Super User

Super User

 

IT Best Practices- DEVOPS

 

The top performing organizations know that they must adopt a continuous and collaborative IT delivery model to meet the ever-increasing market demands for more features, faster. DevOps is proven to produce faster deployments with fewer problems. And the leaders are seeing real business gains: they are 2.5x more likely to exceed profitability, market share and productivity goals and have 50% higher market capital growth over three years.4 The market leaders’ results show us that DevOps is necessary to be competitive, but there are many challenges in the way. Fortunately, we have some experts to help. Recommendations in this eBook are based upon Gene Kim’s keynote presentation at the Dynatrace annual Perform conference and the book he co-authored, The Phoenix Project and the expertise of the Dynatrace Center for Excellence.

 

 Dev Ops is used for websites, e-commerce and application development. Customers requiring support, tranning and assistance should contact one of our engineers for consultation.

 Reference:

1.0 Devop Tools :  Tools for Devops

Please contact us for details. One of our engineers will be happy to discuss your requirements.

Lean IT Solutions 

Lean IT solutions

 

 

Lean IT is the extension of lean manufacturing and 

lean services principles to the development and management of information technology (IT) products and services. Its central concern, applied in the context of IT, is the elimination of waste, where waste is work that adds no value to a product or service.

Although lean principles are generally well established and have broad applicability, their extension from manufacturing to IT is only just emerging.[1] Indeed, Lean IT poses significant challenges for practitioners while raising the promise of no less significant benefits. And whereas Lean IT initiatives can be limited in scope and deliver results quickly, implementing Lean IT is a continuing and long-term process that may take years before lean principles become intrinsic to an organization’s culture.[2]

 

As lean manufacturing has become more widely implemented, the extension of lean principles is beginning to spread to IT (and other service industries).[1] Industry analysts have identified many similarities or analogues between IT and manufacturing.[1][2] For example, whereas the manufacturing function manufactures goods of value to customers, the IT function “manufactures” business services of value to the parent organization and its customers. Similar to manufacturing, the development of business services entails resource management, demand management, quality control, security issues, and so on.[1]

Moreover, the migration by businesses across virtually every industry sector towards greater use of online or e-business services suggests a likely intensified interest in Lean IT as the IT function becomes intrinsic to businesses’ primary activities of delivering value to their customers. Already, even today, IT’s role in business is substantial, often providing services that enable customers to discover, order, pay, and receive support. IT also provides enhanced employee productivity through software and communications technologies and allows suppliers to collaborate, deliver, and receive payment.

Consultants and evangelists for Lean IT identify an abundance of waste across the business service “production line”, including legacy infrastructure and fractured processes.[2] By reducing waste through application of lean Enterprise IT Management (EITM) strategies, CIOs and CTOs in companies such as Tesco, Fujitsu Services, and TransUnion are driving IT from the confines of a back-office support function to a central role in delivering customer value.[1]

 

 

 Please contact us  regarding how you can apply lean IT principals to your organization. One of Our engineers will be happy to discuss  your requirements.

 

 

 References:

1.0 Lean Six Sigma for Service- ASIN-  B000SEI4WO

2.0 The Lean Six Sigma Pocket Toolbook- ASIN: B003O85BTK

 

How SSL Can Secure and Add Features to Your Joomla! Site

  •  

  •  
  •  

Joomla! takes security very seriously and is extremely proactive about fixing any issues that may arise. That doesn't mean that there isn't more you can do for your Joomla! website to protect it. Using SSL, you can enable a few features already built-in to Joomla! and protect from some easy exploits that may be taken against your site and users users. Better yet, SSL can be used for other features you may not even know about.

 

 How SSL Can Secure and Add Features to Your Joomla! Site

 

Why you should be using SSL on your website

SSL (or TLS as it’s newer revisions call it) is that little padlock that has appeared on webpages since Netscape 2.0 in 1996. While it’s commonly thought that SSL is only really needed on e-commerce, financial, or other similarly sensitive sites, the truth is that any site can benefit from the added security, including your Joomla! website. You don’t even need extra extensions, there are features built-in to Joomla! that you can take advantage right now to help your users, and especially yourself, be more protected.

