CONFIDENCE IN A CONNECTED WORLD | SYMANTEC F.Y.I. #2 2006
A trusted environment can only be built on policies
HBOS STANDARDISED ON NETBACKUP
Symantec’s CEO, John W Thompson:
DISING ANDAR CENTRE ST TA THE DAs, expert tips, d
Tren tudies and case s est from the lat ntec. Syma
: FOCUS
SECURING INFORMATION AND MAXIMISING DRIVE UTILISATION
RAISING THE STANDARD FOR BUSINESS CONTINUITY MANAGEMENT
4
KILLER FEATURES IN DATA CENTRE FOUNDATION
NEWS:
Ghost Solution Suite 2.0 Symantec Database Security Veritas Cluster Server 5.0 Backup Exec 11d Mail Security 8300 and much more...
SNIA AND TSANET:
DEVELOPING STANDARDS FOR THE DATA CENTRE
REDUCE COMPLEXITY WITH
DATA CENTER FOUNDATION
�2
COUNTRY UPDATE
SYMANTEC F.Y.I.
#2 2006
IT’S NOT YOUR FAULT THAT YOUR DATA CENTRE IS COMPLEX.
– It’s your challenge.
Symantec – FOR YOUR INFORMATION is published by Symantec UK and distributed to Symantec’s customers. FYI magazine aims to inform businesses to help protect and manage the digital assets. Publisher: Symantec UK 350 Brook Drive GreenPark Reading RG2 6UH Phone: +44 (0) 870 243 1080 Web page: www.symantec.co.uk Project leader: Amanda Wilkinson, Manager, Enterprise Marketing UK & Ireland Editor: Assi Abdel-Baki, assi@ribbit.se Contributors: Aleksandra Alfonso, Spencer Cox-Freeman, Åsa Edner, Dietmar Heinrich. Mike Spink and Måns Widman. Producer: RIBBIT, in cooperation with Skalinformation. www.ribbit.se
>> THE PLAYING FIELD for IT departments is constantly changing. As a result, your focus has to be on investing in IT that creates productivity and growth, and which will drive the business rather than just be a means to keeping it going. That means striking a balance between processes, people and technology. However, it can be difficult to strike such a balance where corporate infrastructure is so complex that it is difficult to manage. In order to build a robust infrastructure that can support new and emergent business requirements, you would normally have to employ technical solutions from a number of different vendors. Up till now, this approach has led to situations in which there is a multitude of different management tools, all of which must be mastered. In practice, the data centre is the result of a series of major decisions that, on the whole, may be a nightmare to manage, not to mention expensive, troublesome and vulnerable if it is not done the right way.
As a customer, you perhaps might not associate the Symantec brand with data centres. However, as a result of the merger with Veritas that took place just over a year ago, this is precisely one of the areas in which Symantec is a market leader. It is important for us that you, as our customer, feel secure in choosing Symantec to standardise the management of your data centre. This covers everything from data protection and data management, storage, consolidation of servers and storage areas, data migration, storage capacity management, server use, application accessibility and performance, as well as improved transparency and control in data centre environments, irrespective of the environment in question. It’s not your fault that your data centre is complex. However, it is your challenge to take back control. Most importantly – ensure that the investments you make in your data centre generate increased productivity and drive the business forward!
Ads: Lindberg Marketing, Bo Lindberg, Lindberg@mail.com Print: Alfa Print, Sweden. If you would like to order your own copy of FYI magazine, change your details, or cancel your subscription; please email news_uk@symantec.com Symantec F.Y.I. is published four times a year in the UK with a circulation of approximately 10,000 copies.
SUGGESTIONS? you would like to anything
If there is u have azine, or if yo see in FYI mag to know u would like us a project yo to send an email about, please symantec.com FYI_magazine@
BUSINESS CONTINUITY 15 . Working closely with Symantec Consulting, the insurance company Amlin has implemented a business continuity program that meets the British Standards Institute (BSI) PAS56.
IN THIS ISSUE:
SYMANTEC INSIGHT MARKET INSIGHT Surveys, analysis and market trends. 3 4-5 EXPERT INSIGHT 10-11 We spoke to representatives from SNIA and TSANet to check on their progress in getting standards implemented in the data centre. CIO CORNER Q&A with John W Thompson, CEO and chairman of Symantec Corporation. 12-13 STANDARDISING THE DATA CENTRE: HBOS 6-7 HBOS standardised on Veritas NetBackup and got a scalable, flexible and high-performance solution for every platform. EXPERT INSIGHT 8-9 Symantec’s Kris Hagerman explains how you can get the best of two worlds by standardising on Data Centre Foundation.
TECHNICAL HOTSPOTS 16-17 New programs, updates and initatives from Symantec. EVENTS, COURSES AND OFFERINGS 18-19
�#2 2006
SYMANTEC F.Y.I.
SYMANTEC INSIGHT
3
IT RISK:
TAMING THE INVISIBLE ENEMY
Information Technology is the backbone of most companies today – it provides the means for staff to automate repetitive functions, managers to maintain control of business activities, executives to monitor and report results, and for the entire organisation to interact efficiently with suppliers, partners and customers.
>> TRY TO IMAGINE a world without IT….it is very difficult! Without IT, business as we know it would cease to function and at a personal level, our world would be a very different place. This reliance on IT, coupled with the ever-increasing complexity of computerised systems and their interconnections, has introduced a new challenge for companies: IT risk. Simply put, IT risk arises due to a company’s reliance on IT and this increasing reliance results in a greater likelihood and scale of damage that could be caused by an IT failure. MANY PEOPLE AUTOMATICALLY think ’security‘ when they
that you won’t be waiting long after you have for the results to be shown on the screen (Performance). So although Security and Compliance are perhaps the more obvious forms of IT risk, as recent surveys have noted, a company’s brand is now directly influenced by its customers’ experience of the quality of its on-line service. This means that the company’s reputation is literally ‘on the line’!
AT SYMANTEC WE believe the four categories of IT risk
Torgny Gunnarsson,
Regional Vice President, Northern Europe, EMEA Symantec Corporation
hear the term IT risk—fi rewalls, anti-spam and antivirus, for example—and although this is a key and well publicised area of risk, IT risk extends far beyond just security. Think for a moment about your expectations when using an on-line service: of course, you expect that the service is safe from hackers and that you will not be subject to virus, spam or denial-of-service attacks (Security). You also implicitly trust that your personal and fi nancial details will remain confidential and that the service will meet the appropriate regulations/legislation (Compliance). Equally, you have come to expect that the service will be there when and where you need it (Availability), and
outlined above—Security, Availability, Performance and Compliance—are the cornerstones for a holistic strategy for assessing and managing IT risk. They are also intrinsic to prioritising and executing programs to align IT risk levels with those that are acceptable to the company. We offer a Foundation Risk Assessment service that has been specifically designed to help companies fast-track their adoption of a comprehensive IT Risk Management strategy which will be covered in a future issue of this magazine. Our mission is to assist our customers in creating an IT environment that offers a quality of service that meets their requirements in these four IT risk categories. By doing so, we believe that they can become more confident that their IT systems are helping to build and maintain their companies’ reputations.
SYMANTEC'S BUILDING BLOCKS:
DATA CENTRE MANAGEMENT
The complexity of the data centre is the result of creating infrastructures to support new business needs. We help you improve service levels, reduce costs and complexity to optimise data centre assets and operations.
IT COMPLIANCE
INFORMATION MANAGEMENT
Take control over your vital information. We help you reduce risk, minimise downtime, sustain regulatory and IT policy compliance while optimising the management of information.
THREAT MANAGEMENT
The information we count on is increasingly at risk. We help you proactively detect or block known and unknown, internal and external security threats at all layers of the IT environment.
GLOBAL SERVICES
Symantec Global Services combines extensive IT risk management knowledge, technical and business expertise, and global insight to balance cost, risk, and service quality to protect infrastructure, information and interactions.
Today's enterprises face considerable pressure from constantly evolving laws and regulations. We help you simplify and sustain compliance with a consolidated view of IT compliance, proactive and reliable IT controls, and actionable intelligence .
�4
MARKET INSIGHT
SYMANTEC F.Y.I.
