Special Edition Lippis Report on Network Security, Issue 1: Network Security 2.0: A Systems Approach to Threat Mitigation Emerges

May 27th, 2008

The conventional wisdom in IT threat mitigation is to build a layered "œdefense in-depth" approach with security technology such as firewalls, IPS, network access control, anti-x client software, alarm aggregation and event correlation, etc. And while the layered approach to defense is a useful threat mitigation strategy, the threat landscape has changed, forcing conventional wisdom to shift toward a systems approach to protecting corporate assets.

Fred KostNetwork Security 2.0: Layered Security or Systems Approach?

Listen to the Podcast

Read the rest of this entry »

Internet Content Provider Safeguards Customer Networks and Services

Get the White Paper

May 27th, 2008

By Cisco and Synacor

Synacor used Cisco network infrastructure and security solutions to enhance network protection and streamline compliance. Fast-growing Internet businesses cannot afford network failures or security breaches. This is especially true for Synacor, a leading technology company that advances the delivery of meaningful content and technology solutions for multiple system operators (MSOs), telecommunication companies, and Internet service providers (ISPs) around the globe. Through Synacor's private label portals, subscribers can access a broad range of published and premium content, including entertainment, education, and family-oriented offerings from their homepages.

Today, through its service providers, Synacor's products and services reach more than 20 million broadband subscribers worldwide. With Synacor's business built around Internet products and services, network security is essential. The company must meet strict service uptime agreements and cannot afford to have its back-office assets or production networks disabled by a network attack. Additionally, as the company's business evolves, its security exposure has evolved as well.

"œAs we move to higher band-width media, movies, and especially gaming services, we are opening ourselves up to more threats," says Adam Howell, Director of Network Engineering and Systems Operations for Synacor. "œOne of our new accounts launching in 2007 will support more than one million subscribers right out of the gate and host a million e-mail accounts at our headquarters. We need to help ensure that there is no disruption or service degradation because of an attack on our network."

Synacor has heightened internal compliance standards. The company continues to be indirectly and directly involved in content sales, and with this enhanced activity maintains the protection of credit card information and complies with the Payment Card Industry (PCI) data security standard. As the company and systems grow and develop, Synacor's IT team is committed to making the technical infrastructure compliant with the U.S. Sarbanes-Oxley Act governing financial and accounting disclosure.

Leading Psychiatric Hospital Safeguards Key Healthcare Data

Get the White Paper

May 27th, 2008

By Cisco and The Menninger Clinic

One of the world's premier psychiatric hospitals for over 80 years, The Menninger Clinic has earned a reputation as a leader in mental health treatment, research, and education. Information technology plays a vital role in supporting Menninger's state-of-the-art treatment programs. The network at its location in Houston serves 400 employees and spans seven buildings on 14 acres. Each building is connected via a fiber-optic backbone to a central server facility on campus that hosts information critical to treatment and hospital management.

Network integrity and security are essential to keeping Menninger's medical operations running. Like most healthcare organizations, Menninger must comply with the Health Insurance Portability and Accountability Act (HIPAA), which establishes stringent regulations for handling and safeguarding patient records. "œOur biggest issue is HIPAA compliance," says Michael Farnum, information security manager at Menninger. "œHIPAA requires that we document any network incidents and report them in a timely manner."
Menninger is a medium-sized psychiatric hospital with an IT staff of six. Manually tracking and reporting the dozens of network events that occurred each day made HIPAA compliance an increasing burden. "œOne of the main issues that I was confronting was simply checking logs and keeping track of all the day-to-day activity on our network," says Farnum. "œI am the only dedicated security person, so it was a huge challenge." Farnum further commented, "œWe depend on our network and servers to support our patient information databases and our medication administration applications. We also depend on our network to document patient care on a daily basis."

Community Bank Secures Data and Streamlines Regulatory Compliance

Get the White Paper

May 27th, 2008

By Cisco and Premier Valley Bank

Premier Valley Bank (PVB) uses a Self-Defending Network and 24-hour monitoring from HEIT to create an adaptable, end-to-end defense system. Protecting against network attacks makes good sense for any business, but for financial services companies, it's not just a good idea"”it's the law. PVB must comply with a broad range of information security regulations from the Federal Financial Institutions Examination Council (FFIEC) and the California Department of Financial Institutions. In periodic audits, PVB must demonstrate that it has deployed strong network defenses and must provide detailed records documenting every security event that the bank encounters, as well as the response. Although PVB's previous network security solutions provided an acceptable level of protection, the reporting capabilities were sorely lacking, making preparations for regulatory audits a time-consuming, cumbersome task.

