Protecting truckloads of data on the information superhighway

SSL Journal

Subscribe to SSL Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get SSL Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

The Citrix and Google collaboration continues to accelerate with new product releases, including Receiver for Chrome and a strong growth of new joint customers and channel partners. Citrix and Google have been working together since 2011 to deliver business apps to the first Chromebooks. With Gartner now predicting Chromebooks will triple in sales by 2017, a rapidly growing number of customers will be looking for a way to leverage the enterprise cloud computing capabilities of the device and services, while still accessing critical line-of-business apps that they rely on today. To offer customers the best end user experience in the industry, Citrix is announcing a new Citrix Receiver for Chrome, which offers Chromebook users the most advanced user experience features in the industry. Although HTML5-based solutions, such as Citrix Receiver for HTML5, will work on Chr... (more)

WebLogic Server - Identity vs Trust Keystores

In computing most technologies have lots of terms and acronyms to learn, it's par for the course, you get used to it. However in computer security the frustration is multiplied as there are often many different terms that mean the same thing. It makes implementing security hard, because understanding it is hard, and I'm not surprised why security is considered badly implemented because the average Joe will struggle (and for the record I'm the average Chris so I struggle too ;-). I've been trying recently to get straight in my head what is stored in the WLS identity and trust keystores, and what the difference between identity and trust is anyhow. Thanks to kind assistance from Gerard Davison, I think I can now post my understandings, and as usual, hopefully the post is helpful to other readers. As noted however security to me is a difficult area, and so be sure to c... (more)

Tip of the Red Hat - Entrust Updates PKI Platform, Adds Linux Support

Building on the continued success of the public key infrastructure (PKI) platform, Entrust  is advancing the technology to bring it to new markets. With the introduction of Entrust Authority Security Manager 8.0, Entrust customers can implement one of the most trusted PKI security solutions available on the cost-effective Linux Red Hat platform. This release introduces Entrust to the open-source platform market and expands the potential overall installation base for the PKI solution. "Linux is recognized as one of the most popular operating systems installed on servers globally, and provides Entrust with an active new market segment for PKI deployments," said Entrust President and CEO Bill Conner. "This is a key milestone for Entrust and the entire PKI platform. We're eager to see how the Linux community embraces and implements our PKI technology." In a recent publi... (more)

Portugal Telecom to Connect Virtual Desktops to Thousands of End Users

Leostream Corporation, a developer of virtual hosted desktop software, announced today that Portugal Telecom (PT), the largest telecommunications provider in Portugal, with additional operations in Europe, South America, Africa, and the Caribbean, has deployed the Leostream Connection Broker to connect 5,000 end-users at its call centers to virtual desktops. Based on the success of this deployment, PT now plans to extend the solution and replace all of its desktops, eventually covering all 9,000 end-users at the organization in its hosted virtual desktop infrastructure (VDI). PT turned to a hosted VDI model to solve a problem it was facing in its call centers. These operations have a large number of workers, and head count rises and falls dramatically depending upon marketing campaign activities and support staff requirements. Additionally, when a new marketing campa... (more)

Comodo Code Signing Certificate Supports Mozilla Standards

Comodo code-signing certificates enable developers to sign Mozilla extensions or "Add-ons" for a wide variety of different operating systems such as Microsoft Windows, Mac OS X and Linux. Mozilla applications recognize XPIs as "trusted" when they are signed with a Comodo Code-Signing certificate. XPI (pronounced "Zippy") is short for "Cross Platform Install." XPI enables Developers to create installer modules for their programs meant to enhance Mozilla applications such as Firefox, Thunderbird, Sea Monkey and Sunbird. Comodo Code-Signing certificates verify and authenticate the entity that has created the XPI file, allowing end users to trust their execution. Most browsers will not accept action commands from downloaded code unless the code is signed by a trusted Certificate Authority. An example of a trusted code-signing certificate, this one has been issued by Como... (more)

