They also need to be able to offer sales and support on a global basis.”

“In my opinion, Gartner’s Magic Quadrant is a de facto reference that enterprises turn to as they seek to add, increase or improve their existing technologies, and helps paint a clearer picture of the marketplace,” said Elie Barr, Chief Executive Officer, Expand Networks. “We are thrilled that Gartner positioned us in the ‘Leaders Quadrant’ for both vision and execution. Expand Networks is an established, proven leader in the market with almost a decade of WAN optimization experience and has formed solid alliances with a broad base of enterprise and OEM customers. Our R & D as well as our focused business vision enables us to deliver leading edge application acceleration solutions that that enables our customers to significantly reduce IT costs.”
Note About the Magic Quadrant

The Magic Quadrant is copyrighted December 2007 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

 

About Expand Networks
Expand Networks is the pioneer and leader in helping organizations simplify their IT infrastructure while delivering remote offices fast, reliable and secure access to networked applications. This results in improved user productivity and cost-effective IT management. Expand offers a multi-service integrated platform that ensures superior performance for any application over any network. From its headquarters in Roseland, NJ and its global locations, Expand Networks serves more than 1,450 enterprise customers including: American Express, Bacardi USA, BMW, Continental Airlines, Carr America, Colgate, Elizabeth Arden, Reed Exhibitions, Target and United States Department of Defense.

Expand Networks, Accelerator, Expand Compass, ExpandView are trademarks of Expand Networks. All other trademarks are the property of their respective owners.

---

Destorying Data. How to reduce business risks in an era of ever-increasing regulatory demands. - January 12, 2008

Sencilo Solutions and it's partner PeakData, LLC of Niwot, CO., which developed an innovative set of services, centered on data eradication, to attack a new category of financial and competitive risks head-on.

There was a time, not so long ago, when the primary data-management goal of IT organizations was to preserve data from various forms of loss - from issues related to such things as mechanical (hard) failure, software failure and natural disasters. But the world has changed. A new and multiplying batch of government regulations is keeping both CIOs and CFOs awake at night, according to CarrieAnne Curtis, Media Services general manager and data-security expert at PeakData. Now, enterprises are struggling to find fool-proof ways to get rid of their once-precious data.

Do you know where your data is?
The cost of the new regulations More than 30 new state and pending federal regulations are designed to protect individuals from the loss of their personal information maintained in organizations' IT systems. The net effect of these kinds of security-breach regulations, according to PeakData's Curtis, is that: An organization must maintain total control of personal data it owns or licenses - at all times

If the organization loses track of this data for just minutes, or even seconds, applicable regulations demand that the organization notify, in writing, every individual whose information might possibly have been exposed
According to Curtis, the cost of this type of notification process can run as high as $125 to $175 per person. One well-publicized security-breach case cost the organization involved more than $10 million. Clearly, much is at stake in this new regulatory environment. But what to do?

To destroy or not to destroy?
"Ever more sensitive to complex compliance obligations," Michael Klatman, vice president of Marketing at PeakData, says, "many organizations have gone to extremes to protect data from falling into the wrong hands. In many cases, these extremes include the physical destruction of failed or retired disk drives: an approach that has negative economic as well as environmental consequences." The risks associated with these new regulations are real. But is it really necessary to destroy retired or broken disks in order to avoid falling afoul of some 4,000 laws on data retenion laws such as Sarbanes-Oxley, HIPAA, Gramm-Leach-Bliley, the USA PATRIOT, the California Security Breach Notification Law, PCI Security Standards Council ("PCI SSC"), 21 CFR Part II and many others.

While it eliminates business risk, physically destroying disks also destroys the residual economic value of those disks. And that can cost as much as $1,000 per disk. By contrast, the logical destruction of data through the process of disk eradication permits the enterprise to recover that economic value from their disk subsystem vendor: a strategy that pays for the eradication process many times over.

Destroying data...
Any organization that is destroying (or locking away) retired disk drives, according to Klatman, ought to consider using PeakData's disk-eradication services - whereby PeakData comes onsite and, using its own proprietary system and methodology, logically (rather than physically) removes the data - and certifies, according to the Department of Defense 5220.22-M standard1, that data cannot be recovered from the disk drives in question. Special technologies and methods are required to implement this standard because typical storage firmware and software are not designed to be able to purge all traces of data in this manner.

During the disk-eradication process, the customer's disks never leave the data center, according to PeakData's Curtis, and legacy storage subsystems do not need to be powered up, saving precious energy. Instead, PeakData technicians remove disks from their enclosures and place them in the company's unique Data Eradicator system chassis. The Data Eradicator then performs the minimum required three passes of binary rewrites (over each sector and bit) according to the DoD 5220.22-M standard.

...And proving it
Once the rewrites are complete, the unit automatically generates a customizable XML/PDF certificate for each disk, showing the (embedded) serial number of the disk, the number of passes made, the time and date of the operation, and the names of the technicians and witnesses present. In this way, PeakData can guarantee to its customers that the DoD 5220.22-M disk-eradication standard has been met - and that all of the old data has been purged.

