Skip to main content

Posts

Showing posts from 2007

SaaS - Microsoft way -- H M C 4.0

Microsoft offers its Crown Jewel MS-Exchange 2007 and Windows Sharepoint Services as Hosted Messaging and Collaboration Solution. This is a incrimental development of products for Service providers like MS - Internet Services, HMC 3.5 with Exchange 2003.... This solution requires eloborate Hardware and Software Infrastructure covering almost all server products from Microsoft Stable. MS-SQL Server MoM -SCoM Active Directory - CDI ISA SharePoint Provisioning System I fail to understand, why do we need such diverse set of software products to run an already complex mail platform like Exchange in a multi-tenent mode... It not only increases the exposure in terms of complexity but also results in skills shortage to run such a diverse environment. A Seemingly simple deployment tool has so much depth to it that, If we end up making any mistake...it will lead to a long and unanticipated delay.... The some portions of supported software platform do not run on the Latest 64bit windows servers.

Simplifying Web Security

There are a bunch of Blog posts on 11/11 Cyberattack.... Threats like these help in understanding the pains and gains of planning/deploying effective web security measures.... The fundamental principles of Security - confidentiality, integrity and availability need to drive the decision making process....for securing Web Properties(Portals, ecommerce and business websites) In my opinion, the defences need to be created at every level of the infrastructure....the key layers being: Hardware ======= Network Storage Servers Appliances Software ======= Operating System Webserver Application server Database server Special appliance firmware/os The typical threats are centered around increase in load (DoS/DDoS), compromising data (sql injection or Web server exploits) and compromising Authentication/Authorization methods. A simple approach to deal with most of the issues is by using a 3 step approach: 1. Improve application security - Application security is turning from art form to more exac