Terms

GENERAL TERMS AND CONDITIONS

Issue V7.2 08/2006

1.Validity
The following General Terms and Condition (T&C) shall apply to any business transactions between Connet and the Client. Any other terms and conditions and in particular the Client’s terms and conditions, not agreeing with these T&C shall only apply subject to Connet agreeing to these in writing. These T&C shall apply to any agreements between the Client and Connet for the purchase of telecom services, software licenses, hardware and other services.

These T&C shall apply to any existing business relationship irrespective of having been specifically referred to.

Should parts of these T&C be null and void or become legally ineffective, the validity of any other terms and conditions shall not be affected thereby. Any provisions having become null and void or ineffective shall be interpreted or revised to allow the intended purpose to be achieved as far as possible.

2. Orders / Signature and Contents of Contracts
In order to be valid, each order shall be confirmed in writing by Connet, unless based on a written contract signed between the Parties or a delivery being made by Connet without a confirmation of order directly ex warehouse. In all other cases, verbal agreements shall only be valid when confirmed by Connet in writing.

Connet shall be entitled to make part deliveries and provide part services. For delivery contracts, each part delivery and part service shall be considered as an entity to be charged separately.

3. Prices
Prices quoted by Connet shall be strictly net, excluding any VAT, ex Connet’s site. The cost of freight, packaging material and expenses and freight insurance shall be charged to the Client.

Connet explicitly reserves the right to adjust contractually agreed prices from time to time. Price adjustments shall be notified to the Client in good time and may be made at any time and be applicable from any date. Should the Client suffer major drawbacks due to price changes, he shall be entitled to terminate the contract from the date on which new prices come into effect.

Payments of fees for the use of software shall either be one-time or periodic payments. This shall be laid down in an agreement.

4. Terms of payment
Unless otherwise agreed, payments, including payments for any part services invoiced, shall become payable strictly net within 14 days after the date of the invoice. Terms of payment specified in an invoice shall have priority to the above clause. Within the term of payment, the Client may raise objections substantiated in writing against the invoice. After that, invoices shall be deemed accepted. Should the Client not pay within terms of payment, he shall be in arrears and liable to pay 15% interest on arrears. Connet shall be entitled to charge per reminder a minimum fee of USD 30.00, in addition to charging any other fees. Should no payment be received after a second reminder, Connet shall be entitled to stop any services to the Client without any further notification. The Client agrees to grant Connet access for the removal of any equipment used by the Client.

Connet reserves the right to deliver any consignments of products still pending at the Client’s expense against cash on delivery. In all cases, Connet reserves the right to request the supply of a bank guarantee.

5. Immaterial Property Rights / Reservation of Title
Connet agrees to grant to the Client for the term of the contract a non-transferable and non-exclusive right of use in any services rendered and products supplied by Connet. Appropriate immaterial property rights shall be due unchanged to Connet or the licensor.

Products supplied shall remain the property of Connet prior to full payment of the price. Should products supplied by Connet be integrated into another system (integration), the Client agrees to grant Connet co-ownership in the entire system up to the value of any products integrated.

The Client agrees to the registration of an appropriate title in the reservation of title register at the Client’s location for any products assigned and he herewith explicitly authorizes Connet to make the said registration in his name. The Client agrees to pro-vide his support to any action required for the protection of ownership.

6. Use of Software
For the purchase of software material, the Client shall be entitled to use the said software on the hardware defined. In al cases, software copyrights shall remain the property of Connet or the party offering a license. The usufructuary right of software shall not include any claim to the supply of new software releases.

7. Support Services
Support services shall not be included in the price of the products. Should support services be requested by the partner or his client, these shall be specifically agreed with Connet.

8. Deliveries and Delay in Acceptance
Agreed deliveries shall be met by Connet, but may be subject to delays not caused by Connet, such as delays in delivery of Connet’s suppliers, delays in the Client’s support, etc. In no case shall any delays in delivery assure to the Client a claim for dam-ages or rescission from the contract.

Deliveries shall commence on the day on which an order be-comes final (see Section 2 above).

Should the Client delay acceptance, Connet shall be entitled at Connet’s discretion to warehouse the products ordered at the Client’s risk and expense and to thus rid him of any liabilities, or to rescind from the contract immediately. Before exercising his discretion, Connet agrees to grant to the Client a short period of grace for acceptance.

9. Shipment
Shipment of products ordered shall be effected at Connet’s best discretion but at the expense and risk of the addressee, either by rail, mail or a private service provider. Complaints concerning damage or loss of any products transported shall be addressed by the client to the appropriate forwarder when receiving the products.

10. Place of Performance / Transfer of Use and Risk of the Goods
The place of performance shall always be Connet’s registered office. The use and risk of the products shall be transferred by hand-over of the products to the Client or to a forwarder at Connet’s registered office.

Should shipment and/or hand-over be delayed or be made impossible for reasons not caused by Connet, the consignment shall be warehoused at the Client’s expense and risk subject to the above section 8 para. 3 (Client’s delay of acceptance).

11. Acceptance and Guarantee of Services
For any services rendered, Connet guarantees to the Client that individual results comply with the completion criteria at the time of acceptance, stipulated in the contract. Should any defects be found and notified within 30 days after acceptance, instead of warranty claims in compliance with corresponding country law, the Client shall only be entitled to repairs. Should Connet not succeed, even after expiry of an adequate period of grace, to provide evidence for having provided the defined criteria, the Client shall be entitled to request from Connet compensation for any direct loss suffered in compliance with Section 13 (Liability), should Connet be at fault. Warranty services shall neither include re-pairs nor increased expenses due to external influences, incorrect operation or for any other reasons whatsoever, for which the Client is responsible.

12. Acceptance and Warranty of Products
Software shall not be subject to any warranty. Connet agrees to provide a warranty on products (telecom and electrical equipment and hardware) to the same extent as received by Connet from suppliers, but for a minimum of 6 months from delivery of any products ordered. Defects shall be notified to Connet in writing without delay, but at the latest within 14 days after receipt of any items purchased. This warranty shall not extend to any consumables and supplies such as batteries, etc. This warranty shall automatically extinguish be-cause of the Client’s intervention without Connet’s approval. Should any products purchased be faulty, Connet shall be en-titled to repair the faulty items or supply suitable replacements to the Client. Any other claims shall be explicitly excluded.

