Interoperability remains biggest open-source worry
By Chris Kanaracus, IDG News Service
Interoperability is the biggest concern among open-source-software customers, according to survey from The Open Solutions Alliance (OSA).
The group, which includes CollabNet, EnterpriseDB and others, contended in a statement that if its members overcome interoperability challenges, they stand to "out-Microsoft Microsoft by offering a fully interoperable suite of business tools."
"We think interoperability has to be a core feature [of open-source software] from the very beginning," OSA's president, Dominic Sartorio, said in an interview. "Most commercial open-source companies are finding a good amount of success. But how many opportunities are they leaving on the table because they're not interoperable?"
The OSA singled out Microsoft, as opposed to Oracle or SAP, because its member companies mostly target mid-market customers, according to Sartorio. "We have one common competitor: Microsoft."
OSA derived the study's findings from a series of forums it held this year in Europe and the US. It said some 100 people attended the events.
Participants cited a variety of interoperability scenarios and concerns, including single sign-on for identity management.
Another involved user interface interoperability. "A lot of people try to plug open-source projects into an enterprise portal, and they want a unified look and feel," Sartorio said.
Customers also cited cross-platform portability and data integration challenges.
In addition, the study found that:
Lower up-front cost was the most important driver for adoption of open-source products, but this was tempered by concerns that spending on support and services would be greater. That feeling in turn was mitigated by a belief among respondents that open-source products will become more mature over time and easier to support.
Few customers cited the ability to customise source code as a selling point for open-source applications, preferring instead that it handle their needs out of the box.
Sartorio said OSA's work will continue in 2008. "This is going to be an ongoing effort. We're scratching the surface here with issues customers brought up in these forums," he said.
Tuesday, December 18, 2007
Sun Microsystems Ultra 24 Workstation review
Sun Microsystems Ultra 24 Workstation review
The Sun Ultra 24 is the first Intel-based workstation ever from Sun, and it’s a humdinger.
By Paul Venezia, Infoworld
List price:£2,516.96 as tested
Buying advice: At first blush, I figured the Ultra 24 to be just another small, workstation-class system that would be good for those who need a little extra horsepower from time to time, but aren’t running high-end apps that need a full-blown workstation. After putting it through its paces, I’m thinking that it just might fit both bills. Don’t let the size and single-CPU nature of the Ultra 24 fool you -- there’s a lot of power in that little box.
The Sun Ultra 24 is the first Intel-based workstation ever from Sun, and it’s a humdinger. The single 3.0GHz Core 2 Extreme quad-core CPU packs a serious punch, and there’s power aplenty for high-end graphics cards, including the nVidia FX5600. Hot-swap SAS or SATA drives and plenty of PCIe slots round out a very nice package.
The workstation market isn’t what it used to be. Back in the day, the term "workstation" denoted a very (and I mean very) high-powered desktop system with a very high-powered video card. In most circles, if it had an Intel processor it was a "desktop," and if it had a Sparc processor it was a "workstation," and never the twain shall meet. Well, the twain have met, and it’s a happy union.
Since Sun’s announcement that it would begin using Intel chips in its product line, an Intel-powered Sun workstation has been a foregone conclusion. The only questions pertained to which chipset and what options would be available. Those questions have been answered -- at least for now -- with the introduction of the Sun Ultra 24 Workstation. Sun’s workstation line now contains entries from every major CPU food group: Intel, Sparc, and the AMD Opteron. The latter two categories include two systems each: a single-socket and a dual-socket model. The Intel class includes only the single-socket Ultra 24 for now, but it’s highly likely that a dual-socket system will be introduced at a later date.
Under the hood
I’ve had the pleasure of working with the Ultra 24 for the past week or so, and I’ve found it to be a very capable, high-end workstation, even with the midrange nVidia FX1700 graphics card. The mainboard is based on Intel’s Garlow uniprocessor platform, and can handle dual- and quad-core Core 2 chips and as much as 8GB of UDDR2-667 RAM. Plus, it’s outfitted with two x16 PCIe 2.0 slots, one x4 PCIe 1.1 slot, one x1 PCIe slot, and two 33MHz standard PCI slots. Rather than skimping on the slots to allow space for embedded graphics and dual NICs, Sun has opted to go the other way, offering more expansion. Losing the embedded graphics is a good thing, but the system could definitely benefit from a pair of gigabit NICs.
On the I/O side, the embedded SATA controller can handle as many as four internal hot-swap SATA drives, or the same cage can be used with an optional SAS RAID controller to handle the faster SAS drives. When I tried some hot swaps, I did find the cage a little sticky. A nice feature is the full 5.25-inch drive bay at the top of the case. The Ultra 24’s counterpart on the AMD side is the Ultra 20 M2, which shares the same form factor and sports a single AMD Opteron CPU. The open bay design of both workstations makes it far simpler to replace the optical drive. Higher-end workstations from Sun use enclosed front-loading optical drives that are sleek, but can be problematic to replace. That said, the SATA dual-layer DVD/CD writer included in the Ultra 24 is no slouch.
My evaluation unit came with an Intel Core 2 Extreme Q6850 3.0GHz quad-core CPU, 8GB of RAM, four 250GB SATA drives, and the nVidia FX1700 graphics card -- essentially the top-end CPU and mid-range options package for this system. To push it further, the high-end nVidia graphics cards are supported, such as the FX4600 and FX5600.
Sun Microsystems Ultra 24 Workstation review
The Sun Ultra 24 is the first Intel-based workstation ever from Sun, and it’s a humdinger.
By Paul Venezia, Infoworld
There are enough external power connections not only to support these cards, but potentially even two cards, though adding two full-length cards isn’t possible due to space restrictions. On the low end, nVidia’s NVS 290 2D card is supported.
Of course, the system shipped with Solaris 10 x86, and I proceeded to try a bevy of supported and unsupported operating systems. I had a few issues with most of them, generally revolving around the NIC drivers. For every OS except for Ubuntu 7.10, you’ll need to pull down specific NIC drivers, even though the adapter is in the e1000 family. Once all of the drivers were installed, Vista Ultimate ran like a champ in full Aero with all the bells and whistles, as did Ubuntu 7.10, Fedora 7, and RHEL (Red Hat Enterprise Linux), though RHEL 4 U5 seemed to take exception to the SATA hardware and initially acted sluggish at times. Kernel updates handled these problems, however.
On the display side, the nVidia FX1700 proved surprisingly responsive, and when matched with Sun’s stellar 24-inch LCD display, breathtaking with any OS.
The speed zone
I ran several benchmarks on the Ultra 24 and compared them to a similarly configured dual-CPU dual-core Opteron 2218 system. This wasn’t exactly an apples-to-apples test since inherent design differences between uni-processor and multi-processor systems can cause variations in results, but at least it was four cores against four cores. The 2218s aren’t the current generation, and they are clocked at 2.6GHz, but still, the performance difference on common workstation tasks was significant.
Using sound processing as a focus, I worked with an 838MB uncompressed WAV file, using the LAME MP3 encoding engine to work it into a 320Kbps MP3. The Opteron box took 5 minutes 17 seconds and the Ultra 24 completed the task in 3 minutes 46 seconds, more than a full minute faster. I then compressed the WAV file with bzip2, timing the results. Again, the Ultra 24’s Core 2 Extreme CPU took the lead, churning through the file in 2 minutes 24 seconds, versus the Opteron’s 4 minutes 7 seconds. On the reverse side, it took the Ultra 24 just 1 minute 4 seconds to uncompress the same file; the Opteron again took second place at 2 minutes 58 seconds, almost two minutes slower. It’s a safe bet that even with a single CPU in the Ultra 24, this system holds its own. Unfortunately, I didn’t have any AMD Barcelona-based systems in the lab to compare, but it would definitely be an interesting test to run.
At first blush, I figured the Ultra 24 to be just another small, workstation-class system that would be good for those who need a little extra horsepower from time to time, but aren’t running high-end apps that need a full-blown workstation. After putting it through its paces, I’m thinking that it just might fit both bills. Don’t let the size and single-CPU nature of the Ultra 24 fool you -- there’s a lot of power in that little box.
The Sun Ultra 24 is the first Intel-based workstation ever from Sun, and it’s a humdinger.
By Paul Venezia, Infoworld
List price:£2,516.96 as tested
Buying advice: At first blush, I figured the Ultra 24 to be just another small, workstation-class system that would be good for those who need a little extra horsepower from time to time, but aren’t running high-end apps that need a full-blown workstation. After putting it through its paces, I’m thinking that it just might fit both bills. Don’t let the size and single-CPU nature of the Ultra 24 fool you -- there’s a lot of power in that little box.
The Sun Ultra 24 is the first Intel-based workstation ever from Sun, and it’s a humdinger. The single 3.0GHz Core 2 Extreme quad-core CPU packs a serious punch, and there’s power aplenty for high-end graphics cards, including the nVidia FX5600. Hot-swap SAS or SATA drives and plenty of PCIe slots round out a very nice package.
The workstation market isn’t what it used to be. Back in the day, the term "workstation" denoted a very (and I mean very) high-powered desktop system with a very high-powered video card. In most circles, if it had an Intel processor it was a "desktop," and if it had a Sparc processor it was a "workstation," and never the twain shall meet. Well, the twain have met, and it’s a happy union.
Since Sun’s announcement that it would begin using Intel chips in its product line, an Intel-powered Sun workstation has been a foregone conclusion. The only questions pertained to which chipset and what options would be available. Those questions have been answered -- at least for now -- with the introduction of the Sun Ultra 24 Workstation. Sun’s workstation line now contains entries from every major CPU food group: Intel, Sparc, and the AMD Opteron. The latter two categories include two systems each: a single-socket and a dual-socket model. The Intel class includes only the single-socket Ultra 24 for now, but it’s highly likely that a dual-socket system will be introduced at a later date.
Under the hood
I’ve had the pleasure of working with the Ultra 24 for the past week or so, and I’ve found it to be a very capable, high-end workstation, even with the midrange nVidia FX1700 graphics card. The mainboard is based on Intel’s Garlow uniprocessor platform, and can handle dual- and quad-core Core 2 chips and as much as 8GB of UDDR2-667 RAM. Plus, it’s outfitted with two x16 PCIe 2.0 slots, one x4 PCIe 1.1 slot, one x1 PCIe slot, and two 33MHz standard PCI slots. Rather than skimping on the slots to allow space for embedded graphics and dual NICs, Sun has opted to go the other way, offering more expansion. Losing the embedded graphics is a good thing, but the system could definitely benefit from a pair of gigabit NICs.
On the I/O side, the embedded SATA controller can handle as many as four internal hot-swap SATA drives, or the same cage can be used with an optional SAS RAID controller to handle the faster SAS drives. When I tried some hot swaps, I did find the cage a little sticky. A nice feature is the full 5.25-inch drive bay at the top of the case. The Ultra 24’s counterpart on the AMD side is the Ultra 20 M2, which shares the same form factor and sports a single AMD Opteron CPU. The open bay design of both workstations makes it far simpler to replace the optical drive. Higher-end workstations from Sun use enclosed front-loading optical drives that are sleek, but can be problematic to replace. That said, the SATA dual-layer DVD/CD writer included in the Ultra 24 is no slouch.
