... and threaten the Internet's system of trust among networks. Malware malcontents, especially spammers, are temporarily stealing IP addresses from their rightful domains and using them as their own for as little as five minutes but as long as a day. Dave Rand, chief technologist for Internet content security at Trend Micro Inc.'s U.S. operations in Cupertino, Calif., argues that these illegal exploits threaten the basic trust system among the 22,000-plus networks that make up the Internet. Spammers exploit the Border Gateway Protocol's method for presenting the unique addresses on each network by nabbing bunches of them and temporarily assigning them to their own routers -- an attack called a BGP injection. "There's no central source monitoring all of the address blocks on the Internet," Rand says. "The only telltale sign that your addresses have been hijacked is that traffic on the network [from which they've been stolen] is reduced." Not that long ago, the price of a router required to pull off the crime made BGP injection exploits cost-prohibitive. "Now you can get one on eBay for 150 bucks," Rand points out. What's most dangerous, he says, is that while spammers have a hold of your IP address, they aren't merely using it to send spam -- they are your address. Privileged information coming to that IP location is now in their hands. The ramifications, of course, are unsettling. Rand says Trend Micro is working on a protection scheme. But right now, he warns, there isn't a darn thing you can do.
Encrypt everything, everywhere, and ...
... do it all the time. Jim Greenway, vice president of marketing at Array Networks Inc. in Milpitas, Calif., says users of his company's SPX line of SSL VPN appliances no longer just scramble data for remote workers and road warriors, or those using wireless LANs. Customers also are applying encryption policies for users on wired LANs, Greenway says. "They want ubiquitous security," he notes. To help support the growth of encryption, Array is doubling the number of virtual private network portals available on the SPX devices to 256 as part of a software upgrade due next week. Pricing for the appliances starts at US$6,000.
Corporate blogs may imperil ...
. . . knowledge management systems. Well, maybe "knowledge management with a small 'k,'?" suggests Robin Hopper, CEO of iUpload Inc. in Burlington, Ontario. The company's Enterprise Blogging Suite 2.0 software, available today, gives you a slew of policy options for managing blogs, down to a specific blog post. The new version is linked to CRM systems like Salesforce.com , so you can automatically push relevant blog info to customers and partners. Hopper says the 2.0 release also lets you "wikify" a blog post so others can expand, modify and correct information. Ultimately, he thinks, corporate blogs will not be about content from individuals, but about an organization's subject- specific knowledge. That might even free IT from supporting knowledge management systems with a capital K. Subscription pricing starts at $1,250 per month.
Management tool for data centers ...
... moves to open-source, then will go proprietary again. Qlusters Inc. in Palo Alto, Calif., this week will unveil openQRM, its open-source systems management software for Linux servers. Until now, the company has sold the tool as proprietary technology. CEO Ofer Shoshan says the software can manage up to 5,000 systems and lets you establish policies to automatically provision Intel-based servers with Linux and applications. William Hurley, chief technology officer at Qlusters, claims that most provisioning of Linux systems is done with homegrown scripts, which become problematic once you get beyond 100 servers. Next summer, Qlusters will release Enterprise QRM, a proprietary version that will add features not available in the open-source edition. You can get openQRM service and support from Qlusters starting at an annual fee of $750 per server.
Virtualize all of your apps in the ...
... Linux, Windows and now Solaris worlds. And you don't need agent code running on your systems. That's the promise Bill Coleman, CEO of San Jose-based Cassatt Corp., makes about his company's Collage tool. Coleman says Collage 3.2 lets you set policies for application service levels instead of tying applications to a specific machine or cluster. "You can scale up or out, based on utilization and quality-of-service needs," he says. Collage strips away elements that bind applications to a given machine and monitors the apps to ensure that their performance meets service-level agreements. The new release includes support for Solaris on Sparc and adds policy tools for Web services. An average deployment costs $100,000.