Cisco - TABPI
Cisco - TABPI
Cisco - TABPI
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Editor in Chief Eric Lundquist<br />
Executive Editor/News Michael R. Zimmerman<br />
Director/Design Paul Schaffrath<br />
Director/eWEEK Labs John Taschek<br />
Managing Editor Sue Troy<br />
Executive Editor Stan Gibson<br />
Executive Editor/eWEEK Labs Deb Donston<br />
Technology Editor Peter Coffee<br />
NEWS<br />
News Editor Scot Petersen<br />
Deputy News Editor Chris Gonsalves<br />
Department Editor John S. McCright<br />
Online News Editor Rick Dagley<br />
Online Editor Shelley Solheim<br />
Senior Editors Jeffrey Burt, Caron Carlson,<br />
Dennis Fisher, Peter Galli,<br />
Paula Musich, Carmen Nobel<br />
Senior Writers Dennis Callaghan, Renee<br />
Boucher Ferguson, Evan<br />
Koblentz, Darryl K. Taft,<br />
Lisa Vaas<br />
Exec. Asst. to Editor in Chief Colleen Shanley<br />
gWEEK LABS<br />
Technical Director, West Coast Timothy Dyck<br />
Technical Director, East Coast Jim Rapoza<br />
Senior Analysts Henry Baltazar, Jason Brooks<br />
Cameron Sturdevant<br />
Technical Analyst Francis Chu<br />
Managing Editor Mary Stevens<br />
Senior Writer Anne Chen<br />
EDITORIAL PRODUCTION<br />
Deputy Managing Editor Debra Perry<br />
Deputy Copy Chief Jim Williams<br />
Senior Copy Editor Frederick Ricketts<br />
Production Designer Tara-Ann Fasulo<br />
ART DEPARTMENT<br />
Senior Art Director Stephen Anderson<br />
Senior Macintosh Artist Paul Connolly<br />
gWEEK<br />
Publisher Brian M. Gleason<br />
Business Manager John Dennehy<br />
Marketing Mary Zagrobelny,<br />
Group Marketing Director;<br />
Caroline Tilghman,<br />
Research Analyst<br />
Ad Traffic Howard Lubinger, Manager<br />
Production Manager Milena Emery<br />
ZIFF DAVIS MEDIA<br />
Chairman & CEO<br />
Robert F. Callahan<br />
Chief Operating Officer & CFO<br />
Bart W. Catalane<br />
Senior Executive Vice President, Publishing Operations<br />
Tom McGrade<br />
Executive Vice President & Editorial Director<br />
Michael J. Miller<br />
Executive Vice President, General Counsel & Secretary<br />
Gregory Barton<br />
SENIOR VICE PRESIDENTS<br />
Jasmine Alexander (Technology & Sales Operations)<br />
Derek Irwin (Finance)<br />
Charles Mast (Circulation)<br />
Sloan Seymour (Enterprise Group)<br />
Dale Strang (Game Group)<br />
Jason Young (Internet)<br />
VICE PRESIDENTS<br />
Ken Beach (Corporate Sales)<br />
Tim Castelli (PC Magazine Group)<br />
Charles Lee (Integrated Media)<br />
Aimee D. Levine (Corporate Communications)<br />
Jim Louderback (Editor in Chief, Internet)<br />
Eric Lundquist (Editor in Chief, eWEEK)<br />
Bill Machrone (Editorial Development)<br />
David Mullen (Controller)<br />
Beth Repeta (Human Resources)<br />
Tom Steinert-Threlkeld (Editor in Chief, Baseline)<br />
Stephen Sutton (Internet Audience Development)<br />
Stephen Veith (Publisher, CIO Insight)<br />
Senior Director, Manufacturing<br />
Carlos Lugo<br />
Director, International<br />
Christin Lawson<br />
eWEEK editorial staff members can<br />
be reached at (781) 938-2600 or<br />
(800) 451-1032, or via e-mail using the following formula: firstname_lastname@ziffdavis.com.<br />
For example: eric_lundquist@ziffdavis.com (Don’t<br />
use middle initials in address.)<br />
eWEEK®, PC Week®, PC Week Netweek®, PC Week Shoot-Out®,<br />
Spencer F. Katt® and Spencer F. Katt: Rumor Central® are registered<br />
trademarks of Ziff Davis Publishing Holdings Inc. Copyright (c) 2002 Ziff<br />
Davis Media Inc. All rights reserved. Reproduction in whole or in part<br />
without permission is prohibited. For permission to reuse material in this<br />
publication or to use our logo, contact Ziff Davis Media’s<br />
rights and permissions manager, Olga Gonopolsky, via email,<br />
