- InfoDefense: Managed Security for SMBs
- Emerging Enterprise: Lawsuits and WiFi Phone Wishlists
- Exchange Mailbox Restore for SMBs from OnTrack
- Review: SmartLine's DeviceLock
- IBM's Pricing Reacts to New Server Architectures
- Emerging Enterprise Podcast
- Hardware Anti-Spam for SMBs
- Something for the SMB IT Toolbox: The Teeny Tap
- Avtech: Small Data Center Monitoring Appliances
- Emerging Enterprise Podcast
July 31, 2006 | Comments: (0)
InfoDefense: Managed Security for SMBs
Larger enterprises have come to look at managed security services almost as a standard part of their IT budgets. Reason? I'd love to say to keep customer data safe, but the real reason is probably more along the lines of legal peace of mind, especially on the compliance front. Unfortunately for the SMB set, the word "managed" usually reads "priced-for-mega-businesses-only". Hey, until now.
If you look around, you can now find managed security firms with service prices aimed at the SMB set. My favorite so far is InfoDefense. Prices are down to around $800/mo on average with a few grand up front for initial setup charges. It goes up from there for specific things like compliance monitoring, but it's still in the realm of reality for businesses with smaller budgets.
Another up and comer is DataNode, but if its web site is any way to judge the company, it's still got a little ways to go before I'd feel solid about it. Rumor has it that Symantec's Managed Security Service has an SMB pricing plan, too, but I haven't been able to specific numbers yet. Worth checking out if you're willing to sit through the sales pitch first.
What should you expect from one of these services? To a degree, that's dependent on the kind of biz you're in, but here's a quick three-point checklist:
1. Look for the service to automate IT security tasks that normally require specialized (and expensive) on-staff talent. Intrusion detection, network vulnerability monitoring, maybe even security patch management and testing.
My lil' company, for example, is thinking about InfoDefense because we offer a Web-based application and that company has a new Web app security testing program. Something we can sorely use, but don't necessarily want to spend full-time staff money on.
2. If compliance is on your radar, look for service offerings in this department. But don't blindly buy anything that says 'compliance' on it. Identify your specifc compliance regulatory issues and make sure the service offering can address those things directly.
3. Walk through your contact points with the service. Look for specific reports, how those get delivered, the frequency with which they're delivered and whether you can run your own or not. Don't go for services that monitor your network and only tell you if you've been attacked or compromised once a month.
Posted by Oliver Rist on July 31, 2006 08:53 PM
July 28, 2006 | Comments: (0)
Emerging Enterprise: Lawsuits and WiFi Phone Wishlists
This episode I delve not into **how** to protect yourself from employees or hackers running off with reams of customer data...but **why**. Then I can't help but riff on what I should have found on my WiFi VoIP phone but didn't. 
Listen!
Posted by Oliver Rist on July 28, 2006 12:39 PM
July 27, 2006 | Comments: (0)
Exchange Mailbox Restore for SMBs from OnTrack
Email recovery. Just saying the phrase can send chills down the yellow spines of many a network admin. Especially if that admin is really just the SMB office computer geek who is getting stuck with these tasks because there's nobody else.
Exchange used to be a nightmare to restore, with little caveats like not allowing access to the Exchange message database unless a working server was accessible. Microsoft has made some improvements on that with Exchange 2003 (and the SBS version of Exchange), but it's still not a lightweight task.
Other solutions exist, but are often expensive. Mimosa's NearPoint, for example has a base cost around $10,000; while Symantec's Enterprise Vault costs around $3,500 per license. And then there are cool smaller solutions like PowerTools from OnTrack.
This software has a base of $950 for a 100 mailbox license with additional agents costing about $500. But price isn't all that's cool about PowerTools. It's also easy and non-intrusive, because PowerTools doesn't really talk to Exchange. PowerTools installs on a separate machine and is really only interested in you Exchange backups. So you don't even have to modify your existing email architecture. As the diagram illustrates, Exchange-to-backup stays the same, with PowerTools simply installing at the end of the chain.
Even better, PowerTools is...powerful. It gives administrators the ability to read older email backups--even if you no longer have access to the backup programs that created those data files. It can grab personal as well as server-based backups of PST files, and can do full email database restores, full mailbox restores or single-message restores.
Very cool stuff for the money and pretty easy to use. OnTrack has taken pains to design the interface to be intuitive for folks who understand how to run backup programs. Find target backup, find restore location, initiate restore. There's more complexity than that, but its the basic process--nicely done and not too frightening to most folks.
Worth checking out.
Posted by Oliver Rist on July 27, 2006 09:35 PM
July 26, 2006 | Comments: (0)
Review: SmartLine's DeviceLock
I know I promised this a while ago, but life is filled with little disappointments. Meanwhile, I've had an extra week to play with SmartLine's DeviceLock application, and so far, I don't see any real holes.
