http://www.knowledgestorm.com/collateral/WTP/50209_58306_99422_QualysYankee.pdf
Static security planning simply is not adequate to today's level of threats, as the 'Sasser' worm so brutally highlights. The indexed white paper "Dynamic Best Practices of Vulnerability Management" explains that such planning has become an operational necessity, and gives some hints and tips on how to proceed. This is useful practical advice, as well as serving as a good base for security teaching.
An extensive white paper on "Protecting Databases" is available here:
http://www.knowledgestorm.com/collateral/WTP/48986_84494_44122_Protecting_Databases.pdf
making the crucial point that it is not enough to protect the security perimeter -- protecting data at the source also has to be implemented, and the paper shows how to get started at this.
Managing a whole rack of servers is only possible with a centralized keyboard, mouse, and monitor, which implies the requirement for a Keyboard Video Mouse switch to allow this to happen. Here are three white papers addressing various aspects of this topic:
"KVM Tech Guide: Five Guidelines for Choosing the Best KVM Switching System" from http://whitepapers.comdex.com/data/detail?id=1078511691_445&type=RES&src=KA_RES_20040428
"The Definitive KVM Buyer's Guide" from http://whitepapers.comdex.com/data/detail?id=1082572029_368&type=RES&src=KA_RES_20040428
"KVM for the Enterprise" from http://whitepapers.comdex.com/data/detail?id=1082572031_187&type=RES&src=KA_RES_20040428
http://www.schneier.com/paper-pki.html
Public Key Infrastructure is one of the more mind-deadening things to teach in a security curriculum -- it is just rather hard to interest students about this concept, perhaps not least because there is some disagreement in the IT field itself about how and whether to use it. Here is a white paper: "Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure", which suggests that the benefits of PKI have been oversold, which could be a useful starting point for some more interesting discussions on this subject.
http://whitepapers.comdex.com/data/detail?id=1080147941_867&type=RES&src=KA_RES_20040331
While the importance of file transfer in many aspects of organizational operation across the InterNet cannot be gainsaid, it is equally true that the FTP protocol represents a particular vulnerability, and one which can be difficult to remedy. Some alternative standards for secure file transfer have been proposed, and this white paper asks the question: "Evolving Standards for Enhanced File Transfer: Do Recent Secure File Transfer Standards Measure Up?".
One solution to FTP vulnerabilities is deployment of a proprietary solution, as this white paper: "Instant FTP Security Made Easy" demonstrates:
http://whitepapers.comdex.com/data/detail?id=1075911003_39&type=RES&src=KA_RES_20040331
http://whitepapers.comdex.com/data/detail?id=1045490821_169&type=RES&src=KA_RES_20040331
A concept that information technology students are infrequently exposed to is the notion that IT activities cost money, and rightly or wrongly, are seen as an operating cost sink in most organizations. This makes Return On Investment calculations an essential part of the network administrator's toolkit, and this white paper: "Calculating ROI for Centralized IP-Network Analysis Systems in Large Enterprise Networks" can give students a real taste of enterprise networking, why analysis systems are needed in such networks, and how their costs can be justified.
http://csrc.nist.gov/publications/nistpubs/800-41/sp800-41.pdf
Firewalls are devices which have such fundamental simplicity [the equivalent of a locked door against outsiders] that it is easy for the uninitiated to over-simplify their implementation, and therefore create a worse security menace than if nothing had been done. The white paper indexed here: "Guidelines on Firewalls and Firewall Policy: Recommendations of the National Institute of Standards and Technology" provides an in-depth view of what firewalls are and how they work, and what important issues need to be considered in implementing these devices.
http://www.idc.com/en_US/st/extras/40_Years_of_IT.pdf
Despite, as having mentioned before, the fact that historical issues are not a major concern of IT practical education, gaining some appreciation of where we were and where we are going is supplied by this white paper: "40 Years of IT: Looking Back, Looking Forward". This also gives one some perspective on how relatively recent the PC and the InterNet are [about 20 years and 25 years of age, respectively].
http://networking.ittoolbox.com/documents/document.asp?i=3773
To paraphrase Mr. Twain: "Everyone talks about event logs, but nobody ever does anything with them". This is, of course, an exaggeration, but it is true that while event logs can be of signal importance in an IT production envrionment, teaching about their effective use can be quite difficult outside that environment.
Logs are the raw material for an audit, and the indexed white paper, "Event Log Management: A Guide to a Stress-free Audit", explains how the current USA regulatory environment makes logging even more significant as an activity, and explains how to use them in preparation for an audit. Such a focus can be of great use in providing a practical pedagogical example.
http://whitepapers.comdex.com/data/detail?id=1079029984_674&type=RES&src=KA_RES_20040317
The URL indexes a white paper on "Integrated Security: Defending against Evolving Threats with Self-Defending Networks", which is Cisco's initiative to produce integrated security deep within the infrastructure. Something like this does seem like the best solution to this problem, and of course, can help improved Cisco's bottom line.
