RnD Newsletter Summer 09 by pengxiang


									Summer 09

This quarter:
Altman Technologies Pcounter wins 02
Environmental Product of the Year
Gartner upgrades Stonesoft in IPS     02
Magic Quadrant

News in brief
RnD awarded upgraded Symantec         03
technical status
Citrix XenServer .... free reign!     03
SonicWALL granted ELA4                03
Solutions update
Stonegate FW-5105 and IPS-6105        04
RnD and Networks First strengthen     04
                                              RnD newsletter
alliance                                      Summer
Websense V10000                       05      Welcome to our summer newsletter.
RnD guides                                    We hope you will find it informative
Virtualisation: Citrix XenServer or   06      and interesting. We want to bring
VMware vSphere?                               you news and opinion about the IT
                                              solutions and services that may benefit
Providing effective disaster recovery 08      your business as well as the latest
                                              developments from RnD.
                                              If there is anything you would like to
                                              see included in future publications,
                                              please feel free to email us at
                                              info@rnd.co.uk – we’d be delighted to
                                              hear your thoughts!
                                              Alison Shanahan and Alan Clarke, RnD

                                              Please contact RnD on 020 7853 2350

RnD news                                                                                                                                   News in brief

Altman Technologies’ Pcounter wins              Gartner upgrades Stonesoft in IPS            inspection for both client- and server-side
Environmental Product of the Year               Magic Quadrant                               protection.
Technology solutions company Altman             Leading IT industry analyst firm Gartner     Previously, Gartner positioned Stonesoft
Technologies has been elevated to               has positioned Stonesoft in the Niche        solutions in the Challengers quadrant
Four-Star status within The Green               Players quadrant in the Network Intrusion    in the Magic Quadrant for Enterprise
Organisation, one of the country’s              Prevention System (IPS) Appliances           Network Firewalls report published in
leading environmental groups. The               Magic Quadrant report.                       November 2008.
company has also been voted Winner
                                                Stonesoft’s offering of StoneGate IPS        Read more here.
of the Environmental Product of the
                                                appliances – for both physical and virtual
Year in the Network Computing Awards
                                                environments – includes built-in high
for its Pcounter printing/photocopying
                                                availability technologies, transparent
accounting and control product.
                                                (layer-2) firewall capabilities, and SSL
Pcounter eliminates waste and misuse
of printed output as well as providing
centralised management and reporting
for all print and copy activity - fitting all
types of environment from commercial                                                                                                       RnD awarded upgraded Symantec             Citrix XenServer....free reign!             SonicWALL granted EAL4
organisations and multi-campus                                                                                                             technical status                                                                      accreditation
universities to single printer cost control                                                                                                                                          Citrix has claimed its recent decision to
within primary schools.                                                                                                                    RnD Systems Integration has been          make XenServer 5.5 a free product has       SonicWALL has announced that the
                                                                                                                                           accepted into the new Symantec            been vindicated by the fact as many as      Network Security Appliance (NSA)
Read more about Altman Technologies                                                                                                        Technical Assistance Partner Program      100,000 companies and individuals have      series product line in combination with
and how Pcounter can help you become                                                                                                       (TAPP). Managing Director Dave            downloaded it so far.                       SonicOS v5.0.1 has earned Common
more environmentally friendly here.                                                                                                        Morris said: “This will ensure access                                                 Criteria Evaluation Assurance Level 4
                                                                                                                                                                                     Read more and download it here.
For more information on Altman                                                                                                             to increased levels of knowledge and                                                  certification.
Technologies solutions please contact                                                                                                      support for all the Symantec solutions
                                                                                                                                                                                                                                 EAL 4+ is one of the highest mutually
Alison Shanahan                                                                                                                            we deploy and provide a better standard
                                                                                                                                                                                                                                 recognised certifications in the
Alison.shanahan@rnd.co.uk.                                                                                                                 of service for our clients.” Membership
                                                                                                                                                                                                                                 networking industry and now applies to
                                                                                                                                           of the exclusive program is based on
                                                                                                                                                                                                                                 SonicWALL’s NSA E7500, E6500, E5500,
                                                                                                                                           commitment to product and the level of
                                                                                                                                                                                                                                 5000, 4500 and 3500.
                                                                                                                                           skills within an organisation.
                                                                                                                                                                                                                                 Read more here.
                                                                                                                                           Read more here.