I pitched DeviceLock a week or so ago in an Emerging Enterprise podcast episode. At the time, it was in response to yet another yahoo downloading reams of customer data onto a portable device and the losing said device. "Control thy portable data outlets," I said and DeviceLock was one of the tools I offered to accomplish this feat.
As the name implies, DeviceLock allows admins to restrict access to a number of portable outlets, including USB ports, CD-ROM drives, floppy drives, WiFi adapters, etc. Even better, it integrates with Active Directory, and can be accessed via SMS or just using an MMC snap-in control.
The AD part is the only minor failing as far as I can see. I had no luck getting DeviceLock to manage the Linux workstations on the test network, which means you're only going to be able to control Windows workstations.
Once installed, DeviceLock scans the network discovering not only all attached Windows computers, but also all their portable exit points. Good idea to do this when all the PCs are on, by the way. It saw the names of the Linux PCs, but that's all I could do for them.
After that, you can control access to any of these resources (meaning a PC or just that PC's USB ports, floppy drive, CD-ROM drive, whatever) by user, user group, time of day or even device type. Device type means that DeviceLock knows whether your user just plugged a USB mouse or a USB thumbdrive into the port and will react accordingly. On top of that, it costs about $35 per client.
If you're looking to make sure that office workers don't walk out with a few gigs of confidential data on a thumb drive, this is a great way to do it.
DeviceLock
SmartLine
Price: $35 per client
Verdict: If you're worried about data walking out on portable devices, don't think, just get it.
Posted by Oliver Rist on July 26, 2006 08:51 PM
July 24, 2006 | Comments: (0)
IBM's Pricing Reacts to New Server Architectures
Buying servers may be changing real soon. Starting today, IBM says it will begin selling its servers (enterprise and SMB) based on "processor value units". Don't expect radical dollar changes right now, but look for this move to more closely tie together the cost of the software with the cost of the CPUs required to run it.
So IBM intends to keep assigning these value units to new CPUs as they come out--right now, for example, a dual-core Xeon is worth 100 process units, so a dual Xeon system would be worth 200 units.
IBM says it's making this move not only in response to multi-core CPUs, but also to the growing trend in server virtualization. Big Blue expects software licensing to follow a similar path as a result, but haven't been clear on how that's going to shape up.
Theoretically, this should be good news for SMBs, who often wind up buying more hardware than they really need simply because of software requirements. Then again, nobody's in the business of giving anything away, so don't go throwing any parties.
Posted by Oliver Rist on July 24, 2006 09:16 PM
July 21, 2006 | Comments: (0)
This week, we're talking about an important little desktop support feature that XP has but other OSes don't; and then we talk about tips for keeping telecommuting well managed on your network. Listen!
Posted by Oliver Rist on July 21, 2006 09:32 AM
July 20, 2006 | Comments: (0)
Newly-minted contributing editor, Jamie Bernstein and I are finishing up a review of Exchange 2007 as I write this--should be out in early August. As news stories about Exchange 2007 have previously stated, one of the new email server's notable features is upgraded support for anti-spam and anti-phishing along with the option to get even more serious using Microsoft's hosted FrontBridge filtering services.
But just because Microsoft got into a market doesn't mean you should default to them. Especially when there are plenty of innovative companies still looking to deliver anti-spam technology on a value basis. One such is MailFoundry.
MailFoundry just put out a box called the MailFoundry 1150. While this box is priced for the SMB set at about $800 for the hardware, it's not skimping on technology. (That's $800 for 150 users; $1999 for 2500 users and up from there into non-SMB land.) The 1150 does all the usual tricks, including blocked senders and reverse DNS lookups, but adds a service level as well. This service costs $99/year from MailFoundry, gets updated regularly and automatically adding specific email signatures to the 1150 that MailFoundry identifies via ongoing spam analysis.
Haven't seen it work yet, so don't take this as a review, but given the feature set and the price point, it's worth checking out. Especially as it's email server-neutral so you're not tied to Microsoft or any other server platform.
Posted by Oliver Rist on July 20, 2006 10:39 AM
July 19, 2006 | Comments: (0)
Something for the SMB IT Toolbox: The Teeny Tap
Brian Chee, our happy geek in paradise, has long been a fan of Net Optics' network taps. He's used them for a number of our 10/100, gigabit and 10Gig switch tests.
In case you're wondering what a tap is, it's just a piece of network infrastructure monitoring hardware that plugs into active ports on the network allowing them to siphon off traffic to perform monitoring. Just what kind of traffic monitoring is dependent on the monitoring equipment that's attached to the tap.