Some other security white papers from Cisco are:
Cisco IP Communications Security Policy Development and Planning Guide
http://whitepapers.comdex.com/data/detail?id=1078939330_728&type=RES&src=KA_RES_20040317
Trust and Identity Management: Solutions Overview
http://whitepapers.comdex.com/data/detail?id=1079026302_550&type=RES&src=KA_RES_20040317
IP Telephony Security in Depth
http://whitepapers.comdex.com/data/detail?id=1057858103_115&type=RES&src=KA_RES_20040317
Another major white paper on identity management, "Enterprise Identity Management: It's About the Business" defines the technologies involved to produce a solutions roadmap, and can be found here:
http://whitepapers.comdex.com/data/detail?id=1079109672_743&type=RES&src=KA_RES_20040317
A white paper on "Log Management: Closing the Loop on Security Event Management" explains this crucial networking activity, and can be cound at:
http://whitepapers.comdex.com/data/detail?id=1079109677_478&type=RES&src=KA_RES_20040317
Two security papers relating to the Windows world are "Best Practices for Designing a Secure Active Directory - Multi-Org Exchange Edition", available at:
http://whitepapers.comdex.com/data/detail?id=1042225768_732&type=RES&src=KA_RES_20040317
and "Architecture and Design Review for Security", which can be found here:
http://whitepapers.comdex.com/data/detail?id=1079366506_346&type=RES&src=KA_RES_20040317
http://www.WindowSecurity.com/pages/article.asp?id=1313
For an individual machine, a software firewall can often be sufficient [although of course it should not be regarded as a security panacea], but for a server or other high-end resource, a hardware firewall [and often more than one of them] is definitely indicated.
How to tell which one is best? This white paper, "Comparing Firewall Features", presents an evaluative structure which will let you decide.
http://www.trendmicro.com/en/security/white-papers/overview.htm
The URL indexes the Secuirty Information white papers section of the Trend Micro site, with nearly a dozen papers directly relevant to malware and secuity problems. These papers are downloadable in .PDF format.
In addition to their products, the site offers a Weekly Virus Report, a Virus Map and a Virus Encyclopedia, downloadable test files, general virus tnformation, Webmaster Tools, and a description of onging research/development at TrendLabs.
http://www.cs.dartmouth.edu/~carlo/research/tr2004-489.pdf
A white paper covering an aspect of networking security which, because of its complexity, can get glossed over: "Keyjacking: The Surprising Insecurity of Client-side SSL". The client-side vulnerabilities are discussed in detail -- this is a good antidote to a lot of the security 'happy talk' which tends to predominate in certification resources discussing this subject.
http://whitepapers.comdex.com/data/detail?id=1076690398_357&type=RES&src=KA_RES
In most introductory networking classes, Wide Area Networks get pretty short shrift, because from the viewpoint of the LAN manager, they amount to a supplied service. This white paper: "Using the Internet to Increase Wide-Area Network Availability" discusses the issues relating to WAN connection management, providing students an inital view into this important aspect of LAN/WAN operational interaction.
http://www.securecomputing.com/pdf/remoteinsecurity.pdf
Sometimes less really is more. The URL indexes a 4-page white paper titled "Remote Insecurity: How business travelers risk exposing their companies when remotely accessing company networks". This gives a number of common scenarios where travellers put their data and systems at risk; these can be a most stimulating source of discussion and can serve as the initial foundation for some interesting practical projects.
http://whitepapers.comdex.com/data/detail?id=1076690398_988&type=RES&src=KA_RES
In most cases when we consider policies for networks, we are thinking about controlling resource access in the most powerful and automated way. However, in any organization of any size, there will be particular requirements driven by the institution, not by the network characteristics. This white paper: "7 Tips to Enforcing Corporate Governance Policy on Your Network" gives some idea of how to go about doing such enforcement.
A paper like this can be a useful starting point for discussion in enterprise networking classes, in terms of the feasibility and desirablility of each of the tips discussed.
http://whitepapers.comdex.com/data/detail?id=1076950008_357&type=RES&src=KA_RES
Wireless remote access is desirable, and, as noted in this blog from time to time, poses significant security risks. Criteria for mitigating such risks are outlined in this white paper: "Four Keys to Secure Wi-Fi Remote Access", as follows:
1. User authentication must be administered at the enterprise level.
2. Virtual Private Networks must be connected end-to-end.
3. Multi-service coverage should be broad.
4. Your remote access client must be wireless-enabled.
Some methods for doing these things are discussed in the white paper.
http://ct.com.com/click?q=ea-fjLyQhV9N0j5j379g_F_TXW~t_PR
Clustering is a key strategy for managing server farms in large-scale production environments. The Windows way of doing this is relatively straightforward, but Linux can do this as well, and this white paper "GPFS Primer for Linux Clusters" provides details of the General Parallel File System Version 1, Release 3 which helps underpin this ability.
http://whitepapers.comdex.com/data/detail?id=1074104559_384&type=RES&src=KA_RES
The volume of commentary on spam indicates how severe and continuing a problem it is -- if Bill Gates can deliver on his promise of a spam-free world by 2006, he will become a hero of the computer age to rival Linus Torwalds. In organizations, of course, spam has a cost, and measures to counter spam also have costs, and the metrics for all this are abstract and slowly emerging. This white paper: "Measuring Up: Evaluating the Return on Investment (ROI) of Spam Filtering" can provide some useful advice and statistics.
Of course, the spammers try to subvert filtering, and current trends involve the use of complex code concealed in HTML, as explained in this white paper on "Spam: A Many Rendered Thing; An in-Depth Look at Current Trends in Spamming Techniques" which is also worth considering:
http://whitepapers.comdex.com/data/detail?id=1074104558_819&type=RES&src=KA_RES
Another article, with links and references, which expresses skepticism of the methods Microsoft has proposed to control spam [and which also explains the intiative in outline] can be found here:
http://www.nwfusion.com/news/2004/0301microsoftspam.html?nl
http://whitepapers.comdex.com/data/detail?id=1075911006_265&type=RES&src=KA_RES
Much emphasis in practical network education is put on enterprise networking and the large-scale deployment, not surprisingly, since this is the most challenging and in-depth development of all networking technologies. Nor should enterprise networking be scanted in curriculum development.
The fact remains, however, that there are many more small business networks than large ones, whose proprietors will not have the technological knowledge [or perhaps the time and inclination] to DIY. This means, for newly graduated applied IT networking professionals, that they are far more likely to cut their teeth on the implementation of a small network than a large one. This white paper: "Simple Steps to Build Your Small Business Network" can give the reader some flavour of how and why a small business would roll out a network.
