|
|
|
|
|
|
||||||||||||||||||||||||||||||||||
RESEARCH CENTERS
Applications
Careers Convergence Data Center LANs Net/Systems Mgmt. NOSes Outsourcing Routers/Switches Security Service Providers Small/Med. Storage WAN Services Web/e-commerce Wireless/Mobile SITE RESOURCES
Daily News
Newsletters This Week in NW Tests/Reviews Buyer's Guides Opinion Forums Special Issues How to/Primers Case Studies Network Life Encyclopedia IT Briefings   
TODAY'S NEWS
|
|
  
Six of our columnists select the year's most innovative products and services for our annual Category-breaker Award.
It's about time for faster antivirus methods In the ideal world, new computer viruses would never get the chance to attack corporate desktops. But in the real world, where traditional antivirus procedures dominate, they usually do. That's because to stop a virus, antivirus companies must develop antidotes, then distribute the updated signature files to their clients, who then must update all their internal servers and the thousands of workstations they service. And all this takes time. The more time it takes for an update to reach the desktop, the more vulnerable the company's network is to the infection - a value the security world calls "reaction time."
But Network Associates has developed technology that offers significantly better reaction time. The technology, called Rumor, uses a unique peer-to-peer distribution model instead of the traditional network- and bandwidth-hogging client/server model of centralized update distribution. Rumor, through Network Associates' McAfee VirusScan ASaP managed service, regularly updates a company's enterprise antivirus server. When the first workstation logs on, part of the start-up routine runs the Rumor antivirus agent, which verifies the workstation is running the latest version. If not, the server sends the upgrade. This desktop's reaction time for antiviral defense is superb. ASaP's Rumor doesn't let the computer do anything until its antivirus software is updated - invisibly to the user. When the logon process is completed and e-mail is downloaded, the user is already protected. On a typical morning, several hundred or thousands of people attempt to log on in a short period of time. A bottleneck results if every desktop in a company contacts the antivirus server at that time. 
With ASaP Rumor, the antivirus server only responds to the first few user requests for updates. When subsequent desktops log on, they broadcast to the network, "Does anyone have anything new to tell me about viruses?" An updated desktop can respond and supply the new code. And all this will occur before any offending virus can cause infection. Rumor is a true peer-to-peer distribution model, completely emulating the way rumors are spread among people. In addition, Rumor clients use strong authentication mechanisms to track their activities and to ensure that the latest and greatest update is the one being distributed. The VirusScan ASaP service starts at $36 per year, per user. Using Network Associates' ASaP Rumor approach, protecting computers from viruses before they spread is achievable. At the heart of the Rumor approach is a security model called Time Based Security. It provides a strong methodology and simple mathematics by which security can be measured, compared and improved. Schwartau is the president of Interpact, a security awareness consulting firm in St. Petersburg, Fla., and the author of many books, including Time Based Security. He can be reached at winns@gte.net
Serving up terrorist-resistant collocation Equinix's Internet Business Exchange service clearly stands out in a crowded market of Internet collocation offerings. IBX is a multitenant, fully redundant collocation service for bringing ISPs and content providers together in a single facility to make the connections they desire. Think of it as the neutral Swiss version of the Internet equipment hosting model - pure service and access to anybody, an ideal hybrid of the original Internet interconnect points and hosted offerings. Unlike Exodus Communications and others in its field, Equinix has no backbone network to connect its dispersed facilities in Washington, D.C., New York, Silicon Valley, Chicago, Dallas and other sites. Rather, each facility is a stand-alone entity. Without the backbone overhead, Equinix has simplified network management while eliminating an important potential bottleneck from customer network designs. Equinix's staff can focus on maintaining customers' stored equipment rather than on tracking down the sources of outages. Service providers using IBX can connect to other service providers via a high-speed Gigabit Ethernet switching system - Foundry Networks' BigIron 8000 - within each facility. Web hosting (data and content) providers can use the same core switching system to access the ISP of their choice or even to get direct access to other content providers for partnership offerings. If a service provider wanted to bypass Equinix's Gigabit Ethernet switch and bring its own, it could do that, too.
