headtop

Connect to HealthIT News

What Data Domain does NOT want you to know - May 9, 2008

1. What does the term "data de-duplication" really mean?
There's really no industry-standard definition yet, but we're getting close. Everybody agrees that it's a system for eliminating the need to store redundant data, and most people limit it to systems that look for duplicate data at a block not a file level. That's an important feature. Imagine 20 copies of a presentation that have different title pages–to a file-level data reduction system they look like 20 completely different files. Block level approaches would see the commonality between them and use much less storage.

The most powerful data de-duplication uses a variable-length block approach. Products using this approach look at a sequence of data, segment it into variable length blocks, and when they see a repeated block, they store a pointer to the original instead of storing the block again. Since the pointer takes up less space than the block, you save space. In backup, where the same blocks show up over and over, users can typically store 10 to 50 times more data than on conventional disk.

2. How can data de-duplication be applied to replication?
Replication is the process of sending duplicate data from a source to a target. If you replicate all the backup data then you need a relatively high performance network to get the job done. But with de-duplication, the source system–the one sending data–looks for duplicate blocks in the replication stream. If it has already transmitted a block to the target system, then it doesn't have to transmit it again–it simply sends a pointer. Since the pointer is much smaller than the block, we need much lower bandwidth networks for replication.

3. What applications does data de-duplication work with? Are there any that it doesn't work with?
When it's being used for backup, it supports all applications–email, databases, print and file applications, etc–and all qualified backup packages. Variable block length de-duplication can find redundant blocks in the backup stream for all of them. Certain file types–some rich media files, for example–don't see much advantage the first time they are sent through de-duplication because the applications that write the files already eliminate redundancy. But if those files are backed up multiple times or backed up after small changes are made, de-duplication can have very powerful capacity advantages.

4. Is there any way to tell how much de-duplication advantage I will get with my data?
There are really four primary variables. How much the data changes (that is, how many new blocks get introduced), how well it can compress, what your backup methodology is (full vs. incremental, for example), and how long you plan to retain the data. Some vendors–Quantum is one–offer sizing calculators to estimate the effects.

5. What is the real benefit of using data de-duplication?
There are really two. 1) Data de-duplication technology lets you keep more backup data on disk than with any conventional disk backup system–which means you can restore more data faster. 2) It makes it practical to use standard WANs and replication for DR protection–which means users can reduce their tape handling.

6. What is variable-block length data de-duplication? How do you get variable-length blocks and why would I want them?
It's easiest to think of the alternative. If you divided a stream of data into fixed-length segments, every time something changed at one point, all the blocks downstream would also change. The system of variable-length blocks allows some of the segments to stretch or shrink, while leaving downstream blocks unchanged–this increases the ability of the system to find duplicate data segments, so it saves significantly more space.

7. If the data is divided into blocks, is it safe? How can it be restored?
The technology for using pointers to reference a sequence of data segments has been standard in the industry for decades, you use it every day, and it is safe. Whenever you write a large file to disk, it is stored in blocks on different disk sectors in an order determined by space availability. When you "read" a file, you are really reading pointers in file's metadata which point to the various sectors in the right order. Block-based data de-duplication applies a similar kind of technology. And de-duplication vendors typically build in a variety of data integrity checks to verify that the system is sound and the data remains available.

8. Where does data de-duplication take place during the backup process?
There are really two choices. You can send all your backup data to a backup target and perform de-duplication there, or you can perform the de-duplication on the host during backup. Both systems are available and both have advantages. If you de-duplicate on the host during backup, you send less data over your backup connection, but you have to manage software on all the protected hosts, backup slows down because de-duplication adds overhead, and it can slow down other applications running on the host server. If you de-duplicate at the backup target you send more data over the connection, but you can use any backup software, you only have to manage a single target, and the performance is normally much higher because the hardware system is specially built just for de-duplication.

9. Can de-duplication technology be used with tape?
No and yes. Data de-duplication needs random access to data blocks for both writing and reading, so it needs to be implemented in a disk based system. But tape can easily be written from a de-duplication data store and in fact that is the norm. Most de-duplication customers plan on keeping a few weeks or months of backup data on disk, and then use tape for longer term storage. When you create a tape from de-duplicated data, the data is re-expanded so that it can be read directly in a tape drive and will not have to be written back to a disk system first.

