31. UTM : New generation network protection
32. Performance-Maintenance Theory in Leadership
33. USB 3.0, the new standard of USB
34. The Next Standard Coming After 10G-Ethernet
35. Zend Framework for PHP
36. The Trend of Computer Viruses
----------------------------------------------------------------------
31. [Tech Info] UTM : New generation network protection
----------------------------------------------------------------------
Is your organization network protected by a firewall? A firewall is
definitely necessary security equipment for protecting an organization
network. Firewall technology has developed further more into a new
technology called UTM (United Threat Management).
[What is UTM?]
In 1990s, introduction of firewall was a main security
countermeasure, and various types of firewall products were
developed. When a firewall was firstly developed, main purpose of it
was access control between different networks to prevent
unauthorized intrusion. As threats became more complicated in
accordance with the explosive spread of the Internet, IDS (Intrusion
Detection System) and gateway-type Anti-Virus software were
introduced. But those were separately developed by venders. If these
solutions can be unified, users get benefit, like easy management,
less cost, etc. Now, there comes a user's need to unite security
products. The united security products are called UTM.
[Merit of UTM]
In addition to firewall function, a UTM product has functions of
IDS, Anti-Virus, URL filtering and Anti-spam. UTM provides all of
these functions on a single platform. A merit of UTM is elimination
of system complication (no need to consider compatibility), easy set
up, low management cost, easy troubleshooting and so on.
[Available UTM products]
There are three types of venders who currently provide UTM
products. (a) firewall venders, such as "Check Point Software
Technologies Ltd," (b) Anti-Virus venders, such as "Symantec
Corporation," (c) venders who targets UTM from the beginning, such
as "Fortinet Inc." (a)'s UTM products have advantage in firewall
functions (access control is fast, abundant items can be specified
to filter, etc). (b)'s UTM products have advantages in Anti-Virus
functions (many virus definition patterns, capability to deal with
unknown viruses). When you choose a UTM product, it is important to
take your organization's budget, scale, facing security problems,
etc. into account.
[Considerations about UTM]
When you introduce UTM products, you should consider the
following. First thing is redundancy. If a UTM gets down, entire
network will be isolated, because every security function is united
in a UTM product. Therefore, it is important to consider redundancy
of UTM. Second one is performance. Since various functions are put
into a UTM, a load is heavy and high performance is required. Due to
this limitation, current market mainly targets middle or small scale
organizations whose budget and human resources are limited. Large
scale organizations hesitate to introduce UTM and continue to use
different specific servers for each function. Now venders are in a
hurry to develop a UTM product with high performance and redundancy.
If your organization has not introduced a firewall yet or is annoyed
with complicated threats which your firewall cannot block, why don't
you consider introducing a UTM product? But don't forget the points
above!
----------------------------------------------------------------------
32. [Tech Info] Performance-Maintenance Theory in Leadership
----------------------------------------------------------------------
In OIC, you learned "Leadership". Do you exercise leadership skills?
Today I would like to introduce one of leadership theories called
"Performance-Maintenance theory", or "PM theory" in short.
PM theory, proposed by Dr. MISUMI Jyuji in 1984, focuses on two major
abilities in leadership. One is "Performance", ability to improve
productivity; the other is "Maintenance", ability to build teamwork or
good human relation. In this theory, we represent high ability using
capital letters (P and M) and low ability using small letters (p and
m). There are four combination patterns: PM, Pm, pM and pm, each of
which is characterized below:
PM: able to achieve results and build a good team (ideal leadership)
Pm: able to achieve results but lose trust of members, or members
are exhausted
pM: able to get members confidence but not able to achieve results
pm: neither able to get members confidence nor bring results (not a
qualified leader)
When you focus on communication or motivation in a team, the order of
effectiveness of leadership style is: PM > pM > Pm > pm (PM is the
highest, pm is the lowest).
When you focus on performance or results in the short term, the order
is
PM > Pm > pM > pm.
However if you see it in the long term, the order is PM > pM > Pm > pm.
Therefore you should give not only whipping, but also make
consideration to members' feelings.
There are some tips to improve these abilities. To improve
"Performance" ability, you should
- set up clear objectives and action plan,
- give specific orders not vague orders, and
- utilize PDCA cycle (Plan, Do, Check, Act) You learned these skills
through OIC subject "action plan".
To improve "Maintenance" ability, you should
- use coaching skills (pacing, acknowledgement etc.), and
- use facilitation skills and make members commit to their job
PM type is always the best. Please take good balance between
"Performance" and "Maintenance" to get the fruitful outcome.
----------------------------------------------------------------------
33. [Tech Info] USB 3.0, the new standard of USB
----------------------------------------------------------------------
How many USB(Universal Serial Bus) devices do you have? I guess you
have a lot. Nowadays USB becomes very popular interface of PC. For
example, you can copy files with USB flash memory. You can transfer
digital camera data by USB cable. You can even charge an iPod battery
through USB port.