Each Data Eradicator unit can process up to 36 disks at a time - and as many 10 units can be implemented simultaneously: which means that the systems can process 360 disks, or almost 15 terabytes, at once. And the unit is highly secure, according to Curtis, having no writable media of its own; instead, the Data Eradicator's specialized operating system and logic are contained solely on read-only CD/DVDs. The eradication system works with SCSI, FATA, mainframe or open-systems disks.  Or go to http://www.sencilo.com/services-eradication.php 

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/products-security.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection

---

Barracuda Networks Protects Salesforce.com Users Against Latest Phishing Malware Attack - January 9, 2008

Barracuda Spam Firewall Blocks Email Containing Malware that Collects Usernames and Passwords

Barracuda Networks, Inc., a leading provider of network security appliances, today announced that its Barracuda Spam Firewall has implemented specific countermeasures to block the phishing malware attacks targeted at salesforce.com users. These attacks were outlined in a broadcast email yesterday to all salesforce.com users advising them of the latest malware threat.

The attack on the Salesforce.com user base is a variant of known attacks that attempt to lure users into installing malware that can collect passwords to online systems, including banks, credit cards, shopping Web sites, and even salesforce.com itself.

“What makes this form of the attack unique is its social engineering,” said Stephen Pao, vice president of product management for Barracuda Networks. “The email masquerades itself as part of the Salesforce Identity Confirmation feature, which ironically was intended to enhance legitimate salesforce.com security measures against the latest wave of phishing attacks. Because of its clever design, unsuspecting salesforce.com users may inadvertently install the malware.

“While existing defense layers targeting malware in the Barracuda Spam Firewall have been effectively blocking these attacks, Barracuda Central today added another layer of defense specifically targeting this social engineering,” added Pao.

Barracuda Central, an advanced technology center at Barracuda Networks, consisting of highly trained engineers who continuously monitor and block the latest Internet threats, responded to the salesforce.com announcement by quickly adding additional levels of protection in the event that the attack starts using new malware variants. The additional levels of protection involve rules that actually block the social engineering around the Salesforce Identity Confirmation feature in addition to the malware.

“Just as Barracuda Networks was the first major appliance vendor to target the attacks against Adobe Reader users in 2007, we are proud to be the first to specifically target the attacks against salesforce.com users in 2008,” said Pao. “The tactical response of Barracuda Central combined with the Barracuda Spam Firewall's 12 defense layers allows us to continue to supply the best spam protection at the best value in the industry.”

About the Barracuda Spam Firewall
The Barracuda Spam Firewall is available in seven models and supports up to 30,000 active users with no per user licensing fees. Its architecture leverages 12 defense layers: denial of service and security protection, rate control, IP analysis, sender authentication, recipient verification, virus protection, policy (user-specified rules), Fingerprint Analysis, Intent Analysis, Image Analysis, Bayesian Analysis, and a Spam Rules Scoring engine. In addition, the entire Barracuda Spam Firewall line features simultaneous inbound and outbound email filtering with the inclusion of sophisticated outbound email filtering techniques, such as rate controls, domain restrictions, user authentication (SASL), keyword and attachment blocking, dual layer virus blocking, and remote user support for outbound email filtering. The Barracuda Spam Firewall’s layered approach minimizes the processing of each email, which yields the performance required to process millions of messages per day.  Or read more in Gartner, Inc.'s Magic Quadrant

About Barracuda Networks Inc.
Barracuda Networks Inc. is the worldwide leader in email and Web security appliances. Barracuda Networks also provides world-class IM protection, application server load balancing and message archiving appliances. More than 50,000 companies, including Coca-Cola, FedEx, Harvard University, IBM, L'Oreal, NASA and Europcar, are protecting their networks with Barracuda Networks solutions. Barracuda Networks' success is due to its ability to deliver easy to use, comprehensive solutions that solve the most serious issues facing customer networks without unnecessary add-ons, maintenance, lengthy installations or per user license fees. Barracuda Networks is privately held with its headquarters in Campbell, Calif. Barracuda Networks has offices in eight international locations and distributors in more than 80 countries worldwide.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/products-security.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words:  Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint enVision Data Loss Prevention Encryption and Key Management

---

Nexsan SATABeast chases Apple shops with SATA disk array - January 7, 2008

Nexsan Technologies Inc. is planning a version of its SATABeast disk array that has been modified specifically for Apple servers as it tries to tempt loyal Mac users by filling a gap between Apple's storage products.
With the SATABeast Xi, which is expected to become generally available around March 15, Nexsan is aiming to fill a gap between the capacities of Apple's XServ RAID and the XSan. XServ scales to 14 disks and 10.5 TB capacity with 750 GB SATA drives. The XSan is actually a SAN with a SAN file system layered over it that's designed to scale to hundreds of terabytes or petabytes.

Nexsan is adding Apple-specific enhancements to SATABeast, including Apple-like hardware packaging, a Web-based management GUI meant to look like Apple's Safari Web browser and wizards to address some of the peculiarities of Apple's approach to Fibre Channel, according to Nexsan chief technology officer Gary Watson.

