Saturday, 8 August 2009

Barracuda Branching Into Open Source VoIP

Barracuda Networks, long known for its e-mail and Web security offerings, is diving head first into the voice market with the launch of its CudaTel open source VoIP offering.

Barracuda quietly unveiled CudaTel this week, with a Web site offering a glimpse into the company, which promises cheap and easy open source VoIP. CudaTel is a collaboration between Barracuda and FreeSwitch, an open source telephony platform.

"We're starting with a slow release," said Sean Heiney, director of new product initiatives for Barracuda. "The first boxes are shipping today to qualified partners. We expect to be in full throttle by the fall."

The first product planned under the CudaTel name is the CudaTel Communication Server (CCS), an IP PBX and communications platform that the company said offers automated phone deployment, Active Directory integration and a simple Web-based user interface. Barracuda also notes the CudaTel Communication Server requires no per-user, per-box or per-feature fees, calling it "the most innovative and affordable system on the market."

The CCS also features automated handset provisioning, call routing, recording, call queuing, parking, unified messaging and voice mail, conferencing and conference bridges and more, CudaTel said on its Web site. All features can be controlled via the Web interface.

Heiney said the goal was to build an easy-to-use phone system at a lower price point -- "a PBX for the rest of us," he called it, adding, "We're really going to shake things up. We're going to go head to head with some of the bigger players."

The CCS comes in four models, starting at a 25- to 50-person system for about $2,000 and working up to a large enterprise box for thousands of phones and users.

CudaTel's CCS supports any SIP-compliant handset or softphone, but the built-in automated provisioning supports Polycom and Snom handsets. CudaTel also will offer unrestricted and unlimited 24x7 phone and e-mail support with each CudaTel server.

Heiney said the CudaTel Communication Server will be trickled into the channel, starting first with existing Barracuda partners and then widening into VoIP VARs. The voice market continues to evolve, Heiney said, and CudaTel will create opportunities for partners to sell a PBX alternative. Currently, Barracuda has roughly 3,000 partners globally.

Over the next few months, CudaTel plans to get partners up to speed on the CCS.

"We want to make sure our channel partners are trained and educated on this product," Heiney said.

And while a security vendor getting into the IP telephony game is an odd transition, Zeus Kerravala, Yankee Group senior vice president, said companies are looking for affordable alternatives and CudaTel seems to be focused on value.

"From what I understand it's a really easy, cheap VoIP system," he said.

But Barracuda is more than just a security vendor, Heiney said. Over the past few years it's expanded beyond Web and e-mail filters and firewalls to build a portfolio that now includes storage and backup solutions and networking gear such as load balancers.

"I don't think our customers think of us only as a security company," Heiney said. "We're a technology company."

And while buying a VoIP system from a player whose main business is security may sound strange, Kerravala said there are instances where it would be a good fit.

"There may be some cases where they can sell it to small businesses where the decision maker is a single person," he said.

And Heiney said Barracuda's new CudaTel VoIP line will capitalize on eliminating some of the inherent complexities of VoIP while offering a low-cost alternative to other systems.

"We've made probably the easiest-to-use phone system with a price point that's going to be hard to ignore," Heiney said.
Blogged with the Flock Browser

Introduction to WAN Optimization Techniques

Ever wondered why WAN optimization is required in consolidated data centre scenarios? Or how much difference WAN optimization makes in such situations? This article gives an overview of the techniques that are applied to optimize the data that is sent across the WAN network in order to reduce the bandwidth consumed by them and also to reduce the delay associated with WAN links.

What is WAN Optimization and why is it required?

Wide Area Networking has enabled a lot of applications (both for connectivity as well as optimization). We can today use the Internet Leased Lines and MPLS VPN Connectivity for connecting different branches of an organization. These are quite cost effective when compared to IPLC or dedicated Leased Line connectivity. One of the consequences of the affordability of such higher bandwidth and connectivity is the consolidation of servers and core networking components in a single data centre. This has definitely reduced a lot of cost (when compared to individual servers that needed to be replicated at each branch, in a few cases) and enabled applications like Virtualization (Where the resources of a server are shared between multiple applications as there is always umpteen processing power that is not utilized at all points of time, for example).

But consolidating resources through Wide Area Networking also comes with its own problems. There is a delay or latency induced in the packets that has to travel all the distance. This delay might also be due to the line conditions, amount of traffic at that instant, hardware induced delays like buffer delays both at the local end and ISP end. And there are always real time applications like voice, video etc. that travels along with bandwidth intensive applications like email and ERP that might cause un-acceptable delays if proper QoS policies are not set.

So, all these factors plus a lot more creates the need to have WAN optimization processes in place. Although the WAN optimization techniques do not eliminate the delays, they reduce it to a good extant. And WAN optimization induces its own security concerns but fortunately WAN optimization techniques address security in a much broader sense due to their unique position in the enterprise network where all the packets need to pass through such devices.

WAN Optimization Techniques:

Protocol Substitution:

¤ WAN Optimization devices manage chatty protocols inside the LAN and then encapsulate and manage communications across the WAN using less chatty protocols. For example, TCP (Transmission Control Protocol) requires acknowledgements for transmissions received and includes other mechanisms to do windowing, congestion management, slow start, etc. to manage its performance characteristics which induce further delays. Such TCP packets are often repackaged inside UDP packets for WAN transport or applications are re-architected to replace TCP with UDP for WAN Optimization.