The current version of USB interface is 2.0 and it is called "High
speed USB." Its transfer speed is 480Mbps. Suppose you transfer 60MB
file, it takes one second, and theoretically ten seconds for copying
full data of a CD-ROM. And it has a function called "PLUG & PLAY"
which makes it possible to work immediately after connecting a device
using USB.
The "USB 3.0 Promoter Group" was formed with Intel, Hewlet-Packard,
Microsoft, NEC, NXP Semiconductors and Texas Instruments. The group
aims to establish a new standard of USB, the "USB 3.0", called "Super
Speed USB."
The transfer speed of USB 3.0 will be ten times faster than current
USB. It will take only a second to transfer a full data of CD-ROM in
theory. USB 3.0 will maintain backward compatibility such as "PLUG &
PLAY" or Power-Supply function.
If you want to bring out full performance of USB 3.0 however, you need
both of PC which has USB 3.0 port and USB 3.0 devices.
For more information, please visit
http://www.intel.com/pressroom/archive/releases/20070918comp.htm
----------------------------------------------------------------------
34. [Tech Info] The Next Standard Coming After 10G-Ethernet
----------------------------------------------------------------------
"Ethernet" is a standard of data link layer originated in 1970's and
is under development/update in even today. Thanks to many people's
effort, now we can use 10G-Ethernet even in our usual LAN environment
(10G: 10 giga bits per second). For an average user, the speed of
"10G" is more than enough, but for ISPs (Internet Service Providers)
and server companies, "10G" is NOT enough. Now the IEEE802.3*
committee struggles to develop a new standard coming after
10G-Ethernet.
In July 2007, they mostly decided the specification and announced
it. I would like to introduce you such information briefly below.
* The IEEE 802.3: Working Group that develops standards for Ethernet
based LANs
Nowadays, people enjoy downloading files such as music, chatting with
moving pictures through the Internet. The traffic of the Internet has
been increasing drastically and ISPs and companies providing internet
servers strongly need much higher speed Ethernet. So far, 10G-Ethernet
has been mainly used for the ISP backbone network to connect network
devices and for the backplane network to connect multiple ISP servers,
especially, to connect among blade servers in the ISP. Until a few
years ago, "10G" was not so slow for such usage. But now the situation
has changed. ISPs and the server companies need to use higher speed
lines for themselves. ISPs need at least "100G" to increase line speed
in their backbone network, even if it takes much time to achieve
it. On the other hand, for server companies, it is not so good to wait
long time for "100G". They need to use higher speed lines than
10G-Ethernet as soon as possible, even if the speed will be slower
than "100G". So far, "two groups" have had many discussions to settle
down this issue.
Eventually, the IEEE802.3 committee almost has decided the next
standard coming after "10G-Ethernet". It will be standardized in
"IEEE802.3ba". (Don't confuse with "IEEE802.3ab".) The maximum speed
of the IEEE802.3ba is decided to both 100giga bit per second
(100G-Ethernet) and 40Giga bit per second (40G-Ethernet). According to
"the past rule", the speed would have been 100Giga bit per second. But
it is now clear that the technique of 100G-Ethernet including network
aggregation points would be the best suite for backbone network and
the technique of 40G-Ethenet, such as host bus interfaces, matches for
servers more than 100G-Ethernet.
The major characteristic of the 100G-Ethenet/40G-Ethernet is the
following.
A) 100G-Ethernet:
Maximum line speed: 100Giga bit per second
Maximum length between devices: 40 kilo meter
Main usage: To increase the speed of ISP's Backbone network
B) 40G-Ethernet
Maximum line speed: 40Giga bit per second
Maximum length between devices: 100 meter
Main usage: To connect among several blade servers for higher
data transmission.
We might see this new standard, 100G-/40G-Ethernet in 2010. After some
leading companies such as ISPs and server companies (vendor) implement
it to their systems, this new standard will be used in average users
such as governments and private companies.
The innovation of the new technologies will and should last forever.
For more information: http://www.ieee802.org/3/ba/index.html
----------------------------------------------------------------------
35. [Tech Info] Zend Framework for PHP
----------------------------------------------------------------------
Overview:
Zend Framework (ZF) is a Model-View-Controller (MVC) framework for
PHP5 developed by PHP Collaboration Project. Although there are some
PHP frameworks, e.g., Symfony, Mojavi, and Ethna, there is no standard
one like "Struts" in Java. Since the project is mainly supported by
Zend Technologies Ltd. who significantly encourages advancement of
both the PHP language and its community, ZF is expected to be a
standard framework and a best practice for PHP web application
development.