Connet guarantees that products supplied are fully functional according to the manufacturer’s specification. In addition to this, Connet provides no other guarantees, i.e. for functionality, within an EDP system or for a specific application. In particular, Connet provides no guarantee for the merchantability of any products supplied or for their suitability for a specific application.

Connet offers to partners the same agreed provisions and warranty services received from his suppliers. Any other warranty services shall be separately agreed with Connet in writing. Warranty services not covered by manufacturers shall be in-voiced to the Client. There shall be no claim for replacements during repair and mending periods.

Consignments may only be returned, subject to Connet’s writ-ten approval, within a period of 8 days and shall always be ac-companied by an invoice/delivery note.

The Client shall be responsible for the selection and use of any products ordered and any results obtained thereby. The warranty shall not cover any damage to products ordered, due to external influences, incorrect operation, or any other reason, caused by Connet.

13. Liability
Connet agrees with the Client to apply due care in rendering services according to the Contract, these T&C and any other terms of the contract.

Should claims be made, irrespective of their legal reason and for any claims of the Client associated with any assurances in general, Connet shall be liable for any losses caused intentionally or due to gross negligence and for personal injuries. For any losses caused by Connet by mild negligence, Connet shall be liable up to the value of the services rendered but for a maximum amount of USD 50,000.00. In as far as legally al-lowed, liability for indirect and consequential losses shall be excluded.

14. Re-export
For any products subject to a ban of re-export, a note will be included in invoices including the following commitment: “Re-export of these products shall not be allowed in principle and/or only after receipt of a special permit according to a commitment entered into by the Import and Export Department of corresponding countries and commitments made to any other authorities”. This commitment shall be as-signed to the Client herewith and shall be passed on by him to the purchaser in case of any resale.

15. Act of God
Should one of the Parties hereto not be able to honor its contractual commitments irrespective of due care, because of Acts of God, such as natural disasters, war, strikes, unforeseen official restrictions, etc., completion of the contract or the date for completion of the contract shall be delayed according to the said event.

16. Offsetting
The Client agrees not to offset any of his accounts receivable against any debts of Connet without Connet’s prior agreement.

17. Applicable Law and Jurisdiction
The business relationship between Connet and the Client shall be exclusively subject to corresponding countries’ law.

Connect Telecom and SI

Connet core capabilities and professional services cover your entire solution lifecycle: planning, design, implementation and on-going maintenance.

ISP/IT Notes

ISP/IT Notes

Top Technology M&A 2012 (so far)

Top Technology M&A 2012 (so far)

2/10/2012 12:00:00 AM EST
5 years ago

Top Technology M&A 2011

Top Technology M&A 2011

7/14/2011 12:00:00 AM EDT
6 years ago

Service Oriented Architecture (SOA)

Service Oriented Architecture (SOA)

7/6/2011 12:00:00 AM EDT
6 years ago

 

SOA solutions are the next evolutionary step in software architectures. SOA is an IT architecture in which functions are defined as independent services with well-defined, invocable interfaces. SOA will enable cost-effective integration as well as bring flexibility to business processes. In line with SOA principles, several standards have been developed and are currently emerging in IT environments. In particular, Web Services technology provides means to publish services in a UDDI registry, describing their interfaces using theWeb Service Description Language (WSDL) and exchanging requests and messages over a network using SOAP protocol. The Business Process Execution Language (BPEL) allows composition of services into complex processes as well as their execution. Although Web services technologies around UDDI, SOAP andWSDL have added a new value to the current IT environments in regards to the integration of distributed software components using web standards, they cover mainly characteristics of syntactic interoperability. With respect to a large number of services that will exist in IT environments in the inter and intra enterprise integration settings based on SOA, the problems of service discovery or selection of the best services conforming users needs, as well as resolving heterogeneity in services capabilities and interfaces will again be a lengthy and costly process. For this reason, machine processable semantics should be used for describing services in order to allow total or partial automation of tasks such as discovery, selection, composition, mediation, invocation and monitoring of services.

While Web services and SOA are usually thought to be synonymous, they are not. It should be made clear that Web services are an important tool and one implementation method for SOA, but there are other patterns that may be more appropriate for any given use-case.



In general, SOA can be thought to consist of service providers and service consumers. The
providers define what the service looks like and how to invoke it through an implementation
independent service interface. The consumers use this interface to construct the necessary
data and invoke the service.



An optional construct is the introduction of a discovery mechanism that acts as an intermediary
to which providers publish the service interface and from which consumers discover it. This is
useful for enterprises with many services, but is not covered in this specification.

 

One of the keys to SOA is defining the correct level of granularity. This is a fairly subjective
thing, but generally speaking services exposed to other systems should provide operations that
correspond to business functions. This does not mean that all services are coarse grained.
Finely grained component services may be used by business services, but would not be
exposed to other systems.
 

SOA's communication capabilities may
be as basic as the ability to pass data along to another service, or as complex as
coordinating events between other services and the consumer of those services
through some underlying connection methodology, usually Web Services.

The term “service” refers to any self-contained function capable of operating
regardless of the state of other services that it may be connected to or
communicates with.

Although SOA is a hot IT term these days, the actual concept of providing SOA
functionality can be traced back as far as early DCOM and Object Request Brokers
(ORB) that followed CORBA specifications.

Code Mobility.

The ability to lookup and dynamically bind to a service means that services
can be located on different servers than the ones that the consumers are
hosted on. This provides the organization with the ability to build enterprise-
wide solutions hosted in diverse locations both within and outside of the
organization.

Better Usage of IT Talent.

Because the SOA environment uses multiple layers, the organization can
assign developers with specific skill sets to work within specific layers. This
provides a means to deploy the most qualified people to work in specific roles
without regard to the technical skills required to support development within
other layers.

Enhanced Security.

The existence of the SOA service layers result in the creation of additional
network interfaces capable of being accessed by multiple applications. In a
client-server environment, security is addressed solely at the application’s
entry point, and vulnerabilities often exist in areas such as databases due to
the difficulty in maintaining multiple security lists. By their very nature,
services have built-in security mechanisms that allow for multi-level security
at the service and the client levels.

Ease of Testing and Reduced Defects.