#2 2006
IT security industry rides the third wave
>> REDUCING SECURITY BREACHES is a key business priority for CIOs, and the security industry is addressing this priority as it moves to the next phase of its evolution, according to Gartner. This next phase for the security market will integrate security into each new wave of technology when it enters the market, not after a security attack, delegates were told at the recent Gartner Symposium/ITxpo. Since the personal computer appeared in businesses in the early 1980s, the information security industry has evolved through two phases, and now it is moving into the third phase. The first phase was typified by dumb terminals, batch processing and centralised planning of applications and IT. The second phase of security fell behind user driven IT trends and resulted in cyber criminals exploiting technology vulnerabilities to impact the business. Security leaders then had to react to each new threat with point products. As the security industry moves to this third phase in its evolution, security leaders will be building security into each new wave of technology when it enters the business, as well as into each new business process. “Going back to the first phase of security is not an option,” said John Pescatore, VP and distinguished analyst at Gartner. “Increased consumerisation of IT, increased mobility and trends like Web 2.0 mean users will gain more control, not less, at the most successful businesses. This next phase is about building security in as the users’ needs move forward, not chasing them.”
APPLICATION PERFORMANCE SLOWDOWNS EQUAL LOST BUSINESS
>> BUSINESS APPLICATION slowdowns affect business productivity, customer loyalty, and employee morale, according to a recent Symantec survey. Common impacts of slowdowns include sluggish response to user commands, long delays in business transactions or processes, and slow loading web pages. “Application performance delays are not only costly to the top line but they also erode invaluable business assets such as customer satisfaction and brand loyalty,” said Henri Isenberg, VP, server foundation and APM product group, Symantec. “Customers have high expectations for their business applications and expect them to perform quickly and consistently. These fi ndings emphasise the need for proactive end-to-end performance management solutions such as Symantec i3 that pinpoint bottlenecks, improve application performance, and increase business efficiency.”
The survey revealed that 24 percent of IT staff time is devoted to addressing business application performance delays. In complex business application environments, delays can be caused by changes or updates required to keep pace with end user demand. Additionally, the IT professionals polled recognise that the performance and availability of these applications directly affect the customer experience. Of the IT managers polled, 76 percent acknowledged that persistent delays would affect customer loyalty to their organisations.
NEW DATA PROTECTION LEGISLATION AND REGULATIONS
fi nes up to a $10 million. At the EU level, Basel II introduces the notion of operational risk into the evaluation of the minimum capital requirements fi nancial institutions. If access to systems is not managed rationally, it can directly translate into fi nancial loss. Similarly, the EU Markets in Financial Instruments Directive (MiFID) demands that adequate systems are in place to safeguard the security, integrity and confidentiality of information.
AT A NATIONAL level, there are
54
d Denial-ofpercent of reporte d tacks were targete Service at ited States . at servers in the Un also had the The United States and-control e of bot commandhighest percentag de total. rcent of the worldwi servers, with 42 pe t Report. urity Threa
Source: Symantec Internet Sec
>> THE INTERNATIONAL COMMERCIAL
Disk-based data protection demand rocketing, reports IDC
>> DISK-BASED DATA PROTECTION is a very large market,
law fi rm Bird & Bird has recently published a report which gives guidance on the legal and regulatory requirements associated with electronic document retention and data security from a global, EU and national perspective. The report, sponsored by Symantec, says that global legislative and regulatory bodies have taken steps to regulate, and thus restore confidence in, companies. The Sarbanes-Oxley Act has implications for businesses on a global level. Under SOX it is now a criminal offence to destroy corporate documents “in contemplation of” a federal investigation” or “administration of any matter”, with punishment of up to 20 years imprisonment and
statutory requirements affecting the retention of documents. For example, companies are required to keep VAT records for up to 6 years. Plus, a voluntary code under anti-terrorism legislation requires that companies providing communications services keep communications data for defi ned periods. Data protection legislation requires companies who process personal data to comply with standards of good information handling practice. And there are sanctions involved in destroying certain documents before the retention period expires.
reaching $8 billion in user IT spending in 2006 and poised to generate more than $50 billion in software and hardware purchases through 2010, a new IDC study reveals. Fueled by increasing regulatory compliance, business continuity, and fast recovery, the market will grow up to three times faster than the overall storage market. “We have seldom seen so much unmet pent-up demand for a market that is already so large,” said Robert Gray, research vice president, Worldwide Storage Systems, IDC. “Latent demand is also high in the SMB market. However, traditional storage solutions are totally inadequate to meet demand, creating significant opportunities for innovative suppliers.”
�#2 2006
SYMANTEC F.Y.I.
MARKET INSIGHT
5
Cyber attacks increasingly hit home users for financial gain
>> THE NEW SYMANTEC Internet
Security Threat Report shows that because home users are less likely to have established security measures in place, they are being increasingly targeted by attackers for identity theft, fraud, or other financially motivated crime. Attackers are now using a variety of techniques to escape detection and prolong their presence on systems in order to gain more time to steal information, hijack the computer, provide remote access, or otherwise compromise confidential information. Home users are the most targeted attack sector, accounting for 86 percent of all targeted attacks, followed by financial services businesses. Symantec has identified increased attacks aimed at client-side applications and increased use of evasive tactics to avoid detection. Widespread Internet worms have given way to smaller, targeted attacks focusing on fraud, data theft, and criminal activity. During this period, 18 percent of all distinct malicious code samples detected by Symantec had not been seen before, indicating that attackers are more actively attempting to evade
detection by signature-based antivirus and intrusion detection/prevention systems. Phishers are also attempting to bypass filtering technologies by creating multiple randomised messages and distributing these in an uncontrolled fashion. During the first six months of 2006, 157,477 unique phishing messages were detected—an increase of 81 percent. Financial gain remains the key motivation. For example, bot networks can be used not only to spread malicious code, but to send spam or phishing messages, or download adware and spyware. Symantec identified more than 4.6 million active bot network computers and observed an average of 57,717 active bot network computers per day during this period. Bot networks are also commonly used in denial-of-service (DoS) attacks, which can result in disrupted communication, loss of revenue, brand damage, and exposure to criminal extortion schemes. During the first half of 2006, Symantec observed an average of 6,110 DoS attacks per day. The full report is available for download at: www.symantec.com/threatreport
Phishing on the rise. Phishers are attempting to bypass filtering technologies by creating multiple randomised messages.
Most targeted web browsers. Microsoft Internet Explorer was the most frequently targeted web browser during the first half of 2006. Attacks targeting it accounted for 47percent of all attacks aimed at web browsers.
IDC CALLS FOR POLICY-DRIVEN APPROACH TO IT SERVICE MANAGEMENT
>> A NEW IDC WHITE PAPER, commissioned
JUNIPER NETWORKS AND SYMANTEC IN STRATEGIC PARTNERSHIP
>> JUNIPER NETWORKS AND Symantec have formed a strategic partnership focused on delivering best-in-class, integrated security solutions to enterprise customers. The agreement includes a commitment to develop unparalleled Unified Threat Management solutions and Intrusion Protection Systems; dedicated plans to co-operatively build standardsbased, integrated access control and endpoint compliance solutions; collaboration between Juniper’s J-Security Team and Symantec’s Global Intelligence Network to deliver security and threat research. The two companies will dedicate engineering resources to enhance Juniper’s UTM and Intrusion Detection and Prevention (IDP) products. Juniper’s Integrated Security Platforms will include Symantec’s security content, including its anti-spam, IDP/IPS signatures, and vulnerability information and research.
by Symantec, highlights the complexity issues that persist in data centres and makes recommendations for using IT service management (ITSM) to address these issues. The study identifies the issues faced by large IT organisations today and provides insight into how ITSM can provide the foundation for ensuring efficient data centre operations and allowing them to progress towards policydriven IT alignment with business objectives. Budgetary and time constraints have historically led to IT taking a reactive approach to problem resolution and thus to piecemeal investment in tools to fi x recognised pain points. Such a piecemeal approach becomes less viable when dealing with an IT environment that has become widely heterogeneous, since it leads to skills fragmentation and proliferation of management tools with overlapping functionality. IT environments are becoming ever-more heterogeneous. As the cumulative costs and inefficiencies of piecemeal painpoint resolution becomes unsustainable a new approach is needed. • Organisations seek to employ best-practice ITSM methodologies, such as ITIL and COBIT,
which take a holistic approach to the IT environment. • Organisations seek to contain costs by reducing the number of management products, looking instead to tools that provide control irrespective of the heterogeneity of the infrastructure. • Preparing to adopt a policy-driven approach to ITSM will enable more dynamic management, create a platform for greater understanding of IT issues by business executives, and provide an approach that is consistent with the policydriven applications that will be the ultimate target of a service-oriented architectures.