It's Like Load Balancing. On Steroids

What is this application delivery thing that everyone keeps telling me I need? Isn’t that just the latest marketing term for load balancing? A recently released Forrester report concludes that “firms must develop and integrated strategy for application delivery.” We don’t disagree with that, or with the Gartner report claiming that “Load Balancing is Dead, Time to Focus on Application Delivery.” Application delivery is the next step in the logical evolutionary path from the tactical solution of load balancing to a comprehensive application infrastructure strategy. Forrester’s research indicates that despite the fact that application delivery makes sense, many organizations are still operating in a very tactical, problem-resolution oriented manner. Application Delivery Takes Center Stage Top infrastructure initiatives — like consolidation and virtualization — are fo... (more)

Chris Soghoian on Privacy in the Cloud

Chris Soghoian is giving a Berkman lunchtime talk called: “Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era,” based on paper he’s just written. In the interest of time, he’s not going to talk about the “miscreants in government” today. Pew says that “over 69% of Americans use webmail services, store data online, or other use software programs such as word processing applications whose functionality is in the cloud.” Chris’ question: Why have cloud providers failed to provide adequate security for the customers. (”Cloud computing” = users’ data is stored on a company server and the app is delivered through a browser.) NOTE: Live-blogging. Getting things wrong. Missing points. Omitting key information. Introducing artificial choppiness. Over-emphasizing small matters. Paraphrasing badly. Not running a spellpchecker. Mangling othe... (more)

What Makes Cloud Storage Different from Traditional SAN and NAS?

Many in the IT industry seem to enjoy arguing exactly what does and does not constitute a cloud service. As I mentioned in my post on the controversy over private cloud services, I do not feel that these arguments are productive. We should focus on results and business value instead of arguing about semantics. However, the current crop of cloud storage solutions have many important differences from traditional SAN and NAS storage, something that seems to surprise many end users I meet. Cloud storage capacity is not your fathers blocks and files! Primary, Secondary, and Tiered Storage Most IT infrastructures contain a wide variety of storage devices, but these have traditionally been divided into two categories: Primary or production storage serves active applications and is accessed randomly. The primary category includes most familiar direct-attached disks (DAS), s... (more)

The Threat Behind the Firewall

I had a different name for this blog entry but just ‘Jump Drive’ is an awful blog title.  They go by many names; jump drive, USB drive, flash drive, memory stick and a few others, but removable media is a serious threat to IT organizations.  Graduating from floppy disks, as early as 2003 articles were warning against the possible threats introduced with these devices – 256Mb for $160 back then – and yet we still see some sort of incident reported almost once a week!  From consultants, to government employees, to Mortgage lenders, to the International Space Station, what used to be a giveaway staple at trade shows, these tiny less-than-two-inch drives can hit and hurt you in a multitude of ways. They can infect your Network. Just last week, the London Council’s systems were infested with Conficker-D due to an employee sticking an infected USB drive into a work compu... (more)

Non-Profits Find Discounted Comodo Certificates at TechSoup.org

Non-profit organizations with poor security could be inviting hackers to steal confidential member and donor information, eroding the public trust that staff and volunteers have worked hard to earn. To prevent intrusion, Comodo has donated SSL certificates and HackerGuardian™ PCI scanning services to TechSoup.org for use by qualifying nonprofit organizations. "For organizations involved in health services or payment processing, using a security protocol such as TLS/SSL to encrypt network communications may be a federal or commercial requirement. For other organizations, using TLS/SSL might simply be a good idea," Carlos Bergfeld, a Web Content Editor at TechSoup, wrote in An Introduction to Transport Layer Security on the site. TechSoup.org provides a range of technology services for non-profits, including discounted and donated technology products, articles, a blog... (more)

Enterprises Adopt Primary Storage in the Cloud with Zetta

Cloud Computing Journal Cloud Storage service provider Zetta, Inc announces the commercial availability of its enterprise-class on-demand NAS, opening up a new solution for enterprise IT storage buyers. Zetta Enterprise Cloud Storage enables businesses to quickly adopt storage-as-a-service without expensive or risky changes to their current IT environments. LiveOps provides cloud computing-based contact center platform and services to hundreds of companies in both direct response and enterprise markets that rely on the company's technology for delivering a superior customer service experience. “One of the value propositions of the cloud computing model is scalability, which is why we decided to work with fellow cloud computing company Zetta on this pilot project to address some of our current needs for on-demand video storage,” said Gary Slater, VP of Network Opera... (more)