My evaluation unit came with an Intel Core 2 Extreme Q6850 3.0GHz quad-core CPU, 8GB of RAM, four 250GB SATA drives, and the nVidia FX1700 graphics card -- essentially the top-end CPU and mid-range options package for this system. To push it further, the high-end nVidia graphics cards are supported, such as the FX4600 and FX5600.
Sun Microsystems Ultra 24 Workstation review
The Sun Ultra 24 is the first Intel-based workstation ever from Sun, and it’s a humdinger.
By Paul Venezia, Infoworld
There are enough external power connections not only to support these cards, but potentially even two cards, though adding two full-length cards isn’t possible due to space restrictions. On the low end, nVidia’s NVS 290 2D card is supported.
Of course, the system shipped with Solaris 10 x86, and I proceeded to try a bevy of supported and unsupported operating systems. I had a few issues with most of them, generally revolving around the NIC drivers. For every OS except for Ubuntu 7.10, you’ll need to pull down specific NIC drivers, even though the adapter is in the e1000 family. Once all of the drivers were installed, Vista Ultimate ran like a champ in full Aero with all the bells and whistles, as did Ubuntu 7.10, Fedora 7, and RHEL (Red Hat Enterprise Linux), though RHEL 4 U5 seemed to take exception to the SATA hardware and initially acted sluggish at times. Kernel updates handled these problems, however.
On the display side, the nVidia FX1700 proved surprisingly responsive, and when matched with Sun’s stellar 24-inch LCD display, breathtaking with any OS.
The speed zone
I ran several benchmarks on the Ultra 24 and compared them to a similarly configured dual-CPU dual-core Opteron 2218 system. This wasn’t exactly an apples-to-apples test since inherent design differences between uni-processor and multi-processor systems can cause variations in results, but at least it was four cores against four cores. The 2218s aren’t the current generation, and they are clocked at 2.6GHz, but still, the performance difference on common workstation tasks was significant.
Using sound processing as a focus, I worked with an 838MB uncompressed WAV file, using the LAME MP3 encoding engine to work it into a 320Kbps MP3. The Opteron box took 5 minutes 17 seconds and the Ultra 24 completed the task in 3 minutes 46 seconds, more than a full minute faster. I then compressed the WAV file with bzip2, timing the results. Again, the Ultra 24’s Core 2 Extreme CPU took the lead, churning through the file in 2 minutes 24 seconds, versus the Opteron’s 4 minutes 7 seconds. On the reverse side, it took the Ultra 24 just 1 minute 4 seconds to uncompress the same file; the Opteron again took second place at 2 minutes 58 seconds, almost two minutes slower. It’s a safe bet that even with a single CPU in the Ultra 24, this system holds its own. Unfortunately, I didn’t have any AMD Barcelona-based systems in the lab to compare, but it would definitely be an interesting test to run.
At first blush, I figured the Ultra 24 to be just another small, workstation-class system that would be good for those who need a little extra horsepower from time to time, but aren’t running high-end apps that need a full-blown workstation. After putting it through its paces, I’m thinking that it just might fit both bills. Don’t let the size and single-CPU nature of the Ultra 24 fool you -- there’s a lot of power in that little box.
Lenovo 3000 V200 laptop review
Lenovo 3000 V200 laptop review
An ultra-portable XP workhorse that costs less than a ThinkPad.
By Christian Harris, Techworld
List price:£800 (plus VAT)
Pros: Highly portable; good build quality; excellent support; built-in optical drive & fingerprint reader; Gigabit Ethernet; 802.11n; Web camera
Cons: Disappointing battery life; no DVI port
Buying advice: Ruggedness, battery life, scree and keyboard quality, and a decent warranty are all things to watch for. Don't worry about processor speed within reason. One issue that people often take for granted is Wi-Fi connectivity, which can vary from machine to machine in the robustness and range of the connections it can make.
Lenovo has updated its ultra-portable laptops with the flagship 3000 V200. Sporting a 12.1-inch widescreen display (1280x800 native resolution) and based on Intel’s brand-new ‘Santa Rosa’ mobile platform, the silver-and-black V200 might just be the perfect highly-portable Windows-based system for cash-strapped small businesses.
Starting at just £800 (ex.VAT), Lenovo’s 3000 V200 is the company’s lightest (1.81kg) widescreen laptop to date. That doesn’t mean to say it lacks some grunt under the hood. At time of purchase you can opt for an Intel Core 2 Duo processor up to a T7300 (2GHz), up to 4GB of 667MHz DDR2 system memory, and a very accommodating 160GB (5400rpm) hard drive. The processors have Santa Rosa’s 800MHz front-side bus, and are paired with an Intel GM965 chipset.
Other technical niceties to ponder include a choice of graphics chipsets - Intel GM965 or nVidia GeForce Go 7300 (64- or 128MB) - and you can opt for either a CD-RW/DVD-ROM or DVD recordable (Dual Layer) drive. Unlike a lot of ultra-portable laptops, the V200’s optical drive is actually built in, so you don’t have to worry about additional peripherals and power supplies weighing you down.
Powered by Windows Vista (Lenovo offers a choice of Editions), the V200 is relatively well connected considering its size. There’s a 4-pin FireWire port (ideal for external storage devices), three USB 2.0 ports (one at the rear of the machine and one at each side), analogue VGA port, 5-in-1 card reader, Express Card/54 slot, Bluetooth, 802.11a/b/g/n, Gigabit LAN, 56K modem, headphone and microphone ports. Unfortunately there’s no digital video-out (DVI) or S-Video ports, but the system isn’t really designed for multimedia. The battery should provide you with around 2 hours 45 minutes operating time, which is a little disappointing considering the small display.
Not as well supported in terms of pre-installed applications as a ThinkPad, the V200 still offers more than your average business laptop. Take the one-button system recovery for instance, which helps you to recover from a crash or virus with the push of a button. Simple network connectivity and management tools let you quickly find and connect to a wireless network and save connection profiles for later use, while performance restoration keeps the system running almost as good as new by allowing you to restore to a previous backup without losing your personality settings for printers, browsers and applications.
Lenovo’s automatic update utility is neat for staying up to date with model-specific drivers and patches. Fragmentation can cause slowdowns, crashes, system freezes or even system failures. With Diskeeper Home you can quickly analyse fragmentation levels and detect them automatically to maintain peak performance on your system.
Presentation Director is a display configuration utility that enables you to create, manage, and use various display and projection schemes when making presentations. Using these schemes you can quickly and easily configure the machine to display a presentation on an external projector, monitor, or television with appropriate resolution and colour settings; avoid interruptions by disabling the screen saver and power management timers and hiding your desktop and instant-messaging windows; and use multiple monitors to extend the size of your desktop.
Presentation Director also enables you to capture your current display settings as a default scheme called ‘My Normal Display Settings.’ After you finish a presentation you can immediately and easily return to your default settings by applying this scheme.
Another neat utility which tends to get overlooked is PC Doctor 5. This provides a relatively comprehensive set of diagnostic testing and system information tools that allow end-users to quickly troubleshoot many (not all) hardware and software problems without the aid of a technical support engineer.
Corporates will also love the integrated fingerprint reader and integrated 1.3 megapixel conference camera. To unlock the V200 (after configuration), all you need is the swipe of your finger. The biometric security tools also let you store passwords for easy access to password-protected Web sites.
Mobile computing should be as comfortable as possible. The same engineers that brought us the legendary keyboard design on ThinkPad range now give you great tactile feel with intelligent layout and performance on V-Series. Thoughtfully designed, the keyboard has specialised keys and buttons for easy access to the presentation director application and Lenovo Care tools, as well as multimedia controls for stop, play, forward, rewind and pause.
The TrackPad is responsive and the two mouse buttons nice and quiet. We missed the TrackPoint of the ThinkPads, but Lenovo keeps this second navigation device the preserve of its premium range. Above the keyboard are three handy external volume controls.
Conclusion
Lenovo’s 3000 V200 is an impressive machine. It’s not the most striking in terms of design, nor does it offer the most features in its class, but it’s a great choice for small-business users unable to stretch their budget to a ThinkPad X61 (from £980 ex. VAT). The keyboard and pointing device are both solid, and the pre-installed software bundle is perfect for business owners. The screen is really crisp and bright, and the biometric security will be a real boon to anyone transferring sensitive documents. The only real disappointments are the sub-standard battery life and the lack of a digital video-out port.
An ultra-portable XP workhorse that costs less than a ThinkPad.
By Christian Harris, Techworld
List price:£800 (plus VAT)
Pros: Highly portable; good build quality; excellent support; built-in optical drive & fingerprint reader; Gigabit Ethernet; 802.11n; Web camera
Cons: Disappointing battery life; no DVI port
Buying advice: Ruggedness, battery life, scree and keyboard quality, and a decent warranty are all things to watch for. Don't worry about processor speed within reason. One issue that people often take for granted is Wi-Fi connectivity, which can vary from machine to machine in the robustness and range of the connections it can make.
Lenovo has updated its ultra-portable laptops with the flagship 3000 V200. Sporting a 12.1-inch widescreen display (1280x800 native resolution) and based on Intel’s brand-new ‘Santa Rosa’ mobile platform, the silver-and-black V200 might just be the perfect highly-portable Windows-based system for cash-strapped small businesses.
Starting at just £800 (ex.VAT), Lenovo’s 3000 V200 is the company’s lightest (1.81kg) widescreen laptop to date. That doesn’t mean to say it lacks some grunt under the hood. At time of purchase you can opt for an Intel Core 2 Duo processor up to a T7300 (2GHz), up to 4GB of 667MHz DDR2 system memory, and a very accommodating 160GB (5400rpm) hard drive. The processors have Santa Rosa’s 800MHz front-side bus, and are paired with an Intel GM965 chipset.
Other technical niceties to ponder include a choice of graphics chipsets - Intel GM965 or nVidia GeForce Go 7300 (64- or 128MB) - and you can opt for either a CD-RW/DVD-ROM or DVD recordable (Dual Layer) drive. Unlike a lot of ultra-portable laptops, the V200’s optical drive is actually built in, so you don’t have to worry about additional peripherals and power supplies weighing you down.
Powered by Windows Vista (Lenovo offers a choice of Editions), the V200 is relatively well connected considering its size. There’s a 4-pin FireWire port (ideal for external storage devices), three USB 2.0 ports (one at the rear of the machine and one at each side), analogue VGA port, 5-in-1 card reader, Express Card/54 slot, Bluetooth, 802.11a/b/g/n, Gigabit LAN, 56K modem, headphone and microphone ports. Unfortunately there’s no digital video-out (DVI) or S-Video ports, but the system isn’t really designed for multimedia. The battery should provide you with around 2 hours 45 minutes operating time, which is a little disappointing considering the small display.
