WindowsNetworking.com - Monthly Newsletter - January 2015
Hi Security World,
Welcome to the WindowsNetworking.com newsletter by Debra Littlejohn Shinder <http://www.windowsnetworking.com/Deb_Shinder/>, MVP. Each month we will bring you interesting and helpful information on the world of Windows Networking. We want to know what all *you* are interested in hearing about. Please send your suggestions for future newsletter content to: dshinder@windowsnetworking.com
1. Taking tiered storage to the next level
---------------------------------------------------------
In this era of bigger and bigger data, where and how to store all of that information has become more important than ever. It’s no longer feasible for large companies â€" or even some smaller ones that engage in very data-intensive work â€" to just throw everything onto a hard drive on a file server and use RAID to provide fault tolerance for that drive.
The problem is two-fold: the sheer amount of data makes this an unwieldy solution, but in addition to that we know that all data is not created equal. Some is sensitive and some isn’t. Some needs to be accessible immediately and some will rarely, if ever, be accessed again. Some information can be erased after a certain amount of time and some must be kept for a set period or even forever.
That’s where the concept of tiered data storage comes in. With tiered storage, you can look at each file or folder and determine which categories it should be placed into, based on access/performance needs, sensitivity and thus the level of security needed, and whatever other factors might be important in your working environment.
Once the data is divided into categories, you can store those different categories in different places and different ways. Not only does this make for a more organized data structure, but it also can save your company money because data that is rarely accessed, for example, can be stored on slower and less expensive media such as tape. Data that must be at hand all the time and immediately can be stored on fast solid state storage. Even the time-consuming process of categorizing the data can be automated with modern tools.
“Tiers� implies that the system is hierarchical; that is, that the categories are ranked in diminishing order of importance or accessibility or security or other needs. Tier one data, then, would be that which is most critical to the business mission or is most confidential and in need of the strongest protection. Tier 2 data would be less important/sensitive than tier 1 but more so than tier 3 and so on. You can have as many tiers as you need, but a two- or three-tier system seems to be typical.
Tier 1 data would be stored on your most reliable and fastest media such as high performance SSD drives and would be protected by the best RAID implementations such as double parity or multiple mirroring. Less critical tier 2 data might be stored on traditional hard drives in a Network Attached Storage (NAS) device or a Storage Area Network (SAN) array. Tier 3 data, which is kept for archive purposes â€" often in compliance with laws or regulations mandating retention policies â€" could be relegated to slow tape drives or even optical media.
Recently some new terms have popped up in the storage community to describe some different tier structures based on the media types that are used. You might have heard talk of “Flape� or “Floud� and wondered what in the heck that is. Both are ways of combining Flash storage (SSD) with other, less expensive media in a tiered storage system and they’ve actually been floating around for quite some time. The Storage Alchemist wrote about them back in 2012:
http://www.thestoragealchemist.com/flape-and-floud/
Flape combined flash with tape. Although it has been declared obsolete more than once, tape is still used by many organizations because it’s very cost effective. It’s not good for data that requires fast access, since it’s a linear medium, but newer tape storage systems can offer significantly higher performance than their older counterparts. It’s not surprising that IBM is a big player in this space, given that they pretty much invented the concept of storing data on magnetic tape over six decades ago.
Floud, on the other hand, combines flash storage with a type of storage that is by no means obsolete but instead is just now coming into its own. You guessed it; we’re talking about the cloud. Cloud storage is a big thing right now, and offers both advantages (accessibility from anywhere, using any device) and disadvantages (access across the Internet is dependent on the user’s connection and will almost always be slower than access storage on a local network. Security issues associated with storing data on a cloud provider’s network, where you don’t have absolute control, can also be a problem with very sensitive data.
