Thursday, October 31, 2013

Spooky! Cisco Raises Catalyst Switch Prices By Almost 70%

In the spirit of Halloween, let’s talk about the most recent Cisco experiment. While it has nothing to do with a boiling cauldron over the fire or rejuvenating Frankenstein, it is an interesting one none-the-less. A recent article form Network World claims that they have Cisco documentation stating that they plan to raise the price of some Catalyst switch models by as much as 67%.

Cisco’s planned price increase will not affect newer generation Cisco Catalyst switches. Cisco switches that will be affected by the pricing increases include select Catalyst 3000, 4000, and 6000 series switches, as well as their associated accessories and other related products.

The favored theory behind Cisco’s pricing experiment is that it is a strategic move intended to push Cisco users into buying newer generation product. This is the opposite of the traditional approach, where manufacturers lower the price of previous generation product when releasing a new generation.

Not only does Cisco’s price increase go against the grain as a strategy for a new generation product release, but it is also against the current market trend. Volume and value engineering have lead to a combination of silicon density and chipset consolidation that has resulted in lower networking switch hardware costs across the board.

While some say this may be the start of a new trend for other manufacturers in order to increase their profits, others say this move may drive Cisco users to turn to the secondary or refurbished Cisco market or even, to turn to a competing network manufacturer like Juniper Networks. Taking place as soon as November 2nd, time will tell if Cisco’s experiment turns out to be a trick or a treat for the networking giant.


Thursday, October 24, 2013

5 Things to Avoid When Deploying VDI

Virtual Desktop Infrastructure (VDI) adoption is steadily increasing. If you’re considering VDI for your organization, it’s important to not only take note of what to do when deploying VDI, but also what you definitely do NOT want to do.

Here are the top 5 things that you do NOT want to do when deploying VDI:
  1. Improper resource planning - Improper resource planning is a common mistake that often results of a lack of long-term vision. Don’t just plan for what your users will need at the start of the deployment, but try and plan for years down the road.
  2. Assuming your security woes are gone - Don’t assume that VDI will eliminate your security woes because you now have the option of virtually wiping someone’s device of corporate data. As cool as that is, data breaches can still occur via a number of different methods. 
  3. Having unprepared users - Just like anything else your organization might roll out to your users, advanced notice is always best. Make sure that your users are fully aware of what they can and cannot do with your VDI, and be sure to follow up with them after the deployment. Silence is not always golden. 
  4. Not understanding user profiles - Since managing and troubleshooting user profiles will be a crucial aspect of your VDI, it is important that you gain a good understanding of them since you may not have been familiar when everyone was using physical desktops.  
  5. Not having a backup plan - While one of the benefits of VDI is that you don't necessarily have to back up every individual desktop, it is important to include a full disk image backup and to aim for redundancy in every possible aspect in case of the dreaded, but not altogether uncommon WAN outage.
So, remember to keep in mind these 5 critical VDI mistakes when planning for your VDI implementation. While you could run into an issue by being under-prepared, no one’s ever heard of having an issue because you were over-prepared for something, right?

Thursday, October 17, 2013

Protecting Your Network: Intrusion Deception

The Internet is made up of websites.  We use these websites to shop, bank, research, work and relax.  These websites contain information on people, places, and things.  This means information on me and you.  That information is valuable to someone and it’s important for that information to remain secure.  In previous “Protecting Your Network” blogs, we’ve talked about the ways we secure that information using firewalls, IPS, application inspection, policies and good ole’ fashion common sense.  Today, we’re going to talk about a new tool in the fight against those who want access to our data and information, Intrusion Deception.

What is “Intrusion Deception”?  Simply put, Intrusion Deception is counter-warfare on a technical level.  We’re feeding false information to attackers to make them think they’ve hit a goldmine, all the while gathering information on them, fingerprinting their devices and recording their methods in an effort to quickly identify them. This means that when they try to attack again, we can quickly apply countermeasures to stop them in their tracks. 

In the past, ambitious security engineers would stand up an unpatched web server on the Internet disconnected from anything else and allow it to be compromised.  They would then take it offline and perform a forensic analysis on the machine to see what had been done, from where, how, and what could be implemented from a security standpoint to prevent it from happening again - rinse and repeat.  This method was time-consuming, expensive and completely reactive.  The attackers were always multiple steps ahead in the battle.

Enter Junos WebApp Secure (formerly Mykonos), the first of its kind Web Intrusion Deception System that detects, tracks, profiles and prevents attacks in real-time.  Coupled with Junos Spotlight Secure, a cloud based hacker device intelligence service, we now have a method of identifying and tracking attacks and proactively preventing these attacks from happening.  Rather than relying on the reactive method of signature-based IPS / IDS or Anti-virus / Malware detection points, WebApp Secure relies completely on the malicious actions of the attacker acting on fictitious code embedded in a given website.  Code a normal user will not see, but an attacker will see and view as an easy entry point for gaining valuable information.