Not as well supported in terms of pre-installed applications as a ThinkPad, the V200 still offers more than your average business laptop. Take the one-button system recovery for instance, which helps you to recover from a crash or virus with the push of a button. Simple network connectivity and management tools let you quickly find and connect to a wireless network and save connection profiles for later use, while performance restoration keeps the system running almost as good as new by allowing you to restore to a previous backup without losing your personality settings for printers, browsers and applications.
Lenovo’s automatic update utility is neat for staying up to date with model-specific drivers and patches. Fragmentation can cause slowdowns, crashes, system freezes or even system failures. With Diskeeper Home you can quickly analyse fragmentation levels and detect them automatically to maintain peak performance on your system.
Presentation Director is a display configuration utility that enables you to create, manage, and use various display and projection schemes when making presentations. Using these schemes you can quickly and easily configure the machine to display a presentation on an external projector, monitor, or television with appropriate resolution and colour settings; avoid interruptions by disabling the screen saver and power management timers and hiding your desktop and instant-messaging windows; and use multiple monitors to extend the size of your desktop.
Presentation Director also enables you to capture your current display settings as a default scheme called ‘My Normal Display Settings.’ After you finish a presentation you can immediately and easily return to your default settings by applying this scheme.
Another neat utility which tends to get overlooked is PC Doctor 5. This provides a relatively comprehensive set of diagnostic testing and system information tools that allow end-users to quickly troubleshoot many (not all) hardware and software problems without the aid of a technical support engineer.
Corporates will also love the integrated fingerprint reader and integrated 1.3 megapixel conference camera. To unlock the V200 (after configuration), all you need is the swipe of your finger. The biometric security tools also let you store passwords for easy access to password-protected Web sites.
Mobile computing should be as comfortable as possible. The same engineers that brought us the legendary keyboard design on ThinkPad range now give you great tactile feel with intelligent layout and performance on V-Series. Thoughtfully designed, the keyboard has specialised keys and buttons for easy access to the presentation director application and Lenovo Care tools, as well as multimedia controls for stop, play, forward, rewind and pause.
The TrackPad is responsive and the two mouse buttons nice and quiet. We missed the TrackPoint of the ThinkPads, but Lenovo keeps this second navigation device the preserve of its premium range. Above the keyboard are three handy external volume controls.
Conclusion
Lenovo’s 3000 V200 is an impressive machine. It’s not the most striking in terms of design, nor does it offer the most features in its class, but it’s a great choice for small-business users unable to stretch their budget to a ThinkPad X61 (from £980 ex. VAT). The keyboard and pointing device are both solid, and the pre-installed software bundle is perfect for business owners. The screen is really crisp and bright, and the biometric security will be a real boon to anyone transferring sensitive documents. The only real disappointments are the sub-standard battery life and the lack of a digital video-out port.
Xbox accused of jamming WLANs
By John Cox, Network World (US)
Signals from Microsoft's Xbox 360 game console can disrupt wireless LANs, according to IT staff at Morrisville State College.
It's not clear, however, whether it's the college's WLAN access points or students' wireless notebooks that have been affected There is some anecdotal evidence, however, that it at least affects other radios in the same 2.4GHz band.
Morrisville IT staff typically use Bluetooth headsets, which run in the 2.4GHz band, with their cell phones when they troubleshoot problems on the spacious campus. "We had problems syncing our headsets to our phone where this signal was strong," says Matt Barber, the college's network administrator. A phone user had to physically touch the headset to the cell phone to make the initial connection, he says.
There may be effects on the WLAN that the equipment itself, from Meru Networks, is circumventing, according to Barber. Part of Meru's WLAN architecture employs software that gives the access points more control over wireless-client transmission behavior than does the software of some of Meru's rivals. An access point near a radiating Xbox may be compensating for interference by in effect guiding a wireless laptop to send and receive when open spectrum is available, essentially dodging around the Xbox signal.
Working with Meru, the small IT staff is planning to test soon the effect of multiple Xbox consoles in a dorm with a large number of active notebook clients. Microsoft could not comment on the Xbox signal phenomenon.
This autumn, Morrisville IT staff, working with Meru engineers and IBM, the network integrator, detected an unusual signal in the 2.4GHz band. "We wanted to look at the [radio frequency] environment in our dorms," Barber says. "We always thought we'd run into some strange stuff [there] in the 2.4 range."
The signal was discovered using Cognio Spectrum Expert, from Cognio (recently bought by Cisco). Spectrum Expert is RF-analysis software packaged with a WLAN adapter card that slots into any laptop PC. (See our April 2007 Clear Choice Test of four WLAN protocol analysers.) Among other capabilities, Spectrum Expert identifies sources of radio energy in the 2.4GHz and 5GHz WLAN bands, and identifies the cause, such as a brand of access point or a microwave oven.
"The signal really stood out," Barber says. "In some places it was so strong we thought it might be affecting the air [that is, the radio environment] around it."
The Cognio software, however, was baffled by this new signal: "Unknown emitter" was the classification. The signal shows up in the Cognio display as a kind of green-blizzard effect, covering a large swath of the 2.4 band, Barber says. That means the signal "is jumping all over the spectrum band," he says. In contrast, a nearby Meru access point shows up in the same scan as a strong, stable yellow-red glow, almost like a sun. The green blizzard is shot through with red dashes, which show, Barber says, that the signal at moments nearly rivals the access point in strength.
The mystery signal baffled the IT staff and Meru until Barber had a brainstorm: He brought in his own Xbox 360 and plugged it in, and turned on the Cognio spectrum analyser and watched the same signal appear.
Barber says the signal seems be created by the console's embedded 2.4GHz radio, which is used to communicate with the handheld wireless controller -- the gizmo with the buttons that manipulate a game running on the console. The Xbox also takes an optional Wi-Fi adapter, in the form of an USB dongle, to connect to a WLAN access point.
Barber says his "best guess" at this point is that the embedded radio, not the USB adapter, causes the signal. The signal is created even if the Xbox console is shut off: Just plugging its AC adapter into an electrical outlet seems to trigger the radio to look for - and keep looking for - a companion wireless controller. "It's even worse when you have multiple Xboxes in an area," Barber says.
At one point, IT staff wrapped the console in a static discharge bag, the material used, for example, to wrap and protect consumer electronics gear from static damage during shipment. The same properties make it act like radio "blanket" to muffle a transmission. Sure enough, the Cognio software showed a significant drop in the Xbox signal's strength.
The next step is more systematic testing. "We want to get several consoles together with a bunch of WLAN clients, to create a busy [RF] environment, and do some measurements," Barber says. "Are we seeing frames being dropped in the air, or people getting disconnected?"
Answering that question may be a bit more urgent, with Christmas looming, and the likelihood of still more brand-new Xboxs and other wireless entertainment products turning up in January when students return.
Signals from Microsoft's Xbox 360 game console can disrupt wireless LANs, according to IT staff at Morrisville State College.
It's not clear, however, whether it's the college's WLAN access points or students' wireless notebooks that have been affected There is some anecdotal evidence, however, that it at least affects other radios in the same 2.4GHz band.
Morrisville IT staff typically use Bluetooth headsets, which run in the 2.4GHz band, with their cell phones when they troubleshoot problems on the spacious campus. "We had problems syncing our headsets to our phone where this signal was strong," says Matt Barber, the college's network administrator. A phone user had to physically touch the headset to the cell phone to make the initial connection, he says.
There may be effects on the WLAN that the equipment itself, from Meru Networks, is circumventing, according to Barber. Part of Meru's WLAN architecture employs software that gives the access points more control over wireless-client transmission behavior than does the software of some of Meru's rivals. An access point near a radiating Xbox may be compensating for interference by in effect guiding a wireless laptop to send and receive when open spectrum is available, essentially dodging around the Xbox signal.
Working with Meru, the small IT staff is planning to test soon the effect of multiple Xbox consoles in a dorm with a large number of active notebook clients. Microsoft could not comment on the Xbox signal phenomenon.
This autumn, Morrisville IT staff, working with Meru engineers and IBM, the network integrator, detected an unusual signal in the 2.4GHz band. "We wanted to look at the [radio frequency] environment in our dorms," Barber says. "We always thought we'd run into some strange stuff [there] in the 2.4 range."
The signal was discovered using Cognio Spectrum Expert, from Cognio (recently bought by Cisco). Spectrum Expert is RF-analysis software packaged with a WLAN adapter card that slots into any laptop PC. (See our April 2007 Clear Choice Test of four WLAN protocol analysers.) Among other capabilities, Spectrum Expert identifies sources of radio energy in the 2.4GHz and 5GHz WLAN bands, and identifies the cause, such as a brand of access point or a microwave oven.
"The signal really stood out," Barber says. "In some places it was so strong we thought it might be affecting the air [that is, the radio environment] around it."
The Cognio software, however, was baffled by this new signal: "Unknown emitter" was the classification. The signal shows up in the Cognio display as a kind of green-blizzard effect, covering a large swath of the 2.4 band, Barber says. That means the signal "is jumping all over the spectrum band," he says. In contrast, a nearby Meru access point shows up in the same scan as a strong, stable yellow-red glow, almost like a sun. The green blizzard is shot through with red dashes, which show, Barber says, that the signal at moments nearly rivals the access point in strength.
The mystery signal baffled the IT staff and Meru until Barber had a brainstorm: He brought in his own Xbox 360 and plugged it in, and turned on the Cognio spectrum analyser and watched the same signal appear.
Barber says the signal seems be created by the console's embedded 2.4GHz radio, which is used to communicate with the handheld wireless controller -- the gizmo with the buttons that manipulate a game running on the console. The Xbox also takes an optional Wi-Fi adapter, in the form of an USB dongle, to connect to a WLAN access point.
Barber says his "best guess" at this point is that the embedded radio, not the USB adapter, causes the signal. The signal is created even if the Xbox console is shut off: Just plugging its AC adapter into an electrical outlet seems to trigger the radio to look for - and keep looking for - a companion wireless controller. "It's even worse when you have multiple Xboxes in an area," Barber says.
At one point, IT staff wrapped the console in a static discharge bag, the material used, for example, to wrap and protect consumer electronics gear from static damage during shipment. The same properties make it act like radio "blanket" to muffle a transmission. Sure enough, the Cognio software showed a significant drop in the Xbox signal's strength.
The next step is more systematic testing. "We want to get several consoles together with a bunch of WLAN clients, to create a busy [RF] environment, and do some measurements," Barber says. "Are we seeing frames being dropped in the air, or people getting disconnected?"
Answering that question may be a bit more urgent, with Christmas looming, and the likelihood of still more brand-new Xboxs and other wireless entertainment products turning up in January when students return.
Profiting from carbon reduction measures
By Chris Mellor, Techworld
IBM technology is being used in a carbon emission monitoring tool that can enable companies to help pay for carbon reduction measures by selling emission reduction credits.