 www.rnd.co.uk                                                                                                                   02         www.rnd.co.uk                                                                                                            03
Solutions update                                                                                                                         Solutions update
                                                                                                                                         • Faster incident resolution and a simple   protection, enabling organisations to
                                                                                                                                           escalation process giving increased       accelerate business without having to
                                                                                                                                           SLA visibility, delivered by a single     worry about security, productivity and
                                                                                                                                           source                                    liability threats such as malicious and
                                                                                                                                         • Seamless migration – working to           inappropriate content and data loss.
                                                                                                                                           develop an organisation’s network over
                                                                                                                                                                                     Using a hardened operating system
                                                                                                                                           time to take advantage of network
                                                                                                                                                                                     optimised for analysing Web traffic
                                                                                                                                           convergence and introduce new
                                                                                                                                                                                     and content, the Websense V10000
                                                                                                                                           technologies while reducing total cost
                                                                                                                                                                                     meets the performance requirements of         Read more about this product here.
                                                                                                                                           of ownership
                                                                                                                                                                                     high-throughput enterprise networks.
                                                                                                                                         • Support options tailored to meet                                                        For further information on the Websense
                                                                                                                                                                                     It provides lower cost of ownership by
                                                                                                                                           specific commercial needs and                                                           V10000 appliance please contact
                                                                                                                                                                                     minimising the amount of hardware
                                                                                                                                           provide added value                                                                     Alan Clarke
                                                                                                                                                                                     required to deploy and manage a secure
                                                                                                                                         • Guaranteed quality of service –                                                         alan.clarke@rnd.co.uk
                                                                                                                                                                                     Web gateway and delivers unparalleled
                                                                                                                                           complete ownership of network
                                                                                                                                                                                     price performance.
                                                                                                                                           problems with a commitment to see                                                       or Alison Shanahan
New StoneGate FW-5105 and IPS-6105            organisations to add new appliances         Multi-vendor, multi-layer network                issues through to resolution                                                            Alison.Shanahan@rnd.co.uk.
high performance appliances                   and capacity to the security cluster.       scenarios are common and can be                                                            The Websense V10000 appliance
                                                                                                                                         • Guaranteed service levels with
                                                                                          expensive, resource-intensive and                                                          platform offers:
Stonesoft has introduced the new              Both appliances can be managed from                                                          predictable costs so all projects are
                                                                                          difficult to manage. It is vital to know         executed smoothly, ensuring a high        • Visibility and control over dynamic
StoneGate FW-5105 firewall/VPN and            the StoneGate Management Centre
                                                                                          which supplier will take responsibility if a     quality of service with an impressive       Web content and outbound data loss
StoneGate IPS-6105 intrusion prevention       (SMC), providing enhanced ease of use
                                                                                          network goes down. RnD felt that, rather         99.8% SLA achievement rate                  including SSL-encrypted traffic
system appliances for most demanding          and a comprehensive view over network
                                                                                          than working with several providers, they      • Access to an experienced, flexible and    • Protection against Web 2.0 threats
high capacity environments. The new           security.
                                                                                          should take a diligent approach and look         accredited engineering team                 such as dynamic scripts
firewall offers up to 25 Gbit/s and the IPS
                                              Read more about these products at the       for a best-of-breed, multi-vendor support                                                  • Advanced application controls for IM,
appliance up to 10 Gbit/s performance.
                                              Stonesoft blog.                             provider.                                      To find out how RnD and Networks First        P2P, and more
The new StoneGate FW-5105 provides                                                                                                       can enhance your network performance,       • Leading price and performance
                                              These products will be available from       To this end, RnD partners with Networks
an ideal solution for the increasingly                                                                                                   please contact Dave Morris                  • Intuitive, easy-to-use, centralised
                                              July 2009. For further information on all   First - a specialist services organisation
expanding capacity needs of large                                                                                                        dave.morris@rnd.co.uk                         management and reporting
                                              Stonesoft solutions please contact          that focuses purely on network support
enterprise networks and MSSPs                                                                                                                                                        • Integrated Web proxy and caching
                                              Alan Clarke                                 and management. Founded in 1990, its
(Managed Security Service Providers).                                                                                                                                                • Built-in extensibility for future-proofed
                                              alan.clarke@rnd.co.uk                       level of expertise perfectly complements
With four 10 Gbit/s interfaces, 18 gigabit                                                                                                                                             security
                                                                                          the RnD mentality. RnD took the lead
interfaces and the capacity of over 25
                                                                                          in recommending in-depth solutions
Gbit/s, StoneGate FW-5105 is designed
                                                                                          with Networks First, who will deliver
to meet the performance, redundancy
                                                                                          the implementation, on-going support
and scalability requirements of large
                                                                                          and management of the network
central sites, large VPN networks and
                                              RnD and Networks First: Solving             infrastructure.
data centres with thousands of users.
                                              business challenges and avoiding
                                                                                          Whether a business is looking to push
The new StoneGate IPS-6105                    network downtime
                                                                                          existing network assets to the brink,
intrusion prevention system (IPS) offers
                                              As IT networks become ever more             rationalise voice and data infrastructure
excellent visibility and enterprise-                                                                                                     Websense launches new V10000 Web
                                              business-critical, avoiding network         or develop network infrastructure,
level inspection for demanding                                                                                                           Security Gateway Appliance
                                              downtime is crucial. Diagnosing the         the experienced multi-vendor, mixed
network environments. It has been
                                              source of network problems is difficult,    technology service delivery partnership        “In the second half of 2008, 70% of the
designed to meet the needs of large
                                              particularly in the converged world where   that RnD and Networks First offers, is a       top 100 sites either hosted malicious
organisations and MSSPs (Managed
                                              networks are increasingly complex.          one-stop service. This approach offers a       content or contained a masked redirect
Security Service Providers). The
                                                                                          number of important business benefits          to an illegitimate website.”
StoneGate IPS-6105 has four 10 Gbit/s         Companies are asking: does the
                                                                                          including:                                               Websense Security Labs
fiber bypass interfaces and eight 1           problem lie with the data network, voice
Gbit/s bypass interfaces, so it allows        equipment or business application? Do                                                      The Websense V10000 Web security
the inspection of several network             we have the skills to reduce downtime?                                                     gateway appliance platform is an
segments simultaneously. The new              Can our suppliers work together                                                            extremely accurate and effective solution
serial clustering technology allows           effectively to resolve network problems?                                                   for Web 2.0 content control and threat

