tekniaxp.com

Networking Pipeline
November 14, 2005

Got a bogged-down, sluggish network? The problem likely isn’t that you’ve outgrown your infrastructure — you have some serious bottlenecks. Here’s how to fix your network’s five biggest bottlenecks.

By Matthew Friedman Networking Pipeline

It’s so plaintive that it can be heartbreaking: “Why is the network so sloooooowwww?” plead users in just about every organization in North America. The inability of a network to keep up with the expectations and demands of its users seems, at times, to be the defining characteristic of networks.

“Everyone, at some point, complains that the network is too slow,” Info-Tech Research analyst Carmi Levy says. “Very often, organizations think that they’ve outgrown their network, without considering that the real problem is that it’s a bottleneck,” that is causing the problem.

Indeed, network bottlenecks are so common that they’re almost a fact of life. And because of the nature of the problem, many organizations simply fail to address the problem, choosing instead to simply throw money at upgrades and hope for the best. “It’s not usually a big-bang problem,” Levy says. “Organizations aren’t experiencing massive bottlenecks that compromise their ability to do business.

But they are experiencing slowdowns that can often stimulate unnecessary spending, and that can affect the bottom line. “Instead of dealing with the problem, companies often just go out and buy new stuff. That’s spending inefficiently because they’re not doing a cause analysis.”

And without taking a close look of the fundamental causes, the bottlenecks are unlikely to go away, no matter how much money you throw at them. The key to really solving the issue of course, is to know where to look and, although there is a staggering variety of them, some kinds of bottlenecks are both more common and more pressing than others.

1. Poorly Tuned Servers: While it’s easy to think of the network solely in terms of the plumbing, it’s important to remember that its purpose is to move data around, and where that data reside can be a big source of network slowdowns. “The problem is that servers are being asked to do more than ever before,” Levy says. “They’re handling all kinds of data and applications and multiple layers of traffic, and they’re expected to do it all well.”

The key to server performance is to understand just what it is that you expect each server to do, and set them up accordingly. Despite the promises of out-of-the-box performance, the real world is never quite that simple. “You have to configure for optimum performance for every job that every server is supposed to do,” Levy says. “It’s can be time consuming, particularly is you’re running a whole lot of servers, but the network performance gains are worth the effort.”

2. Constellations of Appliances: Every network function, it seems, has been condensed into an appliance, and that can be a problem. “There are more devices on networks today than ever,” Levy says. “Every time we need some kind of new functionality, we toss new stuff on the pile.”

Security appliances, firewalls, Blackberry servers, the Google search appliance: Each appliance that does what used to be managed in software adds processing time to the network signal. “Vendors are selling a solution in a box,” Levy says. “That can screw up your network balance. It’s worse that it was, and it’s only going to get worse.”

The solution is to decide what you can do without and what you can leave to servers. Appliances can be very useful and convenient but, Levy says, when the short-term fix contradicts long-terms goals like network performance, you have a problem. “Slipping a best-of breed solution to address tactical issues only make sense if it doesn’t run counter to long-term needs,” he says. “That’s why you have to stop and think ‘Do I need this device?’”
3. Improper Segmentation: Network performance wasn’t a major issue when you had relatively few users and devices using relatively few resources. But the increasing demand placed on networks has made the plug-it-in-anywhere approach a recipe for bottleneck frustration.

“This is an increasing issue, especially as we’ve become more security conscious and have to set up secure zones,” Levy says. “But a lot of networks are built without a roadmap, so they’re either not properly segmented, or not segmented at all.”

The idea, of course, is that network performance will only suffer when everyone’s traffic is running over the whole network. If the graphics department is doing some heavy rendering, there’s no reason for all of that traffic to clog up the accounting department. Better to give the arty guys their own little patch of Ethernet than have them take over the whole company.

“It’s important to invest in areas that need performance and segmenting them away from areas that don’t,” Levy says. “This is about planning and executing your network as efficiently as possible. You don’t need to build a superhighway to get to the grocery store.”

4. Misbehaving applications: Even if the plumbing is optimized to within an inch of its life, there’s always the danger that your network applications are bigger, more bloated, and more inefficient than they need to be. Anything that runs on the network affects its efficiency, and anything that uses the network inefficiently will have serious performance consequences.

“The sad truth is that a lot of application developers develop applications without understanding, or sometimes not caring, what their impact will be on the network,” Levy says. “Those applications steamroll everything else. A sales force automation application that synchronizes a database by moving the whole database over the wire is going to cause problems. There are more efficient ways to do these things, and applications that don’t do things efficiently are going to cause huge bottlenecks.”