As part of the Kyoto Protocol, businesses can offset their carbon emissions by buying carbon credits. These are certified reductions in carbon emissions over a period of time by a defined and verified source, such as an India-based power generating company.
The certifying of carbon emissions to create credits is a complex and closely-regulated matter as, in effect, carbon credits are a form of currency. Generally, customised measures are used and these are expensive to obtain and develop.
The GreenCert meter has been developed by US-based Evergreen Energy's subsidiary C-Lock (think carbon lock). It wanted to measure Evergreen's own carbon reductions through using cleaner coal fuel, and developed a range of sensors and monitors and recorded, processed and reported the results using software and expertise from IBM partner Enterprise Information Technology (EIM).
The IBM products include the WebSphere portal, Process Server and Business Process Management software, Lotus Forms, and DB2 database, Content Manager and Records Manager. A services-oriented architecture is used.
The combined sensors and monitoring tools and IBM products have been made into a product called the GreenCert meter. A business could use the GreenCert meter to measure and verify carbon emissions before a carbon reduction initiative is implemented. After that is done, the reduction is considered to be valid and verified.
Such verified emission reductions can be packaged and sold on world carbon credit markets as Certified Emission Reduction Credits (CCERC). These have a value of between $3 and $8/tonne (about £1.50 - £4.00 at ordinary conversion rates.)
This will provide revenue to help a business pay for carbon reduction efforts once they are operating. GreenCert can be applied as a general tool to agriculture, energy, government and financial concerns and enable them to participate in the carbon credit trading markets without having to pay for expensive customised technology.
GreenCert will be available in the first half of next year from C-Lock. Pricing was not disclosed.
IBM technology is being used in a carbon emission monitoring tool that can enable companies to help pay for carbon reduction measures by selling emission reduction credits.
As part of the Kyoto Protocol, businesses can offset their carbon emissions by buying carbon credits. These are certified reductions in carbon emissions over a period of time by a defined and verified source, such as an India-based power generating company.
The certifying of carbon emissions to create credits is a complex and closely-regulated matter as, in effect, carbon credits are a form of currency. Generally, customised measures are used and these are expensive to obtain and develop.
The GreenCert meter has been developed by US-based Evergreen Energy's subsidiary C-Lock (think carbon lock). It wanted to measure Evergreen's own carbon reductions through using cleaner coal fuel, and developed a range of sensors and monitors and recorded, processed and reported the results using software and expertise from IBM partner Enterprise Information Technology (EIM).
The IBM products include the WebSphere portal, Process Server and Business Process Management software, Lotus Forms, and DB2 database, Content Manager and Records Manager. A services-oriented architecture is used.
The combined sensors and monitoring tools and IBM products have been made into a product called the GreenCert meter. A business could use the GreenCert meter to measure and verify carbon emissions before a carbon reduction initiative is implemented. After that is done, the reduction is considered to be valid and verified.
Such verified emission reductions can be packaged and sold on world carbon credit markets as Certified Emission Reduction Credits (CCERC). These have a value of between $3 and $8/tonne (about £1.50 - £4.00 at ordinary conversion rates.)
This will provide revenue to help a business pay for carbon reduction efforts once they are operating. GreenCert can be applied as a general tool to agriculture, energy, government and financial concerns and enable them to participate in the carbon credit trading markets without having to pay for expensive customised technology.
GreenCert will be available in the first half of next year from C-Lock. Pricing was not disclosed.
Linux best for smart phones says Torvalds
By Tom Jowitt, Techworld
Linus Torvalds, the creator of Linux, sees a healthy future for the open source operating system on mobile devices, especially after Google's recent push with its Android platform.
In an interview with Reuters, Torvalds thinks that Linux will become more widely available next year on mobile devices.
"I haven't been personally involved, but it certainly looks like 2008 may be - thanks to the Google alliance - one of the years you will find more widely available phones with Linux," Torvalds told Reuters.
Back in early November, Google finally revealed its much hyped mobile plan. The Android platform has been developed by Google and others as part of the Open Handset Alliance, which has over 30 members. The open-source platform will comprise an operating system, middleware stack, customisable user interface and applications, and the first Android-based phones should hit the market in the second half of 2008.
Android has already gained some big name backers, including mobile operators such as T-Mobile, Telefonica and Sprint Nextel, and mobile handset makers such as Motorola, LG and Samsung. Chip makers Intel, Qualcomm and Texas Instruments are also backing Google’s platform.
Torvalds said Motorola had been one of the first players to come out with Linux phones, mainly in China and also in the US. Other Android handset makers are expected to follow suit with Linux models in 2008.
"Right now, there are no phones in the market. You can find some of the phone manufacturers making pre-release versions. You can't buy them yet, but I think next year you can," Torvalds said.
Torvalds also thought that the wider use of Linux in phones had been hampered by the fact that the real mass market was essentially in the low-end segment of devices, rather than smart phones.
"That seems to be changing. It used to be that they were so expensive that, by necessity, most people even in the industrialised world... would not go for a smart phone. Quite frankly, Linux makes much more sense in a smart phone than it makes in a really low-end product," Torvalds said.
Currently, Nokia’s Symbian platform has the largest market share for mobile operating systems, followed by the Windows Mobile OS from Redmond. Analyst firm IDC recently predicted that every mobile network operator will open its network to a wide range of devices, not just those offered by the carriers themselves.
Linus Torvalds, the creator of Linux, sees a healthy future for the open source operating system on mobile devices, especially after Google's recent push with its Android platform.
In an interview with Reuters, Torvalds thinks that Linux will become more widely available next year on mobile devices.
"I haven't been personally involved, but it certainly looks like 2008 may be - thanks to the Google alliance - one of the years you will find more widely available phones with Linux," Torvalds told Reuters.
Back in early November, Google finally revealed its much hyped mobile plan. The Android platform has been developed by Google and others as part of the Open Handset Alliance, which has over 30 members. The open-source platform will comprise an operating system, middleware stack, customisable user interface and applications, and the first Android-based phones should hit the market in the second half of 2008.
Android has already gained some big name backers, including mobile operators such as T-Mobile, Telefonica and Sprint Nextel, and mobile handset makers such as Motorola, LG and Samsung. Chip makers Intel, Qualcomm and Texas Instruments are also backing Google’s platform.
Torvalds said Motorola had been one of the first players to come out with Linux phones, mainly in China and also in the US. Other Android handset makers are expected to follow suit with Linux models in 2008.
"Right now, there are no phones in the market. You can find some of the phone manufacturers making pre-release versions. You can't buy them yet, but I think next year you can," Torvalds said.
Torvalds also thought that the wider use of Linux in phones had been hampered by the fact that the real mass market was essentially in the low-end segment of devices, rather than smart phones.
"That seems to be changing. It used to be that they were so expensive that, by necessity, most people even in the industrialised world... would not go for a smart phone. Quite frankly, Linux makes much more sense in a smart phone than it makes in a really low-end product," Torvalds said.
Currently, Nokia’s Symbian platform has the largest market share for mobile operating systems, followed by the Windows Mobile OS from Redmond. Analyst firm IDC recently predicted that every mobile network operator will open its network to a wide range of devices, not just those offered by the carriers themselves.
Sony Ericsson P1i review
Sony Ericsson P1i review
Here's a clumsy but loveable phone with lots of features
By Peter Judge
List price:£285
Pros: Good keyboard, decent camera,
Cons: clumsy user interface,
Buying advice: This phone has a lot going for it, and more features than some Nokia devices we have tried, aimed at the same market. It's a clumsy package, though, but one that users could easily learn to love.
The Sony Ericsson P1i is a classic example of the slowly-evolved smartphone. The kind of thing that iPhone users will look down on, and its own devotees will cling to.
It's got a touchscreen, but it doesn’t do the touchy-feely interface of the iPhone - this is an old-school PDA-style design, with a stylus, and a full, but quirky, qwerty keyboard. Launched earlier in 2007 in Europe, and currently costing £285 without a contract, it's the sequel to one of the longest running smartphone series - and has a lot to recommend it.
It uses UIQ, the only real rival interface to Nokia's S60 on the Symbian operating system, owned by Sony Ericsson and more of a contender since Motorola bought a stake late this year.
Sony Ericsson has a somewhat patchy history in smartphones. The P-series made a brilliant start in 2002 with the P800, a does-everything phone with a clever flipping keyboard (inherited from Ericsson phones like the R380) that won lots of fans, but it stumbled in 2005, when the P990 was delayed a whole year, till the end of 2006.
Nokia capitalised on this, with its E-series, which includes the E65 slider and the E61 qwerty phone. Sony Ericsson launched the M600, a UIQ smartphone, but that didn't gain much favour owing to its lack of a camera and Wi-Fi. The P1i is intended to redress this balance - it's a P-series phone built into the M600 style, but with camera, Wi-Fi and a built in radio.
Design and usability
If the P1i has a problem it will be convincing new users. People who have stuck with the interface will like it, but others may find it so quirky they won't pick it up. Also, post-iPhone, people are going to want really good web browsing, and a slimmed down user interface - and that's not what you have here.
It's chunky, at 55x17x106mm and 124g, but not massively so, and goes happily in a pocket. The screen is decent, at 65mm large, and 240x320 pixels.
The phone doesn't do a great job of putting key functions like the contacts list or calendar up front, however. They're on the main screen, with icons big enough to use a finger on, but if you're off doing messaging or whatever, you have to get back to the main screen first (this is easier after you find the "back" button on the side.
I couild get used to this, but I like dedicated buttons, like the Nokia E65 does. The buttons here are all in the qwerty pad.
For data entry, I'm prejudiced. I don't like qwerty phones, and I think stylus-driven phones are a mistake which will die out when the last user loses the last stylus down the back of the sofa. The P1i, therefore is asking for trouble with me, by combining stylus and keyboard, a class of device which needs three hands to use, and includes the Windows Mobile based Motorola MC35 which I loathed.
To my surprise, the P1i is friendlier. I'm more familiar with Symbian, but also on the side, as well as that Back button, it also has a scroll wheel, which moves the cursor up and down and selects when pressed, which cuts down the number of times you need to pull out the stylus.
I liked the qwerty keyboard too. It has two letters per key, so each key can be bigger than the micro-pimples of a Blackberry or Treo, and they're nicely contoured rubber and responsive.
The letter keys have a rocker action. For instance, the top left key gives Q or W, depending which side you touch. There's a shift key to get capitals, and an Alt key which gives a bunch of other characters like brackets, @ and the like, as well as numbers on the middle keys.
This isn't unheard of on smartphones, but it's the first time I've met it, and I found it weird till I got used to it. The predictive text works well.
Connections
The P1i works fine as a phone (in phone mode, the number keys are just numbers), and shows an eagerness to help - suggesting after every phone call that the number could be added to the contacts list.