Because services have published interfaces, unit tests can be easily written to
validate performance before the services are exposed to the consumers. This
provides a way to identify and correct defects before the actual application
undergoes the QA testing process.

Support for Multiple Client Types.

The SOA allows diverse client types top access the services using their native
communication capabilities including HTML, XML, RMI, etc.

The advantage of reusing or sharing component services is
considerable. It would reduce the purchase and development of

redundant systems. Currently, each application development group
in the department must figure out the security and develop a log-in
system for their applications. Instead, they could use a well-tested
service.

If a business process changes, applications in an SOA can adapt
quickly by just changing the component services that are affected.

For instance, if the state chooses a different vendor for credit card
transactions, all that needs to be changed is the credit card service.

Moving toward a service-oriented architecture will allow MDH
to share expensive software components, reduce the redundant
development of many common components, and become more
flexible and adaptable to meet the expected changes in health related information technology.

A SOA provides the implementation patterns required to construct
applications from loosely coupled services. In order to build such applications, an

implementation environment should provide the following capabilities:

Application Development: Big changes will be needed in
methods, coordination, organization, and training of MDH application developers. A thorough analysis of MDH business processes is needed.

Operational Efficiency: Continue moving toward standards
in our operations and tools. Further automation of desktop administration and help desk should be accomplished.

Continuity of Operations Planning: Work toward standard
platforms. Supporting a redundant recovery site will be too expensive if we must replicate diverse servers and operating
systems.

SOA Policies and Processes: SOA will require new security and service use policies and procedures.

Architecture Review Board: We propose that an architecture review board be created to guide the development of policies, update the architecture, and review requests for exceptions.

 

more from Wikipedia http://en.wikipedia.org/wiki/Service-oriented_architecture
more from Youtube www.youtube.com/watch?v=sbd_1G8Kqjs

MPLS (Multi-protocol Label Switching)

MPLS (Multi-protocol Label Switching)

5/19/2011 12:00:00 AM EDT
6 years ago

Short for Multiprotocol Label Switching, an IETF initiative that integrates Layer 2 information about network links (bandwidth, latency, utilization) into Layer 3 (IP) within a particular autonomous system--or ISP--in order to simplify and improve IP-packet exchange.

MPLS is a packet-forwarding technology which uses labels to make data forwarding decisions. MPLS provides a mechanism for forwarding packets for any network protocol. It was originally developed in the late 1990s to provide faster packet forwarding for IP routers (see RFC 3031). Since then its capabilities have expanded massively, for example to support service creation (VPNs), traffic engineering, network convergence, and increased resiliency.

MPLS works by tagging the traffic, in this example packets, with an identifier (a label) to distinguish the LSPs. When a packet is received, the router uses this label (and sometimes also the link over which it was received) to identify the LSP. It then looks up the LSP in its own forwarding table to determine the best link over which to forward the packet, and the label to use on this next hop.

MPLS plays a major role in keeping the networks of big businesses running smoothly today. The labeling process involves setting the criteria for information retrieval, sometimes determined by an IP address. The data is then directed through routers that have been pre-determined by the label switching.

MPLS network requirements

The following elements must exist in the network to be able to run MPLS

  • A layer 3 routing protocol (IS-IS, OSPF, EIGRP or RIP); preferably IS-IS or OSPF for Traffic engineering.
  • Label distribution protocol (RSVP, LDP or BGP).
  • Network capable of handling MPLS traffic.

MPLS Benefits:

  • BGP free core in the service provider.
  • MPLS Applications like MPLS VPN and Traffic Engineering.
  • Having unified network in the service provider as you can provide IP, L3 VPN or L2 VPN over the same network.
  • Since a packet is assigned to a FEC when it enters the network, information that cannot be gleaned from the network layer header, can be used for FEC assignment. For example, classification of packets based on the source of the packets.

  • Packets can be assigned a priority label, making Frame Relay and ATM-like quality-of-service guarantees possible. This function relates to the CoS field.

  • The considerations that determine how a packet is assigned to a FEC can become ever more and more complicated, without any impact at all on the routers that merely forward labeled packets.

  • Packet payloads are not examined by the forwarding routers, allowing for different levels of traffic encryption and the transport of multiple protocols.

  • In MPLS, a packet can be forced to follow an explicit route rather than the route chosen by normal dynamic algorithm as the packet travels through the network. This may be done to support traffic engineering, as a matter of policy or to support a given QoS.

Virtual Private Network (VPN)

A VPN is a shared network where private data is segmented from other traffic so that only the intended recipient has access. The term VPN was originally used to describe a secure connection over the Internet.

A key aspect of data security is that the data flowing across the network is protected by encryption technologies. Private networks lack data security, which can allow data attackers to tap directly into the network and read the data. IPSec-based VPNs use encryption to provide data security, which increases the network’s resistance to data tampering or theft. VPNs are used for:

• Intranets: Intranets connect an organization’s locations. These locations range from the headquarters offices, to branch offices, to a remote employee’s home. Often this connectivity is used for e-mail and for sharing applications and files. While Frame Relay, ATM, and MPLS accomplish these tasks, the shortcomings of each limits connectivity. The cost of connecting home users is also very expensive compared to Internet-access technologies, such as DSL or cable. Because of this, organizations are moving their networks to the Internet, which is inexpensive, and using IPSec to create these networks.

• Remote Access: Remote access enables telecommuters and mobile workers to access e-mail and business applications. A dial-up connection to an organization’s modem pool is one method of access for remote workers, but it is expensive because the organization must pay the associated long distance telephone and service costs. Remote access VPNs greatly reduce expenses by enabling mobile workers to dial a local Internet connection and then set up a secure IPSec-based VPN communications to their organization.
• Extranets: Extranets are secure connections between two or more organizations. Common uses for extranets include supply-chain management, development partnerships, and subscription services. These undertakings can be difficult using legacy network technologies due to connection costs, time delays, and access availability. IPSec-based VPNs are ideal for extranet connections. IPSec-capable devices can be quickly and inexpensively installed on existing Internet connections.

