Jun 052011

DavCo enlisted RedZone Technologies – a key sponsor of the CIO Executive Series – to help DavCo become fully PCI compliant within a secure remote network. 

Watch Stacy Duncan, IT Director at DavCo and James Crifasi, CTO at RedZone Technologies as they share how they successfully implemented SonicWALL solutions to achieve PCI compliance for DavCo.

Apr 062011

During the last few months, I have been meeting with many CIOs from our group and also with my RedZone clients.  I want to share with you what I am hearing from these IT executives.

Infrastructure – What I am learning is that people are settled with their infrastructure investment, but are thirsting to learn ways to manage virtual infrastructure more efficiently.  They don’t want to get caught underutilizing the hardware investments that they are making.  The VDI word comes up more and more.  With the added layer of application virtualization being the project, most CIOs are curious how to get into.

 Citrix Garbage Talk – I sat in on an amazing display of a vendor not listening to a CIO’s request for his team to observe a demo of Citrix XenApp (formerly Citrix WinFrame Server, Citrix MetaFrame Server and Citrix Presentation Server).

We had to listen to a sales tech give a demo of XenDesktop, since apparently Citrix is trying to get everyone to believe that Citrix XenDesktop is the same thing as Citrix XenApp.  As a CIO, you should be looking for this moving forward since Citrix again is saying that they are hypervisor agnostic to Microsoft and VMWare and want to own the VDI market of delivering applications.

I love the shifts going on with VDI. It allows one to be incredibly creative with delivering applications, but it can be quite confusing and misleading when reading the marketing material from VMicrosoftware, Citrix, Microsoft, and Add-on Third parties.

Microsoft Windows Server 2008 R2  –  I am hearing it is great and works so much better for Terminal Services.  In fact, listening to my own techs, R2 is more of a re-write than a version release.  When it comes to application virtualization, pay attention to R2 since older apps may have a difficult time working and you will need to virtualize the app to get it to work on R2.

Cool Product – I learned from CIOES member about a company called Ericom that makes an add on product called Blaze.  Apparently, Blaze makes RDP and VDI blazing fast.  Look at this product to drop the cost of deploying VDI.   I am now testing it if for my company RedZone and it looks incredibly promising.  I will keep you posted!

PCI Security – More and more of the private company CIOs I am meeting with who didn’t have to concern themselves with PCI are now having to pay attention.   Next generation UTM firewalls from companies like SonicWALL are helping companies with distributed offices deal with granular inspection and management for PCI controls.

Risk and Reward – There seems to be a theme running across the group from the meetings that I have been having.  There always seems to be a willingness to do what others are not doing or to try things that others are not trying.  I had an interesting discussion with a CIO who said he would rather go with new technology that yields quick and large ROI.  He said, “Yes, I may have an issue deploying the solution, but I always have integrators to bail me out.  Even if I have to spend more to integrate the technology, I will make this up from the savings in maintenance alone in year two to five years.”

He is not afraid of taking a risk because, in his opinion, the financial benefits his company will experience far outweigh the risks.

DR and BCP – With our group members who don’t have an auditor or compliance concern, DR and BCP planning continues to be woeful at best. For the most part, IT is expected to guess and take on the problem regardless if the business is involved or not in creating and testing a Business Continuity Plan.  The only consistency I have been able to observe is that if you are regulated in some fashion, you may have been able to find funding for Business Continuity Planning.  This news may encourage some of you who are frustrated with the lack of understanding of what is required for a business to properly fund a BCP and IT DR initiative.  Cloud Backups and Cloud Email continue to be a good option for CIOs who do not have business funding or cultural support for a full BCP implementation.

Cloud Email and Backups – There is a continued interest in cloud computing and there are some very good options to consider.   The CIOs I have talked with are actively looking at moving specific applications into the cloud.  I have talked with several CIOs about Exchange 2010 migration.    Just this simple decision to upgrade to Exchange 2010 drags with it an entire eco-system of systems.  I have been able to find really good options that work for SMB companies with 10-10,000 users.  A CIO can get price quotes from a cloud broker and pretty rapidly get their hands around the costs.

  1. Consulting upgrade of Exchange
  2. Cost for Internal Staff to do the upgrade
  3. Public Cloud Exchange outsourcing
  4. Private Cloud Exchange outsourcing

I also ran into a CIO who was using a neat product to backup his laptops into the cloud separate from his corporate backups.  They have a ton of laptops and I thought this was such a great idea!

IP Phones in the Cloud – There is a cool player called Thinking Phones that I learned about from one of the group members with a few thousand users. It is a cloud based phone solution. I have seen in our group more of these type of deployments fail versus work out due to primarily a lack of an understanding of how to manage bandwidth on the carrier side and on the company/customer side; so jitter/delay issues become a big finger pointing match which results in the CIO pulling the phones back in house.  This company though holds some promise since Thinking Phones seems to have a good bandwidth control story all the way down to the switch port at the customer facility.  Additionally, in my discussions with the member CIO, he talked extensively about the possibility for needing to add in bandwidth control and is going to watch this very closely as the phone systems are deployed.  For those of you interested, Riverbed and Blue Coat continue to have the best products.  I personally like the Bluecoat and have worked with it extensively for 12 years.

I want to hear your thoughts. Agree?  Email me or tweet me.

Mar 232011

One question seems to be on every CIO’s mind…
How can our organization unlock YouTube, Twitter and Facebook and still be secure?  Well it can be done and here is a plan.

  • Virtual Applications set up in the DMZ
  • Kiosk Access
  • Set up a Virtual Internet Application Social Media Security Server  (See Diagram Below) in your DMZ to ensure you can give access to Facebook, Twitter, Youtube, LinkedIn, etc without compromising security
  • Kicker – Add a Separate Social Media non business grade line from Comcast to run streaming media and social media applications through.
  • Allow access to Facebook without compromising corporate bandwidth or adding virus and malware propagation risk through this channel by using Next Generation Firewalls through Sonicwall

If you have any questions or comments please email or tweet me!