10. What do data de-duplication solutions really cost?
There's a lot of variability, but there is a pretty good rule of thumb starting point. Assuming an average de-duplication advantage of 20:1–that's a number widely used in the industry–we have seen list prices in the range of $1/GB. So a system that could retain 20TB of backup data would have a list price of around $20,000–that's much lower than if you protected the same data using conventional disk. A note: options could increase that price–and discounts from resellers or vendors could reduce it.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in Cost Cutting storage, security and managed services solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, Data Domain, EMC, Hitachi, Symantec, HDS, IBM, Commvault, Xiotech and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, storage virtualization installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral Green Simpana Offerings Projects: BC DR planning Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ SSD Solid state disk SANmelody FalconStor tier zero Xiotech ISE nx4 ax4 greenBytes ZFS Sun Top 10 ROBOBak managed services hosting cloud grid Datacore Compellent compellant equallogic lefthand networks don't buy storage stop buying storage itguardian cherub networks Arkeia Network Backup appliance Data Recovery Backup Health IT Healthcare IT Digital Hospital Allscripts

What the PCI Council wants you to know! - May 9, 2008

Jacksonville Florida -- When the Payment Card Industry (PCI) Security Standards Council released version 1.1 of the PCI Data Security Standard in September 2006, it clarified existing mandates and added, in Requirement 6.6, some new ones pertaining to the custom application code that handles protected payment card data.

Basically, the council offered enterprises a choice: have an application security organization review custom application code for common vulnerabilities, or install a Web application firewall in front of Web-facing applications.  See http://www.sencilo.com/security-web-application-controllers.php for more info. 

In keeping with the council's measured approach to improving the security of payment card data, what was put forward as a "best practice" in 2006 will become a full-blown requirement on June 30, 2008. Many companies are already bemoaning the burdensome nature of PCI compliance and will no doubt chafe at paying for either more outside consultants or more security hardware and software.

On the other hand, there are plenty of security professionals who will say that what the PCI DSS requires is nothing more than the same application development and deployment approach that many companies have used for years. I can think of several financial and telecom companies that adopted a similar strategy when working with internally imposed PCI-comparable standards in 1999. Since then, there has been an increase both in the number of people qualified to conduct code reviews and in the availability of commercially supported application-layer firewalls.

Amid today's threat climate, where there is no shortage of people prepared to use whatever attacks they can to gather and exploit payment card data, a strong case can be made for both putting an application-layer firewall in front of Web-facing applications and having application code independently reviewed. However, in the real world, where cost constraints have never been tighter, some enterprises must choose one or the other.

The case for application firewalls
The main reason for an application firewalls like Barracuda Networks is that it will, if properly supported, actively protect against emerging threats, something a one-time code review will not. Sure, a code review might be able to list classes of attack against which the code is deemed secure, and a reviewer may be able to discount some emerging threats by referring to that list. A code review, however, does not provide a way to tweak application proxies in response to attacks.

One common argument against the application firewall is that it may be tricky to fit into an existing architecture. Another objection is that it may work out to be more expensive than a code review. Pricing varies between brands but you could easily be looking at a purchase cost of around $5,000 for something that will handle around 900 MB of throughput, rising to around $8,000 for 2 gigabites per second (Gbps). Total cost will depend upon the level of application traffic, ongoing licensing fees and personnel costs to manage and maintain your Web application firewall capability. However, if you have staff on hand with the skills to tune and manage an application firewall, like the folks who are already running your enterprise firewall, the additional cost may only be incremental or a security based consultant like Sencilo Solutions of Lake Mary Florida. 

The case for code review
A code review is not cheap and in most cases much more expensive the a firewall. For whomever performs it, you are probably looking at tens of thousands of dollars in cost, although the exact figure will obviously depend upon application complexity. Bear in mind, though, that a code review doesn't require the same level of ongoing care and maintenance as a firewall (although future code revisions will need review).

However, enterprises should already be budgeting for code review as part of the software development process. Unfortunately, some earlier PCI guidelines gave the impression that internal code reviews would not be acceptable. Thankfully, we now know it's possible to use an internal staff for the review if it is a) trained and specialized in application-code assessments and b) not the same people who developed the application, this according to the Feb 2008 "Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified" document.

