This Week in Enterprise Tech 64
From The Official TWiT Wiki
Topic: Google's floating data center, vulnerability in Netgear's ReadyNAS, identity management, and more.
Recorded: October 28, 2013
Published: October 28, 2013
This Week in Enterprise Tech 51:
Google's floating data center, vulnerability in Netgear's ReadyNAS, identity management, and more.
Google Water Barge
- Storage Barge floating on bay with secret hanger.
- Container on Barge may be a data-center module.
- Container on water makes it mobile, easy to cool, and possibly powered from the waves.
- While cooling from water isn't "free cooling", the cost is lower.
- Also opens the possibility of having a data center in international waters.
- While being in international waters does free up regulation, the US has a navy that may put a stop to it.
- Being in international waters does free Google from taxation on properties in the water, however countries may frown on this.
- Having a data-center in the middle of the ocean can bring an edge to traders who will have faster response over trans-oceanic connections.
- Trading floors may be in the ocean in the future, but tax levies will probably catch up.
Netgear ReadyNAS Vulnerability
- Front View has command-injection flaw
- Effects all tiers of the ReadyNAS from prosumer to enterprise.
- Fails to sanitize http input.
- Attack allows root access to the OS and array.
- Plugins can be added as a trojan.
- Netgear has not been keeping up with their firmware with features and security.
- Netgear may not be interested in protecting enterprises, targeting home users instead.
- Placing security secondary to widgets is incompatible with enterprise thinking.
- ReadyNAS does not work well without a firewall to protect it.
- Used all the time with Active Directory or X500
- Can store user information, contact information, etc.
- Database based authentication systems scale for enterprises.
- InfoWorld ran a demo "Harry met Sally" that shows how a user's identity can grow and change.
- Executives want identity manage to work, but don't want to be bothered with the details.
- For this reason, identity management is less in the limelight as a mature product.
- Identity management makes it easy to delegate and assign roles and resource permissions for groups of people easy to update.
- Microsoft has made Active Directory a free feature of Azure, instead of per-user CALs.
- Microsoft is integrating pricing models between divisions and reduce the pricing of Active Directory through the Azure cloud.
- Google's integration with Active Directory is still lacking.
- Federation allows tie in of multiple authentication services.
- Federation allows the linking of multiple databases and apply rules between them.
- Two companies identity management solutions can be shared to provide services to one another.
- Federation can also include subtle details to users, business rules like Do Not Disturb, sending calls to voice mail directly, etc.
- Microsoft's offering has a larger depth than Oracles identity management, from the infrastructure database through the client pieces.
- Identity Management is a center piece for enterprises, the ubiquity of Federation is a strong selling point.
- Federation integrates MDM, device permissions, patches.
- Federation could allow emergency services critical information about patients during an evacuation, without leakage of personal information to unauthorized users.
- Federation can push and pull sync records from other solutions.
- Microsoft is donating code to Linux to provide easier integration.
- System Center can manage VMWare and openstack VMs, Microsoft is pushing for multi-vendor integration, with Microsoft as the center piece.
- Is the return on investment for a CTO worth the migration to Federation?
- Microsoft's free pricing is very competitive to justify the migration.
- If someone in IT can make the case that Federation will help a company easier and quicker to serve the customer, than executives will find the migration cost appealing.
- Security Event Management will benefit from a wide view of correlation between authentication systems. For Ex. two events occurring at the same time with the same credentials, in two very different locations, is probably a security concern.
Hardware & Software Mentions
- Ring Central Promo Code: TWIT
- Call: (800) 543-9980
- Ad time: 26:34
- Citrix Promo Code: ENTERPRISE
- Ad time:
- Recorded Date: October 28, 2012
- Release Date: October 28, 2012
- Duration: 1:09:52
- Log line:
- Edited by:
|This area is for use by TWiT staff only. Please do not add or edit any content within this section.|