Bluetooth works just as it should do, and the USB cable is fine for synching with a PC. There's also a cradle (a rare thing that harks back to PDAs) that combines Bluetooth and power, and the provided PC software synchs it easily with Outlook, Notes and other email clients.
Setting up Wi-Fi is easy, but the web browser is not as good as the Nokia or iPhone browsers. Lacking the ability to preview a small version of the page, which is useful on a small gadget. Also, obviously, with Wi-Fi on, the battery drains more quickly, so it can run out in less than a day.
With the qwerty keyboard, email is clearly a major likely use for the phone, and it is the first Sony Ericsson phone to support RIM's Blackberry Connect, software that puts Blackberry email on non-Blackberry devices.
The BlackBerry Connect software, when installed, gives clear status alerts, and works well. I used it with GoogleMail, which works all right, though it's not all that well implemented, in terms of using the
Entertainment
The P1i has an FM radio (not enough phones do), and media player, as well as a fairly good camera. It handles 3.2 Mpixels, and has optional autofocus, and a flash. It also has a sound recorder, which is actually useful, and not stuck with the silly one minute limit in the Nokia E65. There's a Sony MemoryStick slot for extra storage, accessible from the side of the device without taking the back off, but well protected.
Conclusion
This has a lot going for it, and more features than some Nokia devices we have tried, aimed at the same market. It's a clumsy package, though, but one that users could easily learn to love.
Here's a clumsy but loveable phone with lots of features
By Peter Judge
List price:£285
Pros: Good keyboard, decent camera,
Cons: clumsy user interface,
Buying advice: This phone has a lot going for it, and more features than some Nokia devices we have tried, aimed at the same market. It's a clumsy package, though, but one that users could easily learn to love.
The Sony Ericsson P1i is a classic example of the slowly-evolved smartphone. The kind of thing that iPhone users will look down on, and its own devotees will cling to.
It's got a touchscreen, but it doesn’t do the touchy-feely interface of the iPhone - this is an old-school PDA-style design, with a stylus, and a full, but quirky, qwerty keyboard. Launched earlier in 2007 in Europe, and currently costing £285 without a contract, it's the sequel to one of the longest running smartphone series - and has a lot to recommend it.
It uses UIQ, the only real rival interface to Nokia's S60 on the Symbian operating system, owned by Sony Ericsson and more of a contender since Motorola bought a stake late this year.
Sony Ericsson has a somewhat patchy history in smartphones. The P-series made a brilliant start in 2002 with the P800, a does-everything phone with a clever flipping keyboard (inherited from Ericsson phones like the R380) that won lots of fans, but it stumbled in 2005, when the P990 was delayed a whole year, till the end of 2006.
Nokia capitalised on this, with its E-series, which includes the E65 slider and the E61 qwerty phone. Sony Ericsson launched the M600, a UIQ smartphone, but that didn't gain much favour owing to its lack of a camera and Wi-Fi. The P1i is intended to redress this balance - it's a P-series phone built into the M600 style, but with camera, Wi-Fi and a built in radio.
Design and usability
If the P1i has a problem it will be convincing new users. People who have stuck with the interface will like it, but others may find it so quirky they won't pick it up. Also, post-iPhone, people are going to want really good web browsing, and a slimmed down user interface - and that's not what you have here.
It's chunky, at 55x17x106mm and 124g, but not massively so, and goes happily in a pocket. The screen is decent, at 65mm large, and 240x320 pixels.
The phone doesn't do a great job of putting key functions like the contacts list or calendar up front, however. They're on the main screen, with icons big enough to use a finger on, but if you're off doing messaging or whatever, you have to get back to the main screen first (this is easier after you find the "back" button on the side.
I couild get used to this, but I like dedicated buttons, like the Nokia E65 does. The buttons here are all in the qwerty pad.
For data entry, I'm prejudiced. I don't like qwerty phones, and I think stylus-driven phones are a mistake which will die out when the last user loses the last stylus down the back of the sofa. The P1i, therefore is asking for trouble with me, by combining stylus and keyboard, a class of device which needs three hands to use, and includes the Windows Mobile based Motorola MC35 which I loathed.
To my surprise, the P1i is friendlier. I'm more familiar with Symbian, but also on the side, as well as that Back button, it also has a scroll wheel, which moves the cursor up and down and selects when pressed, which cuts down the number of times you need to pull out the stylus.
I liked the qwerty keyboard too. It has two letters per key, so each key can be bigger than the micro-pimples of a Blackberry or Treo, and they're nicely contoured rubber and responsive.
The letter keys have a rocker action. For instance, the top left key gives Q or W, depending which side you touch. There's a shift key to get capitals, and an Alt key which gives a bunch of other characters like brackets, @ and the like, as well as numbers on the middle keys.
This isn't unheard of on smartphones, but it's the first time I've met it, and I found it weird till I got used to it. The predictive text works well.
Connections
The P1i works fine as a phone (in phone mode, the number keys are just numbers), and shows an eagerness to help - suggesting after every phone call that the number could be added to the contacts list.
Bluetooth works just as it should do, and the USB cable is fine for synching with a PC. There's also a cradle (a rare thing that harks back to PDAs) that combines Bluetooth and power, and the provided PC software synchs it easily with Outlook, Notes and other email clients.
Setting up Wi-Fi is easy, but the web browser is not as good as the Nokia or iPhone browsers. Lacking the ability to preview a small version of the page, which is useful on a small gadget. Also, obviously, with Wi-Fi on, the battery drains more quickly, so it can run out in less than a day.
With the qwerty keyboard, email is clearly a major likely use for the phone, and it is the first Sony Ericsson phone to support RIM's Blackberry Connect, software that puts Blackberry email on non-Blackberry devices.
The BlackBerry Connect software, when installed, gives clear status alerts, and works well. I used it with GoogleMail, which works all right, though it's not all that well implemented, in terms of using the
Entertainment
The P1i has an FM radio (not enough phones do), and media player, as well as a fairly good camera. It handles 3.2 Mpixels, and has optional autofocus, and a flash. It also has a sound recorder, which is actually useful, and not stuck with the silly one minute limit in the Nokia E65. There's a Sony MemoryStick slot for extra storage, accessible from the side of the device without taking the back off, but well protected.
Conclusion
This has a lot going for it, and more features than some Nokia devices we have tried, aimed at the same market. It's a clumsy package, though, but one that users could easily learn to love.
US battles phishing crimewave
By Gregg Keizer, Computerworld (US)
More than 3.5 million US adults lost money to phishing scams and online identity theft in the 12-month period that ended in August, a 57 percent increase over the previous year, a Gartner fraud analyst has said.
The bad news, said analyst Avivah Litan, didn't end there. About 3.3 percent of the 4,500 Americans polled in August said they had been victimised by a phishing attack and had lost money in the deal. In 2006, the figure was 2.3 percent.
And banking regulators are both "in the dark" and "asleep at the wheel," she noted.
In other words, phishing is far from ancient history. Even consumers familiar with the concept - and those, said Litan, remain a minority - are not necessarily immune from current scams.
"Phishing is much more surreptitious, much more devious," she argued. "They're grabbing information from Facebook and MySpace and sending e-mail like they're your friend. Then there's greeting cards and charities, both of which are up dramatically."
The practice hasn't gone unnoticed by other security experts, who have remarked - most notably about the Storm bot-building Trojan - that clever social engineering strategies are all the rage. The constantly changing cycle of new techniques simply makes it that much harder for consumers to recognise what's legitimate and what's illegal.
"It not obvious, like it used to be," Litan added, like with early phishing techniques that used bank-branded e-mails that claimed the recipient needed to enter her log-in information in the next 24 hours or be locked out of her account. "Now malware is being dropped from e-mails, or from advertisements on Web pages, or from compromised Web sites. Click on a link in an ad, and even if you don't enter any information, you're still getting infected."
That broadening of the definition of "phishing," which once stood for bogus e-mail that tried to dupe users into giving up their passwords, had Litan grasping for a new term. "Maybe it should be called 'malphish,' or 'phishware,' " she said.
Gartner's annual survey also uncovered other shifts in identity theft. For the first time, bank check and debit card account information dominated the target list of phishers. In 2007, 47 percent of those who lost money said it was through a debit or bank check card, while credit cards accounted for just 32 percent. The year before, debit and credit cards were essentially neck and neck.
"Criminals have stepped up attacks on debit card and bank accounts, where back-end fraud-detection systems are traditionally weaker than they are in credit card accounts," said Litan. "And there are so many ways to use a debit card, whether it's for fund transfers or purchases or [cash] advances."
Among the few bright spots in Gartner's report are a drop in the average dollar amount lost per phishing incident, and an increase in the percentage of losses recovered by victims.
The average amount lost fell in 2007 to US$886, down approximately 29 percent from the $1,244 average per incident in 2006. And more people - 1.6 million in 2007, compared with 1.5 million the year before - recovered more money, said Litan; the survey showed 2007's victims recovered 64 percent of their losses, up significantly from the 54 percnt recouped in 2006.
Litan ascribed the average-loss drop to better controls by banks and credit card companies, including lower triggers in antifraud or account-locking measures, and she attributed the greater proportion of losses recovered to consumers' avoidance of payment vehicles that lack any recovery feature, such as Western Union and the now-defunct eGold.
In the 12 months before August 2007, Gartner calculated, estimated phishing losses totalled $3.2 billion. That was up $500 million from $2.8 billion in 2006.
"How much money has to be lost before something's done?" Litan asked.
More than 3.5 million US adults lost money to phishing scams and online identity theft in the 12-month period that ended in August, a 57 percent increase over the previous year, a Gartner fraud analyst has said.
The bad news, said analyst Avivah Litan, didn't end there. About 3.3 percent of the 4,500 Americans polled in August said they had been victimised by a phishing attack and had lost money in the deal. In 2006, the figure was 2.3 percent.
And banking regulators are both "in the dark" and "asleep at the wheel," she noted.
In other words, phishing is far from ancient history. Even consumers familiar with the concept - and those, said Litan, remain a minority - are not necessarily immune from current scams.
"Phishing is much more surreptitious, much more devious," she argued. "They're grabbing information from Facebook and MySpace and sending e-mail like they're your friend. Then there's greeting cards and charities, both of which are up dramatically."
The practice hasn't gone unnoticed by other security experts, who have remarked - most notably about the Storm bot-building Trojan - that clever social engineering strategies are all the rage. The constantly changing cycle of new techniques simply makes it that much harder for consumers to recognise what's legitimate and what's illegal.
"It not obvious, like it used to be," Litan added, like with early phishing techniques that used bank-branded e-mails that claimed the recipient needed to enter her log-in information in the next 24 hours or be locked out of her account. "Now malware is being dropped from e-mails, or from advertisements on Web pages, or from compromised Web sites. Click on a link in an ad, and even if you don't enter any information, you're still getting infected."
That broadening of the definition of "phishing," which once stood for bogus e-mail that tried to dupe users into giving up their passwords, had Litan grasping for a new term. "Maybe it should be called 'malphish,' or 'phishware,' " she said.
