Of course you want to protect your network from hackers, cyberterrorists
and other boogeymen. You want to know who is logged on, regardless
of location or type of client, and that only those who have a
right to use them can access resources. You want identity
management. You want it so badly that marketers are busily
relabeling an impossibly wide range of offerings — from portal
authentication servers to log reporting applications — as "identity
Yet the core of identity management is tried-and-true password management
tools coupled with new automated account management software. This latter
"provisioning" software is buzz, too.
Password management is a relatively mature set of technologies, typically
for help desks, available from vendors such as Courion, M-Tech Mercury Information
Technology, PentaSafe Security Technologies and single-sign on vendors such
as Oblix. Provisioning adds a workflow engine, middleware and features for
automating user account management. Most password management vendors offer
products for some form of provisioning, such as managing IT accounts when
hiring, moving or firing employees. Other vendors, such as Business Layers
and Waveset Technologies, offer tools for larger-scale provisioning such as
granting access to IT resources based on user role. This type of provisioning
is doable today and much closer to the identity management ideal, but tends
to require much business re-engineering and considerably deep pockets.
Enterprise content delivery
Graft caching and intelligence, and you get content-delivery
network switches, the root of an enterprise CDN (eCDN). Companies
are about to go nuts for eCDN, analysts predict. IDC tags spending
at $1.3 billion in 2006 for CDN equipment, most of that for switches,
up from less than $400 million in 2001.
An evolution of simple caching, eCDNs let companies intelligently manage
what data is cached, and where. For instance, the eCDN could enact a rule
to cache in a specific location any data that is requested repeatedly by the
same region over a specified time frame. This way, companies can cache not
only Web data but also streaming media and, eventually, e-mail and non-IP
legacy applications, says Lucinda Borovick, an IDC analyst.
ECDN vendors include Cisco, Digital Pipe, F5 Networks and
IT portfolio management
If you find the term IT
portfolio management confusing, you're not alone.
Some use it in reference to an ever-more-sophisticated breed of asset management
and capacity planning products. These tools, from companies such as Opnet
Technologies, Clairvoyant and NetScout Systems, are meant to allow accurate
forecasts of what equipment you must buy next — often down to the brand name.
Other industry observers say IT portfolio management means a comprehensive
cost/benefit view of all things IT — hardware, software, services and worker
knowledge — past, present and planned.
Additionally, a crop of IT project management tools make up a closely related
buzz term: project portfolio management. These tools help users run multiple
IT projects while analyzing the bigger picture of overall IT spending and
scheduling. This batch includes software from vendors such as Artemis International,
ProSight and Pacific Edge.
What all these definitions have in common is accountability. Regardless of
whether you use a trendy term like IT portfolio management for your resource
allocation methods, this is the era of spending accountability. And network
executives must be equipped to quantify, and defend, resource consumption.
Honeypots for security
If crime fighting runs in your blood, then honeypots
could be for you. Honeypots are a form of intrusion detection
that tricks hackers much like a law enforcement sting operation
draws in the wrongdoers. The bad guys think they are cracking
your server but the honeypot is actually feeding them false information
or acting as a decoy server intended to be compromised. In some
cases, honeypots gather information useful for tracking down your
Researchers tend to use honeynets, an extreme form of honeypot in which an
entire network is the lure, to discover new hacker trends.
Honeypots will become a crucial tool for the good guys because
they divert all types of attackers and provide an understanding
of hackers and their tools, says security expert Marcus Ranum
in the foreword of a newly published book on honeypots. You can
find honeypots from a variety of vendors, such as Symantec, which
recently acquired Recourse Technologies and its ManHunt honeypot,
and ForeScout Technologies, with its ActiveScout. Or you can download
one of the original honeypots, Fred Cohen's Deception Tool Kit,
Public wireless nets
When Sprint launched a nationwide, 3G
wireless network in August, the buzz over 3G grew to a scream.
True, 3G services for now are for consumers, but that might not
always be the case. Revenue for North American 3G services are
predicted to increase from a projected $2.5 billion in 2004 to
almost $6.7 billion in 2006 as businesses and consumers adopt
en masse, says the UMTS Forum, an international industry association
that promotes a 3G technology called the Universal Mobile Telecommunications
Yet, the latest scuttle says that 802.11 public wireless LANs could cut off
3G at the knees. Here's the argument: 802.11 chips will drop in price to a
couple of dollars each, making them standard fare on most laptops and many
consumer devices. By 2006, more than 5 million people will access the Internet
regularly via nearly 42,000 publicly available wireless LANs dotting the U.S.,
IDC predicts. So, who needs 3G?
Wireless service providers, which are spending billions of dollars to upgrade
their networks to 3G, want to squash this line of thinking. In July, a UMTS
Forum report concluded that 3G and public-access wireless LANs will complement,
not compete. Perhaps, but the decapitation of pay phone revenue by cell phone
use teaches that one technology is likely to dominate. The forum's report,
not surprisingly, says 3G would dominate, because it can be used while traveling
at high speeds, among other reasons.
Either way, you and your road warriors will win, as wireless becomes just
another IP fabric to you.
computing, also known as computational grids, is server clustering
to the umpteenth power. It taps into unused CPU cycles on widely
distributed computers and coordinates those cycles to calculate
enormously complex problems. For instance, the United Devices
Cancer Research Project uses a computational grid to process molecular
research. Anyone can donate CPU cycles to the project by installing
freeware onto a computer.
But grids needn't be a hodge-podge of hosts. Some, such as the optical research
network TeraGrid, are created among designated computers, similar to how a
company might construct one. TeraGrid links computers at the National Center
for Supercomputing Applications, Argonne National Laboratory, the University
of Illinois at Urbana-Champaign and Northwestern University.
Grid computing, like the Internet, might one day be part of the average company,
but not before software development toolkits, management tools and fault-tolerance
methods are mature enough. Efforts abound on this, such as the Globus Project's
open source Globus Toolkit for building grids, and the Grid Application Development
Software Project's application development environment.
Commercial vendors include Avaki; Entropia; IBM; Hewlett-Packard; and Platform
Computing, all of which sell and support the Globus Toolkit.