Re:Assurance Newsletter

Winter 2007

In this issue you will find the following,

• Featured Article: Taking Control of Network Access
• Industry News and Updates: Oracle on NetApp Data Management Solutions Trusted by More Than 5,000 Enterprises Worldwide
• Resources and Promotions: Quantum Acquires ADIC. You Acquire a T-shirt
• Resources and Promotions: The Compliance Hub
• Resources and Promotions: Who's Your Data

Featured Article

Taking Control of Network Access

Introduction
Lately the news has been flooded with reports of sensitive information being stolen from government computers and networks. One recent case involved the theft of a Department of Veterans Affairs laptop containing private information such as Social Security numbers and birth dates of as many as 26.5 million people. As a government employee and a U.S. citizen, you should be concerned about the lack of Network Access Control (NAC) that is currently in place to limit the ability of someone to access a network without proper authorization. The need to rein in network access is more crucial than ever because so many government employees are connecting from outside the office, often on unmanaged laptops and other endpoint devices. Of course, NAC does not in any way protect the physical devices themselves. Given the rise in laptop theft and the possibility of accidental loss of laptops and other devices that contain or have access to sensitive data, government organizations must adopt stricter technical and procedural controls to minimize the potential danger to citizens, employees and other stakeholders.

Lack of control
In March 2006, the General Accountability Office (GAO) announced that it found dozens of new security weaknesses in its latest review of the Internal Revenue Service (IRS), one prominent weakness being a dearth of effective NAC. The GAO warned that sensitive financial and taxpayer data will continue to be at risk until a better NAC solution is in place. Before the laptop theft, the Department of Veterans Affairs had also been cited by the GAO for routinely failing to control and monitor employee access to private information, not restricting users to "need-to-know" data, and frequently waiting too long to terminate accounts when an employee quit or was fired. As Rep. Bob Filner, D-Calif. said, "This was a disaster waiting to happen."

Managing access
When there is a lack of NAC, unauthorized access becomes not only more possible, but has potentially more negative consequences. That's especially the case in today's typical IT environment, where mobile computing, remote access, teleworking, and wireless networking technologies that give IT security threats a chance to sneak by the firewall are on the rise. IT managers should understand how NAC systems can help them seamlessly grant network access to employees, contractors, and visitors without sacrificing availability or increasing risk, while at the same time restricting any system or endpoint from access if it doesn't meet internal security policies. The regulatory climate and the dynamic and unstable threat environment reinforce the need for strong internal IT security policies. These policies should be written with regulatory compliance and security in mind. Security policies are only useful if they are enforced 100% of the time, and determining security compliance after granting any network access is too late. The key here is proactive management of access.

A good NAC solution that works in conjunction with an endpoint protection solution should be able to do the following:

• Enforce policies each time a user accesses the network. This includes assessing endpoints (including a check for up-to-date antivirus) and allowing only appropriately secured systems access to the network.
• Provide ongoing monitoring of each of system to check for constant compliance with global policies.
• Bring a compromised or infected system into compliance so that all sensitive government information and IT systems are insulated from theft, violation, and disruption.
• Bring unmanaged devices into compliance using an agentless technology to eliminate exposures from home computers, kiosks, and guest laptops. An agentless technology will eliminate the time and costs associated with installing technology on every endpoint device.
• Enable API-based integration with dialers and VPN tools that are already in place to control network access.
• Work with different vendor solutions. This will allow your organization to leverage existing network investments through integration with all major infrastructure vendors.
• Identify the specific connection access control by URL and IP address to eliminate split tunneling for better control of application usage and to prevent the export of sensitive government or citizen information.

Conclusion
Changing work environments have brought about an immediate need for Network Access Control. While the ability to work remotely, make wireless connections, and bring laptops home to get extra work done is a boon to productivity, and perhaps a necessity during times of disasters or other incidents, you need to stay on top of who's entering the network and with what device. The key is to stop insecure and possibly corrupted computers BEFORE they get permission to connect to your network. A good NAC solution will ensure that only compliant and secure devices can connect to your network, while any non-compliant devices will be blocked and remediated (if possible) before access is granted. This is the best way to make sure your organization doesn't join the Department of Veterans Affairs or the IRS in the headlines.

Industry News and Updates

Oracle on NetApp Data Management Solutions Trusted by More Than 5,000 Enterprises Worldwide

Enhancements to NetApp SnapManager for Oracle Software to Extend Leadership in Application Availability and Database Development Productivity

SAN FRANCISCO (Oracle OpenWorld), Calif. – October 24, 2006 -- Today, Network Appliance, Inc. (NASDAQ: NTAP) announced that more than 5,000 enterprises worldwide use the Oracle on NetApp solution to help simplify the management of their backup/recovery, archiving, data protection, compliance, and primary storage processes. Oracle uses NetApp storage, having significantly increased its NetApp storage capacity to multiple petabyes since 2004 (see related press release at www.netapp.com/news/press/news_rel_20040127. NetApp also announced new enhancements to NetApp SnapManager for Oracle software (www.netapp.com/products/software/snapmanager-oracle.html) that will be available worldwide in January 2007. The software enhancements will provide customers with the capability to create clones from hot backups on an expanded array of Linux® and UNIX® platforms. SnapManager for Oracle software executes wizard-based cloning of online production databases. It eliminates the need for laborious, manual maintenance of complicated scripts for backups and restores, providing customers with an intuitive interface that dramatically boosts productivity.