Gartner's annual survey also uncovered other shifts in identity theft. For the first time, bank check and debit card account information dominated the target list of phishers. In 2007, 47 percent of those who lost money said it was through a debit or bank check card, while credit cards accounted for just 32 percent. The year before, debit and credit cards were essentially neck and neck.
"Criminals have stepped up attacks on debit card and bank accounts, where back-end fraud-detection systems are traditionally weaker than they are in credit card accounts," said Litan. "And there are so many ways to use a debit card, whether it's for fund transfers or purchases or [cash] advances."
Among the few bright spots in Gartner's report are a drop in the average dollar amount lost per phishing incident, and an increase in the percentage of losses recovered by victims.
The average amount lost fell in 2007 to US$886, down approximately 29 percent from the $1,244 average per incident in 2006. And more people - 1.6 million in 2007, compared with 1.5 million the year before - recovered more money, said Litan; the survey showed 2007's victims recovered 64 percent of their losses, up significantly from the 54 percnt recouped in 2006.
Litan ascribed the average-loss drop to better controls by banks and credit card companies, including lower triggers in antifraud or account-locking measures, and she attributed the greater proportion of losses recovered to consumers' avoidance of payment vehicles that lack any recovery feature, such as Western Union and the now-defunct eGold.
In the 12 months before August 2007, Gartner calculated, estimated phishing losses totalled $3.2 billion. That was up $500 million from $2.8 billion in 2006.
"How much money has to be lost before something's done?" Litan asked.
Monday, December 17, 2007
What's gone wrong with WiMax?
What's gone wrong with WiMax?
The future remains unclear with LTE waiting in the wings.
By Craig Mathias, Farpoint Group
I'm always surprised when the twists and turns of properly-functioning markets result in over-reactions from all corners. One case in point is the recent behaviour of the now-global stock markets, which go up and down so rapidly as to give even long-term investors at least a mild case of heartburn.
Another important case in point was recent news that US WiMax leaders Clearwire and Sprint Nextel are dropping plans to jointly build out a national WiMax footprint. I was a bit surprised by this news even though I've long been a bit of a WiMax skeptic. My skepticism arises partly because it's my job as an analyst to be skeptical and partly because most analyses of WiMax have been performed in isolation, without considering the overall macroeconomic picture as well as the competitive environment for wide-area mobile broadband.
I was also irritated with the initial WiMax marketing five or so years ago. That marketing featured overhype reminiscent of the early days of Bluetooth, which itself was originally promoted as a wireless personal-area network, local-area network, serial/parallel-port replacement and, to paraphrase an old Saturday Night Live routine, a desert topping and floor wax.
Regardless, the WiMax Forum as an organisation has made the transition from specifying interoperability for the boring point-to-point microwave business to the hip and cool world of mobility, which is where Clearwire and Sprint both want to go. Of course, that's where everyone wants to go, and the competition is heating up, particularly with respect to the Third Generation Partnership Project's (3GPP) Long-Term Evolution (LTE) effort. Verizon Wireless, for instance, has said it is committed to developing an LTE network.
One of the key elements in WiMax's favor when Sprint decided more than a year ago to go with the technology was that WiMax had a significant time-to-market lead over other 4G (fourth-generation) technologies such as LTE. But the reality of the situation has since become apparent: As is always the case with high technology and especially with wireless, it takes a lot longer and costs a lot more money than planners assume in the early, euphoric days.
Sprint must face some serious problems. It's losing subscribers to its core cellular business, the company is losing shareholder value, and it recently lost its CEO, although it wasn't his idea to depart. Some major shareholders see WiMax as a distraction and not a strategic direction for the future.
Of course, stockholders usually behave that way; vision is not their strong suit. Show them a stock-price graph that is always up and to the right, and management can pretty much do what it wants. When that direction heads the other way, well, the future is simply too far away to matter. From their perspective, Sprint already has deployed EV-DO (Evolution-Data Optimised), which should carry them regardless of what happens with WiMax. That 3G technology could even be deployed in Sprint's 2.5-GHz spectrum, which is currently earmarked for WiMax.
Similarly, Clearwire has a going business in broadband, although its current technology is also not based on WiMax. The company recently announced a PC Card adapter, and its service is now nomadic if not the fully mobile.
One gets the impression that Intel has been highly influential in convincing Clearwire to take the WiMax plunge. After all, Intel needs to sell a ton of WiMax chips to make its investment in the technology pay off, and the carriers are key to achieving this goal. But Clearwire doesn't really need WiMax to be successful, and a full transition to WiMax will take many years and cost billions of dollars. Like Sprint, Clearwire has lost significant market valuation, and its shareholders are not happy.
We might therefore conclude that WiMax is critical to neither Clearwire nor Sprint. Still, powerful interests, most notably Intel, are at work here, and I think we're simply seeing a delay in the WiMax game, not the end of an otherwise noble experiment. But since most users really don't care what specific technology they use - price, availability, throughput, reliability, and customer service are instead the keys to happy customers - the road ahead for WiMax will be anything but easy.
Craig J. Mathias is a principal at Farpoint Group, an advisory firm specialising in wireless networking and mobile computing. This article appeared in Computerworld.
The future remains unclear with LTE waiting in the wings.
By Craig Mathias, Farpoint Group
I'm always surprised when the twists and turns of properly-functioning markets result in over-reactions from all corners. One case in point is the recent behaviour of the now-global stock markets, which go up and down so rapidly as to give even long-term investors at least a mild case of heartburn.
Another important case in point was recent news that US WiMax leaders Clearwire and Sprint Nextel are dropping plans to jointly build out a national WiMax footprint. I was a bit surprised by this news even though I've long been a bit of a WiMax skeptic. My skepticism arises partly because it's my job as an analyst to be skeptical and partly because most analyses of WiMax have been performed in isolation, without considering the overall macroeconomic picture as well as the competitive environment for wide-area mobile broadband.
I was also irritated with the initial WiMax marketing five or so years ago. That marketing featured overhype reminiscent of the early days of Bluetooth, which itself was originally promoted as a wireless personal-area network, local-area network, serial/parallel-port replacement and, to paraphrase an old Saturday Night Live routine, a desert topping and floor wax.
Regardless, the WiMax Forum as an organisation has made the transition from specifying interoperability for the boring point-to-point microwave business to the hip and cool world of mobility, which is where Clearwire and Sprint both want to go. Of course, that's where everyone wants to go, and the competition is heating up, particularly with respect to the Third Generation Partnership Project's (3GPP) Long-Term Evolution (LTE) effort. Verizon Wireless, for instance, has said it is committed to developing an LTE network.
One of the key elements in WiMax's favor when Sprint decided more than a year ago to go with the technology was that WiMax had a significant time-to-market lead over other 4G (fourth-generation) technologies such as LTE. But the reality of the situation has since become apparent: As is always the case with high technology and especially with wireless, it takes a lot longer and costs a lot more money than planners assume in the early, euphoric days.
Sprint must face some serious problems. It's losing subscribers to its core cellular business, the company is losing shareholder value, and it recently lost its CEO, although it wasn't his idea to depart. Some major shareholders see WiMax as a distraction and not a strategic direction for the future.
Of course, stockholders usually behave that way; vision is not their strong suit. Show them a stock-price graph that is always up and to the right, and management can pretty much do what it wants. When that direction heads the other way, well, the future is simply too far away to matter. From their perspective, Sprint already has deployed EV-DO (Evolution-Data Optimised), which should carry them regardless of what happens with WiMax. That 3G technology could even be deployed in Sprint's 2.5-GHz spectrum, which is currently earmarked for WiMax.
Similarly, Clearwire has a going business in broadband, although its current technology is also not based on WiMax. The company recently announced a PC Card adapter, and its service is now nomadic if not the fully mobile.
One gets the impression that Intel has been highly influential in convincing Clearwire to take the WiMax plunge. After all, Intel needs to sell a ton of WiMax chips to make its investment in the technology pay off, and the carriers are key to achieving this goal. But Clearwire doesn't really need WiMax to be successful, and a full transition to WiMax will take many years and cost billions of dollars. Like Sprint, Clearwire has lost significant market valuation, and its shareholders are not happy.
We might therefore conclude that WiMax is critical to neither Clearwire nor Sprint. Still, powerful interests, most notably Intel, are at work here, and I think we're simply seeing a delay in the WiMax game, not the end of an otherwise noble experiment. But since most users really don't care what specific technology they use - price, availability, throughput, reliability, and customer service are instead the keys to happy customers - the road ahead for WiMax will be anything but easy.
Craig J. Mathias is a principal at Farpoint Group, an advisory firm specialising in wireless networking and mobile computing. This article appeared in Computerworld.
Security? What does Microsoft know about security?
Security? What does Microsoft know about security?
A week in the life of an IT manager
By David Charles
Welcome to this week's blog, which will appear monthly, funnily enough.
Monday
Two new starts next week, so two new desktops to get ready. Usually, this is simply a matter of copying a disk image of the OS and a few company-standard applications to the new machines and soak testing them for a couple of days. But I'm a bit behind with patches and our current disk image needs updating. Not a major problem, just another couple of extra hours' work to be scheduled in.
I shouldn't really have to do this, though. Our PC vendor could ship out products without all the OS flaws that allow viruses, worms, Trojans, et al to spread. Manufacturers could add all the latest security patches before selling their machines.
Our vendor's standard response to these points is "certainly, we could offer you secured PCs with all the updates installed, but in a 'commodity' market, your buyer would just go to a cheaper supplier and get PCs with an older version of the OS.' On the face of it, this seems like a reasonable argument.
However, it's nonsense. Ten years ago, I worked for a PC vendor that daily prepared thousands of machines by creating a single master image that was copied to a large number of other drives before assembly. The master image was constantly updated, yet this vendor's products were considerably cheaper than almost everyone else's. No, the reason our current vendor won't do what I want is more likely to be that we have nowhere else to go. No-one else does it, so there's no market imperative.
If the IT industry's marketing departments weren't so devoid of any talent, maybe one of the PC vendors would break the mould. But I'm not holding my breath.
Tuesday
Despite the constant stream of new OS patches, I've been feeling quite well disposed towards Microsoft lately. After all, it's on our side now, isn't it?
However, the company's continual finger pointing about security is beginning to grate. Its product evangelists sound more and more like those reformed smokers who turn into complete health fascists as soon as they've kicked the habit. While Microsoft's recent conversion to best security practices is of course broadly welcome, I find its hectoring tone increasingly irritating.
Take Jonathan Perera, senior director of what Microsoft laughingly calls its "security business technology" unit, which we can only assume is a branch of marketing. At today's otherwise fairly dull Infosecurity show, Mr. Perera effectively says that if people like me don't do a better job of promptly applying Microsoft's patches, as well as training users in safe computing practices, the consequences are our own stupid fault. Back here on planet Earth, Mr. Perera, people like me have only so many hours in the day to patch all your employer's gaping vulnerabilities and you're pretty hopeless at supplying us with the information we need to determine priorities.