In addition to its direct relevance to applied IT teaching, this white paper could also form the basis of a laboratory project allowing students to demonstrate hands-on competencies.
http://whitepapers.comdex.com/data/detail?id=1076090569_333&type=RES&src=KA_RES
Though anyone who works in IT directly may find it somewhat amazing that line administrators are often insouciant about security threats, this nevetheless remains a brute fact about life in the corporate world. From the executive's point of view, secuirty is simply an expense without reward [though of course insurance, in the ideal situation, is something analogous], and the risks may seem quite diffuse and hypothetical. A primer on how to educate management is therefore useful, and this white paper: "Network Security: 11 Reality Checks to Help the CEO 'CYA'" would appear to be worth a look.
In addition to educating student on the sorts of vulnerabilities which are present in today's networking environment, a paper like this can help them understand that they have to be issue champions as well. It also could serve as a useful starting point for discussions or exercises.
Another angle on this situation is presented in this white paper: "The Top Five Challenges to Achieving Outstanding Enterprise Security and How to Overcome Them", which can be found here:
http://whitepapers.comdex.com/data/detail?id=1076950016_881&type=RES&src=KA_RES
http://whitepapers.comdex.com/data/detail?id=1075747187_769&type=RES&src=KA_RES
The tussle between the black and white hats continues unabated -- the one secure claim we can make is that this problem will continue to escalate in complexity and impact. How threat management is responding to such challenges is outlines in this white paper: "The Next Generation of Threat Management".
It rather sounds like we need this bad.
http://whitepapers.comdex.com/data/detail?id=1019745194_234&type=RES&src=KA_RES
If you teach networking from even slightly older texts [particularly those oriented towards Cisco certifications], the Ethernet emphasis will be on 10Mb/s. Times have changed somewhat, and increased speeds are the order of the day, as this white paper: "Evolution of Gigabit Technology: From the Backbone to the Desktop" describes. This can nicely supplant those somewhat tired texts.
http://itw.itworld.com/GoNow/a14724a94937a89073442a1
With the advent of multimedia files and the whole brouhaha over peer-to-peer file sharing, administrators need to know how to develop policies for controlling shared disk volumes. This is particularly important in educational environments, since students are a vigorous source of file-swapping. This white paper, "Windows Quota Management and File Blocking 'Best Practices'" is intended to allow you to control storage size and access rights with reasonable ease, and thus is relevant to this question.
http://cl.com.com/Click?q=c6-URl9QMLMgFclu7mdIX6zfm9shRRR
It is worth reminding ourselves that all the whirring fans and blinking lights are not ends in themselves. This white paper: "A Vision for Business Intelligence" attempts to show how we can use a powerful technology which has been under appreciated and not used to its fullest. This is an example of a broader problem with technology and innovation implementation within organizations, a general solution to which would be a most powerful empowering tool.
http://cl.com.com/Click?q=fe-xkKgQwgDyMrGUcmkPi4jg6hhvRRR
Identifying the best communication solution, especially where WANs are concerned, is by no means straightforward. This white paper: "Frame Relay vs. IP VPNs" discusses the pros and cons of both approaches, and will be valuable in those teaching environments where a fully-configurable WAN is not ready to hand to serve as an experimental subject.
http://whitepapers.comdex.com/data/detail?id=1050602782_964&type=RES&src=KA_RES_QUERY
Your network can never be too fast, so a white paper on "Strategies for Optimizing LAN Performance" certainly is a useful thing to have on hand. It describes potential bottlenecks, how to identify them, and how to cure them.
http://www.itl.nist.gov/div895/carefordisc/CDandDVDCareandHandlingGuide.pdf
The whole question of reliability of optical media in the CD/DVD format has been the subject of some vigorous and alarming discussion over the past few years -- there is no doubt that these media are not as bullet-proof as sometimes claimed. The USA's National Institute of Standards and Technology has released a white paper: "Care and Handling of CDs and DVDs — A Guide for Librarians and Archivists" which can serve as a guide to the perplexed on this subject.
Very big point -- using adhesive labels on CD's is a bad idea -- something I have been rather certain about for some time. Another excellent example of Your Tax Dollars At Work.
http://csrc.nist.gov/publications/nistpubs/800-61/sp800-61.pdf
Here is a white paper incorporating the recommendations of the National Institute of Standards and Technology incorporated in their "Computer Security Incident Handling Guide". Covering organization, handling, specific incident types, and a wealth of appendices with recommendations, questions, and supporting materials, this looks to be an excellent primer on its topic, and one which could be easily incorporated in the appropriate security curriculum.
Now this is an example of Our Tax Dollars At Work which has really done something worthwhile!
http://whitepapers.comdex.com/data/detail?id=1074104558_819&type=RES&src=KA_RES
The evolutionary contest between spam and spam control techniques parallels that between virus and antivirus software, with convincing echoes of the biological eponym. This white paper, with a title after my heart: "Spam: A Many Rendered Thing; An in-Depth Look at Current Trends in Spamming Techniques" looks at the variety of new techniques spammers use to outfox filters.
