Feb 022011
 
Download Desktop VDI Bubble Chart White Paper

Download Desktop VDI Bubble Chart White Paper

Thanks to our sponsor RedZone for providing the reference document of technical questions to ask your Virtual Desktop VDI vendors.

  • How do they handle expanding hard drive drifts?
  • How do they handle OS Operating system patch management and size issues?
  • What SANs do they support native interaction with?
  • Application virtualization/streaming
  • Session control and management
  • How is offline mode handled?
  • What virtual infrastructure native support do they have?
  • On/Off Premise
Jan 282011
 

“There are no rules of architecture for a castle in the clouds.” ~G.K. Chesterton

I was reminded by this quote, as I compiled the best, best, best questions to ask regarding Intelligent Perimeters to follow Part 1, aren’t network perimeters of the future going to be the gateway to the Cloud? Look at the quote from G.K. Chesterton. Do you agree? From a security perspective, a CIO will need to understand even more clearly how security architecture and design integrate into building intelligent perimeters.

As I wrote the questions to part 2, I thought, “Oh no! More security information!” The quote from Eliot struck me as oddly correct. Use the information that you are gathering in these questions to feed the architecture. It is my intent to merge wisdom with knowledge.

“Where is the wisdom we have lost in knowledge?
Where is the knowledge we have lost in information?” ~
T.S. Eliot, Choruses from The Rock

11. (Numbers cont’d from Part 1)Do you have gateway protection at the network perimeter for?

  • Virus
  • Malware / Spyware
  • IPS
  • Content management?
    • Are you using the perimeter to enforce email policy for “outbound email hygene?
  • Anti-phishing

12. Is your mail relay?

  • In the Cloud
  • Internal Network
    • DMZ

13. Do you prefer your security systems?

  • Physical
  • Virtual appliances
  • Software on servers

14. Do you prefer appliance strategies or software with perimeter defenses?

15. Where do your organizational skills lie? Microsoft/ Linux/ Other?

16. Can the DMZ be replicated at the DR site? If not, what aspects of it are needed? How manual will it be?

17. What is the philosophy regarding a PC anti-spyware versus “in-line” approach to anti-spyware?

18. Do you outsource any aspects of perimeter defense (Firewalls, SPAM, AV, etc.)?

19. Is remote access remediation integrated into the help desk appropriately?

20. IDP/ IDS/ IPS – Are they deployed

  • Where? Inside the network? Outside the network?
  • Do you outsource these services?
  • Why? (Yes/No)
  • How are logging, monitoring, and forensics/reporting handled?

21. Centralized Management of security devices

  • Remote Sites Firewalls
  • VPN client end-points
  • SSL VPN clients
Aug 162010
 

A client of mine said to me: “Bill, we have all this stuff and my staff if good. How do we pull all this software and hardware together into a comprehensive Disaster Recovery program?” Over the past two years, they had acquired:

  • Fatpipe load balancers
  • VMware
  • Backup software (Issue: tapeless versus traditional? They were partial to tapeless)
  • Doubletake
  • Platespin
  • HP NAS appliance
  • iSCSI SAN from Lefthand
  • DR Site
  • Connectivity

The executive summarized his predicament, “the products all appear to be good.” I agreed, but based on his current network problems, tight back-up windows, huge WAN latency and more, it appeared that several of these products had overlapping functionality causing them to argue and step on each other. “There is no way I can roll this out into production without being sure,” he said. The organization asked me to come up with solutions in several areas, in particular the executive wanted answers to these questions:

  • How can they repurpose the HP NAS so that the investment is not wasted?
  • What is the best way to use the iSCSI SAN from a block level replication perspective?
  • How is back-up and corruption protection going to be handled?
  • What function will Doubletake play in the new design?
  • How will the WAN network respond to the new design? They had a combined MPLS and point-to-point architecture.
  • Why are backups barely being completed overnight? This could be indicative of bigger issues that need to be solved first.

The White Paper includes a summary of questions that will help you understand Disaster Recovery as two necessary categories including 1) backup and correction protections and 2) production SAN and virtualization.  This  information will get you started on the path to implementing an IT Disaster Recovery Plan that works!