Try getting some education yourself.
Wednesday
Apparently, Microsoft plans to use more dialogue boxes and warning messages in future Windows and Office releases to "educate" users on safe computing practices. This conjures up a mental picture of some equivalent to its loathsome little paperclip asking us if we "really want to do that" and offering to automatically configure our security settings. This nightmarish vision comes courtesy of the same irksome Jonathan Perera who blames me and my team for not doing enough about security. He's quoted as claiming his employer can use software to teach users about security.
Clearly this man has never met our users.
The idea of educating them about anything is too funny for words. And I doubt our users are untypical. When are Microsoft's marketroids going to "get real" or "wake up and smell the coffee" or whatever else it is they're constantly urging IT managers to do?
Thursday
There's some brouhaha in the media about Microsoft's readiness to deal with the deluge of technical support calls expected when it releases its much-vaunted new service pack for Windows XP. Never mind Microsoft's readiness, what about mine? I suspect the reality is that Microsoft will get fewer support calls while mine go through the roof. SP2 will deal with a lot of the external security issues that have been bugging its users for years, so Microsoft's support calls may well go down.
It'll be different for us, though. If we install SP2, we run the risk of all our applications falling over; we're going to have some brainless animated icon constantly prompting users to set up firewalls, block pop-up ads and update the antivirus; and if that weren't enough, IT will be inundated with calls from irate users who'll no longer be able to connect to the games servers and file sharing services they seem to find so fundamental to their everyday working lives.
Friday
This week has turned into one of those "let's all get obsessed with security" weeks. I suspect it's some sort of conspiracy hatched by the security vendors to drum up a bit of interest in the Infosecurity show. All right guys, I went to your show - now will you make it stop?
You see, I've got loads of patches to catch up with and I want to get home before two o'clock tomorrow morning. But I keep getting interrupted by emails from users wailing and gnashing their teeth about the automated bounce messages they receive every day from anti-virus software installed at firms they've never even heard of.
Now I issued a general warning to our users about such messages when Netsky first appeared. My warning went something like this: "You will probably start receiving a lot of emails claiming you sent out a virus. Don't worry, someone else will have sent the virus using your forged email address in the 'from' field and you are just being notified by some brain-dead antivirus program that assumes you are the sender. It's okay. Just delete these messages and get on with your life."
Like so many of the important but boring emails that go out from management here, this one probably went straight into most people's trash folder unread. Strangely, this doesn't happen to the pointless AV bounce messages. Each one is read avidly and discussed ad nauseum. First, the recipients work themselves into a lather of self-righteous indignation about the injustice of it all; then they demand to know what IT is going to do about these slurs on their character.
Now the show's over, maybe the AV vendors could arrange to stop their products sending us all these dumb responses?
David Charles is IT manager for a UK recruitment agency.
A week in the life of an IT manager
By David Charles
Welcome to this week's blog, which will appear monthly, funnily enough.
Monday
Two new starts next week, so two new desktops to get ready. Usually, this is simply a matter of copying a disk image of the OS and a few company-standard applications to the new machines and soak testing them for a couple of days. But I'm a bit behind with patches and our current disk image needs updating. Not a major problem, just another couple of extra hours' work to be scheduled in.
I shouldn't really have to do this, though. Our PC vendor could ship out products without all the OS flaws that allow viruses, worms, Trojans, et al to spread. Manufacturers could add all the latest security patches before selling their machines.
Our vendor's standard response to these points is "certainly, we could offer you secured PCs with all the updates installed, but in a 'commodity' market, your buyer would just go to a cheaper supplier and get PCs with an older version of the OS.' On the face of it, this seems like a reasonable argument.
However, it's nonsense. Ten years ago, I worked for a PC vendor that daily prepared thousands of machines by creating a single master image that was copied to a large number of other drives before assembly. The master image was constantly updated, yet this vendor's products were considerably cheaper than almost everyone else's. No, the reason our current vendor won't do what I want is more likely to be that we have nowhere else to go. No-one else does it, so there's no market imperative.
If the IT industry's marketing departments weren't so devoid of any talent, maybe one of the PC vendors would break the mould. But I'm not holding my breath.
Tuesday
Despite the constant stream of new OS patches, I've been feeling quite well disposed towards Microsoft lately. After all, it's on our side now, isn't it?
However, the company's continual finger pointing about security is beginning to grate. Its product evangelists sound more and more like those reformed smokers who turn into complete health fascists as soon as they've kicked the habit. While Microsoft's recent conversion to best security practices is of course broadly welcome, I find its hectoring tone increasingly irritating.
Take Jonathan Perera, senior director of what Microsoft laughingly calls its "security business technology" unit, which we can only assume is a branch of marketing. At today's otherwise fairly dull Infosecurity show, Mr. Perera effectively says that if people like me don't do a better job of promptly applying Microsoft's patches, as well as training users in safe computing practices, the consequences are our own stupid fault. Back here on planet Earth, Mr. Perera, people like me have only so many hours in the day to patch all your employer's gaping vulnerabilities and you're pretty hopeless at supplying us with the information we need to determine priorities.
Try getting some education yourself.
Wednesday
Apparently, Microsoft plans to use more dialogue boxes and warning messages in future Windows and Office releases to "educate" users on safe computing practices. This conjures up a mental picture of some equivalent to its loathsome little paperclip asking us if we "really want to do that" and offering to automatically configure our security settings. This nightmarish vision comes courtesy of the same irksome Jonathan Perera who blames me and my team for not doing enough about security. He's quoted as claiming his employer can use software to teach users about security.
Clearly this man has never met our users.
The idea of educating them about anything is too funny for words. And I doubt our users are untypical. When are Microsoft's marketroids going to "get real" or "wake up and smell the coffee" or whatever else it is they're constantly urging IT managers to do?
Thursday
There's some brouhaha in the media about Microsoft's readiness to deal with the deluge of technical support calls expected when it releases its much-vaunted new service pack for Windows XP. Never mind Microsoft's readiness, what about mine? I suspect the reality is that Microsoft will get fewer support calls while mine go through the roof. SP2 will deal with a lot of the external security issues that have been bugging its users for years, so Microsoft's support calls may well go down.
It'll be different for us, though. If we install SP2, we run the risk of all our applications falling over; we're going to have some brainless animated icon constantly prompting users to set up firewalls, block pop-up ads and update the antivirus; and if that weren't enough, IT will be inundated with calls from irate users who'll no longer be able to connect to the games servers and file sharing services they seem to find so fundamental to their everyday working lives.
Friday
This week has turned into one of those "let's all get obsessed with security" weeks. I suspect it's some sort of conspiracy hatched by the security vendors to drum up a bit of interest in the Infosecurity show. All right guys, I went to your show - now will you make it stop?
You see, I've got loads of patches to catch up with and I want to get home before two o'clock tomorrow morning. But I keep getting interrupted by emails from users wailing and gnashing their teeth about the automated bounce messages they receive every day from anti-virus software installed at firms they've never even heard of.
Now I issued a general warning to our users about such messages when Netsky first appeared. My warning went something like this: "You will probably start receiving a lot of emails claiming you sent out a virus. Don't worry, someone else will have sent the virus using your forged email address in the 'from' field and you are just being notified by some brain-dead antivirus program that assumes you are the sender. It's okay. Just delete these messages and get on with your life."
Like so many of the important but boring emails that go out from management here, this one probably went straight into most people's trash folder unread. Strangely, this doesn't happen to the pointless AV bounce messages. Each one is read avidly and discussed ad nauseum. First, the recipients work themselves into a lather of self-righteous indignation about the injustice of it all; then they demand to know what IT is going to do about these slurs on their character.
Now the show's over, maybe the AV vendors could arrange to stop their products sending us all these dumb responses?
David Charles is IT manager for a UK recruitment agency.
WLAN switches - how the costs pan out
WLAN switches - how the costs pan out
Beware the extra strain on your network.
By John Cox, Network World
To know if you're getting what you pay for in a wireless LAN switch, you have to know what you want and what the vendor has.
WLAN switch pricing is quite variable. The products differ widely in terms of the features they have, how well the same features are implemented, the number of WLAN access points they support and which features are standard or optional.
Think of your WLAN purchase as a system, not a box, and price it accordingly. "A lot of people get caught up in what the access point costs or the wireless switch costs," says Joshua Wright, a former network engineer with Johnson & Wales University in Providence, R.I. "They forget that with Vendor A, I (also) have to buy a separate VPN or RADIUS server, but with Vendor B, all this comes in one package."
The university and the trading floor
While at the university, Wright guided the purchase of WLAN switches and access points from Aruba Wireless Networks. He's now director of training at SANS Institute, a computer research and training firm.
Bruce Burke, network manager for Pacific Exchange, an options trading floor in San Francisco, says that some senior managers initially thought he could shop at a local electronics store and pick up a few of the wireless access points aimed at home users. "We're not talking about a little office switch deployment," he says. He spent time educating management about what was needed for a WLAN that would be reliable enough for the Exchange.
The decision cycle at Pacific Exchange took about three weeks last fall for the relatively small deployment of two Airespace switches for redundancy and 10 access points. But it took about three months at Johnson & Wales because the university was looking for a set of products that could be deployed on a larger scale, and to at least a half dozen remote campuses across the US - and more in the future.
Pacific Exchange had suffered from an existing WLAN that kept crashing the critical trading applications (see this feature for a description of Pacific's migration). Coverage was spotty because of architectural issues, including reflective surfaces and a range of building materials. An analysis convinced Burke that the new WLAN needed mountings that could accept different types of antennas, and radio management features, to adjust the radio signal strength of each access point.
Johnson & Wales had a wide range of requirements befitting a large-scale deployment. One of the most important was the support for Layer 3 roaming – allowing a user to move from one WLAN subnet to another without having to change IP addresses. The school also needed support for several security technologies: 802.1X authentication, VPNs and captive Web portals.
Watch for hidden costs
The requirements then guided both organisations through the evaluation of product features. They were especially useful in figuring the real cost of a WLAN deployment.
"What surprised us was how much the total solution cost us overall," Wright recalls. However, he declined to discuss that figure.
The cost of the hardware and software products are only part of the overall cost of your WLAN deployment. There are many hidden costs of tying a WLAN to existing authentication, security and administration systems.
"If you have a separate (WLAN) network management system, you have to set it up and configure it," says Matt Dillon, principal consultant with INS, an IT services and integration company. "Then you have to integrate it with your security access system, which is a lot of administrative time."
WLAN means more load on remote access
One INS customer had a remote-access control (RAC) system that worked fine for about 100 users. A proposed enterprise WLAN jumped the number of RAC users to more than 500, so the customer had to spend tens of thousands of dollars to replace the existing RAC system to handle the higher level of authentication processing.
