Die, VPN! We’re all “telecommuters” now—and IT must adjust

Posted on by

They can’t get the passcode into your cloud resources, and they don’t have the ability to generate the passcode. You don’t have to go that far, of course, but the point is that if there’s no local data on the device in normal use, there’s no local data on the device that can be stolen.

via Die, VPN! We’re all “telecommuters” now—and IT must adjust.

Here are a couple of interesting comments covering both sides of this issue:

m00dawg | a day ago | permalink
That is some awfully biased hate for VPN. Setting up VPN is easy. Easier in OS X. What is complicated is having to manage everyone’s dynamic IPs to prevent access to our internal only services. You know what solves that? VPN.This article seems obnoxiously biased and opinionated and written with tunnel vision perspective with the assumption that all IT departments operate the same way (they don’t).

fbar | a day ago | permalink
I work in a large IT org in a large company. THis issue keeps creeping up all the time. I think most end users just really want access to email, ccontacts, calender and IM – this tends to cover at least 80% of the use cases. This can be done with a digital cert and loginid/password – without installing a VPN client. It took a while to convince the security group to do this. Full layer 3 routing access to the network should be for sensitive apps like SAP, etc. Sadly though most IT departments will continue to drive that square peg into that round hole.Hey, IPV6 will solve all our problems. LoL 🙂

How is SSL hopelessly broken? Let us count the ways

Posted on by

SSL made its debut in 1994 as a way to cryptographically secure e-commerce and other sensitive internet communications. A private key at the heart of the system allows website operators to prove that they are the rightful owners of the domains visitors are accessing, rather than impostors who have hacked the users’ connections. Countless websites also use SSL to encrypt passwords, emails and other data to thwart anyone who may be monitoring the traffic passing between the two parties.

It’s hard to overstate the reliance that websites operated by Google, PayPal, Microsoft, Bank of America and millions of other companies place in SSL. And yet, the repeated failures suggest that the system in its current state is hopelessly broken.

via How is SSL hopelessly broken? Let us count the ways • The Register.

One Smart Phone, Two Personalities

Posted on by

“People want to use their own smart phones and tablets for work, but that practice can create major headaches for businesses’ IT departments,” says Chris Hill, part of AT&T’s Advanced Mobility Solutions group. “Toggle helps resolve the issue in a simple, affordable manner.”

via One Smart Phone, Two Personalities – Technology Review.

No doubt someone will get a patent for this — for multiple users on a single device — something that has been going on since the first mainframe.

XenServer for XenDesktop – How many network cards do I need?

Posted on by

Now, what about throughput? The host’s networking resources are shared amongst the virtual desktops it supports and users will suffer from poor performance if there’s insufficient bandwidth available. As such, consider routing virtual machine traffic over an SLB bond so that it’s automatically load balanced across two NICs. Virtual machine traffic is load balanced by MAC address and rebalanced every ten seconds. Failover support is provided for all other traffic types, including management and IP-based storage traffic. The load balancing algorithm associates traffic from each virtual interface to one of two NICs in the bond. It’s important to understand that it doesn’t allow a single virtual interface to utilize both NICs in the bond simultaneously.

via Open Source Rack » XenServer for XenDesktop – How many network cards do I need?.

I can see this getting complicated fast.  XenDesktop seems to use a lot of network bandwidth.  Someone must have done a study on this.  Thin clients have been a marque product for the last couple of decades.  Wouldn’t it be nice if our clients didn’t have a hard drive — as if merely eliminating a hard drive would eliminate all IT support for that device.

Todo: Get XenDesktop running and do some tests and estimations.

The Death of the PC

Posted on by

The head of computer operations for Reed Specialist Recruitment, an employment service with operations on three continents, Whetstone recently upgraded his company’s 6,000 desktop computers. Chief information officers order new Dells or HPs all the time. But the computers Whetstone brought in for his employees aren’t the traditional metal boxes that sit next to desks or under monitors. They are “virtual” computers. Each employee has a keyboard and a screen, but the processors making the calculations and deciding what color goes in each pixel are far away, inside a big computer at Reed’s main data center in London.

via The Death of the PC – Forbes.com.

This is dated (12/28/2009) but interesting nonetheless.   Thin clients never quite die either.  🙂

ISC Diary | What’s In A Name?

Posted on by

This nightmare scenario is, unfortunately, reality for at least 50 organizations – ones that I’ve been able to uncover – and I’m certain that there are many, many more. Each of these organizations has been a victim of a malicious alteration of their domain information – an alteration that added new machine names to their existing information, and allowed bottom-feeding scam artists to abuse their good reputation to boost the search-engine profile of their drug, app, “personal ad,” or porn sites.

via ISC Diary | What’s In A Name?.

File Sync & Online Backup

Posted on by

File Sync & Online Backup – Access and File Sharing from Any Device – SugarSync.

The most popular plan is the 100GB for $150/year which comes to $1.50/GB/year.  It costs around $0.18/GB to transmit and receive in BW costs based upon various datacenter estimates  YMMV.  The max, 250GB is $1/GB.  Thus, a 1T storage requirement would probably be maybe $500/year?  That’s just for storage.

Assuming a roundtrip for all data, bandwidth costs can approach $0.35/GB or close to 35% of the yearly cost for the 250G plan and %70 of the yearly cost on my mythical 1T plan.

Cloud Storage Providers

Posted on by

Rackspace “Cloud Files™” is among the most popular and simplest cloud storage solution offered today. Cloud Files™ enables its users to have the ability to store unlimited files and media for content delivery at blazing fast speeds on its Limelight CDN Content Delivery Network. Some of the advantages of Rackspace CloudFiles™ include:

  • Rackspace is the largest retail cloud storage provider today.
  • Best technical support in the industry 24×7 365 days a year.
  • Use as much or as little storage as you need.
  • No minimum contract or commitments. Access your files from anywhere. High performance unlimited cloud storage for as little as 15¢/GB.

via Cloud Storage Providers.

Another shoutout to Rackspace….