MultiProtocol Label Switching (MPLS) Virtual Private Network (VPN)

MPLS VPN is a data-carrying mechanism which operates at a layer that is generally considered to lie between traditional definitions of Layer 2 (data link layer) and Layer 3 (network layer), and thus is often referred to as a "Layer 2.5" protocol. MPLS offers a great opportunity for companies wanting to expand their support to end users in different countries. MPLS allows the convergence of corporate applications with high quality of service (QoS) to configure Intranet/Extranet and remote access. MPLS based solutions provide extra value by connecting remote corporate sites whose applications are critical and require high QoS.

International MPLS VPN for business helps your company connect all of its offices anywhere in the world securely,without having to invest in costly infrastructures thanks to its robust network aided with MPLS technology. The service creates a Virtual Private Network connecting all of the company's offices, which provides a high quality multimedia solution (data, image and voice) easily adaptable to your growing needs. As an added value, MPLS simplify the evolution of Extranet environments where customers and providers would be able to work integrated with your company in a unique workplace. MPLS forms the basis for cost-efficient, highly reliable, multi-service IP networks. With MPLS, enterprises increase bandwidth efficiency and scalability, reduce operational and management expense and deliver reliable service.

Get a complete networking solution that provides secure access and promotes network flexibility. Connect multiple locations while converging voice, video, and data onto a single IP-based network. With Connet (MPLS VPN for private network, you'll have the flexibility to: Enable voice, data and other real-time, bandwidth-demanding applications Support a mobile sales force with wireless integration Simplify network management and reduce operating costs Your business requires a solution that has proven quality and reliability. The Connet network meets Cisco’s standards for running converged services such as voice, video, and data. MPLS VPN for private network allows you to take advantage of seamless connectivity and business continuity anywhere, at anytime, on any device.
mpls vpn services

more about GMPLS

Cisco MPLS VPN

Cisco IOS Multiprotocol Label Switching (MPLS) enables Enterprises and Service Providers to build next-generation intelligent networks that deliver a wide variety of advanced, value-added services over a single infrastructure. This economical solution can be integrated seamlessly over any existing infrastructure, such as IP, Frame Relay, ATM, or Ethernet. Subscribers with differing access links can be aggregated on an MPLS edge without changing their current environments, as MPLS is independent of access technologies.

Integration of MPLS application components, including Layer 3 VPNs, Layer 2 VPNs, Traffic Engineering, QoS, GMPLS, and IPV6 enable the development of highly efficient, scalable, and secure networks that guarantee Service Level Agreements.

Cisco IOS MPLS delivers highly scalable, differentiated, end-to-end IP services with simple configuration, management, and provisioning for providers and subscribers. A wide range of platforms support this solution, which is essential for both Service Provider and Enterprise networks.

more from Wikipedia http://en.wikipedia.org/wiki/Multiprotocol_Label_Switching
more from Youtubehttp://www.youtube.com/watch?v=H7KQcNRgGEk

DDoS - Distributed DOS (Denial of Service)

DDoS - Distributed DOS (Denial of Service)

5/19/2011 12:00:00 AM EDT
6 years ago

One of the most significant cyber threats to businesses, local and federal government agencies is the Distributed-Denial-of-Service attack (DDoS). A Distributed Denial of Service attack (DDoS) occurs when an attacker commands a number of computers to send numerous requests to a target computer. The overwhelming flood of requests to the website or computer network can cause it to shut down or fail to handle the requests of legitimate users, much like a rush hour traffic jam on the freeway. This type of attack can completely disrupt an organization’s operations until the network is able to be restored. Understanding the basic concept and methods of a DDoS attack can help operators of both large and small networks mitigate the severity of the attack.

Distributed Denial of Service (DDoS) attacks disrupt and deny legitimate computer and network resource usage through compromised hosts that monopolize resources. Mitigation technologies have been developed to defend against DDoS attacks, but there is little understanding of the fundamental relationships between
DDoS attacks, mitigation strategies, and attacker performance. Without a solid understanding of these fundamental relationships, it is difficult to determine the
ability of mitigation technologies to address the DDoS problem or how mitigation technologies can successfully be deployed together.

The goal of a DDoS attack is usually to limit, disrupt, or prevent access to a particular
network resource or web service. While the worst case scenario of a DDoS is a failure of the operating system and a crash of the computer system, some common symptoms of a DDoS are:

• A particular web or e-mail resource becoming unavailable
• Slow network performance
• Inability to access some network resources

What Motivates DDoS Attacks?

• Extortion: some sites are hit with DDoS attacks if they refuse to pay "protection money"
• Direct Action: in other cases, a DDoS may be designed to directly accomplish a particular task, such as rendering a particular internet service unusable
(example: a DDoS targeting an anti-spam DNSBL site)
• Revenge: other sites may DDoS'd as an act of revenge for an actual or perceived slight or act of disrespect
• Ideology: a site may be targeted for a denial of service because it is associated with particular political, religious, cultural or philosophical beliefs
• Notoriety: because DDoS's are often very newsworthy, engaging in a DDoS attack can be one way of attempting to garner publicity or call attention to an cause
• Peer Recognition/Social Status – some attackers may not care about general publicity, but may be highly motivated by approval and recognition from smaller “in”
groups such as miscreant clans.
• Design Errors: Some denial-of-service-like attacks are simply the result of design errors in legitimate consumer hardware; this can result in what amounts to a real
denial of service attack, albeit an unintentional one.
• Simple Problems of Scaling to Internet Size Audiences: Similarly, mere mention of a sufficiently interesting web site on a popular news site such as slashdot.org can be sufficient to "DDoS" some sites…

more from Wikipedia http://en.wikipedia.org/wiki/Denial-of-service_attack
more from Webopedia http://www.webopedia.com/TERM/D/DDoS_attack.html

Why Outsource IT?

Why Outsource IT?

5/19/2011 12:00:00 AM EDT
6 years ago

Many of the reasons that companies outsource to meet their IT needs are obvious. The specific projects are of such a duration that hiring the necessary people to do the job would be impractical. Hiring those people might also be impossible, at least budget-wise, considering the salaries and benefits they would demand. Even still, if the budget were ample enough, the experts sought to be hired would be reluctant to take the position in light of its lack of security - once the project was complete, there would be no more need for those people.

