Enterprise-Class Virtualization with Open Source Technologies
Virtualization is a new and hot item to the world of Linux and Windows. There have been, however, virtualization technologies for over 40 years starting with the IBM emulators for mainframes and later with the CP67 and VM virtualizing operating systems.
Fast virtualization with a low overhead makes possible for the first time use in production environments (rather than just test and development).
Xen, the leading Open Source virtualization technology, has quickly become a standard adopted by many leading companies to build comprehensive data center efficiency and management solutions. This session will provide an overview of Xen, architecture and capabilities of the Virtual Iron product built on Xen, possible open source extensions, and best practices for deployment to achieve enterprise-class virtualization.
Alex founded Virtual Iron in 2003 and serves as its CTO. Alex has been instrumental in defining and creating the technology and architecture behind Virtual Iron.
slides (PDF, 759KB)
The Sourcefire 3D Intrusion Prevention System
First generation Intrusion Prevention Systems (IPS) have failed to solve today's threat problem -- breaches are occurring at an ever increasing rate, damaging organizations' reputations and costing revenue. Standalone IPS only protect against intrusions, coming from the perimeter, during the time of the attack. Today's blended threats require blended security systems that have more remediative options.
Snort: Present and Future
Intrusion Detection and Prevention Systems suffer from lack of information that leads to ambiguity -- sensors operate with no compositional knowledge of the network components they are defending, leading to false positives/negatives and evasions. To solve this, Sourcefire is developing a target-based detection engine that auto-configures itself in real-time based on the attributes of the targeted system. This methodology requires a continuous feed of all the attribute data for all the devices on the protected network, even as it evolves.
Jason will discuss where Snort is today and demonstrate the cutting-edge new advancements to come.
Jason Brvenik joined Sourcefire in August 2002 and serves as the Eastern Director of Security Engineering. He has been a key contributor to the open source Snort project.
Information Integrity: Global Policy and Compliance for Secure Messaging
Email remains the most used application where unmonitored content is exchanged. According to the Radicati Group, 6 percent of a corporation's workforce leak sensitive information. Without a secure messaging infrastructure, the integrity of corporate data is put at risk.
Organizations must secure email by considering policy management and outbound filtering solutions for greater control and monitoring to limit risk of IP leaks and meet regulatory requirements.
Brian's talk will discuss how to secure email against internal security threats, comply with regulatory, security and business requirements, and enforce global policy management around messaging.
Solaris 10 (and more)
Peter Baer Galvin
There is a lot going on in the Sun world these days. For this talk, I'll cover a bit of the Solaris part of that world. First, I'll try to make sense of all the paths to Solaris. There are many ways to get Solaris these days, including Solaris 10 update 1, OpenSolaris, Solaris Express, and a bunch of new non-supported distros. There are quite a few new features in Solaris 10+, so a quick overview is in order, and then I'll concentrate on one of the coolest new features of Solaris 10 - DTrace, showing some of it in action. Finally, talk of Solaris wouldn't be complete without a bit of ZFS, including a demo.
Peter Baer Galvin is CTO of Corporate Technologies, a systems integrator and value added reseller specializing in systems, storage, security, and data integration. He speaks and teaches frequently, especially at USENIX conferences, and is co-author of the Operating Systems Concepts textbooks.
slides (PDF, 501KB)
Time Management for System Administrators
Whether you use Perl, Python or Ruby, whether you use Windows, GNU/ Linux or Unix, all system administrators have a problem with time management.
Users interrupt you constantly with requests, your managers want you to get long-term projects done but flood you with requests for quick- fixed, and the machines you manage just never behave, causing problems at the most inopportune moments.
Tom will discuss techniques he has developed over the last 15 years for dealing with these things all of which (and more) can be found in his new book from O'Reilly, Time Management for System Administrators.
Tom Limoncelli has over 15 years of system administration experience and has been teaching workshops on Time Management at conferences since 2003. Tom has worked for both large and small organizations, including Bell Labs and AT&T. He speaks at conferences around the world. His previous book, The Practice of System and Network Administration, is considered a standard reference in system administration.
slides (PDF, 422KB)