There is, of course, an odd and melancholy irony to all of this -- if the spammers succeed, they will remove all reason to use e-mail, whereupon they will be broadcasting to thin air.
http://cl.com.com/Click?q=2c-DaaOIc0OqhKF1bqRXlAUBvCWr9RR
The indexed article discusses the important concept of secure identity management. The following materials offer other information about security:
A set of "Best Web Links" on security basics, "for those just entering the world of security", covering a wide range of topics, from biometrics to viruses, can be found here:
http://searchsecurity.techtarget.com/bestWebLinks/0,289521,sid14_tax281891,00.html
Another set of "Best Web Links" on common vulnerabilities is here:
http://searchsecurity.techtarget.com/bestWebLinks/0,289521,sid14_tax281934,00.html
Given the prevalance of Microsoft OFFICE in the workplace, some advice on locking it down for security is not amiss, and this comes from an expert, Roberta Bragg:
http://mcpmag.com/columns/article.asp?editorialsid=555
A white paper "The Secret to Simplified Firewall and VPN Security" covers a popular and significant topic:
http://searchSecurity.com/r/0,,16172,00.htm?stonesoft
Some straightforward secuity advice can be found here:
Knowing How Much Security You Need on a Windows 2000 Network
http://www.dummies.com/WileyCDA/DummiesArticle/id-1512.html
Breaking into the Basics of Network Security
http://www.dummies.com/WileyCDA/DummiesArticle/id-1808.html
Firewalls: Defending Your Network from Internet Attacks
http://www.dummies.com/WileyCDA/DummiesArticle/id-1518.html
http://whitepapers.comdex.com/data/detail?id=1036681158_105&type=RES&src=KA_RES
Security threats to e-business, both established and pending, are sufficiently high-profile to make a white paper called "Internet Security - A Defense Model for E-Business" attractive without saying a word more.
http://whitepapers.comdex.com/data/detail?id=1073494621_104&type=RES&src=KA_RES
My attitude to IM is "I never use it, Sir, it promotes rust", but there is no question that this communications facility has a major impact in many organizations. At the same time, the security issues surrounding IM ought to give any networking professional pause, if not nightmares. This white paper: "Enterprise Instant Messaging - Essential Infrastructure" can provide a starting point for efficient, effective, and safe IM.
http://whitepapers.comdex.com/data/detail?id=1052750276_21&type=RES&src=KA_RES
Wireless is different, wireless is coming on strong, and wireless poses [as has been mentioned in this blog before] major security problems. Getting a grip on where to start may be assisted by this white paper: "Understanding the Layers of Wireless LAN Security & Management", which obviously goes beyond security issues.
http://whitepapers.comdex.com/data/detail?id=1073402060_588&type=RES&src=KA_RES
E-mail spoofing is a serious problem, particularly with the development of 'phishing' scans, which use e-mail to direct victims to realistic-looking but bogus Web sites. A range of "Proposed Solutions to Address the Threat of Email Spoofing Scams" is discussed in the white paper of the same name indexed by this URL. Both prevention and cure are discussed; understanding the pros and cons of various approaches can be useful for teaching many aspects of networking as well as security.
Additionally, here is a Web site devoted to the phishing problem and what can be done to prevent it, with archives and news:
http://whitepapers.comdex.com/data/detail?id=1071837167_677&type=RES&src=KA_RES
One of the advantaged to Active Directory is the much larger number of accounts which can be managed using it. Here we have a white paper: "Deployment Trends and Methods for Optimizing Large Active Directory Configurations" which speaks directly to issues relating to converting from NT 4.0 to an AD-enabled Windows version. It also looks at AD use within larger organizations, and thus looks like a useful case study.
http://whitepapers.comdex.com/data/detail?id=1070988580_381&type=RES&src=mu_ab
Another slant on the IT employment issue, looking at the question "U.S. Programmers and Analysts: Endangered or Just Wounded?". The overall picture is related to historical trends, suggesting that those in the IT industry must use strategic management of their own careers to maximize their opportunities.
Another perspective suggesting the supply of IT jobs is growing can be found here, along with a sidebar indexing a number of related employment articles:
http://www.cioupdate.com/career/article.php/328945
http://whitepapers.comdex.com/data/detail?id=1069861581_120&type=RES&src=KA_RES
A short white paper: "Bewafre Spyware" which gives a quick overview of this type of malware, useful for informing teachers and students alike. If people read something simple and basic about this, which looks digestible, they may be more motivated to do something about this. I would be prepared to bet a small chocolate bar that home users in the thousands still do not appreciate the spyware threat, even though they are suffering the consequences.
http://www.usenix.org/events/sec02/full_papers/staniford/staniford.pdf
An analysis of the risks and propects for worms on the InterNet, using Code Red as a model. This paper: "How to own the Internet in your Spare Time" suggests some preventative measures which can and should be deployed.
http://whitepapers.comdex.com/data/detail?id=1070907380_696&type=RES&src=KA_RES
In comparison to hardware and configuration details, network management often gets scanted in networking courses, even if it is supposed to be a curriculum item. Network management is just so theoretical and amorphous without an actual network to manage. This white paper: "Cisco - Network Management System: Best Practices White Paper" covers the 5 ISO management functional areas with reference to managing Cisco systems, and is therefore a potentially useful resource in making network management instruction manageable.
This paper on Wireless LANs may be useful as an adjunct to this: "Wireless LANs: The Essentials for Saving Your Sanity":
http://whitepapers.comdex.com/data/detail?id=1046952003_302&type=RES&src=KA_RES
The Cisco take on wireless LAN planning: "Preparing for Wireless LANs" is provided here:
http://whitepapers.comdex.com/data/detail?id=1057858029_986&type=RES&src=KA_RES
while this paper looks more closely at a major management concern: "Cisco - Change Management: Best Practices White Paper":
http://whitepapers.comdex.com/data/detail?id=1070907379_141&type=RES&src=KA_RE
and another management area is covered in this document: "Cisco - Configuration Management: Best Practices White Paper ":
http://whitepapers.comdex.com/data/detail?id=1071077473_593&type=RES&src=KA_RES
http://whitepapers.comdex.com/data/detail?id=1070473161_825&type=RES&src=KA_RES
If wireless security is not a concern, it should be; the basic WEP standard has demonstrated weaknesses, and undetected interception is so much easier with wireless that additional measures must be undertaken. This white paper: "Practical Solutions for Securing Your Wireless Network" can give you some pointers on how to reap wireless roses without security exploit thorns.