Installation including Ethernet cabling can cost US$75 to $150 per access point, Dillon says. He says a thorough site survey is essential. Technical support capabilities and costs, and other issues such as a vendor's financial stability and product road map, are other variables to consider.
"You need to look at the components of the system and ask what would it [cost] to expand the WLAN, or increase the coverage area, or extend it to another office," Burke says.
Vendors are ready to discount
In evaluating product features against requirements, Burke and Wright each narrowed down a handful of vendors to a couple, which were subjected to more detailed examination in documents and meetings.
In both cases, vendors were required to submit pricing proposals that outlined the cost of the hardware and software components of their proposed package. "They were all dying for (our) business," Burke says. "They (offered) pretty heavy discounts.” Once more, he wouldn't elaborate. However, when Wright conducted the evaluation last summer, he found the smaller vendors were more flexible in pricing than companies like Cisco Systems. Burke, Wright and others say now is a good time for buying WLANs. "The WLAN market right now is favorable for customers," Wright says.
Beware the extra strain on your network.
By John Cox, Network World
To know if you're getting what you pay for in a wireless LAN switch, you have to know what you want and what the vendor has.
WLAN switch pricing is quite variable. The products differ widely in terms of the features they have, how well the same features are implemented, the number of WLAN access points they support and which features are standard or optional.
Think of your WLAN purchase as a system, not a box, and price it accordingly. "A lot of people get caught up in what the access point costs or the wireless switch costs," says Joshua Wright, a former network engineer with Johnson & Wales University in Providence, R.I. "They forget that with Vendor A, I (also) have to buy a separate VPN or RADIUS server, but with Vendor B, all this comes in one package."
The university and the trading floor
While at the university, Wright guided the purchase of WLAN switches and access points from Aruba Wireless Networks. He's now director of training at SANS Institute, a computer research and training firm.
Bruce Burke, network manager for Pacific Exchange, an options trading floor in San Francisco, says that some senior managers initially thought he could shop at a local electronics store and pick up a few of the wireless access points aimed at home users. "We're not talking about a little office switch deployment," he says. He spent time educating management about what was needed for a WLAN that would be reliable enough for the Exchange.
The decision cycle at Pacific Exchange took about three weeks last fall for the relatively small deployment of two Airespace switches for redundancy and 10 access points. But it took about three months at Johnson & Wales because the university was looking for a set of products that could be deployed on a larger scale, and to at least a half dozen remote campuses across the US - and more in the future.
Pacific Exchange had suffered from an existing WLAN that kept crashing the critical trading applications (see this feature for a description of Pacific's migration). Coverage was spotty because of architectural issues, including reflective surfaces and a range of building materials. An analysis convinced Burke that the new WLAN needed mountings that could accept different types of antennas, and radio management features, to adjust the radio signal strength of each access point.
Johnson & Wales had a wide range of requirements befitting a large-scale deployment. One of the most important was the support for Layer 3 roaming – allowing a user to move from one WLAN subnet to another without having to change IP addresses. The school also needed support for several security technologies: 802.1X authentication, VPNs and captive Web portals.
Watch for hidden costs
The requirements then guided both organisations through the evaluation of product features. They were especially useful in figuring the real cost of a WLAN deployment.
"What surprised us was how much the total solution cost us overall," Wright recalls. However, he declined to discuss that figure.
The cost of the hardware and software products are only part of the overall cost of your WLAN deployment. There are many hidden costs of tying a WLAN to existing authentication, security and administration systems.
"If you have a separate (WLAN) network management system, you have to set it up and configure it," says Matt Dillon, principal consultant with INS, an IT services and integration company. "Then you have to integrate it with your security access system, which is a lot of administrative time."
WLAN means more load on remote access
One INS customer had a remote-access control (RAC) system that worked fine for about 100 users. A proposed enterprise WLAN jumped the number of RAC users to more than 500, so the customer had to spend tens of thousands of dollars to replace the existing RAC system to handle the higher level of authentication processing.
Installation including Ethernet cabling can cost US$75 to $150 per access point, Dillon says. He says a thorough site survey is essential. Technical support capabilities and costs, and other issues such as a vendor's financial stability and product road map, are other variables to consider.
"You need to look at the components of the system and ask what would it [cost] to expand the WLAN, or increase the coverage area, or extend it to another office," Burke says.
Vendors are ready to discount
In evaluating product features against requirements, Burke and Wright each narrowed down a handful of vendors to a couple, which were subjected to more detailed examination in documents and meetings.
In both cases, vendors were required to submit pricing proposals that outlined the cost of the hardware and software components of their proposed package. "They were all dying for (our) business," Burke says. "They (offered) pretty heavy discounts.” Once more, he wouldn't elaborate. However, when Wright conducted the evaluation last summer, he found the smaller vendors were more flexible in pricing than companies like Cisco Systems. Burke, Wright and others say now is a good time for buying WLANs. "The WLAN market right now is favorable for customers," Wright says.
Five key virtual-machine management questions
Operating Systems and Servers How-Tos
December 07, 07
Five key virtual-machine management questions
Here's what needs to be addressed to make VM management workable in a large deployment
By Tom Henderson, Network World
Virtual machines are hot, and their proliferation is spinning out of control. Why the virtual-machine rush? Easy: The "one operating system, one hardware host" rule is passé now that virtual-machine software lets companies stretch their hardware resources as far as their CPU capacity can take them.
But they all need managing. So we've identified five areas that need to be addressed to make virtual-machine management a workable venture in a large deployment:
1. How are versions of virtual-machine snapshots of images tracked?
The 'snapshots' of images (including virtual-machine guest-operating-system states) must be tracked in terms of where they sit on the network, how they are being used and their appropriate fix and patch status.
A popular use of virtual-machine technology is wrapping guest operating systems (with applications) into ISO or other mountable images that subsequently can be deployed in arrays of servers as virtual guests.
It can be critically important to make sure the images contain dependency modules and patches and fixes, and are otherwise in revision synchronisation with each other, as well as with corporate-update policy.
2. How are moves, adds and changes administered?
Virtualisation implies mobility for hosts, guest operating systems and the applications that run on them. Because virtual machines are built to house numerous guest operating systems per host, moves, adds and changes will occur to guest operating-system or application instances.
Keeping track of these developments is necessary, as is tracking host or neighbouring-guest resource use and performance.
Although each virtual-machine product vendor tracks performance and keeps statistics for location and performance control, heterogeneous guest hosts coupled to volatile guest operating systems and applications can present challenges to administrators auditing guests, applications and behaviour.
3. How are virtual-machine and application dependencies kept in check?
One of the benefits of a virtual machine environment is an agility that lets virtual-machine-supported applications be moved from one host hardware platform to another.
To facilitate this movement, IT administrators will need to understand application availability on moved instances and on the dependency synchronisation that is required among related processes. An example of these dependencies might be world-facing Web hosts that need back-end database accessibility; move one, and DNS, routing, and/or authentication settings may need to be changed.
Other stories on this topic
4. How are user and administrative roles managed across virtual machines?
As virtual-machine guest operating systems and applications become abstracted from specific hardware environments, image identity and secure authentication become very important.
Administrative controls are needed from the point of building virtual-machine components through to making configuration changes, tweaking tuning parameters and accessing the virtual-machine infrastructure. Virtual machines can be moved readily from hosts to other virtualised hosts with ease.
To stop image theft, alteration- and system-configuration-auditing controls come into play.
Most organisations use hierarchical management policies to provide varying degrees of administrative control over hardware, virtual machines, guest operating systems and the applications running on servers. These varied types of access must be managed and an audit system put in place to track all activity.
5. What forensics is available to help determine why a virtual machine went down?
Any time a virtual machine, guest operating system or virtual-machine-hosted application behaves badly, it becomes important for IT not only to know about the event, but also to understand the forensic information about the conditions leading up to the misbehaviour.
Location, settings, guest-operating-system and application activity, and other characteristics may play an important part in providing a quality feedback loop for forensics and decision support, as well as for help-desk control and audit purposes.
December 07, 07
Five key virtual-machine management questions
Here's what needs to be addressed to make VM management workable in a large deployment
By Tom Henderson, Network World
Virtual machines are hot, and their proliferation is spinning out of control. Why the virtual-machine rush? Easy: The "one operating system, one hardware host" rule is passé now that virtual-machine software lets companies stretch their hardware resources as far as their CPU capacity can take them.
But they all need managing. So we've identified five areas that need to be addressed to make virtual-machine management a workable venture in a large deployment:
1. How are versions of virtual-machine snapshots of images tracked?
The 'snapshots' of images (including virtual-machine guest-operating-system states) must be tracked in terms of where they sit on the network, how they are being used and their appropriate fix and patch status.
A popular use of virtual-machine technology is wrapping guest operating systems (with applications) into ISO or other mountable images that subsequently can be deployed in arrays of servers as virtual guests.
It can be critically important to make sure the images contain dependency modules and patches and fixes, and are otherwise in revision synchronisation with each other, as well as with corporate-update policy.
2. How are moves, adds and changes administered?
Virtualisation implies mobility for hosts, guest operating systems and the applications that run on them. Because virtual machines are built to house numerous guest operating systems per host, moves, adds and changes will occur to guest operating-system or application instances.
Keeping track of these developments is necessary, as is tracking host or neighbouring-guest resource use and performance.
Although each virtual-machine product vendor tracks performance and keeps statistics for location and performance control, heterogeneous guest hosts coupled to volatile guest operating systems and applications can present challenges to administrators auditing guests, applications and behaviour.
3. How are virtual-machine and application dependencies kept in check?
One of the benefits of a virtual machine environment is an agility that lets virtual-machine-supported applications be moved from one host hardware platform to another.
To facilitate this movement, IT administrators will need to understand application availability on moved instances and on the dependency synchronisation that is required among related processes. An example of these dependencies might be world-facing Web hosts that need back-end database accessibility; move one, and DNS, routing, and/or authentication settings may need to be changed.
Other stories on this topic
4. How are user and administrative roles managed across virtual machines?
As virtual-machine guest operating systems and applications become abstracted from specific hardware environments, image identity and secure authentication become very important.
Administrative controls are needed from the point of building virtual-machine components through to making configuration changes, tweaking tuning parameters and accessing the virtual-machine infrastructure. Virtual machines can be moved readily from hosts to other virtualised hosts with ease.
To stop image theft, alteration- and system-configuration-auditing controls come into play.
Most organisations use hierarchical management policies to provide varying degrees of administrative control over hardware, virtual machines, guest operating systems and the applications running on servers. These varied types of access must be managed and an audit system put in place to track all activity.
5. What forensics is available to help determine why a virtual machine went down?
Any time a virtual machine, guest operating system or virtual-machine-hosted application behaves badly, it becomes important for IT not only to know about the event, but also to understand the forensic information about the conditions leading up to the misbehaviour.
Location, settings, guest-operating-system and application activity, and other characteristics may play an important part in providing a quality feedback loop for forensics and decision support, as well as for help-desk control and audit purposes.
Subscribe to:
Posts (Atom)