This clarification document approves, with the above caveat, the "proper use of automated application source code analyzer (scanning) tools" and the "proper use of automated web application security vulnerability assessment (scanning) tools."

Making the choice
So now it looks like there may be three avenues available, and in each case the choice may simply come down to people. Does the enterprise have staff who can:
a. Configure and maintain an application-layer firewall?
b. Perform a code review?
c. Use a third-party vulnerability detection tool and fix any problems the review uncovers?

Of course, the decision could also depend upon architecture considerations and how well an application-layer firewall would work with existing systems and devices.

Another factor to consider, particularly for those leaning toward a third-party code review, is how comfortable the organization may be with the status of its code. It is not unusual for payment card applications to develop over time and include some legacy code of unknown origin and unclear purpose. A security staff may not want to remove legacy code and run the risk of breaking a mission-critical application. Without suggesting that anyone should sweep potential bugs under the carpet, placing a firewall in front of an application might be less costly, or less disruptive, than re-writing it in light of a code review.

Finally, it has to be said that PCI DSS, admirable as its goals may be, has been far from perfect in practical terms. Not knowing exactly where the PCI Security Standards Council has drawn the line with Requirement 6.6 can be frustrating for those who are otherwise keen to toe that line. To a security professional who would normally urge the use of both code reviews and firewalls, it is another example of the compliance dilemma. If you promulgate a standard intended to increase security, you must be prepared to answer the question: "What must I do to comply with the standard?" The problem is, the question often becomes "What is the minimum I can do to be in compliance?" Just a few weeks ago, the PCI Council also released a clarification stating that companies can either perform the code review or install the application firewall, but that they would ideally like to see enterprises do both.

I recommend taking the time to understand PCI's Web application requirements, including the clarification documents, and consider how the approved options mesh with your architecture and resources. It is now clear that enterprises have multiple paths to compliance and, if executed properly, any of the options will not only help achieve compliance, but also improve Web application security.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-web-application-controllers.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words:  Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare

What Symantec's Enterprise Vault Division does NOT want you to know! - May 6, 2008

Lake Mary, Florida -- Barracuda Networks Inc., the worldwide leader in email and Web security appliances, today launched the Barracuda Message Archiver 850 and 950 models for enterprises and large organizations searching for an affordable solution to preserve and index all emails.  The Barracuda Message Archiver 850 and 950 models also help organizations to efficiently store and manage emails while satisfying regulatory compliance criteria for saving email.“One of the biggest challenges facing larger organizations today is the need to balance making sure that their email server continues to operate efficiently while also future proofing their network for compliance,” said Stephen Pao, vice president of product management for Barracuda Networks.  “The Barracuda Message Archiver 850 and 950 enable enterprise customers to achieve legal and regulatory compliance needs while making more efficient use of storage technology by providing increased performance, reliability and scalability inside the IT organization.”


The Barracuda Message Archiver 850 can archive and index email for up to 4,000 users and the Barracuda Message Archiver 950 has enough processing power to handle 6,000 users.  Both models include dual-redundant power supplies and hot-swappable RAID arrays.  In addition to offering the full set of storage capabilities – including single instance storage and built-in storage and redundancy through internal or external mirroring – offered with all Barracuda Message Archiver models, the Barracuda Message Archiver 850 and 950 models also include a hardware-based iSCSI host based adapter for high-performance interaction with Storage Area Networks.


Reliable Search and Storage for Public Records Requests

As the second largest school district in Washington with more than 29,000 students spread across 54 schools, the Spokane Public School District in Spokane needed to ensure that it was equipped to quickly respond to email discovery requests.  In Washington, all public organizations, including school districts, are subject to public records requests and various entities can request specific information, such as emails, related to district operations.  Spokane Public Schools selected the Barracuda Message Archiver 850 to help manage and store the email of its more than 4,500 email users to fulfill these public records requests.


“Prior to installing the Barracuda Message Archiver 850 there was no centralized way to fulfill this type of request,” said Brown.  “All employees would be asked to go through their own email inboxes and forward any emails related to the specific request to the IT staff for inclusion in a response to the requesting entity.  This was a slow, time-consuming and ineffective process.”


