File Integrity Monitoring – PCI DSS Requirements 10, 10.5.5 and 11.5

[ad_1]

Although FIM or File-Integrity Monitoring is only mentioned specifically in two sub-requirements of the PCI DSS (10.5.5 and 11.5), it is actually one of the more important measures in securing business systems from card data theft.

What is it, and why is it important?

File Integrity monitoring systems are designed to protect card data from theft. The primary purpose of FIM is to detect changes to files and their associated attributes. However, this article provides the background to three different dimensions to file integrity monitoring, namely:

– Secure hash-based FIM, used predominantly for system file integrity monitoring
– File contents integrity monitoring, useful for configuration files from firewalls, routers and web servers
– File and / or folder access monitoring, vital for protecting sensitive data

Secure Hash Based FIM

Within a PCI DSS context, the main files of concern include:

– System files eg anything that resides in the Windows / System32 or SysWOW64 folder, program files, or for Linux / Unix key kernel files

The objective for any hash-based file integrity monitoring system as a security measure is to ensure that only expected, desirable and planned changes are made to in scope devices. The reason for doing this is to prevent card data theft via malware or program modifications.

Imagine that a Trojan is installed onto a Card Transaction server – the Trojan could be used to transfer card details off the server. Similarly, a packet sniffer program could be located onto an EPoS device to capture card data – if it was disguised as a common Windows or Unix process with the same program and process names then it would be hard to detect. For a more sophisticated hack, what about implanting a 'backdoor' into a key program file to allow access to card data ??

These are all examples of security incidents where File-Integrity monitoring is essential in identifying the threat.

Remember that anti-virus defenses are typically only aware of 70% of the world's malware and an organization hit by a zero-day attack (zero-day marks the point in time when a new form of malware is first indentified – only then can a remediation or mitigation strategy be formulated but it can be days or weeks before all devices are updated to protect them.

How far should FIM measures be taken?

As a starting point, it is essential to monitor the Windows / System32 or SysWOW64 folders, plus the main Card Data Processing Application Program Folders. For these locations, running a daily inventory of all system files within these folders and identifying all additions, deletions and changes. Additions and Deletions are relatively straightforward to identify and evaluate, but how should changes be treated, and how do you assess the significance of a subtle change, such as a file attribute? The answer is that ANY file change in these critical locations must be treated with equal importance. Most high-profile PCI DSS security breaches have been instigated via an 'inside man' – typically a trusted employee with privileged admin rights. For today's cybercrime there are no rules.

The industry-acknowledged approach to FIM is to track all file attributes and to record a secure hash. Any change to the hash when the file-integrity check is re-run is a red alert situation – using SHA1 or MD5, even a microscopic change to a system file will denote a clear change to the hash value. When using FIM to govern the security of key system files there should never be any unplanned or unexpected changes – if there are, it could be a Trojan or backdoor-enabled version of a system file.

Which is why it also crucial to use FIM in conjunction with a 'closed loop' change management system – planned changes should be scheduled and the associated File Integrity changes logged and appended to the Planned Change record.

File Content / Config File Integrity Monitoring

Whilst a secure hash checksum is an infallible means of identifying any system file changes, this does only tell us that a change has been made to the file, not what that change is. Sure, for a binary-format executable this is the only meaningful way of conveying that a change has been made, but a more valuable means of file integrity monitoring for 'readable' files is to keep a record of the file contents. This way, if a change is made to the file, the exact change made to the readable content can be reported.

For instance, a web configuration file (php, aspnet, js or javascript, XML config) can be captured by the FIM system and recorded as readable text; thereafter changes will be detected and reported directly.

Similarly, if a firewall access control list was edited to allow access to key servers, or a Cisco router startup config altered, then this could allow a hacker all the time needed to break into a card data server.

One final point on file contents integrity monitoring – Within the Security Policy / Compliance arena, Windows Registry keys and values ​​are often included under the heading of FIM. These need to be monitored for changes as many hacks involve modifying registry settings. Similarly, a number of common vulnerabilities can be identified by analysis of registry settings.