¤ Multiple long messages are consolidated in to one or more longer ones. Each protocol has its own size of packaging messages. Video packets for example are longer than http packets. If the packets are small, they need to be sent and acknowledged more often and delay sensitive packets (which are longer) might have to wait. So, it is more efficient to combine a number of such small packets and send them in one go to reduce the number and frequency of such packets to traverse the WAN Link and to enable designers to choose optimization techniques uniformly for such WAN friendly message structures.

Data Substitution/ Cashing:

WAN optimization can look for recurring strings and data elements at the application layer. If these elements are copied across the WAN Link once, and they don’t change thereafter, a couple of WAN optimization devices can index them and exchange only index values between them so that frequently sent data elements need not be sent again and again through the WAN Link. For example, if a website like the company website is accessed by many members in an organization frequently, then most of the data of that website could be stored locally in a cache and sent to the employees instead of contacting the remote web server other than transactions which involve some real time processing like authentication etc.

Data Compression/ Encryption:

A variety of compression techniques are used to compress the WAN traffic. Header and Payload compression techniques use pattern matching algorithms to identify short, frequently recurring byte patterns that can be replaced by even shorter segments to reduce the final transmitted sizes. Different techniques might be employed to compress data across the WAN link but data which are already compressed like ZIP files or H.264 video packets etc. cannot be compressed much again. The traffic that is sent in the WAN links are often encrypted for security reasons as public networks are more and more utilized these days.
Blogged with the Flock Browser

Soldiers warned about ID theft after laptop stolen

The Army National Guard is investigating why a contractor had data including Social Security numbers for 131,000 current and former soldiers on an unsecured personal laptop that was stolen, a spokesman said Thursday.

The Guard was sending letters this week warning those affected to protect themselves from identity theft after the July 27 theft of the laptop belonging to a contract employee, said Randy Noller, spokesman for the National Guard Bureau in Arlington, Va. 

He would not release details, including the contractor involved and where it happened, but said police were investigating. The stolen laptop contains names, addresses, Social Security numbers and payment data for those enrolled in the Army National Guard Bonus and Incentives Program.

The Guard had no indication any data has been compromised but affected soldiers, generally those who received enlistment and retention bonuses in recent years, should take precautionary steps such as putting fraud alerts on their credit, Noller said.

He did not know how many of the 131,000 affected are on active duty. Those who are deployed and believe identity theft has occurred are being told to contact the nearest Judge Advocate Office for help.

The Guard is also working with its state affiliates to notify soldiers. In Wisconsin, about 1,700 soldiers were affected, including 800 who are on active duty in Iraq and Afghanistan, said a Wisconsin National Guard spokeswoman, Maj. Jackie Guthrie.

Noller said the Guard’s internal investigation is looking into what security policies were breached in the contractor’s handling of the data, which should not have been on an unsecured private laptop.

“We know simply by virtue of being on a personal laptop there were some security protocols violated. Exactly which ones, how and why is yet to be determined,” he said.

He stressed that “no malice was involved.”

“The guy was doing his job, trying to do it well and didn’t do the right thing,” Noller said.

He said the contractor was cooperating with the Guard’s investigation. A Web site and toll free hotline, 1-877-481-4957, has been set up to handle inquiries.

Computer security expert Larry Ponemon of the Ponemon Institute, a think tank in Traverse City, Mich., said employees should never have that much data on their personal laptops. In a study for Dell Inc., his group estimated last year that up to 600,000 laptops were lost annually at airports alone.

“To physically carry 131,000 records and use your laptop as a way of manipulating that information, there is never an excuse,” he said. “There is no reason that would be an acceptable security posture for any company. That’s definitely an indication of bad security.”

Blogged with the Flock Browser

Friday, 7 August 2009

40 Million Identities For Sale Online

According to The Times, more than 4 million British identities and more than 40 million individuals’ identities worldwide are being offered for sale on the internet. The information available for sale includes sensitive financial information (credit card / bank details, some PINs).

This information was reportedly made available online as the result of several initiatives. From what the report indicates, at least 250,000 bank / credit accounts were hacked into. Other information was the result of phishing, a process that dupes individuals to give over their details (such as log in details or credit card details). The information was intercepted over a four-year period by a British company, Lucid Intelligence, and collated into a single database, allowing these figures to be determined for the first time:

The Lucid Intelligence database contains the records of four million Britons, and 40 million people worldwide, mostly Americans. Security experts described the database as the largest of its kind in the world.

The report from The Times indicates that other sensitive information, such as corporate email access details, is being sold in online forums or hacking websites. This puts companies at risk for data breach issues.

Individuals can search the database for free, for now, to see if their information has been sold online. It will specify what information about you is known - whether it’s just your email address, your mailing address, or more high risk information such as banking details. You can learn more about the initiative here.

It’s quite an interesting venture - what do you think about it?

Blogged with the Flock Browser

Wednesday, 5 August 2009

AT Communications becomes... Daisy Group plc

Daisy Group plc announces that its wholly owned subsidiary has entered into agreements to acquire the trading assets of AT Communications Group plc.

Matthew Riley, Chief Executive Officer of Daisy, said; 'This transaction is the first step for Daisy in executing its strategy to consolidate the fragmented reseller market and become a dominant force in the SME and mid-market arena. ATC has a good reputation within the industry and, as part of the Group, will support Daisy in delivering an excellent service in all areas of communications, from product quality to customer service, further strengthening our converged product set and enhancing our offering to the UK business community. I'd like to thank the team for their efforts; their hard work means we have been able to ensure customers of both businesses will suffer no loss of service'.

For further information on Daisy Communications please view www.daisyplc.com
Blogged with the Flock Browser