olga_gonopolsky@ziffdavis.com; phone, (212) 503-<br />
5438; fax, (212) 503-5420. For reprints, contact Lori<br />
Noffz via e-mail, eweek@reprintbuyer.com; phone, (717)<br />
399-1900, Ext. 104. Printed in the U.S.A.<br />
FWEEK.COM<br />
THIS fWEEK<br />
find a weak point; build a firewall.<br />
It’s an ad hoc approach, but it’s the one corporate IT is following as it<br />
gropes its way to more secure Web computing. This week, eWeek Labs<br />
West Coast Technical Director Tim Dyck reviews three Web application<br />
firewalls designed to protect an extremely weak link in the Web infrastructure.<br />
And application holes are often exploited. Tim says the vendors tell<br />
him that customers come calling when they’ve failed a penetration test. The<br />
products he reviews are for critical servers and take a Draconian approach<br />
to security, eliminating access except by specifically allowed, or white-listed,<br />
entities. Tested were Sanctum’s AppShield 4.0,<br />
Teros’ Teros-100 APS 2.1.1 and Kavado’s InterDo<br />
3.0. Teros won Tim’s Analyst’s Choice award.<br />
Tim notes that we already have conventional<br />
firewalls, of course, and two of these can be<br />
used to create a demilitarized zone around<br />
a particularly sensitive server. Then you can<br />
add a Web application firewall and maybe<br />
a database firewall. The result is a firewall<br />
infrastructure that’s ripe for consolidation.<br />
Tim predicts this will happen, with such larger<br />
players as Check Point Software Technologies<br />
leading the way.<br />
Ah, security. We just can’t get enough. And if<br />
you listen to Richard Clarke, we’re not about<br />
L Tuesday,<br />
check out<br />
eWEEK’s online<br />
exclusive interview<br />
with<br />
Richard<br />
Clarke, former chairman of<br />
the President’s Critical Infrastructure<br />
Protection Board,<br />
and find out why he’s so criti-<br />
cal of the government’s<br />
cyber-security strategy.<br />
L Wednesday,<br />
join Cameron<br />
Sturdevant<br />
for<br />
an online<br />
walk<br />
through one of the latest<br />
patch management<br />
The NCC is expected to emerge<br />
from the DHS next month.<br />
to get enough of it from the Department of Homeland Security. Now that<br />
he has left the government, Clarke is very active on the speaking circuit.<br />
Dennis Fisher interviewed Clarke when he came to Boston last week and<br />
heard Clarke reiterate his call for a National Cybersecurity Center with<br />
direct access to the president.<br />
But if you look at the organizational chart, the NCC appears buried beneath<br />
levels of bureaucracy. Clarke has a point. For whatever reason, Clarke feels<br />
he was slighted when the DHS structure was created, so it’s hard to tell whether<br />
his critiques of the structure are objective or merely sour grapes.<br />
Finally, some good news: Microsoft has listened to customers. As Peter<br />
Galli reports, customers have told Microsoft that waiting three years for a<br />
major product upgrade is too long. So Redmond plans to deliver new technologies<br />
as incremental add-ons, “out of band” from the regular upgrade cycle.<br />
The first candidates, as Peter reports, are likely to be Network Attached<br />
Storage 3.0, Small Business Server 2003 and a version of Windows<br />
Server 2003 for AMD’s processors. Customers get to enhance the products<br />
at a pace of their own choosing. What’s not to like? ´<br />
Till next eWEEK, send your comments to stan_gibson@ziffdavis.com.<br />
products reviewed by eWEEK<br />
Labs, PatchLink Corp.’s<br />
PatchLink Update 4.0.<br />
dFriday, get your fix of tech<br />
rumors early:<br />
Eweek.com posts<br />
Spencer F. Katt’s<br />
Rumor Central<br />
column that night<br />
each week.<br />
MAY 26, 2003 n eWEEK 3