File and / or Folder Access Monitoring

The final consideration for file integrity monitoring is how to handle other file types not suitable for secure hash value or contents tracking. For example, because a log file, database file etc will always be changing, both the contents and the hash will also be constantly changing. Good file integrity monitoring technology will allow these files to be excluded from any FIM template.

However, card data can still be stolen without detection unless other measures are put in place. As an example scenario, in an EPoS retail system, a card transaction or reconciliation file is created and forwarded to a central payments server on a scheduled basis throughout the trading day. The file will always be changing – maybe a new file is created every time with a time stamped name so everything about the file is always changing.

The file would be stored on an EPoS device in a secure folder to prevent user access to the contents. However, an 'inside man' with Admin Rights to the folder could view the transaction file and copy the data without necessarily changing the file or its attributes. Therefore the final dimension for File Integrity Monitoring is to generate an alert when any access to these files or folders is detected, and to provide a full audit trail by account name of who has had access to the data.

Much of PCI DSS Requirement 10 is concerned with recording audit trails to allow a forensic analysis of any breach after the event and establish the vector and perpetrator of any attack.

[ad_2]

Source by Mark Kedgley

Advantages of Lamp Server for Web Hosting

[ad_1]

Dedicated website hosting is termed as using one web server utilizing all of its resources in order to handle sheer amounts of data of a single website. High traffic and million hits per day touching websites like Freelancer, Odesk, eBay, Amazon, & Microsoft etc. use dedicated servers for hosting their online businesses. As an online businessman, there is a definite need of having dedicated LAMP server for website hosting. Sadly speaking many people still entrepreneurs still try to save their costs and forget about getting dedicated LAMP server hosting for their e-commerce business.

When you are getting thousands of hits per day, it indicates that your website is doing pretty good in terms of attracting visitors. It's however this very same traffic could become quite a big pain in the beck if not handled properly. Handling high volumes of traffic with sheer amounts of data is virtually impossible with shared web hosting or cheap dedicated web hosting packages. This results in servers getting crashed leading to important files being missed and data lost. As a result here you would need services of professional and dedicated web hosting services in order to handle high traffic in the long run.

LAMP server is backbone of any e-commerce related business. LAMP server is a combination of Linux OS, Apache web server, MySQL database management system, and PHP / Perl / Python web programming languages. For any business, hiring dedicated services for web hosting is a hefty cost to be paid but looking for long term benefits, it is definitely going to pay off. Linux is the best operating system to be used for hosting web sites. It is fast, secure and improves pages' loading times even when there is high traffic on your website. Apache is a web serve used for hosting websites that has crossed 100 million mark of website hosting on its server. MySQL is the most popular, free and open source database management system that is used to handle customer records and various other data for every website. PHP / Perl / Python are three programing languages ​​and either one of these could be used in order to complete the LAMP server configuration.

In order for proper functioning of your website, you need to be sure that the LAMP server dedicated web hosting services are reliable enough. Check the company's previous performance based on customer reviews. Some web hosts require system reboots after software updates or minor installations. While this is something normal for a server to take place, but the ecommerce business hosted on that server would get a big shock of loss in revenues and profits. No visitor would be able to browse the website when server is down, restarted or crashed.

Hence it is very important to note that the server has minimum rebooting so that the website is up and live on the internet. Dedicated LAMP server assures maximum performance, security and quick page loading times minimizing chances of server crashes. This protects attacks from malware, and malicious viruses.

When you are hosting your website especially on Europe's server, then go for LAMP server hosting as it has the best combination of sites getting hosted

[ad_2]

Source by Yasir Saeed

Nagios Log Monitoring – Monitor Log Files in Unix Effectively

[ad_1]

Nagios Log File Monitoring: Monitoring log files using Nagios can be just as difficult as it is with any other monitoring application. However, with Nagios, once you have a log monitoring script or tool that can monitor a specific log file the way you want it monitored, Nagios can be relied upon to handle the rest. This type of versatility is what makes Nagios one of the most popular and user friendly monitoring application that there is out there. It can be used to effectively monitor anything. Personally, I love it. It has no equal!