As with the full Barracuda Message Archiver product line, the Barracuda Message Archiver 850 and 950 offer a complete set of message archiving features designed with both compliance and storage efficiency in mind.  The Barracuda Message Archiver stores and indexes all email for easy search and retrieval by both regular users and third-party auditors and offers greater ease of use and administration, enabling deployment in less than 60 minutes.


“We were pleased that the Barracuda Message Archiver 850 not only was able to archive on a going forward basis but it also allowed us to automatically import in all messages already in our email system giving us access to information that had been up to that point difficult to retrieve,” said Brown.  “In addition it is easy to maintain and we appreciate that updates and enhancements are made in a timely fashion.”


Pricing and Availability

The Barracuda Message Archiver 850 and 950 are currently available in the U.S. and priced at $29,999 and $44,999 respectively with no per user licensing fees.  International pricing and availability varies by region. 


About the Barracuda Message Archiver

The Barracuda Message Archiver is a complete and affordable email archiving solution, designed to effectively index and preserve all emails, achieve legal and regulatory compliance needs, and make more efficient use of storage technology inside the IT organization.  Leveraging standard policies and seamless access to messages, email content is fully indexed and backed up to enable administrators, auditors and end users quick retrieval of any email message stored in an organization’s email archive.  Delivered by Barracuda Central, Energize Updates provide automatic updates to its extensive library of virus and policy definitions for enhanced monitoring of compliance and corporate guidelines, document file format updates needed to decode content within email attachments and security updates for the underlying platform to remain free of potential security vulnerabilities.


For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-protection.php


About Us


Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.


Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.


Key words:  DR BC Replication De-Dup iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant LTO Backup Exc NetBackup Legato TSM Commvault BakBone D2D D2D2T compare cloud Enterprise Vault


De-Dup now with GRID Storage - May 6, 2008

ExaGrid Systems, Inc., the leader in cost-effective and scalable disk-based backup solutions with byte-level data de-duplication, recently announced the industry's first 30TB disk-based backup system with data de-duplication and a scalable GRID architecture. This product enhancement allows customers to store a 30TB full backup, plus weeks or months of retention, in a single GRID system. The expanded 30TB capacity will be available for both ExaGrid's EX series servers with internal storage, as well as the ExaGrid iSCSI Gateway for Dell EqualLogic PS Series storage arrays.

In addition to expanded backup capacity, ExaGrid provides best-in-class backup performance by writing to disk at full disk speed (post-processing) and by adding complete servers in a GRID for system expansion, instead of just more disk capacity. This scalable GRID-based approach maintains fast backup performance even as data grows. ExaGrid is also uniquely fast for restore performance as it stores the most recent backup in its complete, non-de-duplicated form ready for rapid restoration or tape copies.

The latest version of the ExaGrid Disk-based Backup system includes the following important enhancements and customer benefits:

Scalable Virtualized GRID Architecture:


  • Store a 30TB full backup, plus retention of backup history, in a single GRID system (up to six 5TB ExaGrid servers in a virtualized GRID system).

  • Plug-and-play growth—new systems virtualize together automatically. No splitting data or losing de-duplication efficiency across separate systems.

  • Fully configured ExaGrid installations are managed via a single Web UI, accessed with one login, unlike other solutions that require logging into and managing multiple separate devices.

  • Performance scales with data growth since processing power and memory are added along with storage capacity.

  • Automatic load balancing across all servers in the GRID.

  • Multiple 30TB GRID systems can be installed for increased capacity.


 

 

Highest Performance for Shortest Backup Window and Fastest Data Restoration:

  • Fastest backup performance due to post-process de-duplication. Write directly to disk without any processing on the fly to slow down backups. (Backup throughput: up to 4TB/hour).

  • Fastest restore and tape copy performance with byte-level data de-duplication which keeps the most recent backup in its whole form, unlike other solutions which require re-assembly from small blocks and large hash tables. (Restore throughput: up to 2.6TB/hour).


 

Most Cost-Effective and Flexible Solution:

  • Granular sizing options "right size" to specific customer backup data requirements, today and in the future.

  • Five EX Series server configurations with internal storage hold full backups of 1TB, 2TB, 3TB, 4TB or 5TB, plus retention. Servers can be combined, with up to six servers in a single GRID (5TB EX Series servers x 6 = 30TB ExaGrid GRID system).