With a Floud architecture, lower tier data can be stored in the cloud while higher tier data is stored on fast SSD systems on-premises, providing the best of both world. Due to the economy of scale, cloud storage can be less expensive than maintaining your own tape or optical storage systems. Cloud storage providers themselves offer tiered storage options, as well. Amazon Web Services, for instance, offers Glacier, which is a very low-cost cloud storage tier for archives and backups, in addition to their higher tier S3 (Simple Storage Service).
Tiered storage is the best way to approach bringing order out of the chaos of hundreds of terabytes of data that many organizations deal with today, but developing a good tiered storage strategy requires some planning.
'Til next time,
Deb
dshinder@windowsnetworking.com
=======================
Quote of the Month - The more storage you have, the more stuff you accumulate. â€" Alexis Stewart
=======================
2. Windows Server 2012 Security from End to Edge and Beyond â€" Order Today!
---------------------------------------------------------
Windows Server 2012 Security from End to Edge and Beyond
By Thomas Shinder, Debra Littlejohn Shinder and Yuri Diogenes
From architecture to deployment, this book takes you through the steps for securing a Windows Server 2012-based enterprise network in today’s highly mobile, BYOD, cloud-centric computing world. Includes test lab guides for trying out solutions in a non-production environment.
Order your copy of Windows Server 2012 Security from End to Edge and Beyond. You'll be glad you did.
<http://www.amazon.com/Windows-Server-2012-Security-Beyond-ebook/dp/B00CMQK0OG/ref=sr_1_1?ie=UTF8&qid=1387293428&sr=8-1&keywords=windows+server+2012+end+to+edge+and+beyond>
3. WindowsNetworking.com Articles of Interest
---------------------------------------------------------
Remote Management with PowerShell (Part 2)
Remoting is really the secret sauce of Windows PowerShell. In a previous article, we had the opportunity to show how centralized management can be immensely more effective with script remoting. This article by Wilfredo Lanz reviews the challenges of remoting for network administrators, including managing non-domain computers in an acceptable security context, delegating credentials across multiple hops, and implicit remoting.
http://www.windowsnetworking.com/articles-tutorials/windows-server-2012/remote-management-powershell-part2.html
Working with the Desired State Configuration Feature (Part 5)
This ongoing series from Brien Posey delves deeply in the Desired State Configuration feature for consistently configuring virtual machines. In the previous article, Brien showed you how to run a script in order to make sure that a server adheres to the required state. In this article, he will continue the discussion by showing you what it looks like when you run the script on a server that does not adhere to the required configuration.
http://www.windowsnetworking.com/articles-tutorials/windows-server-2012/working-desired-state-configuration-feature-part5.html
Active Directory Migration Considerations (Part 6)
the first three articles in this series by Mitch Tullock described some of the general considerations concerning Active Directory restructuring projects. The articles also described some of the limitations involved when using ADMT to perform forest or domain migrations or consolidations. The fourth and fifth articles discussed some specific issues relating to the use of the ADMT itself. This last article concludes this discussion with more tips and gotchas when using ADMT for Active Directory migrations/consolidations.
http://www.windowsnetworking.com/articles-tutorials/windows-server-2012/active-directory-migration-considerations-part6.html
4. Administrator KB Tip of the Month
---------------------------------------------------------
Preferences and Local Group Policy
Unlike policies, which can be configured in both domain and local GPOs, preferences can be configured only in domain GPOs. This means that if you open the Local Computer Policy on a computer by running gpedit.msc, you will not see a Preferences node under Computer Configuration or User Configuration.
The above tip was excerpted from Mitch Tulloch's book Training Guide: Installing and Configuring Windows Server 2012 from Microsoft Press <http://www.amazon.com/exec/obidos/ASIN/0735673101/mtitenterprises>.