"Apple's XServ RAID operates so that a given LUN can only show up on one port, and if you want to multipath, you need to mirror the data," Watson said. "Our wizard will prevent users from setting up storage in a way that can't be resolved by Apple's system and offers them a lower cost approach to multipathing." The Xi's cache has also been tweaked to optimize streaming video performance.

Sencilo Solutions a Nexsan reseller say media companies are looking for new storage alternatives as Apple's Final Cut Pro gains popularity in the video editing world. According to Brian McCarthy, president of Orlando-based Sencilo Solutions, his company first began reselling Nexsan several months ago as disk-based backup for XSan deployments that were often massive. McCarthy said his customers liked Nexsan's pricing and density -- Nexsan can cram 42 TB into a 4U footprint, while the same capacity in Apple's smaller XServ RAID disk arrays would take up 8U.

McCarthy said the value is in the speeds and feeds Nexsan can offer over XServ RAID, such as support for 4 Gbps Fibre Channel and 1 TB disk drives. "Any little jump in performance is huge for companies doing video processing." Nexsan also offers a three-year warranty standard, while Apple's standard warranty is one year.

Apple has not qualified Nexsan's product, and there is no formal relationship between the two companies, which means Nexsan will have a tough time swaying hardcore Mac loyalists. But analysts point out the product could appeal to users in mixed environments who want to manage Mac, Linux and Windows systems together.

"It's in small environments where you're more likely to see total dedication to Mac and Apple products only," said Greg Schulz, founder of the StorageIO Group. "Larger organizations where this disk array would fit tend to be hybrid environments more often than not."

According to Donoyan, the loyalty tends to be more focused on workstations than back-end IT equipment. "I have users attaching Apple XServs via dual Linux controllers to Hitachi Data Systems arrays," he said. "Companies make business decisions, not emotional ones."

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-protection.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland, Cape Canaveral

Other Projects: DR BC Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar CX4

---

ICANN and overbearing governments are gearing up for a major expansion of the attack surface of the DNS. - January 7, 2008

The use of domain names in most phishing is relatively crude, You see a lot of names like www.somefreewebsite.com/~ingrid/www.bankofamerica.com/.... There's no SSL, and the tricky part of the domain name is off to the right. A user would really have to ignore the domain name and focus on the body of the page, which is where the real phishing expertise comes in.But a potentially lucrative minefield for phishing domains may open up through a series of developments currently underway. One of them is the move by some governments to develop alternative root servers. The other is the development of internationalized domain names, especially top-level domains. In at least one case the two are combined.

The alternative root server is a strange concept to most people, says Brian McCarthy President of Sencilo Solutions. The root servers are the DNS servers that control the root of the DNS. They control the top of the hierarchy or the bottom (root) of the tree, depending on the metaphor you want to use. So eWEEK controls the eweek.com domain; VeriSign controls the .com domain; and the root, the level above .com and also known as "." is controlled by the IANA (the Internet Assigned Numbers Authority).

This Wikipedia article includes a list of alternative roots that exist and the non-standard zones they include. For instance, the home page for OpenNIC is http://opennic.glue/. You might be wondering at that ".glue" top-level domain, and if you click on it you'll get an error. That's because OpenNIC is an alternative root with a completely different name space. Your DNS, probably derivative of your ISP's DNS, doesn't point into the OpenNIC name space. Organizations like OpenNIC sometimes exist in order to escape the control of ICANN. Free to put up any TLD they wish, they have .geek for example.

But OpenNIC does exist on the public Internet; it's not a private network. If your DNS is set up for it, it's possible to see these as well as the real Internet. In fact, UnifiedRoot goes this extra mile, by setting up your systems to see the public DNS as well as their own, on which they sell new TLDs to whoever wants them.

These groups don't worry me. Who's going to use them anyway? I get worried when I see whole countries, like Russia, trying to set up separate roots. In the case of Russia, the government wants more control over the Cyrillic portion of the Internet. They can never have real control as long as the root zone is in the hands of the IANA. Call me a western hegemonist, but I just don't trust the Russian government with a root zone.

Compounding the Russian issue is the ongoing development of IDNs (Internationalized Domain Names), which are domain names that support non-Latin character sets, including the Cyrillic used in Russia. Work on this has been in standards bodies coordinated by ICANN for years and some are in use. Work on Internationalized TLDs is also underway, and here's where the phishing angle becomes really clear. .ru the Russian TLD, translates in Cyrillic to .py, the TLD for Paraguay. It's not hard to see a Cyrillic phishing domain in the Paraguayan .py being used to fool Russian users.

This specific example isn't the real point. I have a general concern about these expansions of the DNS in ways that seem destined to provide massive new opportunities for abuse. The limitations of freedom for the people of Russia and China, which is also interested in both developments. Internationalized domain names are not inherently objectionable, of course, and it would be great if they could be made to work securely. Unfortunately, I see most of the news being about new browser exploits and scams.  It's companies like Infoblox that keep things running.  Read more about this in the 2H2007 Gartner, Inc.'s Magic Quadrant.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/products-security.phpAbout Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words:  Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint

---