Another security paper from Cisco Systems focusses on: "Technology Best Practices for Endpoint Security":
http://whitepapers.comdex.com/data/detail?id=1070907383_68&type=RES&src=KA_RES
which introduces another layer into the security cake.
http://whitepapers.comdex.com/data/detail?id=1069950012_176&type=RES&src=KA_RES
I must be in an exceptional mood today -- usually, if a resource requires an extensive registration [and this one certainly does], I don't feature it in these selections. It is hard enough just finding and understanding the information we need to teach IT effectively without battling additional obstacles. In this case, however, the reward is worth jumping through the hoops: a meaty, 79-page guide to the whole mare's nest of issues surrounding WINDOWS Group Policies.
Now Group Policies are one of these annoying things which are immensely powerful, extremely important for IT students to know about, and yet remarkably resistant to effective teaching, because they are so abstract in the absence of a specific environment in which to apply them. Having a guide which can make some practical sense out of this is comforting in itself, and will, no doubt, serve as a source of precept and example to assist in teaching this subject.
http://whitepapers.comdex.com/data/detail?id=1070381782_523&type=RES&src=KA_RES
There is certainly enough going on in the security world these days that having a set of useful tips on hand for vulnerability reduction can come in quite handy for practitioners and educators [the latter sometimes wearing both hats] alike. This white paper: "Best Practices for Vulnerability Management" provides some guidance of how to go about reducing your risks.
More assistance can come from the following white paper:
http://whitepapers.comdex.com/data/detail?id=1069950009_199&type=RES&src=KA_RES
which covers this topic "From Project to Process - Policy-Based Vulnerability Management".
Looking at crucial isues relating to the IT core comes from a white paper titled "Core Security", found at:
http://whitepapers.comdex.com/data/detail?id=1069861581_139&type=RES&src=KA_RES
http://www.microsoft.com/technet/itsolutions/MSIT/Security/mssecbp.asp
Given that Microsoft's own network is a number-one target for attacks, some explanation of the principles used in that corporation to safeguard themselves is certainly worth inspection, and that is what this white paper: "Security at Microsoft", provides.
Most of the suggestions relate to using Windows 2003, but could be retrofitted to W2K systems.
http://whitepapers.comdex.com/data/detail?id=1051115002_827&type=RES&src=KA_RES_QUERY
Internetworking is in many ways the most challenging aspect of networking, but with the advent of our wired world, even small and medium-sized organizations may find it necessary. This white paper: "The Basics of Internetworking" extols the value of simplicity in solution deployment and management
http://whitepapers.comdex.com/data/detail?id=1053093882_459&type=RES&src=KA_RES
From the same folks minuted previously, comes a white paper: "Better Security - A Practical Guide - Network Security for Large Enterprises" that outlines planning for larger organizations. Certainly a useful reference for teaching about enterprise-scale networking security.
PUBLISHER: WatchGuard Technologies, Inc.
http://whitepapers.comdex.com/data/detail?id=1060957258_977&type=RES&src=KA_RES
One of the major knocks against mobile devices has been the security problems they bring in their train. This paper: "Wi-Fi* Protected Access and Intel entrino(TM) Mobile Technology Deliver a Robust Foundation for Wireless Security" may need accompanyment with several grains of salt, given that it is by Intel, but it does suggest that upgraded standards are now available for WiFi security.
Another paper, from the same source, covers "Deploying Secure Wireless Networks: Intel's Strategies to Minimize WLAN Risk", and is available here:
http://whitepapers.comdex.com/data/detail?id=1067873911_604&type=RES&src=KA_RES
More on wireless security in the paper: "Seven Security Problems of 802.11 Wireless" which can be found at: http://whitepapers.comdex.com/data/detail?id=1067873924_916&type=RES&src=KA_RES
Yet more on wireless security, with a proprietary solution offered, from the paper: "Cresting the Wireless Wave with Security Solutions - Solutions to the WLAN Security Crisis" from:
http://whitepapers.comdex.com/data/detail?id=1067873917_615&type=RES&src=KA_RES
http://whitepapers.comdex.com/data/detail?id=1067434029_925&type=RES&src=KA_RES
The continuing press for network speed is inherent in this white paper: "10 Gigabit Ethernet Technology Overview". The major problem we face with this on the LAN front is the condition of our building backbone, which may be designed in such a way that upgrading is difficult. At some point, one has to think that we will have 'enough' speed -- say, to produce HDTV on-demand -- but we are not there yet.
http://whitepapers.comdex.com/data/detail?id=1052406549_289&type=RES&src=KA_RES
Wireless technology is not only becoming a major aspect of networking, but it is also a complex specialty with a language all its own. The white paper: "The CIO's Guide to Mobile Wireless Computing" provides an easily comprehended overview of the major elements and issues involved in this type of networking.
http://www.kbst.bund.de/Anlage303777/pdf_datei.pdf
A detailed, warts-n-alll look at the issues and problems involved in migrating from Windows [both as an operatings system and a support plaftorm for major service applications] to Linux. Equally valuable is the acceptance of the large degree of variables which can apply in this stuation, suggesting a multiplicity of migration paths rather than just a single conduit from A to B.
http://whitepapers.comdex.com/data/detail?id=1065711306_625&type=RES&src=KA_RES
Capacity planning is an exercise of major significance to network administrators/managers, but it is also one which may be done so infrequently that when it is done, it is not done effectively. Given the current economic straits of IT, a white paper like "Capacity Planning in Today's Economy" has applications throughout the whole IT structure.