This latest milestone in the NetApp and Oracle partnership further proves the reliability, high availability, performance, and value of the Oracle on NetApp solution for customers with NAS (network-attached storage), FC SAN (storage area network), and IP SAN environments. Oracle on NetApp solutions help customers streamline and simplify processes that reduce the time required for backup and restores to improve application availability. The solutions also help customers execute near-instantaneous application recovery, create near-instantaneous copies of production environments, and leverage rapid provisioning to increase productivity and flexibility of IT resources. Additionally, NetApp is a Certified Advantage Partner in Oracle PartnerNetwork.

The NetApp unified storage approach–leveraging Data ONTAP® data management software across all classes of NetApp storage-consistently delivers better storage asset utilization and return on investment. The unique approach helps customers:

• Clone a database in ~30 seconds, for instant replication of data volumes and data sets without requiring additional storage space at the time of creation; this helps testing and bug fixing, platform and upgrade checks, multiple simulations against large data-sets, remote office testing and staging, and market-specific product variations.
• Maximize their budget, because NetApp is 50% less expensive to manage than EMC Clariion or HP EVA solutions and 64% less expensive than EMC Symmetrix solutions, according to a Mercer study.
• Increase recovery in the event of application errors up to two times faster than competing solutions, according to a Mercer study.

"Oracle's utilization rate is very high," said Bert Dollahite, IT Tools and Automation Services at Oracle. "NetApp storage and data management solutions have been a key part of the equation that has helped us lower our total IT and management costs, and enhance productivity."

Another NetApp customer is Telstra, Australia's largest telecommunications and information services company. Telstra operates one of the world's largest Linux Oracle Database with Real Application Clusters Data Warehouses and an Oracle Database 10g grid.

"After deploying NetApp IP SAN storage solutions throughout our new Omnipresence project we were empowered to deliver capacity on demand," said Andrew Crabb, group manager of the Data and Storage Solutions Centre at Telstra. "We were able to shrink new-project storage activation from 8 to 12 weeks down to days-or even hours in some cases. The NetApp IP SAN solution has the performance we need and it's more economical and supportable."

William Beaumont, a two hospital medical center with a staff of 15,000, including more than 2,400 physicians, is one of the thousands of customers who rely on Oracle on NetApp solutions. For more details on this and other Oracle on NetApp implementations visit www.netapp.com/library/cs/.

NetApp Global Services (NGS)
Both Telstra and William Beaumont use the Oracle Accelerator Services that are offered by NGS (see www.netapp.com/support/consultingedge-offerings.html), in cooperation with Oracle. The Oracle Accelerator Services are another reason NetApp can tout its 5,000 enterprise customer milestone. Oracle Accelerator Services are designed to help IT organizations reduce complexity, accelerate readiness, and improve system availability and performance of Oracle technology deployed in a NetApp storage environment. Visit LINK for more information.

MASERGY Communications leveraged NetApp Global Services expertise to install its NetApp enterprise SAN solution and migrate data from its Oracle and Microsoft® Exchange environments. MASERGY is a global services provider specializing in simplifying wide-area networks for enterprises that provide customers with bandwidth for applications and services through a customer-centric portal.

"We've heard from customers' first hand that the status quo solutions they've been using from our competitors are not scaling as their businesses grow," said Patrick Rogers, vice president of Products and Alliances at Network Appliance. "NetApp is unique. We offer reliable, scalable, and high-performance storage solutions and services based on extensive engineering and collaboration with Oracle. The ROI our customers experience-and the fact that 5,000 customers around the world today trust NetApp storage-speaks volumes to our ability to deliver enterprise-class solutions in these complex environments."

For more information about the advantages of the Oracle on NetApp solution, download a NetApp TechTalk podcast about increasing productivity and efficiency in the data center.

Resources and Promotions

Quantum Acquires ADIC. You acquire a T-shirt.

Having completed the acquisition of Advanced Digital Information Corporation (ADIC), Quantum continues to solidify its position as the industry leader in storage solutions. Quantum now provides customers of all sizes with a comprehensive range of innovative products and services designed to meet their current and future data protection and retention needs. The merger leverages both organizations superior technological advancements to benefit you, the end user.

To learn more about the combined Quantum|ADIC product line, visit www.dlt.com/grassra and receive a Grass is Greener T-shirt, or call 888.472.4358 to speak with an Information Assurance professional.

The Compliance Hub

Today's agencies face a tough challenge in meeting the requirements of a variety of technical standards, IT governance frameworks, and laws related to security and administration. Symantec's innovative approach enables agencies to clearly define their IT policy compliance requirements and achieve their governance objectives via the implementation of widely recognized best practices.

Visit The Compliance Hub: www.dlt.com/compliancehub1

At The Hub you can:

• Download webcasts led by Symantec's top Systems Engineers to learn first-hand about Compliance Issues in today's agencies, Compliance Management Software, and End-User Compliance.
• Download data sheets tailored to your compliance needs.
• Learn more about compliance issues and how they affect your agency model.

With proven expertise and the industry's broadest portfolio of IT policy compliance management products and services, Symantec provides a comprehensive solution that helps agencies simplify, achieve, and sustain end-to-end IT policy compliance.

Who's Your Data

The online community for Government IT professionals

www.whosyourdata.org/

Who's Your Data explores a variety of issues pertinent to today's government agency IT departments. This fun and interactive online community will feature blogs from experts in the industry, a cartoon series, news from our sponsors, an online, downloadable radio program, technical papers, an events page and much more! With a constant influx of technical news and information, Who's Your Data is the IT professional's new home away from home.

DLT Solutions, Inc.
13861 Sunrise Valley Drive, Suite 400
Herndon, VA 20171
© Copyright 2007 DLT Solutions, Inc.
Toll Free 888.472.4358
Facsimile 866.708.7033

information-assurance@dlt.com

We respect your time and IT resources, and we hope this information was helpful to you. If you prefer not to receive e-mails from us, please visit www.dlt.com/opt.