Building a Safer, Smarter State Government

Get the White Paper

May 27th, 2008

By Cisco and State of Oregon

The state of Oregon is committed to improving the quality of life for all of its citizens. A national model for improving government, the state strives to deliver the highest level of service to its residents. More than 100 agencies are responsible for day-to-day government concerns such as education, public safety, human services, transportation, business, finances, and the environment. Information technology plays a key role in helping all of these agencies work efficiently, collaborate, and respond to constituents. Traditionally, each organization has been responsible for maintaining its own IT environment. Different systems and staff were dispersed across the state, each using its own business approach. However, this model left the state of Oregon vulnerable to network security issues that could bring government operations to a standstill.

University Virtually Eliminates Infections from Internal Users

Get the White Paper

May 27th, 2008

By Cisco and Virginia Commonwealth University

Securing a network for any large organization is fraught with challenges. In a university environment, however, where the need for security must be balanced with the need for academic freedom, those challenges can be even more complex. "œOur security environment is very dynamic," says Mark Willis, chief information officer for Virginia Commonwealth University (VCU), a Richmond, Virginia-based university with 32,000 students and 10,000 faculty and staff. "œAt a regulatory level, we have increasing requirements to secure our networks and data. That is almost an anathema to an academic environment, which, by its nature, needs to be very open. We struggle to balance these needs and protect our assets from security risks."

The VCU network is far-flung and complex. The university stretches across two campuses, encompassing more than 140 buildings, 1800 network switches, more than 500 servers, and more than 42,000 users. Portions of the network connect with a large regional medical campus, meaning that many network segments must comply with strict data security regulations such as the Health Insurance Portability and Accountability Act (HIPAA) and industry requirements such as protection of copyrighted materials. In addition, several areas of the university deal with credit card transactions and must meet Payment Card Industry (PCI) requirements. Although the university had long employed strong perimeter security, mitigating the risk from internal threats was a constant challenge.

Network Security 2.0: Layered Security or Systems Approach?

Listen to the Podcast

May 27th, 2008

Fred KostThe conventional wisdom in IT threat mitigation is to build a layered defense with security technology such as firewalls, IPS, network access control, anti-x client software, alarm aggregation and event correlation, etc. Conventional wisdom is starting to shift toward a systems approach to protecting IT assets. The layered approach was built upon deploying best-of-breed products, which were best-of-breed only until other products emerged and relegated them to either stand-alone appliances and/or loosely coupled silos such as the linking between IPS and firewalls. The systems approach builds upon IT security investment by wrapping it with System Management for policy, reputation and identity that transcend end-pointss, networks, content and application security. Fred Kost, Cisco's Director Security Marketing is my guest as we explain the new IT security model and provide IT leaders with guidance on building a more secure IT infrastructure.

Lippis Report Issue 106: Network Design Features Needed To Support IP Video

May 19th, 2008

There are multiple forms of IP video including real-time and non-real-time. Non-real-time or stored IP video is increasingly searched and consumed via browsers, smartphone/Iphone plug-ins such as Apple's QuickTime or Microsoft's Windows Media Player. As for real-time video applications, there are a range of business functions and usage scenarios which drive their use. Business functions include corporate communications, customer and consumer communications and business operations. Usage scenarios may include company messaging, team collaboration, training, marketing and advertising, collaboration support, presentation delivery, physical safety and security as well as sales and customer satisfaction. To address these functions and scenarios the following IP video communication applications are often put to work:

Guest SpeakerAdena Health System Gains Strategic Value Though IP Video

Listen to the Podcast

imageBest Practices To Balance Network Total Cost Of Ownership

Listen to the Podcast

Read the rest of this entry »

Adena Health System Gains Strategic Value Though IP Video

Listen to the Podcast

May 19th, 2008

Jeff KaplanMarcus Bost, Chief Information Officer, Adena Health System is my guest as we discuss how Adena is using IP Video to provide neonatal care to its patients in southern Ohio linked to the largest US Neonatology center at Nationwide Children's Hospital 70 miles away. Adena pediatricians are now able to collaborate with Nationwide Children's neonatology experts in full high definition real time IP video to assess and diagnose infants, review CT scans, X-rays and consult with Adena pediatricians on treatment plans. Mr. Bost discusses the above project from both a human condition improvement and economic perspective. We end the talk with a discussion on network readiness and future IP video plans at Adena Health System. If you're developing an IP Video plan then you need to listen to this podcast.

Best Practices To Balance Network Total Cost Of Ownership

Listen to the Podcast

May 19th, 2008

Jeff KaplanTotal cost of ownership (TCO) is always a difficult metric to measure. So many business and IT leaders focus on purchase price or product acquisition without giving full attention to operational and facilities cost, which dominate network TCO. Conventional wisdom is that for LAN and WLAN switching acquisition cost represents between 20 to 25% of TCO with operational and facilities spend representing between 75 to 80% over a 3-year period. So the question is what can IT leaders do to optimize TCO and bring balance to network acquisition and operations? Scott Lucas, Senior Director of Solutions Marketing for Extreme Networks is my guest as we discuss best practices to balance TCO.