From a Human Resources perspective in general, another benefit of outsourcing is lack of liability. Especially with large companies, hiring (and firing) employees is an undertaking with considerable implications for the employer. For example, immediately upon hiring an employee, the employer incurs liabilities, including worker's compensation and potential unemployment liabilities. These two examples merely scratch the surface. The greater the number of employees, the greater the probability that employer liability will manifest itself. With that in mind, many companies contract for outside services whenever possible.

Another more subtle reason to outsource IT needs is that it is more efficient and more profitable than doing it yourself. Even if a company could afford to address all of its IT needs in-house, and had liabilities covered, that company would still, more often than not, better serve itself by hiring a consulting firm to provide IT-related services.

Companies that rely on professional consulting firms for IT needs get better and more efficient results than those that attempt to address them in-house. One reason for this is that technology is usually ancillary to a company's goals. Information technology might be a tool or even a catalyst to the company's growth and earnings, but it is rarely the main business of a company. To spend excessive amounts of time and research towards managing its technology -- which is often completely unrelated in type to the company's primary business -- a company detracts resources that could otherwise be allocated to its main business strategies.

IT Consulting Firms, on the other hand, base their whole existence on being knowledgeable in the field of information technology. They are invariably more qualified than any given in-house IT department to provide the appropriate advice, solutions, and support. Companies that utilize these firms for their IT needs achieve optimum results. This in turn produces efficiency.

Our mission for providing IT outsourcing services is to raise the business agility of our clients while reducing their overall IT costs and technology risks. Above all, the key advantage of outsourcing IT staffing needs is that it enables our clients to invest their resources into other activities. In the case of your company, our job would be to support your staff enabling them to focus all their time and energy into managing your organization and the clients that you serve rather than having to concern yourselves about your IT infrastructure.

The most commonly cited reasons for outsourcing IT functions include:

• Reducing IT costs through efficiencies and economies of scale on the part of the service provider.

• Access to world-class IT skills, experiences and resources.

• Removing non-core business.

• Minimizing sizable capital expenditure on IT infrastructure.

• Certainty of future IT spend.

The following list is simply meant to serve as a guide. By no means is it meant to be a complete and all encompassing list. The following tasks would be completed on an ongoing basis in addition to any other tasks that may arise.

  • Daily IT Support
  • End User Training
  • Database Development
  • Website/Intranet Development and Maintenance
  • Security Auditing
  • Proactive Systems Management
  • Ongoing Systems Analysis
  • Backup/Disaster Recovery Policies and Testing
  • System Documentation
  • Preventative Maintenance Procedures
  • Implementation of new technologies

IT firms are also part of the service-industry. Their success directly correlates to their ability to satisfy clients. With that in mind, consulting firms go the proverbial extra mile to get the job done -- and done right.

IT Outsourcing Planning

There are several steps organizations can take to help ensure successful execution of IT outsourcing:

• Create a robust business case to support the decision to outsource with senior executive backing.

• Know and understand your existing IT operation and what you seek to achieve by contracting external IT services from the service provider.

• Know and understand your existing IT organization and its cost base so you can evaluate whether the pricing model proposed by the service provider offers value for money.

• Consider what form of organization is best suited to meet your objectives.

• Conduct due diligence on third party contracts and licenses to ensure that your licenses permit use by the service provider.

• At the pre-contract stage and during contract negotiation, prepare and agree on an orderly transfer procedure so that the outsourced services can be transferred seamlessly back to you or another service provider at the end of the contract.

• Legally, be prepared to negotiate the details of the outsourcing transaction so that the terms can be documented in the services agreement.

Outsourcing IT to Asia

A combination of high overhead in the United States and strong cultural ties between the domestic and Asian information technology industries have led many companies to outsource labor-intensive software programming to Asia.

Despite its distinct advantages for companies looking to outsource their IT services, India's volatile political climate and rampant corruption present problems. Some of the 185 Fortune 500 companies that outsource software to Asia are choosing places like Vietnam or China with more predictable politics and less corruption. Other companies that outsource their customer service are finding that their customers prefer the Americanized English of the Philippines to the British English that predominates in India, though all of these countries have their drawbacks, from censored Internet lines in China and Vietnam to Muslim militancy in the Philippines.

Despite the hiccups the IT service industry continues to grow as the software industry becomes more competitive and U.S. companies try to reduce overhead. The Asian IT service market is still in its infancy.

more from Wikipedia http://en.wikipedia.org/wiki/Information_technology_outsourcing
more from About.comhttp://compnetworking.about.com/cs/.../a/career_outsourc.htm

ISP/IT Exchange

ISP/IT Exchange

Top Technology M&A 2012 (so far)

Top Technology M&A 2012 (so far)

2/10/2012 12:00:00 AM EST
5 years ago

Top Technology M&A 2011

Top Technology M&A 2011

7/14/2011 12:00:00 AM EDT
6 years ago

Service Oriented Architecture (SOA)

Service Oriented Architecture (SOA)

7/6/2011 12:00:00 AM EDT
6 years ago

 

SOA solutions are the next evolutionary step in software architectures. SOA is an IT architecture in which functions are defined as independent services with well-defined, invocable interfaces. SOA will enable cost-effective integration as well as bring flexibility to business processes. In line with SOA principles, several standards have been developed and are currently emerging in IT environments. In particular, Web Services technology provides means to publish services in a UDDI registry, describing their interfaces using theWeb Service Description Language (WSDL) and exchanging requests and messages over a network using SOAP protocol. The Business Process Execution Language (BPEL) allows composition of services into complex processes as well as their execution. Although Web services technologies around UDDI, SOAP andWSDL have added a new value to the current IT environments in regards to the integration of distributed software components using web standards, they cover mainly characteristics of syntactic interoperability. With respect to a large number of services that will exist in IT environments in the inter and intra enterprise integration settings based on SOA, the problems of service discovery or selection of the best services conforming users needs, as well as resolving heterogeneity in services capabilities and interfaces will again be a lengthy and costly process. For this reason, machine processable semantics should be used for describing services in order to allow total or partial automation of tasks such as discovery, selection, composition, mediation, invocation and monitoring of services.

While Web services and SOA are usually thought to be synonymous, they are not. It should be made clear that Web services are an important tool and one implementation method for SOA, but there are other patterns that may be more appropriate for any given use-case.



In general, SOA can be thought to consist of service providers and service consumers. The
providers define what the service looks like and how to invoke it through an implementation
independent service interface. The consumers use this interface to construct the necessary
data and invoke the service.