�6
STANDARDISING THE DATA CENTRE: HBOS
SYMANTEC F.Y.I.
#2 2006
HBOS
BANKING ON YOUR DATA
Talking to Mike Taylor, a service manager in the Storage Team at HBOS, there is no hint of a man under pressure. He has responsibility for protecting data in one of the UK’s largest financial service organisations—spanning 1.2 Petabytes of data, 22 million customers, and more than £440 billion in assets—but appears remarkably calm about his role.
TEXT: SPENCER COX-FREEMAN
IN ONE NETBACKUP ENVIRONMENT WHERE WE HAVE 40 DRIVES, WE ARE EXPERIENCING ALMOST 100 PERCENT DRIVE UTILISATION
”
>> ONE OF THE MAIN reasons for this
confident, relaxed approach is the company’s decision five years ago to deploy Veritas NetBackup from Symantec. Using this enterprise backup and recovery solution, HBOS is benefiting from robust protection for its UNIX and Windows servers. So how did Taylor and his team reach this level of satisfaction? What was underlying the decision to standardise on Veritas NetBackup? Five years ago, the company, which at the time was operating as two separate entities, Halifax plc and Bank of Scotland, was faced with a big challenge. The company was relying on a mission critical workflow application to manage the millions of items of correspondence, images, and other documentation associated with individual mortgage applications, bank accounts, and other financial
transactions. Simply put, the deployed backup solution could not cope with the volume of data being created. “We needed a high performance, scalable backup and restore solution which would take millions of files on and off tape,” explains Mike Taylor. “It was a struggle to backup these volumes to tape using the existing solution and there was the ever present danger that it would impact on the Service Level Agreements (SLAs) agreed with the business to deliver the backup.”
SCROLL FORWARD FIVE years, and
room, the data is backed up using Veritas NetBackup. In this respect, HBOS has standardised on Veritas NetBackup throughout the organisation. Centralisation is the watchword moving forward. Data is currently growing faster than 100 percent per year in some areas as a result of client growth, electronic banking channels, Customer Relationship Management (CRM) strategies, automated workflow, and other business processes. In light of this, critical applications are being centralised in the data centres: the outcome being that the two data centres are now being extended to accommodate growth. One further example of centralisation is the recent decision to standardise on one type of tape drive, the StorageTek 9940 drives. This decision alone will streamline administration, reduce license and maintenance costs, and increase backup and restore performance.
IT COMES AS no surprise to find that all of this rich functionality results in a rich portfolio of benefits too. The most important fundamental benefit of standardising on Veritas NetBackup is comprehensive data protection. Whenever a customer raises, modifies or has a query regarding a retail financial transaction, a mortgage instruction, an insurance policy, or any other HBOS product and service, the company can be confident that the data associated with it is securely stored for as long as is deemed necessary. It doesn’t matter whether that data resides in a UNIX or Windows environment; the platformindependent design of Veritas NetBackup protects it. STANDARDISATION ON VERITAS
it is apparent that HBOS took the right decision in choosing Veritas NetBackup. Today, wherever there is a heavy concentration of data, servers and applications, such as in a data centre or large communications
HBOS _ SOLUTION AT A GLANCE
FOLLOWING THE MERGER of Halifax and Bank of Scotland in 2001, HBOS, the merged entity of Halifax and Bank of Scotland, has 22 million customers, profit before tax of £4.6 billion for 2004, and assets of more than £440 billion. It is the largest mortgage and savings provider in the U.K. and is a major player in the provision of new current accounts and credit cards.
• Solution Backup and recovery data protection solution with Veritas NetBackup Enterprise Server with Shared Storage Option and Advanced Client Option for Block-Level Incremental Backup (BLIB) • Business Benefits The solution promotes business continuity through dual-site data centre strategy and delivers optimised tape drive utilisation, resulting in rapid return on investment. It enabled quick and instant recovery while improving backup performance and delivered complete, automated offsite tape management. With Vertitas Netbackup, HBOS increased tape drive utilisation and lowered the number of total drives required.
• Business Drivers HBOS needed to replace a legacy backup solution unable to scale to meet growing data volumes. The solution had to cope with 100% annual growth in data and help the bank comply with growing financial services legislation regarding data retention.
NetBackup has also brought benefits to the company’s business continuity strategy as well, as Taylor explains. “We have some large projects ongoing currently to refresh our business continuity plans and ensure we have a highly resilient, flexible, and cost-effective business continuity
�#2 2006
SYMANTEC F.Y.I.
STANDARDISING THE DATA CENTRE: HBOS
7
plan in place. This of course leads to a large number of documented processes and procedures. Thankfully, because we have just one standard, out-of-the-box backup and restore system in our data centres, this procedure is much quicker and easier.”
SCALABILITY IS YESTERDAY’S concern
example, were recently only being utilised for two hours per day.
USING THE VERITAS NetBackup
too. Using Veritas NetBackup, HBOS is confident that it can manage the 100 percent annual data growth taking place in its data centres. The three-tier architecture of Veritas NetBackup, combined with sophisticated media management and high performance, help address the needs of the company’s large data centre environments. The two Veritas NetBackup master servers— running on Sun Solaris—provide the intelligence for the data protection activities, from scheduling and tracking client backups, to managing tape media and file catalogs.
ALTHOUGH HBOS CAN’T control data growth, it can control the growth of the backup environment. With the data centres now being extended, HBOS is also taking the opportunity to optimise the efficiency of its backup drives. Some tape drives, for
Shared Storage Option (SSO), HBOS is dynamically sharing individual tape drives by virtualising tape resources. SSO enables the company to leverage its environment’s hardware resources and increase utilisation and reduce overall IT costs. The SSO reduces overall costs by providing better hardware utilisation and enhanced resource management during backup and recovery operations. The result for HBOS is that anything less than five megabytes per second is staged to disk. “In one NetBackup environment where we have 40 drives, we are experiencing almost 100 percent drive utilisation, thanks to the Shared Storage Option. This delivers an increase on our return on our investment,” says Taylor.
THIS LARGE-SCALE, SHOWCASE data protection environment is also underpinned by Symantec Business Critical Services for availability products. HBOS is benefiting from intelligent, high quality case management, dedicated Support
DATA IS CURRENTLY GROWING FASTER THAN 100 PERCENT PER YEAR IN SOME AREAS AS A RESULT OF ELECTRONIC BANKING AND AUTOMATED WORKFLOW
”
HBOS has standardised on Veritas Netbackup from Symantec in its enterprise environment, protecting massive amounts of businesscritical data. The result? A scalable, flexible, and highperformance backup-and restore solution geared to managing data–on whatever platform it resides.
Account Management, monthly service reviews, and other expert knowledge. Taylor cites an example of how the Business Critical Services team go ‘the extra mile’ for their clients. “We recently conducted two NetBackup upgrades as part of a service improvement program. To assist us—and provide a degree of comfort and security—we sent the upgrade plans to the Symantec team to review and add comment—which they did magnificently. When it came to upgrading, we enlisted the assistance of our Business Critical Engineers. Their support, knowledge, and expertise were invaluable and as a result, we upgraded the master server and 50 other servers in only one week-end.” Taylor concludes, “There’s no question that Symantec is a key strategic vendor for HBOS. During the course of the last five years, the scalability, interoperability, and support of the solutions has been proven time and time again. We choose best-of-breed vendors to support our infrastructure, and I would say that Symantec is one of the best of that breed.” Small wonder therefore that Taylor looks so comfortable and relaxed.
�8
EXPERT INSIGHT
SYMANTEC F.Y.I.
#2 2006
SYMANTEC DATA CENTRE FOUNDATION:
GETTING THE BEST OF TWO WORLDS
Unifying the data centre with a single platform and getting best-of-breed systems is not a contradictory task. At least not according to Kris Hagerman, Group President in charge of Symantec’s Data Centre Team. In his opinion, that’s exactly what you get when you deploy Symantec’s Data Centre Foundation.