Recently, we sub-contracted a monitoring assignment to another consultant and this guy showed up at the site with a Net Optics tap I hadn't seen before: The Teeny Tap.
It's called "the world's smallest tap" and they aren't kidding. It's about the size of one of those Linksys mini-hubs, but it's got way more smarts.
Again, this $345 device is designed to reliably send production traffic to a monitoring device, such that monitoring and analysis can be performed without any performance overhead. The Teeny Tap does this just as well as larger units, with the only caveat that it's 10/100-only. Other than that, it's got 4 monitoring ports, support for dual power inputs, and it works without an IP address.
For SMB consultants who run around doing a lot of network or security analysis, this is a darn handy little instrument.
Posted by Oliver Rist on July 19, 2006 10:19 AM
July 16, 2006 | Comments: (0)
Avtech: Small Data Center Monitoring Appliances
Avtech is one of those smaller companies that still seems to build a solid product. The fact that they're called Avtech Software and they're hawking hardware monitoring products shouldn't spook you. After all, in this world of hardware commodity, no doubt most of the brainwork went into the software anyway.
A buddy of mine installed one of Avtech's 7E's in his small data closet and he's pretty happy with it. It gives him all the features he wanted and the price of about $450 for the rack mount version didn't make his boss' face turn all sour.
The RoomAlert 7E's got a built-in Web server that allows him to browse all the basics, including temperature and power monitoring along with the ability to send along SNMP traps as well. The thing handles email and text-message alerting and even has automatic corrective action tools like organized shut downs, reboots, and thresholds.
Using Avtech's PageR software, the 7E can also extend to server monitoring (Windows & Novell) and adds role-based security, too.
Overall, I thought it was a real nice system, especially considering the price. Avtech also has temperature-only versions and (supposedly) a new wireless version of the 7E.
Posted by Oliver Rist on July 16, 2006 08:02 PM
July 13, 2006 | Comments: (0)
And we're back after a slight absence. This episode we're talking about why SMBs should start thinking about all-out Voice over IP as well as a good way to protect your data from going mobile against your wishes. Listen!
Posted by Oliver Rist on July 13, 2006 03:21 PM
July 12, 2006 | Comments: (0)
I recently had a chance to do a phoner with the CEO of a company called Avalara. His name is Jared Vogt, and the discussion we had was one of those good news-bad news deals.
The bad news is that state budgets can no longer afford to ignore the revenue they could be making if they simply enforced the sales tax laws that exist today--to say nothing of creating new dollar-sucking legislation.
The good news is that while this morass of legal dollar disolving detritus is definitely bearing down on all SMBs, there are technical forces at work to ensure that this burden won't be that heavy--light enough not to notice even, though the impact on your bottom line is inevitable.
According to Vogt, there are over 75 separate sales tax jurisdictions that every business is technically subject to. Until now, states were forced to ignore most of these because enforcing them on all but the largest of companies simply wasn't feasible. Technically, for example, if a guy in Florida sells a guy in DC something on eBay, he's free and clear, but the DC buyer is supposed to what's called a use tax to DC. DC isn't going to chase him down, however, because it simply costs too much.
Enter the Streamlined Sales Tax Program [Project] (SSTP). This is legislation already finalized by our wondrous federal and state governments that dictates compliance with an internet tax program that will levy the full tax burden on all SMBs no matter where they're located. 42 states have signed up for the program and 19 are rolling it out in the near future.
The compliance burden here is a potential nightmare, provided it plays out the way Avalara says it will. Every transaction must be weighed against the sales tax jurisdictions of both buyer and seller as well as any third-party intermediaries. Screw it up and you're in hot water. They've got an interesting white paper on the topic of SSTP here.
That's the bad news. However, services like Avalara's AvaTax are the good news. And enough people seem to take SSTP seriously, as AvaTax is a Web service with over 2,000 SMB accounts after only 24 months in operation.
Do a Web transaction and AvaTax analyses the thing end-to-end an applies the proper sales tax on both sides of the transaction. It integrates with most accounting systems. And best of all, if there's ever a complaince audit, the feds won't audit you, they'll audit AvaTax.
So we're paying more money both to the states as well as Avalara, but at least it won't slow business down.
Posted by Oliver Rist on July 12, 2006 12:30 PM
July 10, 2006 | Comments: (0)
Should SMBs Really Consider VoIP?
So I'm happy with the Linksys WIP330 and Vonage has great commercials of folks crushing their cars with tree trunks or blowing their noses with sandpaper. VoIP's here and it's no longer a bleeding edge curiosity.