  • No need to over buy storage capacity upfront. Systems can be easily combined in a virtualized GRID for larger capacities as needed.


 

Support for Leading Backup Applications

  • CA ARCserve

  • CommVault Galaxy

  • Symantec Backup Exec

  • Symantec NetBackup

  • EMC Networker

  • Microsoft SQL Dump

  • VMware Backup (VMDK)


 

Energy and Rack Space Efficient Operation

  • Customers can store many times more backup data in the same space for substantial savings in power, cooling and space requirements versus standard disk.


 

"We hear over and over again that completing ever larger backups in a short backup window is a primary customer concern," said Bill Andrews, president and CEO, ExaGrid Systems, Inc. "This latest product enhancement allows customers to achieve the shortest backup window possible with our post-processing data de-duplication, but also to maintain that short backup window as their data grows by leveraging our scalable GRID architecture. This approach also allows customers the flexibility to buy only what they need, when they need it, as additional servers can be added into the GRID at any time. The strength of our scalable GRID architecture is that you can grow the system as your data grows and performance does not degrade. Each server brings additional memory, processor and bandwidth resources, along with storage capacity."

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

RSA, the Security Division of EMC, Delivers Standards-Based Approach to Help Simplify Compliance - May 6, 2008

Orlando Florida -- RSA, The Security Division of EMC , today announced the findings of a new research paper that details the benefits organizations may gain -- including reduced costs and improved security -- by implementing a standards-based framework of security controls. The paper also details the ability of comprehensive security frameworks to help companies more easily comply with a variety of security requirements handed down by regulatory bodies, industry groups, partners, customers and internal policies.In addition, RSA announced new reports within the RSA enVision(R) security information and event management solution that are designed to enable organizations to more easily report on key aspects of the ISO 27002 standard -- a global code of practice for information security management which is useful in defining an effective set of best practice security controls as part of a compliance framework.


In March 2008, RSA commissioned Michael Rasmussen, industry analyst and President of Corporate Integrity, to undertake a research paper based on what it means to develop a "sustainable and cost-effective IT compliance program." The key findings of this project are that the typical approach to compliance -- responding on a regulation-by-regulation basis without an integrated IT compliance management program -- escalates costs, reduces visibility of the control environment overall, wastes resources, and leads to unnecessary complexity, inflexibility, vulnerability and exposure.


"A proactive approach to IT compliance allows organizations to look confidently to the future while also mitigating risk in the course of business," said Mr. Rasmussen. "An effective IT compliance program should be centered on a comprehensive framework, based on industry-wide standards -- such as ISO 27002."


Security Frameworks-Based Programs to Simplify IT Compliance


As organizations worldwide struggle to both comply with a plethora of compliance requirements and improve enterprise-wide security, a framework-based approach founded upon best practices and controls helps customers to build a proactive security program that may effectively break down the walls that often isolate organizational compliance silos. By driving compliance holistically, rather than on a requirement-by-requirement basis, companies may reduce costs by both avoiding redundant technology controls and easing the process of managing compliance. In addition, leveraging international standards such ISO 27002 as the foundation of an IT security and compliance program helps organizations align efforts to comply with key portions of many global regulations, including: the Payment Card Industry (PCI) Data Security Standard (DSS), HIPPA, Sarbanes-Oxley, the European Union's Data Protection requirements and regional data privacy laws.


"Our forward-thinking customers are using framework-based security and compliance programs to cost-effectively satisfy multiple requirements and manage information risk," said Steven Preston, Senior Director, Solutions Marketing at RSA, The Security Division of EMC. "This goal can be achieved through the application of a consistent, holistic set of repeatable, scalable, enterprise-wide controls, which are centered upon recognized IT security best practices."


RSA Solutions to Establish Security Frameworks for Simplified Compliance


RSA's portfolio of technology solutions offers key security controls that help organizations establish frameworks based upon global best practices and standards. Key controls delivered by RSA's solutions include:


New Reporting Capabilities Within the RSA enVision Platform for ISO 27002-based Security and Compliance Programs


The RSA enVision platform is designed to offer a comprehensive suite of out-of-the box reports, which help enable organizations to effectively monitor their ISO 27002-based security and compliance program. These reports are prepared to align directly with the ISO 27002 standard, and help enable organizations to effectively demonstrate compliance with critical areas of the specification. Reports within RSA enVision platform related to ISO 27002 focus on areas such as computer account logon activity, computer account status, control of collected evidence, control of human resources data, malicious software activity, password changes and expirations and source code access.