TEXT AND PHOTOGRAPHY: ASSI ABDEL-BAKI
>> THE DATA CENTRE has become a
high pressure environment. Data volumes are tripling every year, the volume of applications is increasing and the window of downtime is shrinking. But while demand is growing, resources are flat. “Data centres are required to do more with basically the same or fewer resources. To make matters worse, they also have to deliver against those demands in a world that is virtually unmanageable in its complexity,” says Kris Hagerman, Group President, Data Centre Management. What makes the situation in data centres harder to manage is the multitude of different providers; each one offering tools that only work with their own hardware and platform. “The thing we hear most often from our customers around the world is that complexity in data centres is running out of control. Taking control of a data centre requires strategy and the ability to take a step back and view the bigger picture. You need to address the short term pain; how to keep applications running and information protected, whilst at the same time preparing for the future so that you don’t fi nd yourself fighting fi res forever.”
IN MAY 2006, Symantec launched
ensures that data is always protected, recoverable and available. Storage management: Veritas Storage Foundation makes sure that the right data goes to the right place at the right time. If something happens, you can quickly recover and be up and running again. Server management: Veritas Server Foundation lets you understand what is running on your servers and how you can make changes to ensure that critical servers running important applications never go down.
Application performance management:
Veritas i3 enables you to make sure that the entire IT infrastructure is delivering a performance experience that allows end users to do their jobs.
“SYMANTEC DELIVERS ALL this functionality on virtually any platform. This is unique in an industry where our competitors have their own tools for their individual operating environments.” Key vendors such as Sun, IBM and Microsoft give Symantec access to the all-important code in the operating system kernel to build their products on. “We are not direct hardware competitors. In fact, by providing these enterprise class tools, we help them sell more hardware.” Being cross-platform is not the only advantage Data Centre Foundation has. “One of the compelling things about Symantec Data Centre Foundation is that we have the ability to give customers the best of two worlds. They can create a more unified operating environment and,
YOU HAVE TO PREPARE FOR THE FUTURE SO THAT YOU DON’T FIND YOURSELF FIGHTING FIRES FOREVER
”
at the same time, standardise on the market leader in every category,” says Hagerman. Symantec is the number one player in enterprise back-up, fi le system and volume management and open systems clustering, as well as one of three leading players in the field of application management.
WHEN CUSTOMERS ARE forced to
its Data Centre Foundation portfolio containing four suites of management products designed to manage servers, storage, applications and data in a consistent way on virtually any platform. Data Centre Foundation features tools for: Data protection: Veritas NetBackup
use many different tools, they end up spending more money than necessary. Deploying unified and standardised management tools has many direct and indirect cost benefits. Indirect savings can be made by training your people once on one tool, thereby getting the flexibility to freely choose hardware, storage, server and database providers. By adopting a unified operating environment, you can also increase utilisation rates for your servers and storage. “We’ve worked enough with customers over the past twelve months to know that there are also substantial direct cost savings to be made. By standardising, customers can save on server and storage software, buying from one vendor instead of buying several different types of tool multiple times from different vendors, dramatically reducing license fees. Customers can also use their assets more efficiently and move data from high-end tier one storage to tier two storage. That saves even more money,” says Hagerman.
IT IS IMPOSSIBLE to go through all important aspects of Data Centre Foundation in the space of a short
�#2 2006
SYMANTEC F.Y.I.
EXPERT INSIGHT
9
4
1 2
interview, but there are some features that Kris Hagerman is eager to highlight. Symantec recently introduced NetBackup PureDisk, the only enterprise solution dedicated to protecting information in remote offices. “The way that remote offices protect their information is a mess,” says Hagerman. “It’s a major problem because remote offices usually store more information than the corporate data centre does. The trouble is that each office backs up its data in a different way and no one person has the full-time responsibility for managing the back-up process,” he explains. NetBackup PureDisk enables data held in remote offices to be protected without the need for on-site management. “It makes sense for customers to take the same team that backs up data in corporate data centres and allow them to deal with data protection in remote offices.”
ANOTHER INTERESTING NEW feature
...according to Kris Hagerman:
CROSS PLATTFORM CAPABILITIES
KILLER FEATURES
The fact that we run on every operating system sets us apart in our industry.
BEING ACTIONABLE
storage, and cluster your servers.
You not only see the status, you can also go in and make changes, provision new servers and
3
STORAGE FOUNDATION BASIC
to enable customers to enjoy the same kind of benefits they get on their high-end servers.” Storage Foundation Basic is designed for edge and infrastructure tier servers and is limited to four fi le systems, four volumes and two physical CPU sockets. Although no license fee is involved, customers have to pay an annual subscription to receive technical support.
INSTALLING THE BASIC version on every server in the data centre has many benefits, particularly when combined with the rest of the Storage Foundation suite “With the advent of Storage Foundation Management Server, customers are able to view the entire server and storage environment for the fi rst time,” says Hagerman. “This new tool, which is part of the full version of Storage Foundation, allows you to get information about all servers and the storage behind them in a single window, across all instances.” “What’s really nice is that not only is it compatible with Storage Foundation 4.x and 5.0, but also with Storage Foundation Basic. So there’s a real benefit in installing some version of Storage Foundation on every server as you get instant visibility and control across the entire data centre. That’s a unique feature which works across all operating systems.” CONFIGURATION MANAGER CAME as part of the acquisition of Relicore completed earlier this year. Configuration Manager enables
you to get an understanding of exactly what’s running on all data centre servers, and is the key to effective server management. Using agents, the software identifies what hardware and operating system the server is running, which application versions are installed and what patches have been downloaded. It also shows dependencies between servers. “Without this kind of map, customers have little or no idea of the real implications of a particular server crashing. It also notifies you of any change and provides exact information about what got changed, who changed it and how it was done. “You can look at exactly what that change is relative to the gold standard for that server and application. If you don’t agree with the change, you can take a golden image of the application and blow it on to a server quickly and easily using Provisioning Manager.”
SYMANTEC DATA CENTRE Foundation
With the free version, you can install Storage Foundation on all servers, enabling you to view all servers in the environment and control the entire data centre. Unless you can cover every platform, you just can’t do that. It’s not even an option
Symantec is a market leader in virtually every major product category that we address. For more information, please visit:
www.symantec.com/ datacentre
4
MARKETLEADING SOFTWARE
is Storage Foundation Basic, a version of the suite that is free to download and use. Typically, customers install Storage Foundation on the very largest servers running the most important applications. However, it’s hard to justify the expense of installing the full version of the software on the hundreds of other servers running web servers or fi le and print servers that don’t have a lot of storage behind them. “We introduced Storage Foundation Basic specifically for smaller servers
is a modular integration platform and each of its components can be used separately. “The idea is not to force one monolithic solution on customers. The system is modular and so affords plenty of flexibility. However if you have more than one component they are going to work better together than they would if you were to install different components from other vendors,” says Hagerman.
�10 EXPERT INSIGHT
SYMANTEC F.Y.I.
#2 2006
EVOLVING STANDARDS IN THE DATA CENTRE
Mixed environments, combined with a lack of standards, have long been the scourge of corporate data centres. However, things have progressed substantially thanks largely to the standardisation work undertaken by organisations such as SNIA and TSANet in the fields of storage management and technical service. FYI spoke to representatives from both organisations to get an idea of the current state of play.
TEXT: DIETMAR HEINRICH | PHOTOGRAPHY: EIMANTAS BUZAS
>> THE NON-STANDARDISED environments
TECHNICAL_ SUPPORT ALLIANCE NETWORK TSANET
• TSANet is a non-profit organisation providing service and support agreements that govern collaborative relationships between multiple service and support organisations. The organisation provides a legal and operative framework that enables members to collaborate on common problems that affect different customers. TSANet currently has 114 member companies, several of which are also members of SNIA. For more information, visit www.tsanet.org.
that persist in corporate data centres are a continual source of problems. Units that don’t work together, mountains of data that grow unchecked and a wilderness of individual support agreements all combine to have a choking effect on many managers in their attempts to get their businesses running smoothly. However, there is light at the end of the tunnel. Two of the key players in this emergent bright future are SNIA (Storage Networking Industry Association) and TSANet (Technical Support Alliance Network). An important part of SNIA’s work involves producing specifications and standards in the field of storage management. The work is carried out in committees, which are made up of SNIA members in various different constellations, and proposals
�#2 2006
SYMANTEC F.Y.I.