 

But, I don’t have anything special to protect

Yes you do! One of the most valuable things on any website is the username and password for accessing the site. Even if you don’t have users that login to the Front-end of your site, surely, you log into the Administrator area. If you’re not using SSL, others can impersonate you in multiple ways and steal the ‘keys to castle’.

 

So what’s at risk?

When any user logs into your Joomla! site, their username and password are sent over the internet to your server. That part is obvious. What’s not obvious is that username and password can be intercepted anywhere along the way path from the users browser to a wireless router to the ISP to the server itself. While smaller sites are unlikely to be targeted, it's possible. More likely though, as the use of wireless networks at restaurants and coffee houses is pretty commonplace now, those credentials can be intercepted right out of the air before it even goes on the internet.

 

What can someone do with credentials from my site?

Well, if you’re an administrator, they can do anything they want. Additionally, for your users, password over-use is an extremely common problem. While you may not think credentials to your site are that valuable, they can be useful if the user for some crazy reason has the same username and password on a major retail site, hosting company, or other higher profile sites.

 

How can SSL stop this?

It’s amazingly simple, actually. In the Joomla! Login module, there’s a simple setting “Encrypt Login Data”. When you have an SSL certificate on your website, this setting will have the user’s browser encrypt their username and password before it’s sent over the internet to your server. That’s it!

 

 

Session Cookies are vulnerable too

With Joomla!, when a user logs into the Front-end or Back-end area of your website, a special session cookie is set in the browser to identify that user. That cookie is transmitted with every page load so that Joomla! knows the user that is viewing the page. That cookie then grants them the priveleges to do what any registered or administrator user can do.

While the cookie is less of a threat as it will eventually expire, it’s still something that may be worth securing, depending on your site. By simply using SSL across your site, that cookie will be encrypted as well. Again, securing this aspect is as easy as changing the “Force SSL” setting in the Joomla! Global Configuration area. Simply set it to “Entire Site” or “Administrator Only”. If you have an SSL certificate, there’s no reason to select “None”, you should at least choose “Administrator Only” which will prevent your Back-end session cookie being taken, preventing access to the whole Administrator section of your site. 

 

Really, is this even possible?

In 2010, a Firefox addon named Firesheep was released which can automatically scan a wireless network to show and use any session cookies for popular sites like Facebook and Google. While there isn’t an easy addon specific to Joomla! sites, the possibility is still there.

 

The drawbacks to SSL

The biggest drawbacks of SSL are possible cost and performance. Depending on your hosting plan, an SSL certificate may cost anywhere from free to $150 / year. That cost all depends on if your host supplies a ‘free’ shared SSL certificate, lets you install your own from a 3rd party vendor (as low as $10-$20) or force you to buy one from them (up to $150).

If the price is justifiable for your site, the only other thing to consider is that there is a slight performance hit. Since images, Javascript, CSS files and other content will be encrypted, the user’s browser won’t be able to cache these assets. That means more requests per page. While the impact should be minimal, depending on your hosting plan and traffic, it’s worth noting.

 

Are there other features for SSL?

Yes! The whole reason this article came about was because we received similar questions of “What else is SSL good for?” on our forums. For our Joomla! Facebook integration extension,JFBConnect, SSL is required for Facebook invitations to be sent and for Page Tab integration, to show parts of your website on your Facebook page. Since most sites don’t have SSL, we started presenting multiple reasons that it can beneficial to have an SSL certificate outside of just enhanced Facebook integration.

There’s plenty of other reasons for SSL that you probably weren’t aware of, and hopefully now you a few good examples. Do you have any other ways that SSL can enhance features, functionality, or general security of a website you’d like to share? Post them in the comments below.

 

 

 Please contact us  regarding how you can apply lean IT principals to your Organization. One of Our engineers will be happy to discuss  your requirements.

 

Document Management Solutions

Document Management Systems

 

A document management system (DMS) is a system (based on computer programs in the case of the management of digital documents) used to track, manage and store documents. Most are capable of keeping a record of the various versions created and modified by different users (history tracking). The term has some overlap with the concepts of content management systems. It is often viewed as a component of enterprise content management (ECM) systems and related to digital asset management, document imaging, workflow systems and records management systems.

