In our last discussion, we aspired for automated provisioning and continuous monitoring of Network Security Management. The National Institute of Standards and Technology (NIST) has spearheaded Security Content Automation Protocol (SCAP) efforts for the last ten years. NIST, an agency of the U.S. Department of Commerce, was founded in 1901 as the nation's first federal physical science research laboratory. In essence, SCAP is a NIST-sponsored effort for both pieces (automated provisioning and continuous monitoring). As a refresher: SCAP, pronounced “S-Cap”, combines a number of open standards that are used to enumerate software flaws and configuration issues related to security. They measure systems to find vulnerabilities and offer methods to score those findings in order to evaluate the possible impact. It is a method for using those open standards for automated vulnerability management, measurement and policy compliance evaluation and was the next logical step in the evolution of our compliance automation tools for Federal Agencies. SCAP defines how the following standards (referred to as SCAP 'Components') are combined and allows results to be easily shared for Federal Information Security Management Act (FISMA), Office of Management and Budget (OMB), Department of Homeland Security (DHS) and others.

On Thursday, November 17, Google and DLT Solutions are hosting a live technology seminar in Denver, Colorado. The Tech Day will be held at the Sheraton Denver West Hotel in Lakewood, CO. Government agencies around the country are rapidly adopting Google's enterprise solutions to manage information & promote teamwork, while lowering their IT costs. Learn from Google product experts how these modern technology solutions allow you to meet the current challenges of your agency. You will see, in a briefing and in demonstration, today's art of the possible and a compelling vision for the future!

The below blog was written by Aaron Dun and published with permission from Percussion. Percussion provides Web Content Management (WCM) software that helps businesses increase traffic, drive conversion, and improve social interaction. The Percussion Marketing Blog discusses web content, engagement, SEO, inbound marketing, and social media. In June President Obama took to the airwaves to announce an ambitious campaign to reduce waste. The Campaign to Cut Waste sought to identify pointless Federal spending and eliminate it as rapidly as possible. As of June, as much as $33B was estimated as potential savings.

Cloud computing expands on the many existing choices that are already available to IT for the delivery of IT services. Currently, we have RISC, x86, ATOM and ARM processors. We have Windows, Linux, UNIX, and mainframe operating systems. We also have a number of choices for application servers, databases, and development languages. The good thing about having these choices is that it allows architects to pick the best fit (either client-server or mainframe platforms) for the delivery of IT services (applications). Cloud computing is really no different. There are a number of different cloud services and delivery models, and each should be evaluated for a best fit for the targeted application. Different cloud services will cater to different security profiles, different developer environments, different levels of control, and different kinds of applications. Each cloud service model has different business and IT benefits and challenges.

Earlier this summer, [acronym] launched the first ever public sector CAD awards and now we’d like you to join us as we honor our finalists at the [acronym] Magazine Public Sector CAD Awards on November 14,2011 in Washington, D.C. When we first launched the contest, we asked you to tell us how you have used digital design software to help your agency to achieve its goals and your response was phenomenal! Thank you to all who entered.

The race to virtualize everything has created a host of unintended consequences, not the least of which is how to meet the SLAs (service level agreements) for application backup. As we move into cloud alternatives this problem will only grow since your cloud provider will have to provide this to you on an application by application basis. Every virtual machine is essentially a set of large files such as VMDKs in a VMware context. These large files are typically stored in storage arrays which can be connected via iSCSI or Fiber Channel or on NFS volumes. Traditional data protection techniques such as VMware's VADP, or VMware VCB rely on an agent to protect VMDK files associated with virtual servers.

Last time we talked about standard operating environments and how they can reduce stress and give back time. Now we'll talk about managing not only systems but the SOEs themselves. Repeatable, reproducible, and remote are the watchwords for managing our environments.

Are technology trends such as Virtualization, Cloud Computing and Open Source Software the Shake Weights of the IT Industry? Are IT professionals relying on them to be the magic bullet/quick fix for solving software efficiency? That’s the question that Jason Corey, U.S. Navy Client Executive at Red Hat proposes in the Red Hat Enterprise Virtualization for the Navy Webcast.

We are approaching the end of national “Cyber Security Awareness Month,” so let’s take a look at some top cybersecurity tips we should all adhere to:

Alright everyone, stop talking to Siri for a minute and listen up. Storage Foundation just got Deduplicaton. Let me say it one more time. STORAGE FOUNDATION JUST GOT DEDUPLICATION. Just in case you missed anything of what I just said. Here you go…