About a week (~ Oct 14th) Amazon Web Services (AWS) EC2 servers attempting to deliver business-critical emails were blocked or fatally rejected because AWS IP addresses were added to a blacklist by Spamhaus.org. Problem resolved.
Not very pleasant for companies providing business-class mail server hosting on AWS.
Oct 15th AWS worked with Spamhaus to remove all EC2 ranges from their PBLs.
The latest from Amazon Oct 21st:
“It is our intention to make it easy to reliably send email from the EC2 environment. As a result of our experience last week, we have released some changes to improve the ability of valid users to send email from EC2. We have started a new thread with the details of the improvement we have made: http://developer.amazonwebservices.com/connect/thread.jspa?threadID=37650. Please let me know if you have any further issues or questions”
Sunday, October 25, 2009
Saturday, October 24, 2009
The workhorse technology behind cloud computing is virtualization. Get to know it well.
The magic pixie dust that makes a cloud a cloud is virtualization technology. The trick is to decouple the physical world of fixed hardware where one computer can behave as though it were many. Where your workspace is in the cloud and all you need is a Netbook (maybe an exaggeration).
One of the more curious aspects of virtualization is the “virtual machine”. It is most affiliated with data-center server virtualization. A virtual machine is nothing more than a file that represents its physical counterparts. No hardware to purchase. No shipping fees. No wires to plug-in. (For those readers that are experts on virtualization, please forgive the oversimplification.)
Hundreds of virtual machines are likely working in earnest inside your own organization. And yes, you are likely your very own cloud provider.
All those virtual machines are important to your business. They can run your email system, your expense reporting application or your customer portal.
So let’s briefly look at some of the ways that the virtual world of servers is vastly different than the physical one.
We are familiar with our laptops going to sleep. (and waking up with a hang-over). How about if 10, 20 or 30 virtual machine go to sleep and wake up at varying times. Will all occurrences of a virus be identified across running, suspended and shutdown virtual machines? Not likely a big deal issue. But its worth thinking about the implications of appropriately configuring the virus scan.
Relocating a physical server is back-breaking work. You pick it up, twist your neck and fall down. A virtual machine (after all it’s a file) can be made to zip across a network. Let’s think about that for a moment. What if it gets intercepted and lands in the wrong hands? A physical machine has to be carried into a facility. Is it easier for a virtual machine file that is not legit to find its way into your network? Not if you have policies in place to have a master or gold copies.
Another interesting property in the virtual world is time. A virtual machine has to keep time, if nothing else than to remind you of mum’s birthday. Time is important. It is used to time-stamp transactions. However timestamps written in log files can also be stomped upon by a perpetrator to mask their activities.
There are plenty of best practices to implement a safe and sound virtual infrastructure. Take a look at your policies and procedures to make certain they are available and executable. Some examples:
· Continue to protect the physical environment.
· Control who creates virtual machines
· Quality control must include real-time configuration management
· Consider encryption as an extra layer of protection for high-risk assets
· Get to know your virtualization technology and how it can be exposed
You can’t get into the virtual world without stepping through the physical world. However, things that happen in the virtual world are not a direct reflection of the physical world. Get savvy.
One of the more curious aspects of virtualization is the “virtual machine”. It is most affiliated with data-center server virtualization. A virtual machine is nothing more than a file that represents its physical counterparts. No hardware to purchase. No shipping fees. No wires to plug-in. (For those readers that are experts on virtualization, please forgive the oversimplification.)
Hundreds of virtual machines are likely working in earnest inside your own organization. And yes, you are likely your very own cloud provider.
All those virtual machines are important to your business. They can run your email system, your expense reporting application or your customer portal.
So let’s briefly look at some of the ways that the virtual world of servers is vastly different than the physical one.
We are familiar with our laptops going to sleep. (and waking up with a hang-over). How about if 10, 20 or 30 virtual machine go to sleep and wake up at varying times. Will all occurrences of a virus be identified across running, suspended and shutdown virtual machines? Not likely a big deal issue. But its worth thinking about the implications of appropriately configuring the virus scan.
Relocating a physical server is back-breaking work. You pick it up, twist your neck and fall down. A virtual machine (after all it’s a file) can be made to zip across a network. Let’s think about that for a moment. What if it gets intercepted and lands in the wrong hands? A physical machine has to be carried into a facility. Is it easier for a virtual machine file that is not legit to find its way into your network? Not if you have policies in place to have a master or gold copies.
Another interesting property in the virtual world is time. A virtual machine has to keep time, if nothing else than to remind you of mum’s birthday. Time is important. It is used to time-stamp transactions. However timestamps written in log files can also be stomped upon by a perpetrator to mask their activities.
There are plenty of best practices to implement a safe and sound virtual infrastructure. Take a look at your policies and procedures to make certain they are available and executable. Some examples:
· Continue to protect the physical environment.
· Control who creates virtual machines
· Quality control must include real-time configuration management
· Consider encryption as an extra layer of protection for high-risk assets
· Get to know your virtualization technology and how it can be exposed
You can’t get into the virtual world without stepping through the physical world. However, things that happen in the virtual world are not a direct reflection of the physical world. Get savvy.
Wednesday, October 7, 2009
Google Apps: Here I Am
At Tech Labs we are constantly working to get to know all the major Cloud Computing providers and thier virtual wares. Microsoft, Salesforce.com and of course Google.