But Vonage is in big financial trouble. And the large telco conglomerates are not only eating each other to create behemoth telcos, they're also spending millions on lobbying the FCC and the Senate into letting them charge whatever they want for high-speed data services--including content and service control that might invalidate the business models that companies like Vonage were built on. So the question has to be asked: Should SMB take VoIP seriously.
Hell, yes!!!
Even if Darth Verizon gets its way and kills all competing services on the Internet, it won't do it for at least another year and most probably two. Plus, once the world sees a telco-only Internet service model it won't be long before even US Senators figure out that they screwed up and start taking steps to correct things.
Meantime, the business calling plans being offered by independent SIP providers, like BroadVoice for instance, are fantastic. Small and branch offices can be configured with phones like my lil Linksys or the ZeXEL that Paul Sasquatch Venezia loves so much. Now you're down to less than $20/mo/user with all the usual PBX trimmings and more.
And it doesn't stop with little offices. Larger companies face bigger expenditures, but when you tally it up, it's still a darn sight cheaper than sticking with existing voice. Buying a new IP-capable Centrex PBX can run over $20K, $40K, even $80K depending on what you're buying and who you're buying it from.
A straight SIP call center, by contrast, costs between $2000-$5000. Add another couple of thousand in there for a consultant to install the thing and you're happy. You can buy VoIP handsets for $250 a pop from companies like Polycom and thus do an all VoIP system for well under what it costs to buy a standard PBX alone.
Now let's say you do that and Darth Verizon gets its way. SIP becomes band under penalty of death and flesh flaying. Most SIP call centers/PBXes have the ability to interact with your old digital PBX--even to the point of supporting those handsets as long as you get some additional conversion boxes.
So do the math. Add up what it would cost to SIP-ifying your phone system today. Or just get a quote from a consultant type. Then add up what a SIP-based calling plan would cost you for a year vs. what you're paying the Telecom Lords of the Sith today. If the difference is substantial, moving forward is a no-brainer. Don't toss your existing system and you can always switch back if things don't go VoIP's way.
It's a little tricky in some situations, but worth considering? Definitely.
Posted by Oliver Rist on July 10, 2006 02:11 PM
July 05, 2006 | Comments: (0)
I've been relatively quiet of late--my apologies for that. Got into a drinking contest with Brian's lab assistant, Brandon, a couple of weeks ago and the next thing I knew I was waking up in a dumpster in Guam. Jerk didn't even leave me my pants. Getting back proved a mite difficult. Anybody buying that? Ah well, good story anyway.
Meanwhile, I've been to San Francisco, New York, and Dallas in as many weeks attending tech event after tech event, so there are plenty of new tidbits to type about.
First up is yet another entry in the low-cost NAS market. This one's from Hammer and it's called the Z-Box. ExtremeTech has a really detailed review on it (including benchmarks), so I won't try to duplicate that. It's worth a read, however, because the Hammer is taking things a bit further than simply another RAID 5 enclosure with auto-mapped shares and backup software.
Hammer is using Zetera's Z-SAN file system to help manage the device and has added a number of other engineering niceties, like the ability to extend RAID volumes across multiple Z-Boxes, support for TCP offload engines (need a compatible NIC, tho, I believe) and utilization of block I/O performance, which would be a first on a desktop/SOHO-style device.
All adds up to a really fast NAS box--though still in the Gigabit Ethernet realm, so don't go looking for 10Gbe uplinks...at least not yet. Still a good deal for something starting at $1299.
Downside is that all that special software engineering means its sharing capabilities are a bit limited--think required client-side software installation in order to access the device, configure shares and manage backups. That needs to go, especially under Windows. Other than that, it looks good from the price tag down. And the company even has a couple of other models, including a rack-mounted version starting at $3999.
Posted by Oliver Rist on July 5, 2006 12:21 PM
| EMERGING ENTERPRISE PODCAST |
| Listen to the latest podcast: |
MP3
•
•
•
Archive
•
![[VoiceIndigo Mobilize - Listen to podcasts on your mobile phone]](http://www.voiceindigo.com/ht/images/mobilize_logo_sm.gif){kind=logo}
|
TOP STORIES
Agile mgmnt for small teamsWhy developers avoid Vista
CBS to buy CNET Networks
Icahn's letter to Roy Bostock
Yahoo opens up Search Monkey
AT&T limits iPhone purchases
Silverlight gets put on Linux
IBM boosts BlackBerry access
Intel to develop PC with Alibaba
Cybercriminals can rent a botnet
ADDITIONAL RESOURCES
- Virtualization: A Step by Step Approach to Success
- Dialing up Agility with Business Transformation
- 5 Things You Need to Know About Storage Virtualization
- Is your smaller organization ready for High Availability?
- Is system maintenance doing more harm than good?
- Virtual Test Lab Automation: Manage development infrastructure
