Welcome to TDI
overview
How to Get Help
Professional Services
Resource Center
 
it security alerts
white papers
news & resources
events
support services
contact us
SEARCH
         
Resource Center
White Papers

VIRTUALfx – Monitor, Manage, Remediate in a Virtualized World

TDI's VIRTUALfx technology logs, monitors, manages and remediates problems in a virtualized infrastructure. It does so for VMware or XEN hypervisor systems today and will add more vendor technologies as they are more generally accepted. VIRTUALfx is built on TDI's Consoleworks' well proven, mature business critical infrastructure management technology which provides well understood management and remediation of physical infrastructure. Combining these technologies provides the user with a mature, single solution to monitor, manage, log and remediate the virtual and physical environment within the same solution.

Security and Compliance GAPS in Traditional Logging Systems

Log management, aggregation and mining are the heart of both security and event management in the enterprise. Today, all log management systems are dependent on the SNMP protocol. Thus, they cannot log the critical data at the BIOS level which constitutes the root cause data necessary for remediation. Nor can traditional log management systems protect the enterprise - corporate or government from intrusion at all times and under all conditions.

Performance Monitoring In A Virtualized World

Agent-based performance management systems are, by definition, intrusive: they require the presence of an agent to monitor the system. Virtualized environments are particularly susceptible to the problems and overhead generated by agent-based systems.

Proactive Event Management In A Virtualized World

The goal is to find problems, identify their root cause and remediate them before they take down a major business process, network or cascade into taking down a major part of the infrastructure. You want to be able to see when the first redundant drive goes down, not wait until the second one goes down to know you have a problem.

The Persistence Gap: The Dirty Little Secret of Security Compliance

The Persistence Gap is a widely recognized, though not widely discussed, hole in the nation's infrastructure security. It is a wide open door to every hacker, vengeful employee, or terrorist.

Mitigating Risk Disaster Recovery

Disaster recovery in a physical or virtualized world has new, more challenging hurdles to overcome. Companies now recognize if their disaster recovery depends on the network that is down, it is not possible to recover quickly or without serious pain.

Log Management In A Virtualized World: Are You Naked?

In the age of virtualization, traditional log management systems are open to intrusion and fail to meet standard compliance tests for HIPPA, Sarbanes-Oxley, NERC CIP and other federal agencies. There are four major problems with these systems.

Managing Virtualization Across The Enterprise

The advent of virtualization, and hardware service processors, has changed all the best practices for infrastructure management, compliance and logging. Production virtualization has forced a new paradigm. Rapidly deployed "Outside In" infrastructure management will replace traditionally deployed "Outside In" management.

You're Compliant, But Are You Protected?

Being PCI, HIPAA, SOX or NERC-CIP compliant is no protection when you are breached. Recently the country watched as Hannaford Brothers, a major grocery retailer in Maine, had to disclose its security had been breached by insiders who stole credit card information and caused millions of dollars in damages.
IT Security Alert

Security Alert - Green Data Center

The green data center is the new buzzword in computing. Going "green" entails a move to virtualization, use of the service processor to power on and off equipment, using rack mounted devices and monitoring, then optimizing power consumption in the data center.

NERC CIP Cyber Asset Alert: Service Processors Classified As Critical Cyber Assets

Problem: Onboard service processors present on virtually every computer or infrastructure device have been determined to use a "routable protocol" and thus constitute access points to "critical cyber assets." This is a clear threat to the energy power grid and must be mitigated.

IT Audit Security Alert: Known Security Problems With Virtualization

Virtualization is on the lips or in the budget of every major IT shop. New security problems with virtualized environments are being discovered rendering virtualization a potentially insecure solution for PCI, HIPAA Compliance, Sarbanes Oxley compliant environments.

IT Audit Security Alert: Service Processors Subject to Inside and Outside Intrusion

SANS Institute, the nation's largest IT security and audit training organization (www.sans.org) recently discovered every computer delivered today has an onboard service processor that is discoverable and open to hacking. Existing log management systems are blind to this threat.


News & Resources

VMs Can Hurt You

Recently Verizon Business released its 2008 Data Breach Security Report, summarizing the results of four years of forensic research into more than 500 security incidents. While it doesn't focus on server virtualization specifically, it does illustrate a lot about virtualization security as well.