EXPERT INSIGHT 11
are inspected by all members of the organisation before being given final approval. “Running a data centre is now a very costly activity. That’s why all cost reducing measures are given the very highest priority. One way of getting costs down is by making sure that tools produced by different manufacturers can work well together. To this end, SNIA has produced SMIS (Storage Management Interface Specification), an ISO/ANSI standard for storage management. Products that are compliant with the standard are interoperable, and that is exactly what users want,” says Juergen Arnold, Chairman of SNIA Europe.
IT IS IMPORTANT that users have the
flexibility to freely choose hardware and software from different vendors, safe in the knowledge that they are compatible. Many customers are already requesting SMIS compatibility. “Data centres are still full of individual, non-standardised products, making storage management work much more difficult. Because of this, standards are absolutely essential, not least because they enable changes to be made to products without the need for making expensive adaptations in special compatibility labs. That’s one of the advantages of having a storage management standard,” says Frank Bunn, Technical Chair of SNIA’s German Committee and Senior Solutions Marketing Manager at Symantec.
RECENTLY, SNIA HAS also spent time looking at a series of security problems that have risen in connection with storage management. “Security is a very important issue, particularly now that storage is much more Internetbased, and there is a convergence between storage and security. Because of this, SNIA has set up a number of working parties to examine this issue,” adds Bunn. SNIA is also working on standards and solutions for tools that manage the overall infrastructure in data centres. Currently, users are forced to lock themselves into a particular vendor’s total solution. “It must be possible to connect storage management tools seamlessly to the data management tools used every day in the data centre. The current generation of tools is vendor specific, but by basing them on standards, they become open,” says Arnold.
There is also a significant need for standards in the service and support sector. TSANet works on producing standard agreements for its members. At present, data centres are covered by a number of service and support agreements with various different companies. “Having large numbers of separate service and support agreements is an enormous financial burden for many companies, and makes it difficult for anyone to see any logic in the situation. TSANet offers standard agreements and an infrastructure that embraces several service and support organisations, who can collaborate in respect of a problem concerning products from different vendors. In this way, total costs can be reduced,” says Leigh Darby, Chairman of TSANet Europe. The objective is to move away from service and support organisations that merely react to problems, towards organisations that can take pre-emptive action to prevent problems from arising in the first place. “Customers will demand products that recognize when a problem is about to occur, enabling the support organisation to take appropriate action ahead of time,” adds Darby.
SERVICE AND SUPPORT companies are also affected by the non-standardised nature of data centres. “At present, service and support problems involving multi-vendor products constitute approximately up to 20 percent of total service company volumes. However, this type of problem is usually more complicated than those affecting individual products. Consequently, such problems take longer to resolve. On many occasions, you find yourself having to re-create the customer’s IT environment in the lab, and it’s not unusual for it to take several days before you find a solution,” says Darby. This creates an inverted cost situation in relation to volumes. “In many cases, ten percent of the volume may constitute as much as 90 percent of the costs,” says Darby. ANOTHER PROBLEM FACING data centres is the huge mountain of data that is growing exponentially. That’s why there’s currently a lot of talk about ILM (Information Lifecycle Management). Organisations generate enormous amounts of data every day, creating the problem of long term storage. Some data must be accessible every day and, as such, is subject to continual change. However, the
STORAGE NETWORKING INDUSTRY ASSOCIATION _ SNIA
• Founded in 1997, SNIA is a non-profit organisation that aims to create solutions and standards within storage management. The association also works with information and marketing and stages a number of conferences and training courses. At present, SNIA has a membership of 460 companies and organisations, 80 of which belong to the association’s European affiliate - SNIA Europe. SNIA encourages all manufacturers, resellers, companies and users to get involved in its work. More information about how you can get involved can be found on the association’s website. The website also provides a list of products that are compliant with open standards and are SNIA certified. For more information, visit www.snia-europe.org.
” ” ”
“SNIA’s standardisation work is carried out in a number of different committees, to which end users are also invited to provide their opinions. However, it’s important to point out that all our activities and information is vendor-neutral,” says Juergen Arnold, Chairman of SNIA Europe. “TSANet offers standard agreements and an infrastructure that embraces several service and support organisations, who can collaborate in respect of a problem that affects products from different vendors. In this way, total costs can be reduced,” says Leigh Darby, Chairman of TSANet Europe.
majority of data produced does not require changing but will need to be accessed at some point in the future. “Although there are currently no metadata standards, SNIA is working on producing such a standard. It goes by the name XAM, eXtensible Access Method, and will enable the classification of individual data files. Metadata, containing information such as file priority and future deletion date, is spliced on to the files. In simple terms, the new standard will make it possible to automate data centre data flows. SNIA is currently carrying out a special project ‘The hundred years archive’ that looks at which data formats we can see being managed in 100 years time,” says Arnold. “Standardising metadata is very important in order to ensure that, in the future, it will be possible to interpret the data we store today, irrespective of what applications are used. Regardless of the situation, it is important that we use software that is compliant with open standards,” concludes Bunn.
“Veritas was one of the founding members of SNIA, and it is still important for Symantec to be involved, defining standards that enable our software to be hardware independent. By using open standards, our software is compatible with all storage units,” says Frank Bunn, Senior Solutions Marketing Manager at Symantec.
�12 CIO CORNER
SYMANTEC F.Y.I.
#2 2006
THE KEY TO ACHIEVING A TRUSTED ENVIRONMENT
FYI talks to Symantec CEO John Thompson on the security challenges facing companies today and Symantec’s role in helping to set up a trusted environment.
TEXT AND PHOTOGRAPHY: ASSI ABDEL-BAKI
is compliant with best practices and new regulatory mandates. More advanced customers are starting to realise that a trusted environment must be based on well articulated policies and practices.”
How do you accomplish that?
THE MORE HIGHLY REGULATED INDUSTRIES ARE, THE MORE QUICKLY THEY SHIFT TO A POLICYBASED APPROACH.
”
>> There’s a lot of talk about the trusted environment, what does that entail?
“Customers should ask themselves the following questions; what are the policies and practices by which we should manage the IT infrastructure? What are the policies and practices by which we should share, disseminate and discard information within the company? And most importantly, what evidence is there that those policies and practices are being adhered to?”
I’m reminded of ERP implementations a few years ago. Those called for a holistic approach to interactions from a financial and resource planning point of view. The effort required was enormous and many failed. Isn’t there a danger of that happening here?
a go and we would have a more secure and more manageable IT infrastructure than we have today. The fact that it’s not easy doesn’t mean we should avoid it. The benefits are everywhere. Standardisation helps reduce complexity. Reducing complexity brings down costs. This allows you to plough money back in to ensure compliance. There is a wonderful cycle you go through here. While the pioneers tend to help to pave the way, as we iterate through that process it gets better and yields more benefits. I believe that what happened with ERP will also happen here.”
What are the major mistakes made by companies regarding security?
“It looks at the three elements of an IT environment that are important to our customers around the world - the infrastructure through which they deliver applications, the information that fuels those applications and the interactions that take place between workgroups, individuals, partners or employees. Our role is to provide protection at each of these points of interaction. The extent to which we do that well, creates a trusted environment.”
What are the main challenges facing companies today?
“One mistake is that they don’t approach the issue from the point of view of a policy-based initiative starting at the highest levels of their organisation. Clearly understanding what their information infrastructure management policy should be. Some relate to IT working better with business units, whilst others relate to IT working better within IT.”
How does the American market differ from the European market in terms of maturity and attitude towards security issues?
“In the last five years, customers have increasingly used firewalls and intrusion sensors to close electronic doors and to monitor network traffic. However, management of those sensors has become an absolute nightmare. As a result, companies are now taking a step back to see if there is a better way. Clearly, that better way is to take their environment from one of helter-skelter internal policies and practices to one where infrastructure
“The early ERP implementations were challenging because we were taking many disparate functions that had worked well as isolated activities and wanted them to work together in a new way. But now, some ten years later, many of the ERP projects that got off to a rocky start have evolved to the point where they are much more robust and richer. As users of those systems, we have taken more incremental steps to implementation as opposed to the earlier ‘Big Bang’ approach. A similar process of evolution will occur in thoughtful infrastructure management.”
But it’s still a big step to take.