My name is Jacob Bowman and I work as a Nagios Monitoring specialist. I've come to realize, given the number of requests I receive at my job to monitor log files, that log file monitoring is a big deal. IT departments have the ongoing need to monitor their UNIX log files in order to ensure that application or system issues can be caught in time. When issues are known about, unplanned outages can be avoided altogether.

But the common question often asked by many is, what monitoring application is available that can effectively monitor a log file? The plain answer to this question is NONE! The log monitoring applications that does exist require way too much configuration, which in effect renders them not worthy of consideration.

Log monitoring should allow for pluggable arguments on the command line (instead of in separate config files) and should be very easy for the average UNIX user to understand and use. Most log monitoring tools are not like this. They are often complex and require time to get familiar with (through reading endless pages of installation setups). In my opinion, this is unnecessary trouble that can and should be avoided.

Again, I strongly believe, in order to be efficient, one must be able to run a program directly from the command line without needing to go elsewhere to edit config files.

So the best solution, in most cases, is to either write a log monitoring tool for your particular needs or download a log monitoring program that has already been written for your type of UNIX environment.

Once you have that log monitoring tool, you can give it to Nagios to run at any time, and Nagios will schedule it to be kicked off at regular intervals. If after running it at the set intervals, Nagios finds the issues / patterns / strings that you tell it to watch for, it will alert and send out notifications to whoever you want them sent to.

But then you wonder, what type of log monitoring tool should you write or download for your environment?

The log monitoring program that you should obtain to monitor your production log files must be as simple as the below but must still remain powerfully versatile:

Example: logrobot / var / log / messages 60 'error' 'panic' 5 10 -foundn

Output: 2 — 1380 — 352 — ATWF — (Mar / 1) – (16:15) — (Mar / 1) – (17:15:00)

Explanation:

The "-foundn" option searches the / var / log / messages for the strings "error" and "panic". Once it finds it, it'll either abort with an 0 (for OK), 1 (for WARNING) or 2 (for CRITICAL). Each time you run that command, it'll provide a one line statistic report similar to that in the above Output. The fields are delimited by the "—".

1st field is 2 = which means, this is critical.

2nd field is 1380 = number of seconds since the strings you specified last occurred in the log.

3rd field is 352 = there were 352 occurrences of the string "error" and "panic" found in the log within the last 60 minutes.

4th field is ATWF = Do not worry about this for now. Irrelevant.

5th and 6th field means = The log file was searched from (Mar / 1) – (16:15) to (Mar / 1) – (17:15:00). And from the data gathered from that timeframe, 352 occurrences of "error" and "panic" were found.

If you would actually like to see all 352 occurrences, you can run the below command and pass the "-show" option to the logrobot tool. This will output to the screen all matching lines in the log that contain the strings you specified and that were written to the log within the last 60 minutes.

Example: logrobot / var / log / messages 60 'error' 'panic' 5 10 -show

The "-show" command will output to the screen all the lines it finds in the log file that contains the "error" and "panic" strings within the past 60 minute time frame you specified. Of course, you can always change the parameters to fit your particular needs.

With this Nagios Log Monitoring tool (logrobot), you can perform the magic that the big name famous monitoring applications can not come close to performing.

Once you write or download a log monitoring script or tool like the one above, you can have Nagios or CRON run it on a regular basis which will in turn enable you to keep a bird's eye view on all the logged activities of your important servers.

Do you have to use Nagios to run it on a regular basis? Absolutely not. You can use whatever you want.

[ad_2]

Source by Jonathan Rayson

What Is Android? How Android Came Into Existence

[ad_1]

Android is a Linux based mobile device operating system developed by the Open Handset Alliance led by Google. Android is mainly used in Smartphone and tablet computers. Android is open source ie its features can be extended to incorporate new technologies as they emerge.

Android, Inc. was founded by Andy Rubin, Rich Miner, Nick Sear and Chris White in Palo Alto, California. On August 17, 2005 Google acquired Android Inc. making it a subsidiary of Google Inc.