Intrusion Deception.  Turning the tables on the attackers.

Thursday, October 10, 2013

Small Business Experiences Largest Growth for Cyber Attacks

According to a survey performed by the National Small Business Association (NSBA), 94% of small business owners are worried about cyber security. And the fact is, they should be. The Symantec Internet Security Threat Report released this April identifies the largest area of growth for cyber attacks in 2012 was for businesses with fewer than 250 employees. In fact, nearly 1 in 3 cyber attacks occurred in this business segment, a reflection of the common practice in which cyber attackers use small businesses for practice before moving on to more sophisticated attacks targeted at larger organizations.

In response to the rate of cyber attacks, the survey respondents stated that upgrade costs, security issues, and the time investment required to fix problems were their top three information technology concerns. This can all add up in terms of hard dollars, which is particularly alarming given that the NSBA also states that the average cost for small-business victims was $8,699 per attack.

While the government was previously the top economic sector targeted for cyber attacks, the focus has shifted. According to this survey, the most targeted economic sector for cyber attacks in 2012 was manufacturing. This may seem like a surprising shift, but the manufacturing sector has become an attractive target for cyber attackers due to the large amount of data that they produce. This data includes corporate intellectual property, technology, and designs, which can result in significant financial losses if stolen.

While the numbers are alarming, help is available for small businesses. Don’t wait until your security is breached; take the first step today because, as the saying goes, the best defense is a good offense. So if you’re concerned about the risk of cyber attacks and the impact on your business, reach out to us at Great Lakes Computer for a complimentary network security consultation.


Thursday, October 3, 2013

The Nimble Storage “Special Sauce”

So what exactly is the “special sauce” behind Nimble Storage that made Great Lakes Computer decide to partner up with this particular storage vendor? Well, our decision was based on our belief that Nimble Storage is a revolutionary architecture, which may well influence the next generation of storage.

Over the past five years, storage vendors have made some impressive improvements in I/O performance, achieved almost entirely through using lots of high-RPM spindles, lots of cache, and a generous helping of SSD drives for “Tier 1” data. Automatic migration of data to the appropriate tier has been a very hot topic, and has generally been accomplished with proprietary algorithms with varying degrees of success. The downside of all this improved performance is that it also comes with pretty hefty price tags. 

All of this high-powered hardware was being held back by the simple fact that IO was still being done the same old way, small block random I/O, resulting in a great deal of disk activity for every transaction.  Enter the Nimble Storage Cache Accelerated Sequential Layout (CASL) system.  Nimble Storage’s unique architecture, CASL, is the enabling technology that makes converged storage possible.

CASL starts with an inline compression engine that compresses data in real time with no added latency, reducing the amount of data stored 2-4x.  This is possible because of two key Nimble Storage advantages:
  • Nimble Storage’s software was designed upfront to leverage the powerful multi-core CPUs used across the Nimble Storage array family for instant, high performance compression.
  • Nimble Storage is the ONLY primary storage array that natively supports variable size blocks. 
Because data blocks compress at different rates, fixed size blocks become variable sized after compression. This is a critical issue for high performance compression. With fixed size blocks found in other storage architectures, you can only compress data that is offline or rarely accessed.

Next, CASL groups random blocks of data into larger segments before writing it to flash and disk.  These fully sequential writes maximize the performance (and lifespan) of flash, which does not handle randomly written data effectively.  Sequenced writes also maximize the performance of low RPM drives, which do not like to seek but can handle fast sequential streams.  A copy of all active or “hot” data (and even “semi-active” data) is held in the large flash layer, enabling very fast random read performance. Inactive or “cold” data resides only on compressed high-capacity hard drives, further reducing costs. CASL’s intelligent index tracks hot data blocks in real time, adapting to hot spot and application workload changes within milliseconds, while even the most advanced tiered systems require a day or more.

So very simply, here are a couple of take-aways about the Nimble Storage “Special Sauce”:
  1. SSDs are used only as read cache, never as a Tier One storage layer.  This takes advantage of the best quality of an SSD drive, fast reads, and does not rely on them for writes, which SSD’s do not perform very fast.  And in using them as cache, the data on these SSD’s is not vulnerable to loss as it is already written to disk.
  2. Using cache accelerated sequential writes greatly reduces the number of disk I/O’s needed to write data and allows data to be written very efficiently in large sequential blocks.  What this means is that the disk is no longer the bottleneck.
In our brave new world of virtualized servers, virtualized desktops, virtualized storage, and virtualized networks, IOPS is king.  And Nimble Storage seems well-poised to delivery those IOPS in a compact, cost-effective package.