Information Security Services to support Framework-based Compliance Initiatives


In addition to delivering a broad range of security controls, various EMC information-centric security consulting services -- leveraging solutions from RSA -- help enable organizations to effectively enact framework-based compliance programs.


For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-web-application-controllers.php


About Us


Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.


Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.


Key words:Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare


Nexsan going Public? Not a chance - May 6, 2008

Storage hardware and software vendor Nexsan Corp. is trying to raise $80.5 million in an initial public offering (IPO) after suffering through a decade of unprofitability.

"We have not been profitable in any fiscal period since we were formed," Nexsan stated in papers filed with the U.S. Securities and Exchange Commission. Nexsan was founded in 1999 and has recorded $21.9 million in net losses since July 2004.

Nexsan's decision to go public is surprising because the current market climate is "inhospitable," The 451 Group analysts Henry Baltazar and Brenon Daly wrote in a report issued May 1, a week after the IPO filing. Nexsan, a specialist in storage and digital archiving, is billing itself as a "green" storage vendor with systems offering high density and energy efficiency. (Compare storage products.)

Nexsan cautioned investors in its SEC filing that it faces stiff competition from Dell, EMC, IBM, Sun and several other big storage vendors.

"We have a history of losses, and we may not achieve profitability in the future," Nexsan wrote in the SEC filing. "We face intense competition from a number of established companies and expect competition to increase in the future, which could prevent us from increasing our revenue and end user base."  Say one VAR from recent Storage Conference "only Stevie Wonder would buy their stock, besides the product is marginal at best."

Nexsan's product releases over the past year or so include an appliance for smaller organizations and branch offices that lets them archive and retrieve as many as 20 million documents and a joint venture with Reldata Inc. that combined their network-attached storage, iSCSI and Fibre Channel technologies.

Customers use Nexsan hardware and software to store and preserve e-mail, office documents, medical images, and digital video and audio files, The 451 Group noted. Long-term storage of fixed content is a big priority for Nexsan these days.

"[Nexsan] was a pioneer in the disk-to-disk backup space and helped lead the push toward the development of inexpensive storage systems leveraging high-capacity, low-cost disk drives," The 451 Group said. "More recently, Nexsan has moved deeper into digital archiving for unstructured data. Interestingly, it describes itself ... as a 'fixed content' specialist. Although this product line contributes less than 10% of revenue, the company is staking its future on the opportunity in this market."
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

EMC has it's head in the Clouds - Cloud Storage that is! - May 6, 2008

Mozy, Inc., part of the Cloud Infrastructure and Services Division of EMC (NYSE:EMC), today announced the release of MozyHome for Mac, the industry's first unlimited online backup service for the Mac. Mac users in the home can now safely and cost-effectively back up all of their digital information over the Internet. With more than 700,000 total users worldwide and 6.2 billion files backed up, Mozy is the leading online backup service of choice for consumers and small businesses.

"Mozy is honoring its roots by augmenting its service to consumers and small businesses," said Vance Checketts, chief operating officer for Mozy. "We've had more than 43,000 individuals participate in our public beta and have devoted thousands of hours of development to this new MozyHome for Mac release."

Designed as a consumer service, MozyHome for Mac offers 2 gigabytes of online backup absolutely free with no expiration date, or $4.95 a month for unlimited online backup capacity. Mozy automatically protects all computer files including photos, music, videos and financial documents from data loss in the event of hard drive crash, accidental deletion, natural disaster or theft. All files are encrypted with 448-bit Blowfish encryption and the encrypted files are transferred via a 128-bit SSL connection – the same encryption used for online banking – during the backup process for extra security. After the initial backup, Mozy only backs up incremental changes to files and folders, meaning subsequent backups run extremely fast. In addition to the most recent backup, Mozy keeps 30 days worth of file versions as well. In the event of data loss, files may be recovered via the Mozy client software, downloaded from the Mozy website, or by ordering the files on a set of DVDs from Mozy.