On November 5, 2007, the Open Handset Alliance publicly announced their first product, Android, a mobile device platform built on Linux kernel version 2.6.

Android provides a broad spectrum of applications and services to its user. Users can fully customize their mobile phones to their interests. The first Mobile phone that has used Android was the HTC Dream, release on 22 October 2008.

Here are some features of Android Operating System .

  1. Layout: The layout is mainly based on VGA, 2D graphics library and 3D graphics library based on OpenGL ES 2.0.
  2. Storage: For data storage SQLite is used .
  3. Connectivity: Android supports GSM / EDGE, IDEN, CDMA, EV-DO, UMTS, Bluetooth, WI-Fi, LTE, NFC and WiMAX connectivity technologies.
  4. Multi Lingual Support: It supports multiple languages ​​.
  5. Messaging: Android supports SMS and MMS including threaded text messaging and Cloud to Device Messaging (C2DM).
  6. Web Browser: It is mainly based on the open-source WebKit layout engine and Chrome's V8 JavaScript engine.
  7. Java Support: Most of the applications are written in Java but they run on Dalvik, a specialized virtual machine designed specifically for Android.
  8. Media Support: Android supports WebM, H.263 , H.264, MPEG-4 SP, AMR, AMR-WB, AAC, HE-AAC, MP3, MIDI, Ogg Vorbis, FLAC, WAV, JPEG, PNG, GIF, BMP and WebP media formats.
  9. Hardware Support: It can support wide variety of hardwares including video / still cameras, touchscreens, GPS, accelerometers, gyroscopes, barometers, magnetometers, dedicated gaming controls, proximity and pressure sensors, thermometers, accelerated 2D bit blits and accelerated 3D graphics.
  10. Multitasking: Android supports multitasking.
  11. Multi-touch: It supports multi touch natively, but previously it was disabled at the kernel level. An update was released by Google which enables multi-touch natively.
  12. External Support: Now the majority of Android devices support microSD slot and can read microSD card formatted with FAT32, Ext3fs or Ext4fs file system.

There are millions of applications available for Android which can be downloaded from Google Play, formerly Android Market. The latest version that is available to phones is Android 4.0.4 Ice Cream Sandwich.

[ad_2]

Source by Mvir Singh

Certified Ethical Hacker (CEH) Certification – Is It As Cool As It Sounds?

[ad_1]

I know, many of us would love to have that title. Most of us, if not all, at some point of time wanted to learn hacking and learning it over the internet is one thing, to be recognised as one is an another.

So back in May, the CEH course was being offered by V-ITMI at Quatres-Bornes. Since I was free and on holidays after passing my HSC and waiting for university to start, I paid for the course. The total fees were Rs42, 500 including the exam fees. Apparently the courseware itself costs around rs27, 000 and it contains 4 DVDS of tools assembled over the internet, a Linux backtrack CD (Linux live CD) and some pdf notes of the other chapters that are not covered by the instructor and is not examinable. It also has 5 big books that you will need to learn before going for the exam, a mouse pad and a pen. There were no entry requirements as long as you follow the course from an EC-Council Accredited Training center. However, if you want to skip the course and go for the exam only, you will need a written proof from your company stating you have at least 2 years' experience in the security field. You will then sit for the EC0-350 paper while I did the 312-50 paper but both is the same paper and you will obtain the same title, ie, CEH.

The course:

The first day, I had the pleasure to meet my Trainer, Mr. Franklin John from India. He is a very intelligent man and the first CCIE security I have ever met. He came all the way from India specially to deliver the course at v-itmi. The course's duration is 5 consecutive days from 9AM to 5PM and it is really very quick. You can not follow everything that the trainer is saying and he has a time schedule to finish the course, so, he moves along slide to slide very quickly and mastering every type of hacking attacks (Session hijacking, DDOS, DOS, linux hacking, buffer overflows , sql injection and so on) in this small amount of time is practically impossible.You do have breaks at 3 intervals: a tea break, tea, coffee and biscuits were served, a lunch break and a tea break again in the afternoon.