Advantages of Zend Framework:
- MVC Framework
ZF implements a Front Controller pattern in an object oriented
programming MVC framework. Since the framework will reduce
programmers' burden to control flow of programs, they will be able
to concentrate on a development of application parts. Besides, it
will make PHP code more reusable and maintainable by separating
business logic from user interface design.
In this framework, the front controller receives a user request, and
it is processed according to the following procedure using a class
library that is called "Component".
(Use a monospaced font to show this diagram normally.)
Front Controller
+------+ +--------------+
| | URL| +----------+ | +----------+ +-------+ +--------+
|Client|----->| Router | | | |<-->| Model |<-->|Database|
| | | +----------+ | | Action | +-------+ +--------+
| | | |Dispatcher|--->|Controller| +-------+
| | | +----------+ | | |<-->| View |
| | +--------------+ +----------+ +-------+
| | |
| |<--------------------------+
+------+ Response
1. A Router decomposes a URL to acquire an Action Controller name
and an Action name, and forwards them to a Dispatcher.
2. The dispatcher calls the action in the action controller based on
the received names.
3. The action retrieves data from database through a Model or calls
a View to display information on the client's browser.
- Database Support
ZF provides PDO-based components to simply access multiple brands of
RDBMS. Databases supported include IBM DB2, MySQL, Microsoft SQL
Server, Oracle, PostgreSQL, and SQLite. PDO (PHP Data Object) is a
database-independent object oriented interface. Please refer to the
News Letter Issue 028 to get further information on PDO.
- Useful Set of Components
ZF provides many components to develop common applications quickly,
easily, and securely. For example, solutions for email, session,
authentication, input validation, logging, and web service are
included. These components can be used and extended independently
due to loosely coupled design even if users don't use the MVC
framework.
- New BSD License
ZF is licensed under the business-friendly BSD License. It enables
users to include the framework code in their own commercial web
applications without any constraints on use.
Why don't we develop modern web applications and web services using
this powerful high-quality open-source framework after learning object
oriented programming in PHP5?
Zend Framework Web Site: http://www.zendframework.com/
How to Install:
http://www.zendframework.com/manual/en/introduction.installation.html
Guide for Quick Start:
http://www.zendframework.com/manual/en/zend.controller.html#zend.contr
oller.quickstart
Other Deliverables of PHP Collaboration Project:
-Zend Developer Zone: http://devzone.zend.com/public/view/
-Eclipse PDT project: http://www.eclipse.org/pdt/
----------------------------------------------------------------------
36. [Tech Info] The Trend of Computer Viruses
----------------------------------------------------------------------
What is current trend of computer virus like? Does your organization
take appropriate measures for it? Trend Micro Inc., announced trend
of computer virus of 2007 and forecast of 2008 in January. Let's
overview the contents.
Trend Micro Inc., in its 2007 annual report, has released the number
of infected cases, which was 63,726 in Japan. It decreased by 69
percent compared to 2006. The top 10 species of computer viruses
represented 4.5 percent in all reported number. In contrast, the top
10 species of virus occupied 68.3 percent in 2001.
In 2007, "Malware" (malicious software) has awfully spread. Malware as
typified by "Storm Worm" emerged in January 2007 is usually disguised
as e-mail attachment and spread widely. In addition, companies'
vulnerable web sites were abused to download malware automatically
such as "Fujacks".
How did crackers spread malware? Crackers used to exploit e-mail
attachment to lead users to the malicious website and let them
download malware. Since users noticed e-mail attachments were not
reliable, crackers switched to directly describe URL of the malicious
website in the many body of emails. Crackers also use document files
such as ".doc", that user frequently uses in daily life. This method
had been popular before, and it gained popularity again in 2007.
Moreover, new type of crime that cracker sells fake security software
which had no effective function and earn money has emerged. In
addition, since computer virus has spread via website, even Mac or
Linux has become targets of computer viruses. Not only OS but also
minor applications such as Japanese writing software were targets.
Summarizing 2007, it was the year of malware sophistication, cracker
used their brain to create new types of computer viruses. The number
of each virus spread was small, but the number of species was big. We
have learnt that viruses would infect computer via e-mail in most
cases, but this is not true any more.
In response to the trend of 2007, it is predicted that organizations'
web sites and particular application or OS will be targeted more in
2008, and cracker will combine existing infection methods, and make
sophisticated and complex of computer viruses.
Therefore, in order to prevent infection of sophisticated computer
virus, it is important for organizations to take not only fundamental
measure, such as updating the pattern file, but also to grasp current
situation, and review existing policies, conduct timely and clear
education to the end user. Conducting PDCA (Plan-Do-Check-Act) cycle
continuously and reviewing security policy would be vital issue.
References:
http://www.ipa.go.jp/security/english/virus/press/200701/E_PR200701.html
http://jp.trendmicro.com/jp/threat/security_news/monthlyreport/article/20080
108011916.html (Japanese Only)
0 comments:
Post a Comment