"I had just completed my transition from Tiger to Leopard when my hard drive crashed," said Donald Malm, who participated in the MozyHome for Mac beta. "The restore of all my data from Mozy was completed without a single error. My Quicken data was exactly where I had left off the day before the crash. Never have I made a better purchasing decision since I started in the insurance and financial system design industry 52 years ago."

Later this summer, Mozy will release a business version of its Mac service to enhance its MozyPro and MozyEnterprise offerings. More than 20,000 business customers already trust Mozy to back up their data, and Mozy is currently backing up more than 7.5 petabytes, the equivalent to 7.8 million gigabytes, across multiple data centers. Businesses interested in an online backup service for the Mac can sign up to be notified at www.mozy.com/mac/probeta.

With the addition of the MozyHome for Mac service, EMC offers Mac users the industry's most robust backup and recovery options. Other data protection offerings for Mac users include EMC Retrospect for Macintosh and EMC LifeLine software.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-protection.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

A study found that 64 percent of respondents said Access Controls is the top security concern - May 6, 2008

Despite increased awareness of access control issues, healthcare providers continue to struggle with security and compliance related to user access, according to the results of a survey conducted at the Health Information Management and Systems Society 2008 conference in February.

The survey, conducted by enterprise provisioning and access control software vendor Courion at the show Feb. 24-28, revealed that 64 percent of respondents cited controlling user access to clinical systems as their top IT security concern.

The survey, which was conducted among 136 pre-screened HIMSS attendee respondents, found that 60 percent reported issues with users sharing passwords, 52 percent found that orphaned user accounts were not properly disabled after employment was terminated and 38 percent of respondents said there had been instances of inappropriate access.

Todd Chambers, chief marketing officer at Courion, said that while many hospitals are taking a more strategic view of security and privacy issues related to access, these issues were complicated by the fact that many organizations were relying on remote work forces, as well as mobile and wireless technology, which made it difficult to secure a hospital's IT environment.

Chambers said outside contractors, nurses or physicians who weren't part of the permanent staff, as well as third-party vendors, all needed access to systems and information to do their jobs, but that access could create vulnerabilities if they affected a caregiver's ability to deliver patient care.

"These guys are worried about getting their job done and caring for patients," Chambers said.  "A security or compliance requirement is going to be ignored in favor of getting that job done—especially if those requirements stand in the way—if it's easy for [caregivers] to bypass and if they're not enforced by hospitals.”

Access issues are a major concern not only because they can leave hospital systems vulnerable to viruses and hackers, but because of the need to meet HIPAA audit requirements that require knowledge of who is accessing specific systems at what time and whether that access is authorized.

Chambers said one surprising statistic showed that the threat of a HIPAA compliance audit was the strongest incentive for increasing security initiatives, with 60 percent of survey respondents saying that was a major driver of security and compliance decisions, and 75 percent of respondents reporting they were concerned or very concerned about facing a HIPAA audit. Chambers said that while HIPAA audits were performed in the past, they have become more frequent recently.

"Until recently, the idea of a HIPAA audit was not that threatening. But now more HIPAA audits are taking place in hospitals that may not have even had any violations, and as the government enforces HIPAA, they are being more punitive," said Brian Mccarthy Security Expect and Co-founder of Sencilo Solutions in Lake Mary, Florida. 

Typically, hospitals perform internal audits to test for security and compliance, but these usually are time-consuming and often don't prevent a breach from happening, since they can only report what has already happened. 

The survey included a cross-section of healthcare providers ranging from community hospitals to multi-hospital systems, and was developed to augment a focus group Courion conducts that gathers insight into security and compliance in the healthcare industry.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-web-application-controllers.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words:  Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare

Data Storage profits are up? - May 6, 2008

Compellent joined other storage companies including EMC and Commvault in reporting a strong first quarter despite a down economy. The company’s revenues more than doubled year over year to $18.3 million, growth of 107% over the first quarter of 2007 and 9% over the previous quarter.

The company also is still a ways from profitability, and lost $1.2 million last quarter despite the increased revenue. CEO Phil Soran said on the company’s earnings call that this is because Compellent is growing and is adding operating expenditures such as salaries for new employees. Soran said he expects Compellent to be profitable by the second half of this year.