Each of the students had a personal computer where you will be expected to do live demos / testing of the tools given to you in the CD. These tools are tested on a Windows Server 2000 Advance with no patches installed. Post why? Because without the patches, the windows server 2000 is very vulnerable and you can use any tools on it: most of them is going to work. I know that you are thinking, "what the heck? It is useless, who even uses windows server 2000?" Yes, I was disappointed too because the tools will not work on Windows XP and above (With all the patches / security fixes installed ). However though, you will have an idea of ​​how hacking is done and you will grasp the concept of the types of attack that is performed with live demos provided by the instructor.

5 days were quickly over and at the end; you will need to submit an online feedback of how the course was, the competency of the trainers and so on.

The exam:

Now, time for the exams. I went for the exams after a month or so because I was also preparing for my CCNA & VCP exam. The exam's cost is included in the courseware that you bought. However, if you fail the exam, the next time, you will have to bear the cost. The exam consists of 150 multiple choice questions and is 4 hours long. The MCQ questions vary. Some may have only one answer while others may have up to 3 or even 4. The questions in the exam were not entirely what I read from the book. I would say 80% of them were in the book but the remaining, some personal knowledge and logic is required. I ended the exam in 3 hours and 30 minutes and I passed! I was really happy because 1) This is my first ever certification and 2) the name is so cool.

But really, was it worth it? Rs42, 500 for something out-dated: Well, I am not so sure. I would have rather opted for ISC2 security certifications. However, CEH was a good experience in the sense that, it is the only course out there that will teach you 'hacking' with live demos. It was fun, I admit.

After a month, my welcome kit finally arrived. It consisted of one certificate, one welcome letter and one big sticker with CERTIFIED ETHICAL HACKER written on it. Also, you will have access to the official CEH logo which looks unprofessional according to me and a unique code is given to you where you will have access to a certified member's portal where CEH all around the world share ideas, discuss anything etc.

If you are thinking about doing a certification in the security field, I would recommend Security + as a start and a security certification from ISC2 later on. Details here more ( Https://www.isc2.org/credentials/ )

All the best!

[ad_2]

Source by Mozammil Khodabacchas

How To Run 16-Bit Software On A Windows 7 64-Bit Computer

[ad_1]

I live in an area of ​​the country where there are many elderly people. Many of these wonderful people still have old computers that are running old software. However, little by little they are beginning to upgrade their computers and Operating Systems to the latest and greatest 64-bit Windows 7 – but they want to keep using their beloved old software. Therein lies the problem!

The other day I set up a new Windows 7 machine for a client. He was extremely happy and then he said "OK, now let's install my wife's American Greetings CreataCard Gold 5 and my Hoyle Card Games". He and his wife had used these same programs for years and they could not live without them!

Well as you can probably imagine, these two programs would not install. Both of these older programs are16-bit and will not install on the 64-bit Windows 7 OS. If my client had purchased a computer running 32-bit Windows 7, he could have run his programs in Compatibility Mode but this function will not work in 64-bit Windows 7.

So, the guy was very disappointed but I stayed as "cool as a cucumber" because I knew that there were several, great, free virtual machine programs that will allow you to run these older 16-bit programs on Windows 7 64-bit.

These are the programs that I recommend (especially # 2 & # 3):

1) DOSBox (DOSBox is a DOS emulator and only runs 16 MS bit-DOS programs and not 16 bit Windows Applications).

2) VirtualBox (a "virtual machine" That Allows an unmodified operating system with all of its installed software to RUN in a special environment, on top of your existing operating system).

3) VMware Player . (A "virtual machine" That will RUN legacy Windows applications on top of your existing operating system without interfering with the original OS).

Have fun continuing to enjoy your older programs on your brand new Operating System !!

[ad_2]

Source by Randy Knowles

Technical Writing – Components Of Windows User Interface In Software Documentation (2) – Window

[ad_1]

User interface documentation, one of the important tasks in software documentation, requires clear and consistent definition of all interface components. In this second part of the series, we continue with our survey of the most important interface components that a technical writer should be familiar with.