An optional construct is the introduction of a discovery mechanism that acts as an intermediary
to which providers publish the service interface and from which consumers discover it. This is
useful for enterprises with many services, but is not covered in this specification.

 

One of the keys to SOA is defining the correct level of granularity. This is a fairly subjective
thing, but generally speaking services exposed to other systems should provide operations that
correspond to business functions. This does not mean that all services are coarse grained.
Finely grained component services may be used by business services, but would not be
exposed to other systems.
 

SOA's communication capabilities may
be as basic as the ability to pass data along to another service, or as complex as
coordinating events between other services and the consumer of those services
through some underlying connection methodology, usually Web Services.

The term “service” refers to any self-contained function capable of operating
regardless of the state of other services that it may be connected to or
communicates with.

Although SOA is a hot IT term these days, the actual concept of providing SOA
functionality can be traced back as far as early DCOM and Object Request Brokers
(ORB) that followed CORBA specifications.

Code Mobility.

The ability to lookup and dynamically bind to a service means that services
can be located on different servers than the ones that the consumers are
hosted on. This provides the organization with the ability to build enterprise-
wide solutions hosted in diverse locations both within and outside of the
organization.

Better Usage of IT Talent.

Because the SOA environment uses multiple layers, the organization can
assign developers with specific skill sets to work within specific layers. This
provides a means to deploy the most qualified people to work in specific roles
without regard to the technical skills required to support development within
other layers.

Enhanced Security.

The existence of the SOA service layers result in the creation of additional
network interfaces capable of being accessed by multiple applications. In a
client-server environment, security is addressed solely at the application’s
entry point, and vulnerabilities often exist in areas such as databases due to
the difficulty in maintaining multiple security lists. By their very nature,
services have built-in security mechanisms that allow for multi-level security
at the service and the client levels.

Ease of Testing and Reduced Defects.

Because services have published interfaces, unit tests can be easily written to
validate performance before the services are exposed to the consumers. This
provides a way to identify and correct defects before the actual application
undergoes the QA testing process.

Support for Multiple Client Types.

The SOA allows diverse client types top access the services using their native
communication capabilities including HTML, XML, RMI, etc.

The advantage of reusing or sharing component services is
considerable. It would reduce the purchase and development of

redundant systems. Currently, each application development group
in the department must figure out the security and develop a log-in
system for their applications. Instead, they could use a well-tested
service.

If a business process changes, applications in an SOA can adapt
quickly by just changing the component services that are affected.

For instance, if the state chooses a different vendor for credit card
transactions, all that needs to be changed is the credit card service.

Moving toward a service-oriented architecture will allow MDH
to share expensive software components, reduce the redundant
development of many common components, and become more
flexible and adaptable to meet the expected changes in health related information technology.

A SOA provides the implementation patterns required to construct
applications from loosely coupled services. In order to build such applications, an

implementation environment should provide the following capabilities:

Application Development: Big changes will be needed in
methods, coordination, organization, and training of MDH application developers. A thorough analysis of MDH business processes is needed.

Operational Efficiency: Continue moving toward standards
in our operations and tools. Further automation of desktop administration and help desk should be accomplished.

Continuity of Operations Planning: Work toward standard
platforms. Supporting a redundant recovery site will be too expensive if we must replicate diverse servers and operating
systems.

SOA Policies and Processes: SOA will require new security and service use policies and procedures.

Architecture Review Board: We propose that an architecture review board be created to guide the development of policies, update the architecture, and review requests for exceptions.

 

more from Wikipedia http://en.wikipedia.org/wiki/Service-oriented_architecture
more from Youtube www.youtube.com/watch?v=sbd_1G8Kqjs

MPLS (Multi-protocol Label Switching)

MPLS (Multi-protocol Label Switching)

5/19/2011 12:00:00 AM EDT
6 years ago

Short for Multiprotocol Label Switching, an IETF initiative that integrates Layer 2 information about network links (bandwidth, latency, utilization) into Layer 3 (IP) within a particular autonomous system--or ISP--in order to simplify and improve IP-packet exchange.

MPLS is a packet-forwarding technology which uses labels to make data forwarding decisions. MPLS provides a mechanism for forwarding packets for any network protocol. It was originally developed in the late 1990s to provide faster packet forwarding for IP routers (see RFC 3031). Since then its capabilities have expanded massively, for example to support service creation (VPNs), traffic engineering, network convergence, and increased resiliency.

MPLS works by tagging the traffic, in this example packets, with an identifier (a label) to distinguish the LSPs. When a packet is received, the router uses this label (and sometimes also the link over which it was received) to identify the LSP. It then looks up the LSP in its own forwarding table to determine the best link over which to forward the packet, and the label to use on this next hop.

MPLS plays a major role in keeping the networks of big businesses running smoothly today. The labeling process involves setting the criteria for information retrieval, sometimes determined by an IP address. The data is then directed through routers that have been pre-determined by the label switching.

MPLS network requirements

The following elements must exist in the network to be able to run MPLS

  • A layer 3 routing protocol (IS-IS, OSPF, EIGRP or RIP); preferably IS-IS or OSPF for Traffic engineering.
  • Label distribution protocol (RSVP, LDP or BGP).
  • Network capable of handling MPLS traffic.

MPLS Benefits:

  • BGP free core in the service provider.
  • MPLS Applications like MPLS VPN and Traffic Engineering.
  • Having unified network in the service provider as you can provide IP, L3 VPN or L2 VPN over the same network.
  • Since a packet is assigned to a FEC when it enters the network, information that cannot be gleaned from the network layer header, can be used for FEC assignment. For example, classification of packets based on the source of the packets.

  • Packets can be assigned a priority label, making Frame Relay and ATM-like quality-of-service guarantees possible. This function relates to the CoS field.

  • The considerations that determine how a packet is assigned to a FEC can become ever more and more complicated, without any impact at all on the routers that merely forward labeled packets.

  • Packet payloads are not examined by the forwarding routers, allowing for different levels of traffic encryption and the transport of multiple protocols.

  • In MPLS, a packet can be forced to follow an explicit route rather than the route chosen by normal dynamic algorithm as the packet travels through the network. This may be done to support traffic engineering, as a matter of policy or to support a given QoS.