Wiring Closet Switches Enable New Applications and IT Services: Intelligence Enters Network Access

Get the White Paper

May 19th, 2008

By Nicholas John Lippis III

Wiring closet switches are undergoing a renaissance of sorts. Once thought of as commoditized simple network connectivity devices, they are now central to network security, mobility, Power over Ethernet (PoE) distribution, IP phone and UC connection devices, et al. Wiring closet switches are pervasive as they connect all end-points into an enterprise network, distributing network services throughout a corporation. Previously acquisition cost might have been the primary criteria for wiring closet vendor selection. IT leaders are now rethinking their decision criteria as network intelligence and services have shifted toward network access, enabling unified communications, integrated security, wireless LAN access, application delivery, and high availability to support real time applications and much more. Total Cost of Ownership (TCO) of these switches break down as 20%/80% capital/operational spend resulting in switch design, network management plus reliability and serviceability features possessing a demonstrable effect toward lowering TCO. In addition to this network intelligence shift, previous IT purchase decisions, which deployed multiple vendor products for network access, are being reviewed as operational cost has soared thanks to inconsistent management and operations. This white paper documents the dynamics forcing a change in wiring closet switching with recommendations and guidelines for business and IT leaders to assist them in fixed switch vendor selection. We review products from Cisco, ProCurve Networking by HP, 3Com, Nortel and Juniper Networks.

Law Firm Protects Confidential Client Information

Get the White Paper

May 19th, 2008

By Cisco and Weltman, Weinberg & Reis CO., L.P.A.

Weltman, Weinberg & Reis (WWR) depends on its security solution to protect sensitive consumer data and maintain its sterling reputation. For more than 70 years, WWR has been a leader in providing collection services and legal representation to creditors. Headquartered in Cleveland, Ohio, WWR is the largest creditor's rights law firm in the United States. The company depends on its network to connect 1000 employees at nine offices, and to provide real-time status information on cases and files. Protecting the sensitive client information that resides on its network is a top priority for WWR. Much of the firm's application data contains confidential or nonpublic information (NPI). Along with privacy concerns, maintaining data integrity is also important, because customer contact records and other business information is often used in legal proceedings. Records that have become corrupted or inaccurate because of a security or network issue can result in a total breakdown of the process and a significant loss to the firm.

"œWe act on behalf of many of the largest lending institutions in the country, and security is important because of the personal consumer information contained within our systems," says Robert Baird, director of IT at WWR. "œA security breach would damage the reputation of our firm, along with that of the client whose information has been compromised." Baird continues, "œOur regulators are in effect the very same clients we service, and we get audited by them on a regular basis. We need to give clients confidence that their data, while under our control, is well protected." WWR needed a flexible, manageable security solution that could provide a defense-in-depth approach, safeguarding not only the network perimeter, but also the firm's internal network all the way to the desktop level.

Creating Efficient Business Processes with CEBP

Get the White Paper

May 19th, 2008

By Hurwirtz and Associates

Communications-Enabled Business Processes (CEBP) is an important innovation in the automation of human communications within business applications. Until now, such automation has largely been confined to providing Call Center systems and to unified communications products that target the productivity of individual users by integrating the use of voice communications, instant messaging, email and other collaborative capabilities.

CEBP goes much further than this, enabling the communications and workflow aspects of a business process to be integrated with the underlying software applications that serve the business process. The importance of CEBP is in its ability to automate and manage the many ad hoc activities that are part and parcel of a business process.

In this paper we discuss CEBP from a business applications perspective, focusing on three distinct evolutionary steps for business software:

  • The traditional environment of legacy business applications
  • The more modern and increasingly popular Service Oriented Architecture (SOA) environment
  • The newly emergent Event Driven Architecture (EDA) environment

OpenScape Video: Bringing HD Videoconferencing to Unified Communications

Get the White Paper

May 19th, 2008

By Siemens Enterprise Communications

Enterprise Unified Communications (UC) value is being increased with the addition of high definition videoconferencing. UC videoconferencing is rapidly growing in popularity thanks to it being affordable and easy to use, and because it includes end-points from desktops to large meeting rooms. It is based on open standards such as SIP, and often includes high-definition video and audio to enrich the user experience. Siemens OpenScape Video is the first single-vendor, unified videoconferencing solution for everyone in the enterprise by providing a complete end-to-end videoconferencing solution as an integral part of enterprise UC. By integrating high definition video, PC-based video and voice only end-points into a UC network, OpenScape Video enhances enterprise-wide collaboration and increases employee productivity while reducing travel costs and carbon emissions.