NOTE: Windows, Mac and Linux machines all have different user interfaces, depending on the particular Operating System (OS) (or "distribution" in the case of Linux) installed on your machine. This series is limited to the Windows interface only.

First of all, let's clarify the conceptual difference between a SCREEN and a WINDOW.

A SCREEN, as defined by Microsoft, is the "graphic portion of a visual output device." It is sometimes used interchangeably with a "MONITOR" or a "DISPLAY." Sometimes both are used together as in the retronym "monitor screen."

A WINDOW, on the other hand, refers to the individual display area surrounded by a FRAME and display when the user clicks a button or selects certain menu options.

A "screen" displays one or more "window" (s) but not the other way around.

A "screen" has one size which is the size of the monitor. Every "window," on the other hand, might have a different size depending on the user preference.

A "window" is a more abstract term when compared to a "screen" and that's why although there is a "screen RESOLUTION" (number of pixels in a unit length of screen), there is no corresponding "window resolution." There is, for example, "screen SAVER" programs. But there are no similar "window savers." You can save and close a window but a screen, as the physical medium of the interface, is there always, no matter which window (s) it is displaying.

When there are multiple windows open in a screen, the window that is selected and responds to user commands is referred to as the window in FOCUS. By "focusing" on a window you select it and make it respond to your interaction.

[ad_2]

Source by Ugur Akinci

Easy Steps to Stop SMTP AUTH Relay Attack and Identify Compromised Email Account for Postfix

[ad_1]

Today lots of the email application such as Sendmail, Postfix, or even MS Exchange has been re-designed to reduce the possibility of become an 'spam-relay'. From our experience, most of the SMTP AUTH relay attack is caused by the compromised of the weakly password protected user accounts. Once the accounts discovered and been compromised. Spammer authenticate using the user credentials, they are granted to relay via the server, which is then used to send spam.

Below are the easy steps to stop these spam emails quickly and identify which account (s) has been compromised.

Step1: Stop on on-hold mail queue.

Large amount of spam emails keep queueing your mail spool. What even worst is all the spam it fill up all your / var. Thus, it is always to hold the mail queue for temporary until you find out the which account has been exploited by spammer and send a large amount of emails.

Step2: Check your mail log.

Go to / var / log / maillog to have a quick look on the line with from: <>. You might see lots of email domain name there are not belong yo your organization. This is due to the spammer is faking the mail from: <>.

Step 3: Identify compromised account authenticating SMTP AUTH connection

Next, let us check those email accounts that has been exploited. Run a have cat grep sasl_username and sort it. You should see a long list of the login attempt and session for those exploited account. You can also do a quick calculation by running wc -l command to see total sessions for a particular user.

Step4: Disable the exploited email account.

Once, we have SASL_username string, which is the user account. You are advised to disabled or change the password to complex password.

Step 5: Move the mail queue or delete the spam email

Now, we have to deal with our mail queue. Easier and fastest way is to move your mail queue and do the housekeeping later. Or, you can delete those spam email using Bash script.

Step 6: Release Mail queue

Remember to release mail queue after our housekeeping process and keep on monitoring of the mail traffic.

[ad_2]

Source by James Edward Lee

WMV Files – Play Your Tune

[ad_1]

World's topmost company Microsoft Corporation developed a format better known as Windows Media Video or WMV in short which is basically used to view videos in a computer or laptop. This type of video format works well with any of the common players like Windows Media Player, Real Player, VLC Media Player, KM Player, Win amp and not to forget the giant Power DVD. The first version WMV 7 which was developed in the year 1999 and was successful.

One of the major reasons for using these files is that it allows mega capacity videos to be easily compressed without affecting their quality. These files can be played by the use of a set of codecs. A codec is a small program that can read a file, create video and audio formats from the data given.

WMV files when played on PC

There are few basic yet essential streps required that you need to follow to play such files in your personal computer.

1. If your computer already has a Windows Media Player program, WMP, then update its latest version so that you can play those video files properly. You can do this by downloading from the Microsoft Windows Media Player website. But, In case you are not able to view these on your system, then Windows can give you an error message mentioning that WMV files can not be opened. For this, you need to identify which program can open those files or your registry may be damaged.