“It’s not a small task by any stretch of the imagination. If it was easy, it would have been done a long time
“For the core sets of security products like antivirus, firewall and intrusion detection, the two markets are on par. Where the US may be a little bit ahead is in thinking through security vulnerability management and policy compliance. But that’s driven by the regulatory environment in the US. However, as the regulatory environment changes in Europe and companies start to think more about policy compliance and management as opposed to throwing firewalls at problems, you’ll see their attention shift as well. The more highly regulated industries are, the more quickly they shift to a policy-based approach. They have no choice. They are compelled to implement policies and
�#2 2006
SYMANTEC F.Y.I.
CIO CORNER 13
use tools to inspect those policies to determine whether or not they are compliant.”
How does today’s Symantec compare to the company you took over eight years ago?
companies will operate in the future.”
How do you tie everything together?
“At the core we are still the same company. We believe innovation is at the heart of our business, that we actively have to pursue the craft of fighting viruses and keeping systems up and running. We still have to make sure that our customers and partners are at the forefront of our thinking and, most importantly, we have to be trustworthy. In those respects, Symantec has not changed.”
What has changed?
“By adopting a set of common standards that ensure technologies work well together. You have to employ a strategy that uses common components. For example, the core scanning engine we use in our consumer products is identical to the one we use for our corporate operations, but with a different interface. We are always looking for ways to derive synergies from the engineering organisation, but we don’t want to build products that are too weak for the corporate market or too complex for the consumers.”
In the news it’s all been about Symantec’s acquisitions. When are we going to hear more about the innovation end of Symantec?
“Clearly, the scope and scale of our company has changed. Eight years ago, Symantec had a staff of 2,300 and a turnover of just over USD 600 million. Today, we have a staff of 17,000 and our turnover has grown to just over USD 5 billion. We have gone from being predominantly consumer-based to having a business that is predominantly based on large corporate and government users. This is a fundamental shift that I believe will serve our company well.”
How does all this compare to the vision you had for Symantec?
“The vision was less about size and scope; it was more about Symantec’s relevance in a particular area of technology. What I originally set out to do was rotate the company’s business to where it was more about security and keeping bad traffic out of the networks and devices. We achieved that goal only to realise that keeping information flowing and systems available are equally important. Consequently our vision now reflects this shift.
Aren’t you afraid that, by taking on this large scope of products and customers, you’re spreading too thin?
“Interestingly enough, people don’t realise that we’ve spent almost USD 800 million on R&D this year alone. There’s a steady stream of innovation coming out of our labs, primarily targeted at enhancing our existing products. We also spend around 20 percent of our R&D budget on creative new ideas, new products or ventures that may or may not find their way into the marketplace. One that I’m particularly excited about is the Symantec Database Security and Audit Tool. It enables us to ward off internal threats, which account for more than two thirds of all security breaches. So here is a product created in the research lab that is about to hit the market and that is all about dealing with the insider threat. That’s true internally-driven innovation.”
What’s next for Symantec?
“No, it is all about how you organise the company to succeed. When you have teams that are focused on specific buyer segments or specific classes of technology, you can accomplish anything you set out to do. Many great companies like Microsoft or Adobe have arranged their companies that way and are doing a good job of serving a diverse set of customers. I think this will be the way all leading software
“We have to stay focused on following the roadmap we’ve outlined. We have a forwardthinking strategy for our data centre management group that is focused on building a standardisation layer across all heterogeneous platforms that customers deploy. We have a security business that is focused on building a foundation layer of security technologies and really focusing on unstructured data management, electronic message management and policy compliance. So, we have a lot of work ahead of us, but we are well-placed to achieve our outlined goals”
�14 XXXXXXXX: XXXXXXXXX
SYMANTEC F.Y.I.
#1 2006
Where are your emails being archived to?
Do you realise the legal implications around the recoverability of emails?
In the majority of organisations email is a critical business application. Nearly 80% of business communication now takes place through email. This raises concerns over the ability to retain these informal records of agreements and contractual obligations. Recent high profile court cases have raised awareness of the need to demonstrate the presence, or even absence, of mail messages. We can help you: • Evaluate, select and implement an email archiving system for all corporate communication • Reduce migration time on mail system upgrade projects • Reduce cost by consolidating mail systems • Understand how archiving can integrate into a larger content management strategy, with the contribution of a searchable messaging archive CALL US NOW TO FIND OUT HOW WE CAN HELP 08000 85 49 49
CALL: 08000 85 49 49 VISIT: WWW.CCDIRECT.CO.UK
�#2 2006
SYMANTEC F.Y.I.
BUSINESS CONTINUITY 15
KEEP THE WHEELS TURNING
The events of 9/11 and 7/7 focused minds on the fact that business continuity is not only associated with viruses and earthquakes. As one of the leading insurance and reinsurance companies operating in the Lloyd’s market in the City of London, Amlin needs to ensure its business continuity and disaster recovery strategy adheres to the most rigorous guidelines—and that the business wheels keep turning.
TEXT: SPENCER COX-FREEMAN
BUSINESS CONTINUITY AND SITUATION MANAGEMENT
>> WORKING CLOSELY with Symantec Consulting, Amlin has implemented a business continuity program and situation (crisis) capability that meets the British Standards Institute (BSI) PAS56—the framework for best practice business continuity management. This applies not only to technology, but also to facilities, communications, people, infrastructures, and business processes. The terrorist attacks in London on 7th July 2005 validated the effectiveness of their program. Amlin is conscious of the need for a best practice, documented framework for incident anticipation, prevention, and response. After all, customers depend on Amlin’s ability to continue operations: whatever the scenario. For this reason, Amlin has chosen Symantec Consulting to help the company implement the business continuity processes to the standard of BSI PAS56. “FOLLOWING THE EVENTS of the
determine the extent to which Amlin adhered to the BSI PAS56 guidelines. This included an assessment review of Amlin’s business continuity capability. As part of the assessment program, they evaluated the emergency processes in place, the company’s facilities, supply chain management, business activities, work area recovery, the surrounding environment, how the company would deal with a business continuity situation (crisis), human resources policies, and physical security.
AMLIN ARE NOW more than 95
11th September, it was clear that there was an increased threat from disaster,” explains David Harris, Amlin’s group operations director. “Symantec Consulting was the ideal partner to assist Amlin in implementing a best practice PAS56 framework. As a company, no one knows more about business continuity, and no one has more experience in implementing business continuity programs. Their consultants possess unrivalled business continuity skills, experience, and resources to rapidly design and deploy the disasterresilient solution Amlin needs.” One of the first steps taken by Symantec Consulting was to
percent consistent with the best practice guidelines of BSI PAS56. The Symantec consultants educated the team, maximised awareness of business continuity within the organisation, and undertook thorough business continuity and situation (crisis) management planning, quality assurance, exercising, and testing. “Symantec Consulting took ownership of our business continuity and situation management planning, making certain it adhered as closely as possible to BSI PAS56,” says Harris. According to David Harris, the assessment review by Symantec Consulting has changed employees’ perception of business continuity. “It has made people see what’s important in the business,” he says. “In the unlikely event of a situation occurring, it shows them what information they need and what they need to do. Owing to Symantec Consulting’s thorough, professional and in-depth advice, Amlin is better prepared for a disaster.” This business continuity and
situation (crisis) management capability was recently put to the test when the four bombs exploded in London on July 7th, 2005. That day, many citizens lost their lives, London was almost brought to a stand-still; and there was much rumour and uncertainty lingering in the City of London. Immediately following these events, Amlin invoked its business continuity and situation (crisis) management plan.
“OUR FIRST PRIORITY is to our staff, and the plan that Symantec Consulting was so closely involved in worked extremely well. We concentrated on keeping staff indoors; we prioritised staff calls to their partners and families to reassure everyone; and we coordinated plans to make sure staff were able to leave the office safely and travel home,” says Harris. As one of the first organisations to embrace BSI PAS56, Amlin is at the vanguard of business continuity. As a risk management business, the company is practicing the business it endorses.
AS ONE OF THE FIRST COMPANIES TO EMBRACE BSI PAS56, AMLIN IS AT THE VANGUARD OF BUSINESS CONTINUITY
”
�16 TECHNICAL HOTSPOTS
SYMANTEC F.Y.I.
#2 2006
SYMANTEC MAIL SECURITY 8300 SERIES
GHOST SOLUTIONS SUITE 2.0
PLUGGING EMAIL DATA LEAKAGE
EASING WINDOWS VISTA MIGRATION
>> THE LATEST VERSION of
>> SYMANTEC’S NEW MAIL Security 8300 Series is a next-
generation mail security solution that reduces risks to information flowing in and out of the enterprise via e-mail. New integrated content filtering helps organisations protect against data leakage while ensuring compliance with external regulations and internal corporate policies related to e-mail content.