It’s important, then, to try before you buy. Levy says that the promises and benefits of a new application have to be weighed against its network impact, and the only way to measure that is to test it out. “This sis something you need to consider before deploying an application,” he says. “Do you have a testing network where you can analyze network functionality before deployment? You should.”

5. Bad Security: Apart from the very real dangers to your corporate data itself, security is very much a performance issue. “Have you ever tried to run anything on a network where the PCs are running as a zombie net?” Levy asks. “It’s a lesson in frustration.”

With keyloggers reporting home, adware pulling in graphics and data from the Internet and spam clogging mail servers — none of which add anything to your business — you can have a very big performance problem. “Insufficient security does lead to the inefficient use of business and network resources,” Levy says. “It bleeds them dry.”

Whether any of these issues are at the root of an organizations network bottleneck woes is hard to say. However, Levy says that the only way to start to answer the question is to start looking at how the network actually works, and whether there are problems that can be fixed through good management practices rather than technology.

The biggest bottleneck is the lack of proactive network administration. “Before you throw money at anything, you need to do a protocol analysis, and know what’s happening on the network that you have,” Levy says. “Connect sniffers, understand where the traffic is coming from. You can’t manage your network unless you know how its performing, and that should be how you guide your efforts. If that analysis says ‘yeah, we’re at capacity,’ then you can go shopping for new hardware.”

December 19, 2005

Think you’ve had security problems? You ain’t heard nothing yet. We asked the pros to tell us some of the worst disasters they’ve faced.

Here’s what they told us.

By Matthew Friedman
Networking Pipeline

If there’s a law of network security, it is that disasters happen. However, some disasters are worse than others, both because of the causes and the consequences of the error. When the Canadian Air Miles loyalty card exposed subscribers’ personal information on an unprotected website directory in 1999, the situation was a horror story both because the privacy of 50,000 consumers was compromised, but also because it was such a stupid error.

“Dumb mistakes are so common, but the problem is that you don’t have to be dumb to make a mistake,” says Justin Peltier, senior security consultant at Peltier Associates in Detroit. “Once system complexity gets to a certainly level, mistakes are virtually inevitable, and it’s the mistake and not the hacker that’s going to get you. Even then, defenders have to be right all the time, while attackers only have to be right once.”

Although organizations that handle sensitive data — which is to say, virtually all organizations — have become more security savvy in the last few years, the cost of network carelessness continues to be substantial. Unfortunately, the kind of perfection that Peltier refers to is probably impossible. Accidents happen, and doors are left open despite the best intentions of even the most security-aware companies.

The biggest security horror story in recent memory was last spring’s CardSystems breach that exposed the credit card and bank account information of 40 million consumers. The company dotted all of its information “i’s” and crossed all of its technological “t’s” but a hacker was still able to get at them. CardSystems “had passed all their audits, so they thought they were okay,” says Peter Stapleton, director of Computer Associates eTrust Security Management. “The problem was that the audit was very network oriented; it wasn’t an audit of the process vulnerabilities.”

CardSystems had to make the effort because of the sensitive nature of its data, but companies that don’t deal with millions of credit card numbers can often forget that even their data are sensitive. Together with a lack of technological savvy, that can be a recipe for disaster. Peltier recalls installing a firewall at a Midwestern industrial equipment manufacturer and supplier in 2001. The company was still paper-based at the time, so none of its critical systems were then online.

Three years later, the company had networked virtually all of its processes. Unfortunately, it had left those processes swinging in the digital wind. “The old network administrator had left at that point, and he hadn’t given the passwords for the firewall to the new administrator,” he says. “As a result, then couldn’t configure the firewall, but because they were networking more processes, they just decided to put everything out on the raw Internet.”
While the company’s vulnerability is particularly horrific because it showed a blatant ignorance of the basic principle of network security, some problems are ghosts in the machine. Some are mundane, like the apocryphal web-based company benefits system that is secured by secure sockets layer (SSL), but allows users to click the browser “back” button to see what had been entered in previous forms.

While that kind of bad code can have catastrophic consequences to the bottom line, Peltier notes that, in this age of “networked everything,” ill-considered products and network configurations can lead to profoundly disturbing situations. One of the scariest situations he has confronted, involving a petrochemical company’s catalytic equipment, could have been a disaster of truly horrific proportions.