And Google is well on it’s way to building a reputation and trust that an enterprise can live with. The Google Apps web site already claims more than 1 million businesses running on the platform.
I sat down with one of our consultants to understand some of the details behind Google Apps and what it takes to properly implement the product for an enterprise.
Some of our conversation:
1. What is Google Apps - in your words?
Google Apps is a suite of products. You get Gmail, Talk, Calendar, Docs, and Sites - all of which are part of the $50/user/year licencing fee. Storage allocation is 25GB per user. The first foray for most clients is likely Gmail and Calendar and its not unusual to see "silent rollouts" of Google Docs and Googles Sites as collaboration tools.
2. Security is one of the benefits touted by using Google Apps? Explain.
Gartner estimates over 20,000 to 30,000 samples of potential malware are sent for analysis each day. And more than 5 million U.S. consumers lost money to phishing attacks during the 12 months ending in September 2008, a 39.8% increase over the number of victims a year earlier.
Gmail is likely to stay more up-to-date with email filters that can spot malicious file attachments and URL filters to inspect for exploits are vital. However even that line-of-defense will suffers from the delay in finding and blocking zero-day attacks. Other cyber security capabilities will be needed.
More than half of employees who left their companies in 2008 took some sensitive corporate data with them. Nearly 80% of these employees said that they knew it was against company policy to take the data, but they did it anyway (source: Ponemon Institute & Symantec). One source of data leakage is email messages that are used to exchange files loaded with hyper-sensitive information.
Google Apps store documents in the 'Cloud' and instead pass around hyperlinks which point to documents that can only be shared with those that you previously granted permissions. Google Message Discovery and Google Message Security offer security and archival features that advance compliance requirements.
Still questions abound such as government and regulatory compliance and service levels
2. Where do you think Google Apps is headed in the enterprise?
Google Apps lineage is of course consumer-focused, however it is evolving rapidly with each major release.
At the sametime it is still not as feature rich as existing offerings by mainstay vendor such as Microsoft.
Microsofts Business Productivity Online Suite (Microsoft BPOS) is appealing because it is available in both a pure SaaS model and a dedicated version. The advantages include custom security, adherance to compliance mandates and the ability to tailor features.
Google Apps is advertised is a SaaS offering ideally to avoid one-off deployments. Users only have the option to get the same release. A pure SaaS offering has to carely balance the desire to quickly mobilize new features and get them safely deployed into production.
Finally a key success factor to the roll out of Google Apps within an enterprise is to have a solid training and communications plan and strategy to allow for a smooth user adoption.
Thanks Jonathan Hsu!
And Google is well on it’s way to building a reputation and trust that an enterprise can live with. The Google Apps web site already claims more than 1 million businesses running on the platform.
I sat down with one of our consultants to understand some of the details behind Google Apps and what it takes to properly implement the product for an enterprise.
Some of our conversation:
1. What is Google Apps - in your words?
Google Apps is a suite of products. You get Gmail, Talk, Calendar, Docs, and Sites - all of which are part of the $50/user/year licencing fee. Storage allocation is 25GB per user. The first foray for most clients is likely Gmail and Calendar and its not unusual to see "silent rollouts" of Google Docs and Googles Sites as collaboration tools.
2. Security is one of the benefits touted by using Google Apps? Explain.
Gartner estimates over 20,000 to 30,000 samples of potential malware are sent for analysis each day. And more than 5 million U.S. consumers lost money to phishing attacks during the 12 months ending in September 2008, a 39.8% increase over the number of victims a year earlier.
Gmail is likely to stay more up-to-date with email filters that can spot malicious file attachments and URL filters to inspect for exploits are vital. However even that line-of-defense will suffers from the delay in finding and blocking zero-day attacks. Other cyber security capabilities will be needed.
More than half of employees who left their companies in 2008 took some sensitive corporate data with them. Nearly 80% of these employees said that they knew it was against company policy to take the data, but they did it anyway (source: Ponemon Institute & Symantec). One source of data leakage is email messages that are used to exchange files loaded with hyper-sensitive information.
Google Apps store documents in the 'Cloud' and instead pass around hyperlinks which point to documents that can only be shared with those that you previously granted permissions. Google Message Discovery and Google Message Security offer security and archival features that advance compliance requirements.
Still questions abound such as government and regulatory compliance and service levels
2. Where do you think Google Apps is headed in the enterprise?
Google Apps lineage is of course consumer-focused, however it is evolving rapidly with each major release.
At the sametime it is still not as feature rich as existing offerings by mainstay vendor such as Microsoft.
Microsofts Business Productivity Online Suite (Microsoft BPOS) is appealing because it is available in both a pure SaaS model and a dedicated version. The advantages include custom security, adherance to compliance mandates and the ability to tailor features.
Google Apps is advertised is a SaaS offering ideally to avoid one-off deployments. Users only have the option to get the same release. A pure SaaS offering has to carely balance the desire to quickly mobilize new features and get them safely deployed into production.
Finally a key success factor to the roll out of Google Apps within an enterprise is to have a solid training and communications plan and strategy to allow for a smooth user adoption.
Thanks Jonathan Hsu!
Subscribe to:
Posts (Atom)