IT FEATURES INTEGRATED anti-spam, antivirus, and extensive content filtering technologies that stop inbound and outbound e-mail threats. The expanded list of content filtering tools include per-domain and policy-based TLS message encryption, incident management, and keyword and regular expression scanning inside all parts of a message including attachments. These tools, along with true file type recognition help administrators comply with internal policies and external regulations. A new Premium Content Control add-on subscription extends the basic content filtering capabilities to mitigate risks associated with data leakage and comply with industry regulations. The subscription offers 50 pre-built confidential data policies, including 15 that address specific industry regulations.
the industry’s most widely used corporate imaging and image deployment solution— Symantec Ghost Solution Suite 2.0—has just been launched. It now includes Microsoft Vista and x64-bit Windows support. Symantec Ghost Solution Suite 2.0 provides rapid and reliable Windows deployment, migration, and software distribution and is recognised as a proven, trusted, and affordable solution for provisioning and management of Windows systems. Its intuitive design together with comprehensive built-in tutorials makes Ghost Solution Suite 2.0 fast and easy to implement, configure, and learn. Additionally, its central management
console simplifies the management of today’s complex desktops, notebooks, and servers, as well as advanced remote and mobile systems. “Symantec Ghost has historically been the tool of choice for Windows migrations, as well as the industry’s preferred corporate imaging and deployment solution,” says Jeremy Burton, group president, Security and Data Management, Symantec. “The latest version has the added functionality and ease-of-use needed to help organisations migrate smoothly and efficiently, while its central management console enables organisations to drastically simplify management of a diverse desktop environment.”
Symantec, Accenture create joint organisation
>> A NEW ORGANISATION has been formed
to implement data security solutions for companies grappling with the increasing complexity of managing risk– Accenture and Symantec Security Transformation Services. It is dedicated to mitigating security risks in three key areas: compliance, security monitoring and management, and application security. The organisation will help clients fulfill internal compliance policies and compliance requirements stemming from regulations such as SOX. Security Monitoring and Management will offer clients a proven and repeatable managed security solution blending Symantec’s technology, experience, and tools, with Accenture’s transformation and program management.
SYMANTEC OUTLINES VISION FOR NEXT-GENERATION SECURITY
bank online with confidence. The solution is based in part on the technology in Symantec’s recently announced Norton Confidential product. VeriSign and Identity Protection – Symantec and VeriSign announced plans to deliver security solutions to combat the growing threat of consumer identity theft and fraud on the Internet. Symantec plans to offer support for the VeriSign Identity Protection (VIP) Authentication Service. In addition, the two companies will jointly market combined identity and security solutions. Accenture and Symantec Security Transformation Services – Symantec and Accenture have established a global organisation that consists of consultants from both companies dedicated to mitigating security risks in three key areas: compliance, security monitoring and management, and application security. Symantec Database Security – This new product reduces risks to information stored in major enterprise database management systems. It provides real-time fraud and data leakage detection and auditing capabilities to address growing compliance requirements for secure information access. Symantec Mail Security 8300 Series – This next-generation mail security solution reduces risks to information flowing in and out of the enterprise via e-mail. New integrated content fi ltering helps organisations protect against data leakage while ensuring compliance with regulations and internal corporate policies related to e-mail content.
>> SECURITY 2.0 IS Symantec’s strategy for protecting customers from what it calls the next generation of threats targeting personal information and interactions. It brings together an ecosystem of products, services, and partnerships to protect customers’ information and interactions. In support of its vision, Symantec is announcing new products and partnerships including: Norton Confidential Online Edition – This online transaction security
solution allows fi nancial institutions to help their customers’
�#2 2006
SYMANTEC F.Y.I.
TECHNICAL HOTSPOTS 17
REDUCING DATA CENTRE COMPLEXITY
>> AS DATA CENTRES continue their
endless march in delivering support to businesses, hidden beneath the vast array of consumer friendly interactions lies layers of inefficiency that is challenging even the most experienced IT management specialists. With business growth comes data growth; with business expansion comes application growth; and with reputation comes the need to be available. The combined availability of these growth areas determines service levels achievements and IT leaders need to approach the management of this complexity without losing the flexibility of choice. Symantec’s Data Center Foundation provides organisations with the ability to implement ‘standardisation’ to leverage a single layer of infrastructure software across their entire data centre that reduces IT complexity, protects information and applications, improves manageability and control of cross-platform storage and server assets, and drives down operational costs whilst increasing the organisations ability to implement secure service management processes.
AN ESSENTIAL ELEMENT in achieving this
Data Centre Automation (DCA) from Veritas Server Foundation, launched late November 2006, aims to provide customers with a comprehensive server and application management solution to enhance IT operational efficiency. It provides the ability to standardise to leverage a single layer of infrastructure software across the entire data centre.
VERITAS APPLICATION DIRECTOR: automated,
runtime application management
VERITAS CLUSTER SERVER:
the industry’s leading clustering solution for high availability.
VERITAS CLUSTER SERVER 5.0 for VMware
ESX (announced mid-November) extends Symantec’s clustering capability bringing high availability and disaster recovery to heterogeneous data centres running virtual server software. VCS for VMware ESX automates remote failover for disaster
recovery and provides management of clustered virtual and physical servers. By simplifying and automating remote failover for VMware virtual server environments, it provides added protection against virtual machine or application failures. Combine this with the only realtime change control software, Veritas Configuration Manager, and Symantec ensures IT operations don’t suffer from un-managed configuration changes to the server or application environment.
is Symantec’s long-term solution for the next-generation data centre: Data Centre Automation (DCA) from Veritas Server Foundation. Launched late November 2006, DCA will aim to provide customers with a comprehensive server and application management solution to enhance IT operational efficiency and enable IT to deliver value to the business. Today, Server Foundation offers visibility into and control over heterogeneous, interdependent, multitier IT environments and consists of:
VERITAS CONFIGURATION MANAGER:
SYMANTEC BACKUP EXEC 11D
Extending Exchange protection
>> SYMANTEC HAS recently launched Backup Exec 11d for Windows Servers software. Developed primarily for small- and medium-sized organisations, it expands the product line’s continuous data protection beyond Microsoft Windows fi le servers and workstations to include Microsoft Exchange, eliminating the need for daily Exchange backups and time consuming mailbox backups. Backup Exec 11d also features an
application and server discovery, dependency mapping and the only real-time change control software
VERITAS PROVISIONING MANAGER:
operating system and application deployment, patch distribution
innovative Granular Recovery Technology that enables recovery of critical data from Microsoft applications like Exchange, SharePoint, Active Directory and more in just seconds. Additionally, it provides enhanced data security with 128-bit and 256-bit AES encryption capabilities, and extends platform support with Backup Exec media servers running on 64-bit Windows servers.
SYMANTEC DATABASE SECURITY
– Real-time fraud and data leakage detection
>> REDUCING RISKS TO information stored
in major enterprise database management systems has always been tough. The new Symantec Database Security solution provides real-time fraud and data leakage detection and auditing capabilities to address growing compliance requirements for secure information access. Symantec Database Security uses intelligent profi ling to provide fraud detection to build a profi le based on what
is considered ‘normal’ interaction with the database and immediately alerts the organisation of malicious or abnormal activity that falls outside the ‘normal’ profi le. The solution also protects against data leakage by monitoring all information that leaves the database and alerting administrators when sensitive information such as credit card numbers, social security numbers, or any other administratordefi ned data pattern is detected. Policies
can then be built around these patterns to control what gets flagged as suspicious activity. For example, if corporate IT policy allows data for only one credit card to be accessed per request, but a request is made to access data for multiple credit cards, the system tracks this activity and alerts administrators. It also helps organisations more efficiently and cost-effectively demonstrate compliance with information protection policies by maintaining an audit trail of all activity on the database server.
�18
COURSES, EVENTS & OFFERINGS
SYMANTEC F.Y.I.
#2 2006
COURSES & TRAINING
SYMANTEC ANTIVIRUS 10.1 CORPORATE EDITION
VIA VIRTUAL ACADEMY. In
this three-day course, you will learn how to implement and manage a Symantec AntiVirus network, reduce update sizes, enforce antivirus, Spyware and Adware scanning across the entire enterprise, and protect and manage remote users. For antivirus administrators, this course represents the first step toward mastering the configuration and management of an antivirus network.