 

 

Document management systems commonly provide storage, versioning, metadata, security, as well as indexing and retrieval capabilities. Here is a description of these components:

 

Topic

Description

Metadata

Metadata is typically stored for each document. Metadata may, for example, include the date the document will be stored and the identity of the user storing it. The DMS may also extract metadata from the document automatically or prompt the user to add metadata. Some systems also use optical character recognition on scanned images, or perform text extraction on electronic documents. The resulting extracted text can be used to assist users in locating documents by identifying probable keywords or providing for full text search capability, or can be used on its own. Extracted text can also be stored as a component of metadata, stored with the image, or separately as a source for searching document collections.

Integration

Many document management systems attempt to integrate document management directly into other applications, so that users may retrieve existing documents directly from the document management system repository, make changes, and save the changed document back to the repository as a new version, all without leaving the application. Such integration is commonly available for office suites and e-mail or collaboration/groupware software. Integration often uses open standards such as ODMALDAPWebDAV and SOAP to allow integration with other software and compliance with internal controls.[citation needed]

Capture

Capture primarily involves accepting and processing images of paper documents from scanners or multifunction printersOptical character recognition (OCR) software is often used, whether integrated into the hardware or as stand-alone software, in order to convert digital images into machine readable text. Optical mark recognition (OMR) software is sometimes used to extract values of check-boxes or bubbles. Capture may also involve accepting electronic documents and other computer-based files.

Validation

Visual validation registration system and important data. E.g. document failures, lack of bells,[clarification needed] missing signatures, misspelled names, this can be printed on paper documents or images on paper.

Indexing

Indexing tracks electronic documents. Indexing may be as simple as keeping track of unique document identifiers; but often it takes a more complex form, providing classification through the documents' metadata or even through word indexes extracted from the documents' contents. Indexing exists mainly to support retrieval. One area of critical importance for rapid retrieval is the creation of an index topology.

Storage

Store electronic documents. Storage of the documents often includes management of those same documents; where they are stored, for how long, migration of the documents from one storage media to another (hierarchical storage management) and eventual document destruction.

Retrieval

Retrieve the electronic documents from the storage. Although the notion of retrieving a particular document is simple, retrieval in the electronic context can be quite complex and powerful. Simple retrieval of individual documents can be supported by allowing the user to specify the unique document identifier, and having the system use the basic index (or a non-indexed query on its data store) to retrieve the document. More flexible retrieval allows the user to specify partial search terms involving the document identifier and/or parts of the expected metadata. This would typically return a list of documents which match the user's search terms. Some systems provide the capability to specify a Boolean expressioncontaining multiple keywords or example phrases expected to exist within the documents' contents. The retrieval for this kind of query may be supported by previously built indexes, or may perform more time-consuming searches through the documents' contents to return a list of the potentially relevant documents. See also Document retrieval.

Distribution

A published document for distribution has to be in a format that can not be easily altered. As a common practice in law regulated industries, an original master copy of the document is usually never used for distribution other than archiving. If a document is to be distributed electronically in a regulatory environment, then the equipment tasking the job has to be quality endorsed AND validated. Similarly quality endorsed electronic distribution carriers have to be used. This approach applies to both of the systems by which the document is to be inter-exchanged, if the integrity of the document is highly in demand.

Security

Document security is vital in many document management applications. Compliance requirements for certain documents can be quite complex depending on the type of documents. For instance, in the United States, the Health Insurance Portability and Accountability Act (HIPAA) requirements dictate that medical documents have certain security requirements. Some document management systems have a rights management module that allows an administrator to give access to documents based on type to only certain people or groups of people. Document marking at the time of printing or PDF-creation is an essential element to preclude alteration or unintended use.

Workflow

Workflow is a complex process and some document management systems have a built-in workflow module. There are different types of workflow. Usage depends on the environment to which the electronic document management system (EDMS) is applied. Manual workflow requires a user to view the document and decide whom to send it to. Rules-based workflow allows an administrator to create a rule that dictates the flow of the document through an organization: for instance, an invoice passes through an approval process and then is routed to the accounts-payable department. Dynamic rules allow for branches to be created in a workflow process. A simple example would be to enter an invoice amount and if the amount is lower than a certain set amount, it follows different routes through the organization. Advanced workflow mechanisms can manipulate content or signal external processes while these rules are in effect.