2008 Data Breach Investigations Report

Data breaches. You've gleaned all you can from the headlines; now you have access to information directly from the investigator's casebook. The 2008 Data Breach Investigations Report draws from over 500 forensic engagements handled by the Verizon Business Investigative Response team over a four-year period. Tens of thousands of data points weave together the stories and statistics from compromise victims around the world.

Infrastructure Assessment

This evaluation questionnaire helps to identify key assessment areas within the organization for infrastructure management, enterprise log management, event management and virtualization. By completing the assessment, you and the professionals at TDI will gain a better understanding of your organizations needs and specific requirements.

SANS Technology Institute - Bill Johnson CEO TDI

Bill Johnson, CEO TDI
April 2nd, 2008
By Stephen Nortcutt

Bill Johnson, CEO TDI, was the first person in the industry, that I am aware of, to sound the clarion call that we might be vulnerable to attacks via the Baseboard Management Controller (BMC). That certainly qualifies him as a security thought leader, and we certainly thank him for his time.

SANS Newsletter

Hundreds of millions of devices are being placed on networks with built-in back doors. Printers, routers, computers, control systems, storage systems, medical devices, nearly every automated device has them. The manufacturers of these systems never told you how vulnerable you are.

2007 E-Crime Watch Survey

The Insider Threat Team has also teamed with the U.S. Secret Service and CSO magazine to conduct, analyze, and publish findings from an annual E-Crime Watch survey from research that was conducted to attempt to identify electronic crime fighting trends and techniques, including best practices and emerging trends.

Requirements for Virtualized Systems: Virtualization Management RFP

Listing of key features and values for a virtualized systems, virtual management RFI/RFP.

Requirements for Virtualized Systems: Log Management RFP

Listing of key features and values for a virtualized systems, log management RFI/RFP.
In the News
Events
Technical Notes For Intelligent Event Modules
Operating Systems
Cisco IOS 12.4
Cisco SAN-OS 3.1
HP OpenVMS 8.2 (includes 7.2 and 7.3)
HP Tru64 UNIX
HP-UX
HP-UX 11i
IBM AIX 5.3
Linux Kernel 2.4
Linux Kernel 2.6
Sun Solaris 8 (includes Solaris 7)
Sun Solaris 10
MS Windows 2000/2003/XP

Network Components
Check Point FireWall-1
Cisco Catalyst 4000/4500
Cisco PIX Firewall 6.3
F5 BIG-IP
HP Network Node Manager
IBM WebSphere MQ 5.3
ISS IDS
Juniper Networks JUNOS 7.1
Juniper Networks NetScreen ScreenOS 5.1
Marconi MSB Switch 7.1
Nortel BayStack 450

Hardware
APC Powernet 3.8.4
HP AlphaServer GS 80/160/320
HP AlphaServer Marvel - ES47/ES80/GS1280
HP AlphaServer RMC/SROM
HP AlphaServer SRM
IBM AS/400
Intel Itanium 2
Liebert UPS IEM
Sun Net Connect

Regulatory Compliance - CIP
NERC Critical Infrastructure Protection (CIP) IEM		   Storage
Brocade Silkworm 3.0
Brocade Silkworm 4.1 (SNMP)
Brocade Silkworm 4.2
Brocade SilkWorm 4.4
Brocade SNMP
HP StorageWorks HSV SNMP 3.0
HP StorageWorks HSx
McData Sphereon ES1000
McData Sphereon ES3000
McData Sphereon ES4300
McData Sphereon ES4500
Network Appliance (NetApp)
Solstice DiskSuite 4.2.1

Application
Apache HTTP Server 1.3
Apache HTTP Server 2.0
BEA WebLogic 9.2
Intersystems Caché
Legato NetWorker
Microsoft Exchange Server
MS Exchange Server
Oracle Database 10g
SENSys
Snort 2.6.0
Sun Java System Web Server
Tripwire 2.3
VERITAS NetBackup 5.0
VERITAS Volume Manager
 

For Emulators
Configuring Consoleworks to Use xterm
Using Third Party Terminal Emulators

 

home   products   solutions   industries   corporate   partners contact us terms & conditions privacy site map 1.800.695.1258
info@tditx.com