Virtual Private Network (VPN)

A VPN is a shared network where private data is segmented from other traffic so that only the intended recipient has access. The term VPN was originally used to describe a secure connection over the Internet.

A key aspect of data security is that the data flowing across the network is protected by encryption technologies. Private networks lack data security, which can allow data attackers to tap directly into the network and read the data. IPSec-based VPNs use encryption to provide data security, which increases the network’s resistance to data tampering or theft. VPNs are used for:

• Intranets: Intranets connect an organization’s locations. These locations range from the headquarters offices, to branch offices, to a remote employee’s home. Often this connectivity is used for e-mail and for sharing applications and files. While Frame Relay, ATM, and MPLS accomplish these tasks, the shortcomings of each limits connectivity. The cost of connecting home users is also very expensive compared to Internet-access technologies, such as DSL or cable. Because of this, organizations are moving their networks to the Internet, which is inexpensive, and using IPSec to create these networks.

• Remote Access: Remote access enables telecommuters and mobile workers to access e-mail and business applications. A dial-up connection to an organization’s modem pool is one method of access for remote workers, but it is expensive because the organization must pay the associated long distance telephone and service costs. Remote access VPNs greatly reduce expenses by enabling mobile workers to dial a local Internet connection and then set up a secure IPSec-based VPN communications to their organization.
• Extranets: Extranets are secure connections between two or more organizations. Common uses for extranets include supply-chain management, development partnerships, and subscription services. These undertakings can be difficult using legacy network technologies due to connection costs, time delays, and access availability. IPSec-based VPNs are ideal for extranet connections. IPSec-capable devices can be quickly and inexpensively installed on existing Internet connections.

MultiProtocol Label Switching (MPLS) Virtual Private Network (VPN)

MPLS VPN is a data-carrying mechanism which operates at a layer that is generally considered to lie between traditional definitions of Layer 2 (data link layer) and Layer 3 (network layer), and thus is often referred to as a "Layer 2.5" protocol. MPLS offers a great opportunity for companies wanting to expand their support to end users in different countries. MPLS allows the convergence of corporate applications with high quality of service (QoS) to configure Intranet/Extranet and remote access. MPLS based solutions provide extra value by connecting remote corporate sites whose applications are critical and require high QoS.

International MPLS VPN for business helps your company connect all of its offices anywhere in the world securely,without having to invest in costly infrastructures thanks to its robust network aided with MPLS technology. The service creates a Virtual Private Network connecting all of the company's offices, which provides a high quality multimedia solution (data, image and voice) easily adaptable to your growing needs. As an added value, MPLS simplify the evolution of Extranet environments where customers and providers would be able to work integrated with your company in a unique workplace. MPLS forms the basis for cost-efficient, highly reliable, multi-service IP networks. With MPLS, enterprises increase bandwidth efficiency and scalability, reduce operational and management expense and deliver reliable service.

Get a complete networking solution that provides secure access and promotes network flexibility. Connect multiple locations while converging voice, video, and data onto a single IP-based network. With Connet (MPLS VPN for private network, you'll have the flexibility to: Enable voice, data and other real-time, bandwidth-demanding applications Support a mobile sales force with wireless integration Simplify network management and reduce operating costs Your business requires a solution that has proven quality and reliability. The Connet network meets Cisco’s standards for running converged services such as voice, video, and data. MPLS VPN for private network allows you to take advantage of seamless connectivity and business continuity anywhere, at anytime, on any device.
mpls vpn services

more about GMPLS

Cisco MPLS VPN

Cisco IOS Multiprotocol Label Switching (MPLS) enables Enterprises and Service Providers to build next-generation intelligent networks that deliver a wide variety of advanced, value-added services over a single infrastructure. This economical solution can be integrated seamlessly over any existing infrastructure, such as IP, Frame Relay, ATM, or Ethernet. Subscribers with differing access links can be aggregated on an MPLS edge without changing their current environments, as MPLS is independent of access technologies.

Integration of MPLS application components, including Layer 3 VPNs, Layer 2 VPNs, Traffic Engineering, QoS, GMPLS, and IPV6 enable the development of highly efficient, scalable, and secure networks that guarantee Service Level Agreements.

Cisco IOS MPLS delivers highly scalable, differentiated, end-to-end IP services with simple configuration, management, and provisioning for providers and subscribers. A wide range of platforms support this solution, which is essential for both Service Provider and Enterprise networks.

more from Wikipedia http://en.wikipedia.org/wiki/Multiprotocol_Label_Switching
more from Youtubehttp://www.youtube.com/watch?v=H7KQcNRgGEk

DDoS - Distributed DOS (Denial of Service)

DDoS - Distributed DOS (Denial of Service)

5/19/2011 12:00:00 AM EDT
6 years ago

One of the most significant cyber threats to businesses, local and federal government agencies is the Distributed-Denial-of-Service attack (DDoS). A Distributed Denial of Service attack (DDoS) occurs when an attacker commands a number of computers to send numerous requests to a target computer. The overwhelming flood of requests to the website or computer network can cause it to shut down or fail to handle the requests of legitimate users, much like a rush hour traffic jam on the freeway. This type of attack can completely disrupt an organization’s operations until the network is able to be restored. Understanding the basic concept and methods of a DDoS attack can help operators of both large and small networks mitigate the severity of the attack.

Distributed Denial of Service (DDoS) attacks disrupt and deny legitimate computer and network resource usage through compromised hosts that monopolize resources. Mitigation technologies have been developed to defend against DDoS attacks, but there is little understanding of the fundamental relationships between
DDoS attacks, mitigation strategies, and attacker performance. Without a solid understanding of these fundamental relationships, it is difficult to determine the
ability of mitigation technologies to address the DDoS problem or how mitigation technologies can successfully be deployed together.

The goal of a DDoS attack is usually to limit, disrupt, or prevent access to a particular
network resource or web service. While the worst case scenario of a DDoS is a failure of the operating system and a crash of the computer system, some common symptoms of a DDoS are:

• A particular web or e-mail resource becoming unavailable
• Slow network performance
• Inability to access some network resources

What Motivates DDoS Attacks?