 www.rnd.co.uk                                                                                                                 04         www.rnd.co.uk                                                                                                              05
RND guides                                                                                                                                  RND guides
Virtualisation: Citrix XenServer or                                                                                                         VMware uses vCenter Server for multi-         Virtual machine backup and recovery             Marathon Technologies and Stratus to
VMware vSphere?                                                                                                                             server management and configuration.                                                          deliver VM fault tolerance.
                                                                                                                                                                                          XenServer and VMware both offer VM
                                                                                                                                            vCenter Server runs as a Windows
                                                                                                                                                                                          snapshot capability for basic backup
                                                                                                                                            service on a separate management                                                              VM load management
                                                                                                                                                                                          and recovery needs. XenServer extends
                                                                                                                                            server and requires a third-party database
                                                                                                                                                                                          the agent-based approach for Windows            VM load management ensures that a VM
                                                                                                                                            for storage and management of host
                                                                                                                                                                                          VMs through the enablement of a                 is started up on the host most suitable
                                                                                                                                            system configurations. For redundancy
                                                                                                                                                                                          XenServer-specific Volume Shadow-copy           for the VM workload and also performs
                                                                                                                                            and availability of the core management
                                                                                                                                                                                          Service (VSS) provider. When a backup           ongoing management of the location of
                                                                                                                                            services, VMware recommends the
                                                                                                                                                                                          agent makes a call to the Windows VSS           VMs running in a pool of host servers.
                                                                                                                                            addition of clustering software such as its
                                                                                                                                                                                          provider, the XenServer VSS provider            XenServer includes Workload Balancing
                                                                                                                                            vCenter Server Heartbeat add-on product.
                                                                                                                                                                                          intercepts it and redirects it to perform a     (WLB), which captures data such as CPU,
                                                                                                                                                                                          disk-level snapshot. This snapshot is a         memory, disk I/O and network I/O on the
                                                                                                                                                                                          differential copy and can take as little as     hosts and virtual machines to guide the
Citrix XenServer is a free-of-charge                                                                                                                                                      five seconds to complete.                       initial and ongoing host location for virtual
virtualisation platform and includes                                                                                                                                                                                                      machines. VMware offers DRS, a feature
                                                                                                                                                                                          VMware offers a feature called Data
XenCenter, a multi-server management                                                                                                                                                                                                      that guides the initial VM placement as
                                                                                                                                                                                          Recovery in vSphere for backup of virtual
console. In addition, Citrix offers advanced                                                                                                                                                                                              well as semi- or fully-automated load
                                                                                                                                                                                          machines. Data Recovery is a plug-in for
management capabilities in Citrix                                                                                                                                                                                                         management of VMs using its Distributed
                                                                                                                                                                                          vCenter Server that schedules regular disk
Essentials for XenServer product line.                                                                                                                                                                                                    Resource Scheduler (DRS) feature.
                                                                                                                                                                                          snapshots for virtual machines. Some
VMware vSphere is a server                                                                                                                                                                customers see this as an alternative to
                                                                                                                                                                                                                                          Provisioning services
virtualisation platform that includes the                                                                                                                                                 traditional agent-based approaches;
VMware ESX hypervisor and associated           different from VMware and is built on the     Domain 0 enables XenServer to leverage                                                       however, Data Recovery does not offer           XenServer includes unique provisioning
management tools. vSphere servers are          open-source Xen hypervisor, which is the      standard open-source Linux device                                                            application-level awareness, which is often     services features for virtual machines.
managed from vCenter Server, VMware’s          basis for nearly two dozen commercial         drivers, resulting in extremely broad                                                        cited by customers as a reason to use           This technology allows users to set up
multi-server management console.               virtualisation products and the engine        hardware support. Because of this                                                            agent-based solutions for workloads such        a library of server workloads and stream
