Tuesday, September 28, 2010

ITUG 2010

ITUG 2010 (also called The Connect NonStop Symposium and Expo) opened with an amazing dinner hosted by XYPRO at Scotts seafood restaurant in San Jose.  Among the 130+ attendees was a real  cross-section of the HP NonStop community. Aussies, South Africans, South Americans, Asians, and Europeans joined the North Americans for a most amazing 3-course meal with dessert  and entertainment.

For those who managed to get out of bed on Tuesday, 499 other show attendees joined them at the San Jose convention center-and the mood was incredible. Everyone was happy to be back in San Jose at a NonStop show instead of in Las Vegas in the middle of Summer!

It was really heartwarming to some and interesting to others that even with HPTF (the heretofore-described show in Las Vegas), people came to this event.  I personally know of several NonStop customers who never intended to come to San Jose but went to Las Vegas. They determined the NonStop symposium was the place to be and are here with bells on and very happy they came.

The San Francisco bay area is in the middle of a heatwave, so people can close their eyes and pretend that they're in Vegas, then open them up to see dozens of NonStop product managers, developers, and execs who find it a lot more pleasant to drive the 5 miles down highway 280 from Cupertino than to take a 90-minute flight to Vegas after waiting an hour in the security line.

What happens in Vegas stays in Vegas, but what happens in San Jose has a big influence in Cupertino, helping build better products for the best computer system in the world. And isn't that a grand thing?

Lisa Partridge
XYPRO

Friday, September 17, 2010

XYGATE Software Exceeds Regulatory Auditing Requirements for HP NonStop Systems

State of the art auditing & compliance solution to ship with latest HP Integrity NonStop operating system

(September 14, 2010) Simi Valley, CA – XYPRO Technology Corporation, a leading provider of security software and services for HP NonStop server environments, today announced its audit and reporting solution, XYGATE Merged Audit (XMA) software, will be included in the HP NonStop Operating System Mission-Critical Edition software package.

This XMA software addition will allow customers to better monitor the state of their mission-critical systems.  XMA collects, filters, normalizes, and writes audit data from a variety of sources across dozens of systems in an HP NonStop system network.  The software then writes data to a consolidated NonStop SQL database.  These advances will allow security administrators to efficiently produce reports based on audit data from one or multiple sources, create real-time alerts for specific events, and feed many off-box central audit logging devices or SIEMs (Security Incident Event Monitor), such as the HP Compliance Log Warehouse (CLW), facilitating Integrity NonStop server participation in an Enterprise Security Program.

“Security has changed drastically over the last five years,” said Sheila Johnson, XYPRO’s CEO.   “Starting in September, customers who purchase new HP NonStop servers running on the J Series or H Series platform will receive XMA on their system.”

HP NonStop customers who wish to upgrade their existing systems can purchase an OS upgrade package that includes XMA software and entitles them to new versions of the product going forward.  XMA software also continues to be available for individual purchase and direct support from XYPRO.  

“In the current climate, many businesses are under increasing pressure to comply with regulatory audit standards – all while protecting their mission-critical data and resources,” said Randy Meyer, Director of NonStop Product Management, Strategy and Technology at HP. “HP is working with XYPRO to provide clients with solutions that simplify risk management and increase effectiveness of system monitoring in complex information security environments.”

“Bundling XMA software as part of the OS distribution provides customers with greater consistency, significant savings, comprehensive audit consolidation, and reporting,” said Lisa Partridge, XYPRO’s Vice President of Sales & Marketing.  “We are excited to work with HP to bring best-of-class security to the HP NonStop user community.”

Wednesday, September 8, 2010

From the CEO's Desk

We all know that the sun never sets on the HP NonStop server empire—especially in the financial industry. Worldwide, a large number of credit card and funds transfer transactions are either switched or cleared by NonStop servers. And since the bulk of those mission-critical NonStop servers protect their confidential information with XYPRO software, we felt that it was time that we had a seat at the payments processing table.

But rather than sitting back and listening, we wanted to have an active voice, to ensure that the needs of our users were addressed as new standards were implemented. To get that seat, XYPRO joined the PCI Security Standards Council as a participating member, which allows us to work with the Council to evolve the PCI Data Security Standard (DSS) and other payment card data protection standards.

Anyone who has read the PCI DSS knows that many of the requirements are aimed at so called “industry standard” servers and not big iron like the NonStop server. How many times have you been asked what anti-virus software is running on your server? Wouldn’t it be nice to stop hearing that question from your auditors?

In other news, the traditional NonStop Summit is back. Rather than hopping a plane to Las Vegas in summer, walking what seems like 4 miles from the hotel to the convention center every day, and fighting the crowds of gamblers and tchotchke divers hanging out at the Mandalay Bay, we get to be back among our own circle of friends just minutes from NonStop Central (or Cupertino, as Google Maps calls it). All of your favorite vendors have booths and are just as excited to be back in San Jose as I know all of you are. HP will be sending dozens of NonStop developers and product managers who can spend time with you to understand how to make their products better by meeting your needs.

In my last blog entry, I alluded to a number of exciting activities that I could not talk about—until now. If you’ve attended one or more Security SIGs, you’ll remember that the same requests get made over and over and every time HP recognizes that there are opportunities for improvement. Unfortunately, the development dollars just aren’t there to address every issue and HP needs to prioritize.

A substantial number of security upgrades have been made by HP, including longer passwords, better user management, a more secure password encryption algorithm, and so on. HP has been listening to you and over the past year, they quietly have been working to bundle selected third party products into the base NonStop OS.

At the summit, HP and XYPRO will jointly announce and demonstrate some of the most frequently requested security functionality being added to the NonStop OS at a low cost to customers. Current XYPRO customers don’t need to worry about past decisions or future support, since we have a migration path for you.

Watch for our press release later in September and be sure to drop by our booth at the Summit to see what’s cooking. If you just can’t wait, you can read Scott Uroff’s article in the July/August issue of Connect Magazine for a clue.

Before I close, I wanted to mention “The Most Significant Breach Of U.S. Military Computers Ever.” This has nothing to do with NonStop servers, or even HP. It began when an infected flash drive was inserted into a U.S. military laptop at a base in the Middle East. The flash drive's malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command. That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control.

It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary. There is only one protection against rogue software or a rogue user in the enterprise and that is encryption at a very granular level. It will take an attacker a lot longer to steal your information if they need to do it one small piece at a time as it is displayed on someone’s screen than if they can just download an entire unencrypted file in one shot.

Scott Uroff wrote an article in the January/February issue of The Connection magazine that can help you understand the importance of selecting the right encryption algorithm and how to properly implement it. If you have questions, Scott will be at the XYPRO booth and the Summit to answer them.

Don’t pick up an unknown flash drive and connect it to your network, but do come to the NonStop Summit. See you there!

Sheila Johnson
XYPRO, CEO