Collaboration

Collaboration should be inherent in an EDMS. In its basic form, collaborative EDMS should allow documents to be retrieved and worked on by an authorized user. Access should be blocked to other users while work is being performed on the document. Other advanced forms of collaboration act in real time, allowing multiple users to view and modify (or markup) documents at the same time. The resulting document is comprehensive, including all users additions. Collaboration within Document Management Systems stores the various markups by each individual user during the collaboration session, allowing document history to be monitored.

Versioning

Versioning is a process by which documents are checked in or out of the document management system, allowing users to retrieve previous versions and to continue work from a selected point. Versioning is useful for documents that change over time and require updating, but it may be necessary to go back to or reference a previous copy.

Searching

Searching finds documents and folders using template attributes or full text search. Documents can be searched using various attributes and document content.

Publishing

Publishing a document involves the procedures of proofreadingpeer or public reviewing, authorizing, printing and approving etc. Those steps ensure prudence and logical thinking. Any careless handling may result in the inaccuracy of the document and therefore mislead or upset its users and readers. In law regulated industries, some of the procedures have to be completed as evidenced by their corresponding signatures and the date(s) on which the document was signed. Refer to the ISO divisions of ICS 01.140.40 and 35.240.30 for further information.[3][4]

The published document should be in a format that is not easily altered without a specific knowledge or tools, and yet it is read-only or portable.[5]

Reproduction

Document/image reproduction is key when thinking about implementing a system. It's great to be able to put things in, but how are you going to get them out? An example of this is building plans. How will plans be scanned and scale be retained when printed?

 

 

Please contact us for details. One of our engineers will be happy to discuss your requirements.

Digital Singnage Solutions

 

 

 

Digital Signage Solutions

 

Digital signs are a sub segment of signage. Large installation digital signage systems are often designed byEnvironmental Graphic Designers who often design both the installation and the content to be viewed via the digital signage.

Digital Signs are used in wayfindingplacemakingexhibitionspublic installationsmarketing and outdoor advertising.

Digital signs use technologies such as LCDLED and Projection to display content such as digital imagesvideo,streaming media, and information and can be found in public spaces, transportation systems, museums, stadiums, retail stores, hotels, restaurants, and corporate buildings etc.

Digital sign running theFirefox Web browser (identifiable by its connection failure message)

Digital signage displays use content management systems and digital media distribution systems which can either be run from personal computers and servers or regional/national media hosting providers.

Since digital signage content may be frequently and easily updated, and also because of the interactive abilities available through the accompanying employment of real-world interfaces such as embedded touch screens, movement detection and image capture devices which enable these forms of signage to understand who and how users are interacting with them, they are gaining acceptance as an alternative to static signage.

One specific use of digital signage is for out-of-home advertising in which video content, advertisements, and/or messages are displayed on digital signs with the goal of delivering targeted messages, to specific locations and/or consumers, at specific times. This is often called "digital out of home" or abbreviated as DOOH.

The Digital Signage Federation, the Digital Screenmedia Association, the Digital Place-based Advertising Association and OVAB Europe are some of the non-profit industry trade groups representing firms and professionals in the digital signage market.

 

Digital signs are used for many different purposes and there is no definitive list. However, below are some of the most common applications of digital sign:

 

Public information – news, weather, traffic and local (location specific) information, such as building directory with map, fire exits and traveler information.

Internal information - corporate messages, such as health & safety items, news, and so forth.

Menu information – pricing, photos, ingredients, and other information about the food(s) being offered, including nutritional facts.

Advertising – usually either related to the location of the sign or using the audience reach of the screens for general advertising.

Brand building – in-store digital sign to promote the brand and build a brand identity.

Influencing customer behavior – directing customers to different areas, increasing the "dwell time" on the store premises, and a wide range of other uses in service of such influence.

Enhancing customer experience – applications include the reduction of perceived wait time in the waiting areas of restaurants and other retail operations, bank queues, and similar circumstances, as well as demonstrations, such as those of recipes in food stores, among other examples.

Enhancing the environment – with interactive screens (in the floor, for example, as with "informational footsteps" found in some tourist attractions, museums, and the like) or with other means of "dynamic wayfinding".

 

We provide intrusion detection solutions based on opensource and proprietary software. Please contact our Applications engineer for details.