                                               powering the world’s largest virtualisation   design, XenServer can even run on                                                            as SQL Server, Oracle, Exchange and             them on-demand to multiple virtual or
These are two of the leading server            deployment, the Amazon Elastic                laptops or workstations—systems on                                                           Active Directory.                               physical servers within the data centre.
virtualisation products on the market. As      Compute Cloud. Instead of using binary        which VMware’s proprietary drivers are                                                                                                       Provisioning services enable multiple
this comparison will illustrate, XenServer     translation like VMware, XenServer uses       much less likely to function.                                                                Disaster recovery                               virtual machines to share a single
is a powerful and feature-rich alternative     a combination of para-virtualisation and
                                                                                             XenServer has a straightforward                                                                                                              workload image, resulting in streamlined
to VMware and distinguishes itself in          hardware-assisted virtualisation, which                                                                                                    XenServer and VMware both support multi-
                                                                                             installation process, often referred to                                                                                                      administration as well as significant
a number of areas—including its open           allows a guest OS to be fully aware that                                                                                                   site deployments, whereby VMs can be
                                                                                             as the ‘10 minutes to Xen’ experience.                                                                                                       storage savings. Provisioning services are
architecture, performance, storage             it is being run on virtualised hardware.                                                                                                   made available in primary and DR sites. In
                                                                                             XenServer is installed on the host                                                                                                           a unique feature that simply must be seen
integration and total cost of ownership.       This collaboration between the OS and                                                                                                      each case, the virtualisation solution relies
                                                                                             systems using a CD or network-based                                                                                                          to be fully appreciated—there is nothing
                                               the virtualisation platform provides highly                                                                                                on SAN-based replication technologies
                                                                                             installation process. The XenCenter                                                                                                          else on the market quite like it.
System architecture                            optimised performance.                                                                                                                     to keep VM files and configuration data
                                                                                             GUI-based administration console is then                                                     current at a backup location.                   The above is an extract from a recent
Both products feature bare metal or                                                          installed on any Windows PC or server.
                                               XenServer hypervisor architecture                                                                                                                                                          white paper commissioned by Citrix, the
Type 1 hypervisor technologies that are                                                                                                     Guest OS support
                                                                                             System configuration information is                                                          High availability and fault tolerance           full version of which is available upon
installed directly onto physical servers       With XenServer, all virtual machine
                                                                                             kept in an internal data store within          VMware and XenServer both support                                                             request from Alan Clarke,
without requiring a host OS. VMware ESX        interactions with the hardware are                                                                                                         Both VMware and XenServer have high
                                                                                             the XenServer control domain and is            the most popular Windows and Linux                                                            alan.clarke@rnd.co.uk.
has been on the market the longest and         managed through the Domain 0 control                                                                                                       availability features that offer granular
                                                                                             replicated across all servers that are                                      ,
                                                                                                                                            OSs, including Windows XP Vista,
its first generation architecture predates     domain, which itself is a specially                                                                                                        policies governing the behaviour of
                                                                                             managed together (forming a resource           Windows 2000, 2003 and 2008 Server,
virtualisation-aware operating systems         privileged virtual machine running on                                                                                                      specific VMs after a host failure. VMware
                                                                                             pool) to maintain high availability of the     Red Hat Linux, SUSE Linux and others.
and processors. ESX’s approach to              top of the hypervisor. Domain 0 runs a                                                                                                     also includes fault tolerance, a feature
                                                                                             core management services. As a result          In addition, VMware ESX supports some
virtualisation can best be described as        hardened, optimised instance of Linux.                                                                                                     that maintains mirrored instances of
                                                                                             of this architecture, a separate database      flavours of BSD, Sun Solaris and Novell
binary translation: each OS request to the     It’s important to recognise that to the                                                                                                    virtual machines running on separate
                                                                                             server is not required for the core            Netware. VMware and XenServer are
processor is intercepted and translated        administrator, Domain 0 is part of the                                                                                                     hosts which can maintain continuity of
                                                                                             management functions.                          both certified for Windows according to
into a virtualisation-friendly instruction.    overall XenServer system and requires no                                                                                                   the workload in the event of a failure.
                                                                                                                                            the requirements of the Microsoft Server
                                               additional installation or management.        Similar to XenServer, the VMware ESX                                                         XenServer can be augmented with
The architecture of XenServer is quite                                                                                                      Virtualisation Validation Program (SVVP).
                                                                                             hypervisor is installed on the host servers.                                                 leading third-party products such as