http://whitepapers.comdex.com/data/detail?id=1066151815_96&type=RES&src=KA_RES
Effective security is not a matter of absolute prevention -- that's impossible -- but of managing risks. This white paper: "Security Risk Management - Strategies for Managing Vulnerabilities and Threats to Critical Digital Assets" outlines how to create requirements for such strategies.
http://itw.itworld.com/GoNow/a14724a87343a89073442a1
While products and services to provide security are available in profusion, no single solution provides all the protection you need. A layered approach is definitely the most appropriate and fruitful solution process, and this white paper: "Network Configuration Management: An Additional Layer of Security" gives advice on how to implement this as part of your network configuration, which certainly should be part of anyone's defensive planning.
http://itw.itworld.com/GoNow/a14724a87343a89073442a2
Thin clients are like the movie monster which refuses to die. While I am apparently not alone in thinking them a thoroughly Bad Thing [because they are disempowering], nevertheless hope springs eternal in the thin client supporter ranks. This white paper, admittedly from an interested party: "Thin Clients: Four Facts You Can’t Afford to Ignore" makes the contrary case, and it is always good to consider the contrary case from time to time.
After all, it may even be right, forcing that most painful thing, a change of mind.
http://utilitycomputing.itworld.com/4589/031001linkfeature_uc/page_1.html
The URL indexes a page of links about utility computing and related isues, including news articles/features, webcaset, white papers, product information, and a newsletter up with which you can sign. As a much-heralded enterprise solution, this technology is definitely worth keeping an eye on, and this site effectively peels that eye,
http://www.forbes.com/2003/10/10/1010grovepinnacor.html
Article discussing the degree to which the InterNet, as we have come to know it, is at risk from the garbage and malware currently flooding it. The potential for Net balkanization is considered very real [and this would simply be another example of a "Tragedy of the Commons"]. The concept of 'end-to-end' communication is ultimately at risk here.
A related viewpoint avaliable as a downloadable .PDF file, coming essentially to the same conclusion, is "The Beginning of the End of the Internet? Discrimination, Closed Networks, and the Future of Cyberspace", available from:
http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-239800A1.pdf
My, for some reason, the most recent set of posts have been gloomy and doomy!
http://www.wiebetech.com/pressreleases/BillionEqualBillion.pdf
How many bytes would a hard drive bite if a hard drive did bite bytes? The fact that manufacturers rate hard drive capacities using decimal arithmetic while many popular OS report it in binary converted to decimal [e.g. Windows] can be a source of confusion for all concerned.
This report defends the hard drive manufacturers more than I would consider reasonable. I think the size rating should be in the terms of the OS in use. But whatever side you take on this, the URL indexes a short, clear, helpful white paper: "When One Billion does not equal One Billion, or: Why your computer’s disk drive capacity doesn’t appear to match the stated capacity" on just this topic.
The following seriues of white papers from Spirent Communications cover a variety of real-world testing and configuration issues:
General Network Performance Testing Methodology http://whitepapers.comdex.com/data/detail?id=1063826137_766&type=RES&src=KA_RES
Firewall Testing Methodology Using Spirent Solutions http://whitepapers.comdex.com/data/detail?id=1063826137_766&type=RES&src=KA_RES
Reality Bytes: The Importance of Realism for Improving Web Site Performance http://whitepapers.comdex.com/data/detail?id=1063826137_342&type=RES&src=KA_RES
The Spirent Solution: Enabling the Realism of Live Networks with the Precision of Lab Measurement http://whitepapers.comdex.com/data/detail?id=1063826137_825&type=RES&src=KA_RES
The Network Commandments: Ten Ways to Improve Quality and Performance http://whitepapers.comdex.com/data/detail?id=1063826138_924&type=RES&src=KA_RES
http://whitepapers.comdex.com/data/detail?id=1063197052_173&type=RES&src=KA_RES
When the packet misses a socket, knowing what the last known good configuration actually was may get you out of a pocket of trouble. This white paper: "Enterprise Network Configuration Change Management: A Practitioner's Guide" offers some insight into making this happen.
http://www.ccianet.org/papers/cyberinsecurity.pdf
The title and subtitle of this paper pretty much sum it up: "CyberInsecurity: The Cost of Monopoly; How the Dominance of Microsoft's Products Poses a Risk to Security". Despite its alarmist title, it is written by a bevy of well-known security analysts from all sections of the IT industry, and presents an argument for a diversified software ecology clearly and concisely.
The report makes a point that is worth quoting: "The average user is not, does not want to be, and should not need to be a computer security expert any more than an airplane passenger wants to or should need to be an expert in aerodynamics or piloting.". The tendency to "blame the victim" in many of these cases is totally misplaced, and in fact impedes potential solutions.
A short commentary on this paper is available here:
http://mcpmag.com/news/article.asp?editorialsid=613
and a more extended commentary with reflection on the wider issues is available here:
http://news.com.com/2009-7349_3-5140971.html
Another more recent rebuttal is here:
http://whitepapers.comdex.com/data/detail?id=1063320526_115&type=RES&src=KA_RES
The rapid development of a whole host of security threats, particularly to Microsoft systems, has made patch management a major issue. Surveys showing significant numbers of unpatched servers are cause for much hand-wringing and finger-pointing. In this paper: "Give IT Managers a Break: Why Patching Is Not Easy", some of the mitigating circumstances are discussed, along with a recognition that patch management is a difficult, wearisome, and time-comsuming process.
Another white paper which addresses "Taking the Risks and Guesswork Out of Patch Management", in an area which amounts to a $2 billion/year expenditure, can be found here:
http://ewrma.com/ct?id=5393-3181-3409848
Microsoft, for one, is trying to reduce the problems caused by patching, as explained in their white paper "Beyond Security Patching", available here:
http://whitepapers.comdex.com/data/detail?id=1076340273_667&type=RES&src=KA_RES
http://whitepapers.comdex.com/data/detail?id=1063389252_145&type=RES&src=KA_RES
The increasing scope of attacks on networks makes a white paper covering "Optimizing Security and Network Operations" particularly useful.