• Extortion: some sites are hit with DDoS attacks if they refuse to pay "protection money"
• Direct Action: in other cases, a DDoS may be designed to directly accomplish a particular task, such as rendering a particular internet service unusable
(example: a DDoS targeting an anti-spam DNSBL site)
• Revenge: other sites may DDoS'd as an act of revenge for an actual or perceived slight or act of disrespect
• Ideology: a site may be targeted for a denial of service because it is associated with particular political, religious, cultural or philosophical beliefs
• Notoriety: because DDoS's are often very newsworthy, engaging in a DDoS attack can be one way of attempting to garner publicity or call attention to an cause
• Peer Recognition/Social Status – some attackers may not care about general publicity, but may be highly motivated by approval and recognition from smaller “in”
groups such as miscreant clans.
• Design Errors: Some denial-of-service-like attacks are simply the result of design errors in legitimate consumer hardware; this can result in what amounts to a real
denial of service attack, albeit an unintentional one.
• Simple Problems of Scaling to Internet Size Audiences: Similarly, mere mention of a sufficiently interesting web site on a popular news site such as slashdot.org can be sufficient to "DDoS" some sites…

more from Wikipedia http://en.wikipedia.org/wiki/Denial-of-service_attack
more from Webopedia http://www.webopedia.com/TERM/D/DDoS_attack.html

Why Outsource IT?

Why Outsource IT?

5/19/2011 12:00:00 AM EDT
6 years ago

Many of the reasons that companies outsource to meet their IT needs are obvious. The specific projects are of such a duration that hiring the necessary people to do the job would be impractical. Hiring those people might also be impossible, at least budget-wise, considering the salaries and benefits they would demand. Even still, if the budget were ample enough, the experts sought to be hired would be reluctant to take the position in light of its lack of security - once the project was complete, there would be no more need for those people.

From a Human Resources perspective in general, another benefit of outsourcing is lack of liability. Especially with large companies, hiring (and firing) employees is an undertaking with considerable implications for the employer. For example, immediately upon hiring an employee, the employer incurs liabilities, including worker's compensation and potential unemployment liabilities. These two examples merely scratch the surface. The greater the number of employees, the greater the probability that employer liability will manifest itself. With that in mind, many companies contract for outside services whenever possible.

Another more subtle reason to outsource IT needs is that it is more efficient and more profitable than doing it yourself. Even if a company could afford to address all of its IT needs in-house, and had liabilities covered, that company would still, more often than not, better serve itself by hiring a consulting firm to provide IT-related services.

Companies that rely on professional consulting firms for IT needs get better and more efficient results than those that attempt to address them in-house. One reason for this is that technology is usually ancillary to a company's goals. Information technology might be a tool or even a catalyst to the company's growth and earnings, but it is rarely the main business of a company. To spend excessive amounts of time and research towards managing its technology -- which is often completely unrelated in type to the company's primary business -- a company detracts resources that could otherwise be allocated to its main business strategies.

IT Consulting Firms, on the other hand, base their whole existence on being knowledgeable in the field of information technology. They are invariably more qualified than any given in-house IT department to provide the appropriate advice, solutions, and support. Companies that utilize these firms for their IT needs achieve optimum results. This in turn produces efficiency.

Our mission for providing IT outsourcing services is to raise the business agility of our clients while reducing their overall IT costs and technology risks. Above all, the key advantage of outsourcing IT staffing needs is that it enables our clients to invest their resources into other activities. In the case of your company, our job would be to support your staff enabling them to focus all their time and energy into managing your organization and the clients that you serve rather than having to concern yourselves about your IT infrastructure.

The most commonly cited reasons for outsourcing IT functions include:

• Reducing IT costs through efficiencies and economies of scale on the part of the service provider.

• Access to world-class IT skills, experiences and resources.

• Removing non-core business.

• Minimizing sizable capital expenditure on IT infrastructure.

• Certainty of future IT spend.

The following list is simply meant to serve as a guide. By no means is it meant to be a complete and all encompassing list. The following tasks would be completed on an ongoing basis in addition to any other tasks that may arise.

  • Daily IT Support
  • End User Training
  • Database Development
  • Website/Intranet Development and Maintenance
  • Security Auditing
  • Proactive Systems Management
  • Ongoing Systems Analysis
  • Backup/Disaster Recovery Policies and Testing
  • System Documentation
  • Preventative Maintenance Procedures
  • Implementation of new technologies

IT firms are also part of the service-industry. Their success directly correlates to their ability to satisfy clients. With that in mind, consulting firms go the proverbial extra mile to get the job done -- and done right.

IT Outsourcing Planning

There are several steps organizations can take to help ensure successful execution of IT outsourcing:

• Create a robust business case to support the decision to outsource with senior executive backing.

• Know and understand your existing IT operation and what you seek to achieve by contracting external IT services from the service provider.

• Know and understand your existing IT organization and its cost base so you can evaluate whether the pricing model proposed by the service provider offers value for money.

• Consider what form of organization is best suited to meet your objectives.

• Conduct due diligence on third party contracts and licenses to ensure that your licenses permit use by the service provider.

• At the pre-contract stage and during contract negotiation, prepare and agree on an orderly transfer procedure so that the outsourced services can be transferred seamlessly back to you or another service provider at the end of the contract.

• Legally, be prepared to negotiate the details of the outsourcing transaction so that the terms can be documented in the services agreement.

Outsourcing IT to Asia

A combination of high overhead in the United States and strong cultural ties between the domestic and Asian information technology industries have led many companies to outsource labor-intensive software programming to Asia.

Despite its distinct advantages for companies looking to outsource their IT services, India's volatile political climate and rampant corruption present problems. Some of the 185 Fortune 500 companies that outsource software to Asia are choosing places like Vietnam or China with more predictable politics and less corruption. Other companies that outsource their customer service are finding that their customers prefer the Americanized English of the Philippines to the British English that predominates in India, though all of these countries have their drawbacks, from censored Internet lines in China and Vietnam to Muslim militancy in the Philippines.

Despite the hiccups the IT service industry continues to grow as the software industry becomes more competitive and U.S. companies try to reduce overhead. The Asian IT service market is still in its infancy.

more from Wikipedia http://en.wikipedia.org/wiki/Information_technology_outsourcing
more from About.comhttp://compnetworking.about.com/cs/.../a/career_outsourc.htm