SYMANTEC ENTERPRISE VAULT TECH CENTRE LIVE!
Symantec Education is pleased to announce the release of the Symantec Enterprise Vault Tech Centre (EVTC)! This marks the latest addition to Symantec Education’s subscription services portfolio. The EVTC is premiering with a collection of 15 short, narrated, on-demand self-paced modules. In addition, many include self-running demonstrations. Over the coming months, the EVTC will be expanded with new modules. In fact, five modules were released in December that focus on Enterprise Vault 7.0! To learn more or to subscribe to the Enterprise Vault Tech Center visit: www.symantec.com/education/evtechcenter
VERITAS STORAGE FOUNDATION & VERITAS CLUSTER SERVER 4.X TO 5.X UPGRADE/DIFFERENCES
new two-day course is a great way to learn about the new features and enhancements made in version 5 and how to upgrade without leaving the office!
VIA VIRTUAL ACADEMY. This
To find out more or to register for a course please visit www.symantec.com/uk_education or contact us on uk_education@symantec.com or +44 (0)118 9188391.
SYMANTEC CONSULTING SERVICES:
THE INFORMATION MANAGEMENT ROCKET SCIENTISTS Raising the standard
>> IF DATA WASN’T SO VALUABLE we could all
be a bit less careful about how we managed it. As we all know though, it’s right up there with people as one of the most important aspects of the organisation. You need to look after it. Understand where it’s coming in from; where it’s being stored; how you can retrieve it; and how you can manage it without it costing the equivalent of the GDP of the United States. More questions than answers? Not for the Symantec Consulting team. Rupert Beeby, their Director of Consulting for Storage Practices, heads up a virtual team whose job it is to help customers unravel the maze of complexity around information—and answer all the questions surrounding how it is effectively stored and managed. “One of the main topics we discuss with our customers is their need to be an information service provider,” he explains. “That means acting as a resource to the different divisions within the business– effectively being an internal service organisation.” According to Rupert, that means creating a framework of services which the lines
of business can cherry pick. All with strictly controlled usage patterns, lines of engagement and guaranteed service level agreements. “Customers need to know what the service costs and what they receive for their investment,” he says. Of course, all of this is second nature to the Symantec Consulting team. With more than 230 consultants in the field – buoyed by the current acquisition of the leading consultancy business Company-i– and a vast degree of knowledge and experience in information management, few organisations can match Symantec Consulting. “Our success hinges on getting into the fabric of our customer organizations,” says Rupert. “Customers have huge problems that technology will not solve alone. Symantec Consulting can help solve these issues once and for all. We want life-long relationships that radically enhance the customer environment as well as Symantec Consulting’s reputation.”
for business continuity management
>> THE LONG AWAITED British Standard Code of Practice for Business Continuity Management (BS25999-1:2006) was launched in December. The release of the standard offers an excellent opportunity for businesses to review their current BC arrangements against best practice. Symantec Consulting’s Business Continuity practitioners are ready to work with clients to align their BC planning with the standard or to undertake any BC management activities from strategy development through to testing.
For further details contact: Ian Inglis, UK Principal for Business Continuity Phone: +44 (0) 8702 431080 Email: ian_inglis@symantec.com
�#2 2006
SYMANTEC F.Y.I.
COURSES, EVENTS & OFFERINGS 19
CALENDAR
10-13 JANUARY OLYMPIA, LONDON
s! Don’tNmiLsCOMMUNIT Y IC A
24-26 APRIL THE GRAND HALL, OLYMPIA, LONDON
BETT SHOW
Symantec is exhibiting on stand L20 at the BETT Show 2007, the world’s leading educational ICT event, attracting over 600 educational suppliers and 27,000 visitors over four days. For more information please visit: www.bettshow.com
INFOSECURITY 2007
3-5 APRIL UNIVERSITY OF EXETER
UKERNA NETWORKSHOP
Symantec is exhibiting at UKERNA Networkshop 2007. Aimed at network managers and technical staff from the JANET community, the conference provides a forum for discussion on the latest network technologies. For more information please visit: www.ukerna.ac.uk.
Symantec is exhibiting at Infosecurity 2007 (stand 530) on the 24-26 April at the Grand Hall, Olympia, London. Attracting around 11, 500 attendees over the three days, Infosecurity is Europe’s most comprehensive convergence of information security professionals. Showcasing the most diverse range of new and innovative products and services and addressing today’s strategic and technical issues in an unrivalled education programme. The event delivers an audience hungry for education and information on how, what, why and when to purchase the products on offer. For more information please visit: www.infosec.co.uk
u n it y U K TECH ical Com m c’s Tech n Sy mante rtu n it y to ees, the oppo prov ides tec employ it h Sy man to interact w s in order er d you r pe t dge abou ex perts an le s and know d related share new oduc ts an c’s pr antec. Sy mante w w w.sym ies. Visit it y tech nolog com mu n h n ical ser com /u ktec ch n ical u s of ou r te d deta ils for deta il u w il l fi n yo leva nt me. Here progra m d news re s an , webcast rs. of events use tech n ical to ou r U K
IDC WHITEPAPER ‘USING SECURITY COMPLIANCE SOFTWARE’
This whitepaper analyses the cost of complying with the increasing numbers of government regulations. Regulations are discussed along with cost reduction strategies. To discover how you can reduce costs and still meet regulatory requirements by using Symantec’s security solutions, download this paper now by visiting www.symantec.com/offer using offer code 24483.
MAIL SECURITY FOR SMTP 5.0
Try it free for 30 days. Combat email-borne threats such as viruses, spam and other unwanted content starts. Help control inbound and outbound risks to protect the organisation, ensure productivity and bolster security.
ENDPOINT COMPLIANCE
In a world of growing complexity you need high standards. That’s why Symantec has developed solutions that deliver a raft of compelling benefits by radically simplifying the process: • Ensures network availability, while comprehensively protecting laptop and desktop assets • Automates the assessment of IT controls and security policies • Centralises management and helps simplify operations • Alerts, remediates and reports on non-compliance To understand how to mitigate risk by effective data security, document retention and security policies, register now at: www.symantec.com/ccs for our Electronic Data Management webcast, in association with Bird & Bird, the international commercial law fi rm. If you want to know everything about gaining internal IT control download this paper now by visiting www.symantec. com/offer and using offer code 31170.
MAIL SECURITY FOR MICROSOFT EXCHANGE
Try it free for 30 days. Help safeguard your organisation from the latest viruses, spam and other email-borne security threats with high-performance, integrated email protection that includes antivirus, antispam and content fi ltering for Microsoft Exchange Server 2000/2003.
BACKUP EXEC 11D FOR WINDOWS SERVERS
Try it free for 60 days. Symantec Backup Exec 11d for Windows Servers is the gold standard in Windows data recovery, providing cost-effective, high-performance, and certified disk-to-disk-totape backup and recovery. To download any of the free trialware without commitment, visit www.symantec.com/enterprise/licensing/trialware.jsp
�RETURN ADDRESS: Symantec UK 350 Brook Drive GreenPark Reading Berkshire RG2 6UH
Not anymore with Enterprise Vault from Symantec
Keep your corporate knowledge accessible and secure.
Enterprise Vault™ from Symantec is the market-leading* archiving solution that enables the rapid discovery of content, while reducing storage costs and simplifying management. It enables you to better control your information lifecycle: manage, exploit, expire and delete information in accordance with your policies and adhere to corporate governance guidelines with ease. Email has become one of your most valuable assets. In fact the vast majority of your intellectual property could be contained within your email system. An inability to effectively store and retrieve this important information wastes other vital assets: time and money. OCSL is an established IT Integrator and Symantec Gold Partner. As a legacy Veritas partner, OCSL have vast experience in the high availability and data backup product areas. We also specialise in Symantec support contracts with services such as consolidation and co-termination of contracts and indentifying the potential cost saving this activity generates. For further information on Enterprise Vault or any general enquiry please do not hesitate to contact our Symantec Division. Tel: 01403 700959 or email symantec@ocsl.co.uk or visit the website at www.ocsl.co.uk/enterprisevault
*Source: Magic Quadrant for Email Active-Archive Market (May 2006)