While the Computer Security Site is a good source in itself to keep tabs on training for security in general and the CSI certifications in particular, as this entry is written, in addition there is a downloadable report avilable: the eighth annual Computer Crime and Security Survey, which clearly shows that computer crime and security remain significant issues.
http://whitepapers.comdex.com/data/detail?id=1046792460_261&type=RES&src=KA_RES
A white paper covering what is involved in "Fixing Ethernet and Fast Ethernet Link Problems", which can be of aid in setting up trouble-shooting exercises and devising solutions for them.
Here are three white papers on various aspects of networks and timkeeping:
The Importance of Network Time Synchronization
http://whitepapers.comdex.com/data/detail?id=1051627365_102&type=RES&src=KA_RES
The Five Dangers of Poor Network Timekeeping http://whitepapers.comdex.com/data/detail?id=1051627365_106&type=RES&src=KA_RES
Synchronization Essentials of VoIP http://whitepapers.comdex.com/data/detail?id=1051627365_514&type=RES&src=KA_RES
http://whitepapers.comdex.com/data/detail?id=1062090016_670&type=RES&src=KA_RES
A white paper titled "Fast Path to Secure Systems Architectures and Network Designs", directed towards enterprise/large-scale security, again from a source which has a lot of experience with this, both good and bad.
http://www.ingrian.com/resources/index.html#wp
While the initial inpetus for this posting is a white paper on "Five Threats to Data Security", this site also contains other related papers, plus specifications for the company's products and solution/fact sheets of how these can be applied.
http://www.microsoft.com/education/?ID=21stCenturyCitizen
An extensive on-line and downloadable [WORD format] white paper titled "Educating the 21st Century Citizen" setting out Microsoft's future education vision. The broad coverage in this paper gives ample pause for thought, regardless of one's opinion of the originator.
http://whitepapers.comdex.com/data/detail?id=1042056881_377&type=RES&src=KA_RES
Patterns are a handy rubric for any constructive activity, so a white paper entitled "Enterprise Network Design Patterns - High Availability" would seem to be a useful tool to have in the network designer's toolbox.
http://whitepapers.comdex.com/data/detail?id=978728650_214&type=RES&src=KA_RES
Countering Denial of Service attacks [particularly those of the distributed variety] represents a difficult challenge against a highly probable threat. This white paper, "Security on IP Networks - Countering Denial of Service (DoS) Attacks: An Overview of the Key Challenges and Countermeasures", looks at the issues involved, including access control, authentication, Denial of Service Attacks, Ethernet Switches, hackers, IP Networks, policy-based management software, Quality of Service, and the RADIUS Protocol.
http://whitepapers.comdex.com/data/detail?id=1057858101_721&type=RES&src=KA_RES
The journey of 1000 miles of network security begins with a single step -- this white paper: "Action Steps for Improving Information Security" explains how to complete the journey for your infrastructure.
http://whitepapers.comdex.com/data/detail?id=1057858077_908&type=RES&src=KA_RES
A white paper on the "Economic Impact of Network Security Threats" gives some quantifiable assessments of threats to network operation, which may serve as a useful focussing device.
http://ct.com.com/click?q=12-jaAKIl.Q6lZQ.KFqUo1J6p2kqGPR
Given that Windows NT Server 4.0 is just about to pass its "best before date", an organization which has waited this long probably really needs a white paper titled " Evaluating Windows Server 2003 Migration Options", and Dell will be happy to let you download it free from the URL provided.
More details on migration planning from NT to an Active Directory server can be found here:
http://www.informit.com/guides/content.asp?g=windowsserver&seqNum=53
http://www.gfi.com/mailsecurity/wptrojans.htm
Company white paper demonstrating how Trojans can avoid standard antivirus solutions, while suggesting that the more extensive use of freeware and peer file sharing also increases Trojan risks. Of course, specialized anti-Trojan suites are also available [e.g. TDS-3 http://tds.diamondcs.com.au/ ].
HREF="http://whitepapers.comdex.com/data/detail?id=1057858120_962&type=RES&src=KA_RES
This free white paper on "Network Security - An Executive Overview" would be a good resource for students, since they often need the same 'high level' view as executives, so the forest emerges from the trees.
SAFE: IP Telephony Security in Depth http://whitepapers.comdex.com/data/detail?id=1057858103_115&type=RES&src=KA_RES
SAFE VPN - IPSec Virtual Private Networks in Depth http://whitepapers.comdex.com/data/detail?id=1014669748_545&type=RES&src=KA_RES
SAFE - Extending the Security Blueprint to Small, Midsize, and Remote-User Networks http://whitepapers.comdex.com/data/detail?id=1014669157_842&type=RES&src=KA_RES
SAFE: A Security Blueprint for Enterprise Networks http://whitepapers.comdex.com/data/detail?id=1057858038_851&type=RES&src=KA_RES
A series of whitepapers covering Cisco's secure blueprint for networks both large and small (SAFE), providing best practice information on the particular subjects addressed.
http://cda.mrs.umn.edu/~mine0057/fs.pdf
A short paper ["New Advances in the Filesystem Space"] on the drawbacks of current file systems, particularly as these relate to POSIX, and what advances are being made in this area. It is worth keeping an eye on this area for new metaphors underlying a changed way of doing things.
http://whitepapers.comdex.com/data/detail?id=1049470987_680&type=RES&src=KA_RES
When you are penetrated, your network is at grave risk, if not already compromised or damaged. This white paper discusses how penetration tests should be part of the security armoury: "Penetration Tests - The Baseline for Effective Information Protection".
http://whitepapers.comdex.com/data/detail?id=1057250074_206&type=RES&src=KA_RES
IP V.6 has been coming longer than a blockbuster sequel, and it is still just inching closer, rather than leaping upon us like a startled rabbit. V6 will be necessary at some point in the near future, not least because it provides superior security, to which this white paper, "Security Implications of IPv6", provides a guide.
http://whitepapers.comdex.com/data/detail?id=1056985790_547&type=RES&src=KA_RES
With a title like "Ten Tips You Can Use to Secure Your Active Directory", the purpose and value of this white paper needs no further commentary from me. I could give more commentary, of course, but it would be redundant and even superfluous. When a tour guide takes up so much of your attention that you no longer look at the gorgeous scenery, a fatal inversion of priorities has resulted, one which I am firmly determined to resist.