2. Now, open the Windows Media Player from your PC and select the video file to be played.

3. You can select multiple files to be played in WMP.

4. If you do not wish to use WMP, then you can use other players that support this format such as Win amp, Power DVD, VLC etc

WMV files when played on Linux

Windows Media Video can be played in Linux using a compatible media player. Linux supports Video LAN Client or VLC player through which you can play your files. VLC player supports format of WMV files directly. Some of common players usually used in Linx are Boxee, Real Player, Mplayer and Helix Player.

WMV files when played on Macintosh

You can also run your video files in the Mac OS using the Mac Version of Windows Media Player. Apple computer supports Apple Quicktime media player which can also play WMV files. For this, you need to install File4mac plugin. It is a freeware that can be downloaded from Microsoft website.

WMV files can not be played on Vista since it is an operating system. It does not play anything.

Happy tuning to all viewers !!

[ad_2]

Source by Rupa R Sinha

Introducing: SAP ASE Edge Edition – Retiring Sybase ASE SBE

[ad_1]

This might be the biggest announcement from SAP you never heard of. After dropping the name Sybase from its product names last year, SAP is quietly reshaping its database platform offerings. And I mean this in a good way.

Under the Sybase name there were 2 ASE products; Sybase ASE Enterprise Edition (EE) and Sybase ASE Small Business Edition (SBE). The Sybase ASE EE product was and still is the flagship and the most commonly known edition of Sybase. But it came with a hefty price ticket. To offer a Sybase ASE database server to the SMB market space, Sybase created ASE SBE, limited to 2 CPU sockets and 8 engines on a physical server, at a very low price.

The server virtualization revolution has dramatically changed the server landscape and database servers made their transitions to the new world. The majority of newly deployed database servers are virtualized, either on premise or in the cloud. The Sybase ASE EE 15.7 database server enabled Sybase clients to make the move to the virtual servers with the introduction of the threaded kernel model. SAP ASE EE 16 continued the optimization for virtual servers and offers one of the most advanced database servers in the market.

However, Sybase ASE SBE never made the step into the virtual world and that was bad news for SMB, who are trying to save money on infrastructure costs. Hence the introduction of SAP ASE Edge Edition .

SAP ASE Edge Edition will retire the old Sybase ASE SBE. It is based on the SAP ASE EE 16 edition with a limit of 4 cores. Other than that, SAP pulled out the stops and created an entry level ASE server that packs features that other databases only offer in their enterprise edition, but set a price point that competes with other vendor's standard edition database.

The following matrix shows the comparison between SAP ASE Edge Edition and Sybase ASE SBE. But pay close attention to the options that are now included and compare this to other vendors standard offerings.

Limits / Options
ASE Edge Edition
ASE SBE (retired)

Max Engines
No Limit
8

Max Cores OS can use
4
No Limit

Max CPU Chips
No Limit
2

Max Concurrent User Connections
No Limit
256

Options

High Availability
X
X

Disaster Recovery Package
X
X

Security and Directory Services

X

Encrypted Columns

X

Partitions

X

Active Messaging
X
X

Compression

X

In Memory Database
X
X

Advanced Backup Services (TSM)
X
X

Enterprise Connect – Oracle
X
X

Enterprise Connect – ODBC
X
X

  • (Included) X (Not Available)

SAP ASE Edge Edition also includes unlimited cores of SAP Replication Server Premium Edition, restricted to warm standby capabilities of SAP ASE Edge data.

If you're running Sybase ASE SBE today in either server or user based licensing, you should take a closer look at SAP ASE Edge Edition. The savings in server virtualization alone can justify the investment.

If you're running a shareware database server and would like to upgrade to an enterprise class database system, running on Linux and Windows servers, you should talk to us about SAP ASE Edge Edition.

If you're planning on implementing a commercial database server in your company and or product, SAP ASE Edge Edition should be on your checklist.

Call us today at 813 322 3240 to learn more about SAP ASE Edge Edition.

[ad_2]

Source by Peter Dobler