Aug 262010

Let me share an interesting story about a business that I worked with to develop budgeting and IT strategy. I’d worked closely with the EVP to solidify his thoughts in strategic areas for their executive team and board. Business optimization was the goal for each and every IT decision. Together we made the shift from direct integration support to blending integration with a more proactive planning approach, including an IT roadmap to development for the next two years.

What made this remote access decision interesting to observe was how they turned a technical decision into a brilliant strategic decision. This is the overview of the situation:

* 25 remote access users needed remote access to the network
* SSL certificates were expiring
* Simplicity and security are paramount at the network edge
* The edge device had to be an intelligent perimeter to aid the inspection engine
* Avian Flu remote access support was needed
* There was a DR bump license requirement
* Legacy Citrix remote access technologies were in place (including CSG, NFuse, and cert server) and there was no desire to move to a newer weak Citrix remote access product
* 3 quotes were needed from 3 quality vendors
* Integration with two-factor authentication was needed
* DR site integration
* Tight Citrix integration
* Ease of management
* Full client integrity and security policy enforcement was needed at the end points

I arranged for two new SSL VPN product demonstrations. The organization’s IT team reviewed product demos from Citrix, F5 Firepass, and Sonicwall/ Aventail.

How can an SSL VPN be strategic?

I have previously blogged about the importance of client integrity for companies as they develop their security strategy. My own company and I have recommended and integrated SSL VPNs for over 7 years, and have seen the client integrity aspects of these products morph and change quite a lot.

When it comes to strategy, make sure you look at SSL VPNs from the “end game” perspective. Download the White Paper for the big questions you need to ask. I hope they will help! My point is to never, ever, make an IT decision based on technology alone. Always make the business a partner.

Aug 242010

Bill Murphy blogs about technology today.The quickest way to develop an enterprise-wide SIP (Security, Identity, & Privacy Strategy) is for a senior executive to lose one of the following: PC, laptop, cell phone, or blackberry. Many senior executives think that perimeter security is a firewall and maybe an IDS/IPD/IDP system.

The notion of security through a solid perimeter around a well-defined protected network has disappeared: the walled medieval castle concept is dead. The perimeter has not disappeared; it has expanded to include mobile devices used in today’s organizations. Perimeter security is now a combination of traditional perimeter mechanisms and end-point security.

So how do you take control of end-point security? My opinion is that you can’t, at least not with the security and networking budgets that I see. However, you can take control by developing a plan to control end-point device security.  Start developing your client integrity plan by asking the following questions presented on the White Paper.

Stay tuned, I will discuss remaining steps involved in developing and executing your SIP strategy in future posts!

SIP Quick CIO Analysis Spreadsheet

 Comments Off on SIP Quick CIO Analysis Spreadsheet
May 272010

Here is a good Whitepaper on SIP, as well as a cost analysis our partner Curt Island with TelVersant Group did for a customer. The spreadsheet compares traditional LD usage with PRI and SIP ,which shows that from a cost savings perspective the difference is negligible. Curt tells us that net/net – if a customer is looking for cost savings then they can achieve that with traditional PRI’s.

However, if a customer has an end goal of going all IP, then a SIP application has its place.

Also, click here to read an article from XO: “Why SIP Makes Sense”.