So without any further commentary, and eschewing all extraneous verbage, I will direct you to the URL to seek out the particular pearl of wisdom just quivering to be found.
http://whitepapers.comdex.com/data/detail?id=1057071058_868&type=RES&src=KA_RES
Title: The Evolution of Networked Storage - Landscapes, Issues and Solutions
IP Storage Area Networks certainly are a major theme in high-end site development, and this paper looks at what is happening now and what this means for the future.
http://whitepapers.comdex.com/data/detail?id=1057071073_438&type=RES&src=KA_RES
Title: Implementing Network Configuration Management
A look at a number of vexatious network configuration issues providing guidance towards effective solutions, with some emphasis on complex networks.
http://whitepapers.comdex.com/data/detail?id=1055792639_449&type=RES&src=KA_RES
Those in command at Pearl Harbor, it can be argued, were not negligent -- they were just looking for the wrong things in the wrong direction -- and the rest really is history. Here is some common-sense security advice, telling you to tend to the beam in your own eye, before bothering with your sibling's mote: "Sweat the Small Stuff: Making Your Enterprise More Secure with Less Effort".
http://whitepapers.comdex.com/data/detail?id=1028048649_631&type=RES&src=KA_RES
Although the security community has been fairly vigilant in promoting the fact that just installing a firewall no more handles all your security problems than having a lock on your front door prevents your house from flooding, the general consensus is that a segment of the endangered spaces have not realized this. This white paper: "Beyond the Firewall - Using a Layered Security Strategy to Address Internal Security Threats" provides some practical suggestions about implementing a security strategy which will help repel the variety of threats the real world offers.
http://cl.com.com/Click?q=88-ec5PQQKmi5OsSUzRjhGvQVQSUDrR
A useful summary by an interested participant, Hewlett-Packard, on the "Linux Strategies And Solutions" offered by five major suppliers of Linux systems. Oddly enough, Microsoft is not on this list of names....
http://cl.com.com/Click?q=73-__ZeIBBaP5il9iGAQhILJQGrBFRR
Changing from an old version of a Windows OS to a newer one is never to be taken llightly, but Microsoft's support policies are certainly going to push 9x/ME/NT users in the direction of 2000 or XP. So it is useful to have some hints and tips on how to do this well, which this white paper "OS Migration Best Practices for Midrange Organizations", supposedly offers.
http://whitepapers.comdex.com/data/detail?id=1053093882_459&type=RES&src=KA_RES
http://whitepapers.comdex.com/data/detail?id=1035812992_853&type=RES&src=KA_RES
A couple of white papers offering methods of security implementation for large and medium/small organizations respectively. Reading both gives you some impression of what elements are common across all organizations, and where size matters, when security is concerned.
http://cl.com.com/Click?q=04-k9W0IFQjFfCUUR1_QHNpWzpOYWeR
There is a lot of interest in saving IT dollars by moving from a proprietary system to one which is open and low-cost. Naturally, Red Hat is only too happy to provide information on how to do this: "Solaris to Linux Migration: An Introduction".
Note that registration is required to view this paper, but this site is sufficiently useful that I find it worthwhile to be registered.
http://whitepapers.comdex.com/data/detail?id=1054742400_409&type=RES&src=KA_RES
When two heavy hitters like AT&T and The Economist get together to ponder and pontificate about the future of networking, it probably behooves us to cast an eye over the result: in this case "Networking and Business Strategy", which is the first in a series of white papers on this topic.
http://www.thawte.com/guides/index.html
A small, neatly organized collection of white papers for implementing SSL, securing e-mail, and making sure that other relevant aspects of development and implementation for e-commerce can proceed with some assurance of safety.
http://whitepapers.comdex.com/data/detail?id=1052235515_440&type=RES&src=KA_RES
http://whitepapers.comdex.com/data/detail?id=1052235513_540&type=RES&src=KA_RES
The above URLs reference white papers on IP telephony and the relationships between IP and LDAP for ubiquitous remote access.
http://cl.com.com/Click?q=c9-3OZLQpggZBgsGQ8rwVAHbryvhV4R
The Role of Linux in Reducing the Cost of Enterprise Computing is an IDC paper on the virtues of Linux in the enterprise.
Some hints and tips on recovering from disaster are always useful, so here is some information about this:
Disaster Recovery Issues and Solutions http://whitepapers.comdex.com/data/detail?id=1021977643_483&type=RES&src=KA_RES
DESCRIPTION: This paper familiarizes readers with the jargon of software copy alternatives and defines currently available remote copy techniques, including network options for replication.
PUBLISHER: Hitachi Data Systems Corp.
Given that Server 2003 is now upon us, being able to find out more about how it works, and what its advantages are is certainly useful -- here is a white paper on this:
Technical Overview of Windows Server 2003 Security Services http://whitepapers.comdex.com/data/detail?id=1052321112_291&type=RES&src=KA_RES
DESCRIPTION: This article discusses the tools and processes that deliver important security benefits to organizations deploying Windows Server.
PUBLISHER: Microsoft Corporation