The catalyst featured a network link to the manufacturer to permit periodic monitoring and maintenance. While this was certainly a boon to the company – which could count on an extended warranty and periodic upkeep — the network connection itself was a potential problem that, fortunately, never materialized. “The manufacturer would come in over the network over an unauthenticated telnet system,” Peltier recalls. “That’s wide open, and you’re not just dealing with a security issue if someone decides to change the equipment’s operating temperature. This could have been a bomb!”

Ultimately, the bottom line is that, when dealing with their networks, organizations have to know everything. The testing of new systems and equipment is key, but so too is the attitude toward knowledge. Peltier says that the truly knowledgeable network administrator is the person who keeps asking questions. “The moral is that, if you don’t know, ask,” he says. “And if you don’t know what questions to ask, ask someone who does. No one has all the answers, and there’s nothing worse than fake knowledge. Ignorance about your systems will jump up and bite you.”

Apple Users have had this on their desktops… forever. Yea, now the rest of us can play. Widgets are awesome!
Yahoo! News
By Antone Gonsalves
InternetWeek Mon Dec 12, 2:21 PM ET

Yahoo Inc. (Nasdaq:YHOO - news) on Monday launched a new version of its widget engine, the portal’s platform for running mini desktop applications built by Yahoo or third-party developers.

Along with the release of Yahoo Widget Engine 3.0, the Sunnyvale, Calif., company also unveiled nine new applications that run on the platform, which is available in a Windows and Mac version. The engine is offered at no charge on the company’s Web site.

A widget is a small application that runs on the desktop without the use of a browser. The software often draws content from a Web service. Yahoo, for example, offers widgets that are tied to its search, photo and mapping services.

See tekniaXP News for more articles on how we are losing our legitimate digital rights.
Mom Fights Downloading Suit on Her Own - Yahoo! News
Mom Fights Downloading Suit on Her Own

By JIM FITZGERALD, Associated Press Writer Mon Dec 26, 3:26 AM ET

WHITE PLAINS, New York - It was Easter Sunday, and Patricia Santangelo was in church with her kids when she says the music recording industry peeked into her computer and decided to take her to court.
ADVERTISEMENT

Santangelo says she has never downloaded a single song on her computer, but the industry didn’t see it that way. The woman from Wappingers Falls, about 80 miles north of New York City, is among the more than 16,000 people who have been sued for allegedly pirating music through file-sharing computer networks.

“I assumed that when I explained to them who I was and that I wasn’t a computer downloader, it would just go away,” she said in an interview. “I didn’t really understand what it all meant. But they just kept insisting on a financial settlement.

unreal teknia - Game News
Video20Game20Sheds20NFL20License2C20Gets20Violent20-20Yahoo20News
By20NATHANIEL20HERNANDEZ2C20Associated20Press20Writer20Sun20Dec20252C2033A1220PM20ET0D0A0D0ACHICAGO20-20In20a20gritty20new20video20game20about20a20fictional20football20league2C20players20cripple20their20opponents2C20gamble20and20use20performance-enhancing20supplements.0D0AADVERTISEMENT0D0A0D0A22Blitz3A20The20League2220is20able20to20feature20the20graphic20violence20and20adult20themes20not20usually20seen20in20sports20video20games20because20it20was20produced20without20an20NFL20license20and20the20restrictions20that20carries.0D0A0D0ADeveloped20by20Chicagos20Midway20Games2C2022Blitz2220is20the20first20unlicensed20football20title20to20hit20store20shelves20since20the20NFL20reach20an20exclusive20agreement20a20year20ago20with20Electronic20Arts20Inc.2C20makers20of20the20popular2022Madden20NFL2220franchise.2022Madden20NFL2220and20the20companys20edgier2022NFL20Street2220series20are20both20rated20E20for20everyone.

Yahoo News - By NATHANIEL HERNANDEZ, Associated Press Writer Sun Dec 25, 3:12 PM ET

CHICAGO - In a gritty new video game about a fictional football league, players cripple their opponents, gamble and use performance-enhancing supplements.
ADVERTISEMENT

“Blitz: The League” is able to feature the graphic violence and adult themes not usually seen in sports video games because it was produced without an NFL license and the restrictions that carries.

Developed by Chicago’s Midway Games, “Blitz” is the first unlicensed football title to hit store shelves since the NFL reach an exclusive agreement a year ago with Electronic Arts Inc., makers of the popular “Madden NFL” franchise. “Madden NFL” and the company’s edgier “NFL Street” series are both rated E for everyone.