For more great admin tips, check out http://www.windowsnetworking.com/kbase/
5. Windows Networking Links of the Month
---------------------------------------------------------
Additions to the System Center Operations Manager Preview
http://searchwindowsserver.techtarget.com/tip/Additions-to-the-System-Center-Operations-Manager-preview
The Dynamic Data Center: 3 Trends Driving Change in 2015
http://www.datacenterknowledge.com/archives/2014/12/22/dynamic-data-center-3-trends-driving-change-2015/
Bare metal for the rest of us
http://cumulusnetworks.com/blog/bare-metal/
How IT is creating the "smart" workplace
http://www.networkworld.com/article/2865325/uc-voip/how-it-is-creating-the-smart-workplace.html
As LTE-Advanced becomes more common, 4G speeds increase
http://www.computerworld.com/article/2866944/as-lte-advanced-becomes-more-common-4g-speeds-increase.html
What's your wi-fi strategy for 2015?
http://www.networkcomputing.com/wireless-infrastructure/whats-your-wifi-strategy-for-2015/a/d-id/1318539?
6. Ask Sgt. Deb
---------------------------------------------------------
QUESTION:
I’ve been hearing about something called mobile virtualization and that it can help to make security better on smart phones and tablets and such, but I’m not really sure what it is and how it works and whether it’s really viable for my company. Can you explain or at least point me in the right direction for some better information about this? Thanks! â€" Lowell P.
ANSWER:
Hi, Lowell. There has definitely been a buzz about the concept of mobile virtualization lately and that’s because smart phones and tablets are such attractive targets to hackers and attackers. They’re basically small, powerful computers that people take everywhere and connect to all sorts of networks that might or might not be secure. They also often contain a mixture of people’s personal and business data and apps on them, and mixing work and play can lead to some very real security issues.
The idea behind mobile virtualization is that you can run two separate instances of the mobile operating system on your device, and one can be dedicated to work and the other to personal use. Of course the problem with that in the past was that running virtual machines was pretty resource-intensive and as powerful as our phones are these days, they weren’t quite up to that task â€" at least not without severely slowing down performance.
Now, as virtualization technologies have advanced, we have the ability to isolate these operating systems on mobile devices and manage the “work side� with mobile device management systems while leaving the users’ personal data and apps alone. You can read more about it here:
http://www.networkcomputing.com/wireless-infrastructure/mobile-virtualization-the-future-of-security/a/d-id/1318324?
WindowsNetworking.com Sections
-----------------------------------------------------------------
- Articles & Tutorials (http://www.windowsnetworking.com/articles-tutorials/)
- KBase Tips (http://www.windowsnetworking.com/kbase/WindowsTips/)
- Products (http://www.windowsnetworking.com/software/)
- Reviews (http://www.windowsnetworking.com/articles-tutorials/product-reviews/)
- Free Tools (http://www.windowsnetworking.com/software/Free-Tools/)
- Blogs (http://www.windowsnetworking.com/blogs/)
- Forums (http://forums.windowsnetworking.com/)
- White Papers (http://www.windowsnetworking.com/white-papers/)
- Contact Us (http://www.windowsnetworking.com/pages/contact-us.html)
Techgenix Sites
-----------------------------------------------------------------
- MSExchange.org (http://www.msexchange.org/)
- WindowSecurity.com (http://www.windowsecurity.com/)
- VirtualizationAdmin.com (http://www.virtualizationadmin.com/)
- ISAserver.org (http://www.isaserver.org/)
- CloudComputingAdmin.com (http://www.cloudcomputingadmin.com/)
- WServerNews.com (http://www.wservernews.com/)
--
To unsubscribe: http://www.techgenix.com/newsletter/members.aspx?Task=OOS&SI=78504&E=security.world%40gmail.com&S=1&NL=33
To change your subscription settings: http://www.techgenix.com/newsletter/members.aspx?Task=US&SI=78504&E=security.world%40gmail.com&S=1
WindowsNetworking.com is in no way affiliated with Microsoft Corp.
For sponsorship information, contact us at advertising@WindowsNetworking.com
TechGenix Ltd. Mriehel Bypass, Mriehel BKR 3000, Malta
Copyright WindowsNetworking.com 2015. All rights reserved.
No comments:
Post a Comment