Data Center

Data Centre

 

Firewall and Network Security

Firewall and Network Security

 

 In terms of computer security, afirewall is a piece of software and Hardware  cobination. This software monitors the network traffic. A firewall has a set of rules which are applied to each packet. The rules decide if a packet can pass, or whether it is discarded. Usually a firewall is placed between a network that is trusted, and one that is less trusted. When a large network needs to be protected, the firewall software often runs on a dedicated hardware, which does nothing else.

A firewall protects one part of the network against unauthorized access.

 

Different kinds of Firewalls

 

Packet filtering

Data travels on the internet in small pieces; these are called packets. Each packet has certain metadata attached, like where it is coming from, and where it should be sent to. The easiest thing to do is to look at the metadata. Based on rules, certain packets are then dropped or rejected. All firewalls can do this.it is known as network layer

 

Stateful packet inspection

In addition to the simple packet filtering (above) this kind of firewall also keeps track of connections. A packet can be the start of a new connection, or it can be part of an existing connection. If it is neither of the two, it is probably useless and can be dropped.

 

Application-layer firewalls

Application-layer firewalls do not just look at the metadata; they also look at the actual data transported. They know how certain protocols work, for example FTP orHTTP. They can then look if the data that is in the packet is valid (for that protocol). If it is not, it can be dropped.

Other things firewalls are used for

 

Tunnelling

Firewalls can provide a secure connection between two networks. This is called tunnelling. The data may be encrypted. It is unencrypted at the other end. Since the firewalls are doing this, the rest of the network is unaware of it. An alternative is to provide a secure access (to the corporate network).

Network address translation

Very often, firewalls can translate IP addresses. That way, many computers can share a few public IP addresses. The firewall translates between the public and the private IP addresses.

 

Types of firewalls

 

In general, there are two types of firewalls:

  • Software-based firewalls: these are often run as additional programs on computers that are used for other things. They are often known as personal firewallswhich can be updates on personal computers.

 

  • Hardware-based firewalls: Hardware based firewalls run on a dedicated computer (or appliance). Often, these offer a better performance than software firewalls, but they are also more expensive.

 

What firewalls cannot protect against

Firewalls can protect against some problems (viruses and attacks) that come from the internet. They cannot protect against viruses, that come from infected media (like an infected office document on an USB flash drive).

 

We provide  engineering services related to all aspects of Firewall. One of our Field application engineers will be happy to  discuss  your requirements.

Network Managemnt Solutions

 

Network Managemnt Solutions

 

Nagios /ˈnɑːɡiːoʊs/ is an open source computer system monitoring, network monitoring and infrastructure monitoringsoftware application. Nagios offers monitoring and alerting services for servers, switches, applications, and services. It alerts the users when things go wrong and alerts them a second time when the problem has been resolved.

Nagios, originally created under the name NetSaint, was written and is currently maintained by Ethan Galstad along with a group of developers who are actively maintaining both the official and unofficial plugins. Nagios is a recursive acronym: "Nagios Ain't Gonna Insist On Sainthood",[3] 'Sainthood' being a reference to the original name NetSaint, which was changed in response to a legal challenge by owners of a similar trademark.[4] 'Agios' is also a transliteration of the Greek word άγιος which means 'saint'.

Nagios was originally designed to run under Linux but also runs well on other Unix variants. It is a free softwarelicensed under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.

In 2006, a survey among the nmap-hackers mailing list asked people what their favorite network security tools were. In the survey 3243 people voted; Nagios came in 67th overall and 5th among traffic monitoring tools. Nmap itself was excluded from the list. Another survey, in 2011, placed Nagios at 69th place.[5]

Nagios is open source software licensed under the GNU GPL V2. It provides:

  • Monitoring of network services (SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH)
  • Monitoring of host resources (processor load, disk usage, system logs) on a majority of network operating systems, including Microsoft Windows with the NSClient++ plugin or Check MK.
  • Monitoring of anything else like probes (temperature, alarms,etc.) which have the ability to send collected data via a network to specifically written plugins
  • Monitoring via remotely run scripts via Nagios Remote Plugin Executor
  • Remote monitoring supported through SSH or SSL encrypted tunnels.
  • A simple plugin design that allows users to easily develop their own service checks depending on needs, by using their tools of choice (shell scripts, C++, Perl, Ruby, Python, PHP, C#, etc.)
  • Available data graphing plugins
  • Parallelized service checks
  • The ability to define network host hierarchies using 'parent' hosts, allowing the detection of and distinction between hosts that are down or unreachable
  • Contact notifications when service or host problems occur and get resolved (via e-mail, pager, SMS, or any user-defined method through plugin system)
  • The ability to define event handlers to be run during service or host events for proactive problem resolution
  • Automatic log file rotation
  • Support for implementing redundant monitoring hosts
  • An optional web-interface for viewing current network status, notifications, problem history, log files, etc.
  • Data storage via text files rather than database