With the rest of the country in financial turmoil, how are storage companies staying strong? “Storage is the last thing that gets cut from the IT budget,” was Soran’s answer. I would also imagine it’s because storage has always been a conservative market–it doesn’t have as far to fall as some other markets.

Another thing benefitting Compellent, according to Soran, is the acquisition of midrange disk array competitor EqualLogic by Dell. It’s been well-publicized that EqualLogic channel partners have been wary of the deal, if not downright alienated by it, because of Dell’s poor reputation in the channel. Soran declined to give any specific numbers around how many channel partners have defected or how much new business it accounts for, but volunteered anecdotally that Compellent is seeing more large EqualLogic channel partners looking its way as a result of the Dell deal.

Still, Soran says the company has a ways to go when it comes to gaining that mind share. Echoing some of NetApp’s statements when it rebranded itself earlier this year, Soran said Compellent does well when companies look at its products but often doesn’t get brought to the table.

I also asked him whether or not Compellent is seeing significant business as a tier-2 disk array in large shops. He said yes, but also declined to break out any numbers.

Soran attributed Compellent’s growth to the attractiveness of its consolidation and thin provisioning features in a down economy, similar to the power and capacity savings that have reportedly kept money flowing in to Data Domain’s coffers. But Soran said Compellent’s chief competitor remains EMC, which doesn’t yet offer many of the features he was referring to–and EMC also reported a stronger-than-expected first quarter.

“They have a good brand,” Soran said.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-protection.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words:  DR BC Replication De-Dup iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant LTO Backup Exc NetBackup Legato TSM Commvault BakBone D2D D2D2T compare

Is Symantec up for sale? - May 6, 2008

John Thompson must have known the question was coming. The Symantec CEO certainly heard the rumors. So when he was asked Wednesday night during his company’s earnings conference call about selling off parts of his company, Thompson couldn’t have been clearer.

“Contrary to popular rumor, we have no plans to divest of anything,” he said. “None.”

The rumors mainly involved the storage products that Symantec acquired from Veritas three years ago. And they were widely circulated. According to an Associated Press earnings preview story that ran this week:

Analysts are particularly interested in the possible sales of backup and recovery software product NetBackup and the company’s non-Windows Data Center Foundation, which comprises of storage and server management products.

Several technology bellwethers, including IBM, Hewlett-Packard and EMC have been named as potential buyers for Symantec’s storage products, including NetBackup.  One executive from HP who did not wish to be known is quoted as saying "he has meet with John (Thompson) and it's all but signed."

AP could have added two other bellwethers who have been mentioned as suitors of all or some of the Symantec storage products - Oracle and Microsoft.

From the tone of Thompson’s voice when he answered the question, he’s not happy with the rumors. Yet Symantec is at least partially to blame. There have been frequent reorganizations since it bought Veritas, usually accompanied by layoffs. Symantec admitted a large layoff in April but would not give details. This left the door open for scared Symantec employees, disgruntled former employees and opportunistic competitors to attempt to fill in the details. And Symantec execs have talked about getting rid of poor performing units on previous earnings calls.

But Wednesday’s call was upbeat. Symantec reported outstanding results all around, and storage was front and center. Email archiving, backup, and storage management were among the product segments that posted double-digit year over year growth. Thompson and COO Enrique Salem talked of a bright future for Net Backup 6.5, Backup Exec 12, and Storage Foundation. They emphasized Symantec’s encryption and virtualization capabilities and gushed about three hot storage areas where Symantec has hardly been a pioneer: data deduplication, continuous data protection and software as a service (SaaS).

Symantec’s earnings were impressive in current economic conditions, although with 53 percent of its revenue from international sales, it took advantage of favorable foreign exchange rates against the dollar. Symantec gained share from its major rival EMC on the backup front, with 11 percent year-over-year growth compared to EMC’s 8 percent growth.

The question now is whether the strong storage performance will prompt Symante execs to forget about spinning off any pieces, or will it only add to the value of a possible sale? Thompson’s take is nothing is for sale. Despite what you might have heard.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-protection.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words:  DR BC Replication De-Dup iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant LTO Backup Exc NetBackup Legato TSM Commvault BakBone D2D D2D2T compare



headerbottomrounded