While many hosting facilities have beefed up security procedures, Equinix stands out for its security. It worked closely with the designers of the Federal Reserve's security system and built bona fide hardened facilities designed to withstand terrorist attacks. Its security procedures, including everything from reinforced bunker-style facilities and biometric access, have just about everything short of a brain-scan system. This service, deployed in mid-2000, really made its mark on the Internet earlier this year. Equinix has compiled an impressive list of customers and partners for the service: MSN, Global Crossing, Motley Fool, Sigma Networks, Williams Communications, Yahoo, IBM and E&Y. Unlike most ISPs and traditional hosting firms, providing neutral collocation services is Equinix's only function, but it is a function it performs extremely well - and cost effectively. Fees range from the low thousands of dollars to hundreds of thousands per month, but are at least half the cost of building a similarly secured in-house facility. In short, the IBX is a nice, tight offering that is unique and necessary in today's turbulent world. The downside is that Equinix - along with just about every other hosting company - has yet to master profitability. But that may shift dramatically with the recent change in global security requirements. IBX certainly stands out, and its business model is worthy of my vote as breakthrough service of the year. McClimans is the managing director of technology analyst firm Fearless Ventures and the chairman of Current Analysis. He can be reached at fmcclimans@fearlessventures.com
Maximizing bandwidth while lowering costs The economy has clearly gyrated into a "make-do" phase. Carriers and service providers have stopped or postponed major new network buildouts to look hard at improving existing infrastructures with minimal expense. Getting more out of Internet or WAN connections can delay the need for adding bandwidth while keeping performance at acceptable levels. A new category of networking products promises to do just that. These "route control" or "route optimization" products are all about directing IP traffic according to criteria such as performance, price and time of day. RouteScience Technologies, a relative newcomer to the network scene, is delivering such a product to carriers and enterprises. RouteScience's PathControl is an Internet route control device that measures real-time, end-user path performance across all available ISP links and thereby helps edge routers make better routing decisions. The measurement process is completely passive (no active pings required), automated and performed in real time with minimal network overhead. PathControl analyzes the performance data and determines the best ISP links based on performance metrics and user preferences. For example, customers can designate lower-cost ISP links to be favored over higher-cost links except when performance falls below specified thresholds.
PathControl can send route updates to edge routers using the standard Border Gateway Protocol. Updates can be sent when Internet conditions change or as often as network managers would like. If a PathControl box goes down, the network will not be impacted - only the optimization is lost. PathControl also reports on ISP performance and the route optimization results. Route optimization can save money in several ways. Most obviously, it can reduce bandwidth requirements. Many companies aim to use only 50% to 60% of their available bandwidth, on average, to ensure the network can accommodate traffic bursts. With route optimization, network managers can allocate traffic more evenly across different network routes and therefore use 80% of potential bandwidth on average. Route control devices might be a good addition to your toolbox, along with other network improvement approaches (for example, adding bandwidth at network bottlenecks, compressing traffic and implementing class or quality of services). PathControl is one of the first out the door, but won't remain the sole offering in this new market. NetVMG, Sockeye and others are preparing to launch competing products. And PathControl isn't for everyone - yet. Prices range from $140,000 to $250,000, depending on the network configuration, with most companies needing one or two PathControl boxes. Gage is the vice president of consulting at TeleChoice. She can be reached at bleedingedge@telechoice.com
A better way to perform customer care The business world is just beginning to explore operational uses of instant messaging, and FaceTime Communications is a pioneering vendor in this niche. FaceTime Instant Message Director is a category-breaking product for combining instant messaging, presence, workflow, automated call distribution, customer relationship management (CRM) and knowledge management into a collaboration customer care environment. The product supports flexible rules-driven routing of instant messages to available experts, categorized by areas of expertise. These experts can handle several ongoing problems at once via instant messages. Only instant messaging technology can deliver immediate, detailed, personal feedback of the type demanded in call-center environments. Instant Message Director consists of a communications server and a call-center agent application. The server provides instant messaging and presence, using a proprietary protocol that connects enterprise users who employ the company's proprietary instant messaging client software. Presence detects who is online. The server also provides an instant messaging/presence gateway for connecting to users on public instant messaging services such as AOL Instant Messenger, MSN Messenger and Yahoo Messenger. Experts therefore may be anywhere in the world. The vendor's call-center application software includes several critical productivity features. Installed on first-line and supervisor's desktops, the FaceTime Enterprise IM Workstation detects the presence of knowledge experts, sends and receives messages, and handles concurrent instant messaging/chat sessions, all through a graphical user interface.