 www.rnd.co.uk                                                                                                                     06        www.rnd.co.uk                                                                                                                      07
RND guides
Providing effective disaster recovery         Replication                                     • Software replication integrates with
                                                                                                the Windows OS to copy data by
Most businesses know that disaster            Replication-based technologies offer
                                                                                                capturing file changes as they pass to
recovery is critical, but may not know        the promise of capturing a data set at
                                                                                                the file system. The copied changes
which solution is best for them. Here’s our   a particular point in time with minimal
                                                                                                are queued and sent to a second
guide to the technologies currently on the    overhead required to capture the data or to
                                                                                                server while the original file operation
market and their benefits and drawbacks.      restore it later. There are four main methods
                                                                                                is processed normally without impact
                                              of interest in today’s storage environments:
                                                                                                to application performance. Protected
                                              • Whole-file replication copies files in          volumes may be on the same server,
                                                their entirety. This is normally done as        separate servers on a LAN, connected
                                                part of a scheduled or batch process            via storage-area network (SAN), or
                                                since files copied while their owning           across a wide-area network. As long
                                                applications are open will not be               as the network infrastructure being
                                                copied properly. The most prevalent             used can accommodate the rate of
                                                use of this technology is for login             data change, there is no restriction
                                                scripts or other files that don’t change        on the distance between source and
                                                frequently.                                     target. The result is cost-effective data
                                              • Application replication copies                  protection.
                                                a specific application’s data. The
                                                implementation method (and general            Double-Take
                                                usefulness) of this method varies
                                                                                              Double-Take from Double-Take Software
                                                dramatically based on the feature set
                                                                                              can fulfil the backup, disaster recovery
                                                of the application, the demands of
                                                                                              and emergency mode operations that are
                                                the application and the way in which
                                                                                              required for compliance. Double-Take is
                                                replication is implemented. This model
                                                                                              a real-time data replication and failover
                                                is almost exclusively implemented for
                                                                                              application that augments an existing
                                                database-type applications.
Tape                                                                                          network environment by providing a data
                                              • Hardware replication copies data
                                                                                              protection mechanism that has minimal
The most common method of storage               from one logical volume to another
                                                                                              impact on users or network resources.
protection is also the oldest: backing          and copying is typically done by
up to and restoring from magnetic tape.         the storage unit controller. Normally,        Double-Take allows the administrator to
This method has been around for almost          replication occurs when data is written       specify that mission-critical data stored
40 years and is still the bedrock of            to the original volume. The controller        on a network server should be protected
most recovery strategies. The cost per          writes the same data to the original          by creating a second copy of the data
megabyte for tape storage is low; it’s easy     volume and the replication target at the      on another system, usually at a disaster
to move tapes to secure offsite storage         same time. This replication is usually        recovery site. Double-Take monitors any
and the technology continues to scale well      synchronous, meaning that the I/O             changes to the production copy of the
for many applications.                          operation isn’t considered complete           data and replicates those changes to the
                                                until the data has been written to            secondary server. This second copy of
However, tape backups have limitations,
                                                all destination volumes. Hardware             the data is synchronised in real-time with
such as the amount of time required to
                                                replication is most often performed           the first, making the data accessible in the
back up and restore large volumes of data,
                                                between storage devices attached              event of a major disaster or system outage.
the accompanying latency between when
                                                to a single storage controller, making
the data was protected and when the loss
                                                it poorly suited to replicating data
occurs, and the security involved in moving
                                                over long distances. Most hardware
tapes to offsite storage. Accordingly, much
                                                replication is built out of SAN-type
attention is being focused on replication-
                                                storage or proprietary NAS filers.
based technologies.

   Please contact RnD on 020 7853 2350                         www.rnd.co.uk

To top