Please contact us for details. One of our engineers will be happy to discuss your requirements.

 

Refrences:

1.0 Nagios: System and Network Monitoring- 2nd Edition- ISBN-13: 978-1593271794

2.0 The OpenNMS- Weblink

3.0 Nagios Open Source- Weblink

Cloud Computing

 

Cloud Computing Solutions

 

Cloud computing[3] relies on sharing of resources to achieve coherence and economies of scale, similar to a utility (like the electricity grid) over a network.[2] At the foundation of cloud computing is the broader concept of converged infrastructure and shared services.

Cloud computing, or in simpler shorthand just "the cloud", also focuses on maximizing the effectiveness of the shared resources. Cloud resources are usually not only shared by multiple users but are also dynamically reallocated per demand. This can work for allocating resources to users. For example, a cloud computer facility that serves European users during European business hours with a specific application (e.g., email) may reallocate the same resources to serve North American users during North America's business hours with a different application (e.g., a web server). This approach should maximize the use of computing power thus reducing environmental damage as well since less power, air conditioning, rack space, etc. are required for a variety of functions. With cloud computing, multiple users can access a single server to retrieve and update their data without purchasing licenses for different applications.

The term "moving to cloud" also refers to an organization moving away from a traditional CAPEX model (buy the dedicated hardware and depreciate it over a period of time) to the OPEX model (use a shared cloud infrastructure and pay as one uses it).

Proponents claim that cloud computing allows companies to avoid upfront infrastructure costs, and focus on projects that differentiate their businesses instead of on infrastructure.[4] Proponents also claim that cloud computing allows enterprises to get their applications up and running faster, with improved manageability and less maintenance, and enables IT to more rapidly adjust resources to meet fluctuating and unpredictable business demand.[4][5][6] Cloud providers typically use a "pay as you go" model. This can lead to unexpectedly high charges if administrators do not adapt to the cloud pricing model.[7]

The present availability of high-capacity networks, low-cost computers and storage devices as well as the widespread adoption of hardware virtualizationservice-oriented architecture, and autonomic and utility computing have led to a growth in cloud computing.[8][9][10]Companies can scale up as computing needs increase and then scale down again as demands decrease

 

 

 Cloud computing brings a lot of benefits to small business- the Total cost of Ownership to Business is substantially  lower using cloud computing.

Lean it solutions for Small business tries to move service to cloud to reduce IT service delivery costs down.

 

Clooboration server, Hosted exchange server and cloud based  erp solutions are examples  of cloud application that has been successful with small business. In case you want to explore the possibilities of cloud computing, please contact one of our sales engineer to discuss the possibilities.

Backup Solutions

 

Backup Solutions

 

Cloud Based Backup solutions

 

A remote, online, or managed backup service, sometimes marketed as cloud backup or backup-as-a-service, is a service that provides users with a system for the backup, storage, and recovery of computer files. Online backup providers are companies that provide this type of service to end users (or clients). Such backup services are considered a form of cloud computing.

Online backup systems are typically built around a client software program that runs on a schedule, typically once a day, and usually at night while computers aren't in use. This program typically collects, compresses, encrypts, and transfers the data to the remote backup service provider's servers or off-site hardware.

 

 

Cloud based backup solutions are effective for small business. Such solutions do not require any hardware to backup the data. Such backup systems , however may have slow response when you are faced with the problem of main harddrive replacement and recovery of all you data. A time duration of 15 days to one month is not uncommon to backup 500MB of Data. Such recovery are however not acceptable to medium to large companies.

 

 

Please contact us if you need cloud based online backup solutions for your bsuiness. One of Our engineers  will be Happy to discuss your problems with you.

Page 10 of 22
Go to top