Agents can categorize buddies/experts by their knowledge domains. They can establish three-way chats with supervisors, other agents and experts. They can automatically retrieve associated customer profiles and histories. And agents can retrieve other pertinent information through an integrated Web browser or from a canned knowledge library that can be built within the FaceTime environment. Call-center supervisors can use FaceTime Enterprise IM Workstation software to define complex workflow rules that specify how the server routes and escalates messages between various agents and knowledge experts. Supervisors can track transactions between agents and experts in real time, while logging all transactions for later audit and analysis. They can broadcast instant messages to all agents, and monitor, reassign and balance agents' workloads in real time. Cost is determined by how large a company is. A perpetual license, at $90,000, appropriate for midsize to large companies, includes on-premise deployment and 35 agent seats. Hosting by FaceTime is an additional $3,350 per month plus a one-time provisioning fee of $5,000. Application service providers can expect to pay $5,000 per month for up to 15 agents with incremental fees for additional agents or larger agent block packages. Also impressive is the string of business alliances FaceTime has established to evolve Instant Message Director into a more sophisticated call-center tool. These include relationships with the leading CRM vendors (Siebel Systems and PeopleSoft), Internet telephony vendors (Cisco and Lucent) and self-service knowledgebase providers (Ask Jeeves and AskIt). All these activities demonstrate that FaceTime is committed to maintaining its first-mover advantage in the exciting new market for instant messaging-enabled call-center applications. Kobielus is an Alexandria, Va., analyst with The Burton Group. He can be reached at jkobielus@tbg.com
Management for the guerrilla operating system Many people would consider the phrase "managed Linux" an oxymoron. After all, Linux is seen as the "guerrilla" of operating systems. It comes in through the back door, is set up surreptitiously then hidden from the CIO and other management types. Caldera Systems wants to change all that with its new Volution, which provides secure, remote management for Linux systems. Hierarchical management - for Linux! That's not only a category-breaker, it's a category-maker. Volution is a directory-enabled distributed management product. Included with the package is a copy of Novell's eDirectory and a copy of OpenLDAP - the open source Lightweight Directory Access Protocol-enabled directory service. This is the first Linux-based package that combines the features of multiple single-issue utilities in the areas of remote health monitoring, hardware inventory and software distribution. And it's not only for Caldera's Linux distribution, but also distributions from most other major Linux players, covering multiple releases.
Volution is a policy-based management system that, among its many features, provides secure Web-based management, electronic software distribution, hardware inventory, software inventory, health monitoring of Linux systems and Linux printer configuration. Volution includes a scheduler based on a global event system that lets actions be scheduled for a point in time, repeated time intervals, a local event or a global event. The software and hardware inventory data is searchable, simplifying management and making software distribution easier. Distribution can be further simplified through the creation of logical groups within the LDAP-enabled directory store used by Volution for its policy management. Volution costs $3,000 for the server plus 10 nodes and $121 per additional node. The important thing is that Volution marks almost a "coming of age" for Linux. The management utilities your CIO wants to see for business-critical operating systems are now available for Linux in a policy-driven, directory-enabled package. Kearns, a former network administrator, is a freelance writer and consultant in Austin, Texas. He can be reached at wired@vquill.com
Eliminating the dual-PC telework syndrome A big inhibitor to part-time telework is the equipment cost. You're faced with providing a second PC for home use or letting teleworkers shuttle work between corporate and personal computers. While the latter won't cost your company money outright, it could cost you plenty in lost productivity (should employees forget or fail to transfer the files they need) or lost security (should workers put sensitive corporate data on a personal PC connected to the Web via an insecure DSL or cable connection). Expertcity's GoToMyPC solves the two-PC problem by letting you use just one. For about $12 a month for individual users, the Web-based service lets you access the data, applications and even printers of one PC via another PC and Web connection. You download a small client application onto the target PC. The idea is that all office applications and data stay on the office system, with nothing transferred to the home PC. GoToMyPC is secure. The session between the host and remote PC is 128-bit encrypted. Unlike VPNs or remote access products, such as pcAnywhere, that let a remote PC act as a node on the network with the same privileges as any in-office system, GoToMyPC limits the remote worker's access to the host system only - no danger of unauthorized network access. All the personal PC is doing is receiving screen images of what's displayed on the host system.
What's more, because it's a Web application and not peer-to-peer, GoToMyPC is faster than pcAnywhere and works well over slow and fast connections alike. The telework community loves GoToMyPC because it enables quick and dirty telework at minimal cost. The International Telework Association and Council recently awarded GoToMyPC the Outstanding Innovation in Telework Award. Expertcity says individual subscribers already number in the tens of thousands, and Sprint is expected to roll out a co-branded version this month. What's more, the company is fast winning the confidence of enterprise IT shops. Expertcity's corporate product ($250 for 10 users) includes administrative tools that let you monitor and control traffic flow and users' access. And an enterprise (500-plus users) version that works with RSA Security's SecurID and other authentication systems is due out in January. Related LinksFred McClimans, "Keeping Current" Beth Gage, "The Bleeding Edge" James Kobielus/Above the Cloud Apply for your free subscription to Network World. Click here. Or get Network World delivered in PDF each week.
|
|
|
||||||||||||||||||||||||||||||
