San Jose, CA: NonStop Technical Boot Camp – Oct 14 – 16 2012

XYPRO recently returned from the NonStop Technical Bootcamp, held at the Doubletree Hotel in San Jose, and it turned out to be a great event.  There were almost 200 attendees, of which approximately 60% were customers, with the remainder being HP staff and vendor partners like ourselves.  The San Jose location proved to be a major positive, with HP being willing and able to send a large number of technical resources to present, given we were “just down the road”.

As a result, the agenda was fairly well packed with strong technical content.  XYPRO sent some of our own internal resources for training/general knowledge purposes, and all came away feeling like it was time well spent.

The customer attendees were there to learn, and it was a great opportunity for us to provide information.  Our co-presentation with HP on XYGATE Merged Audit (XMA) explained how a large number of customers now have XMA as a result of its inclusion on the SUT, and how those customers can start to use it to help with compliance, integrate with HP Arcsight or other SIEM devices, and increase their system security in general.

The show opened with a bang, with a traditional Tandem “Beer Bust” in the Doubletree’s restaurant/bar, sponsored by XYPRO and Tributary Systems.  Jimmy Treybig, the CEO and one of the founders of Tandem Computers, joined in and many took the opportunity for a photo.  The following morning, Jimmy gave the keynote speech, which he terms a “love note” speech, given that it was mainly focused on the User community, and the value of groups like ITUG over the years.  An excellent, inspiring presentation, most of which was recorded and can be viewed here… (http://www.connect-community.org/blogpost/550209/153083/Jimmy-Treybig-s-Love-Note ).

The majority of the conference consisted of session tracks, focussed on various technical areas, and all were well attended.  The breaks were an opportunity for networking, and for users to consult with the large group of vendors that showed their support for the event by exhibiting and sponsoring.  An important point – the food was generally excellent, and received many positive comments!

At this stage it sounds like a similar event is in the pipeline for next year, at the same venue, so look out for that, and see you there! http://www.connect-community.org/?TBC2013

Strong Authentication. The Device Is The Key™

NetAuthority irrefutably identifies and authenticates connected devices.

In today’s world of mobility, cloud computing, virtual workforces, social networks, and online businesses, stronger authentication for identity and access management is more critical than ever. Security vulnerabilities are skyrocketing and malicious attacks are being unleashed in unprecedented numbers with increasing sophistication, resulting in massive information and economic losses.

Identity and Access Management has historically focused on the attributes of a person’s identity. User ID and passwords are still often the only form of authentication used by organizations.   Traditional forms of multi-factor authentication are not designed to address the explosive growth in internet-connected devices and online activity and are unable to meet the needs of scalability, ease of use, affordability, and mass-deployment that the online-connected world requires.

Today’s organizations are faced with the following challenges:

•  Knowing the devices that are connected to applications and networks without owning them
•  Knowing that the devices accessing the network are actually in the hands of authorized users
•  Implementing access authentication solutions that are secure, cost-effective, easy-to-use, and highly scalable
•  Implementing access authentication solutions that provide flexibility and multi-dimensional security that complements existing systems and infrastructure
•  Ensuring that regulatory compliance requirements and security best practices are addressed

NetAuthority’s Device Authentication Services addresses these issues and more through:

•  Irrefutable identification of the device via its Dynamic Device Key and links the user with the identified device, for strong authentication security.
•  Notifications and alerts providing organizations with immediate visibility to unauthorized users attempting to gain access, unauthorized devices, and more.  Organizations are now empowered to quarantine or even blacklist devices for greater security.
•  Flexible, mass-deployable, user transparent, and cost-effective strong authentication solution, unlike other “something I have” authentication methods.
•  Secure service API to interface with existing user management systems,monitoring systems,and log management solutions to leverage prior investment
•  SaaS-based service, so strong authentication can easily be implemented based on an organization’s assessment of risk and information assets.
•  Satisfying regulatory and best practices requirements for strong authentication and compliance.

NetAuthority’s Device Authentication Service provides strong authentication security with unprecedented control and visibility to both the Who and What is accessing online applications, accounts and information.

To learn more about our Device Authentication Service for strong authentication and compliance, please contact us at netauthority@xypro.com


Barry Forbes
VP of Sales & Marketing
XYPRO Technology Corporation

www.xypro.com

HP Discover 2012 – Whatever’s happening in Vegas, it’s NonStop!

I’ve just returned from HP’s biggest user event for the year, Discover 2012.  As we from the NonStop crowd have come to expect, this years’ conference was large and impressive – similar to what we’ve seen in previous years.  I for one was pleasantly surprised with the conference layout this year.  There’s no getting around the fact that, as a conference hosting towards 15,000 people, there’s going to be some significant distances (and crowds!) involved, but this year it seemed easier to find what you were looking for, with other things like registration and meals handled better than previously.  One standout improvement was the location of the NonStop partners – we had our own signposted area, co-located with the HP NonStop group, which meant much less traipsing back and forth to engage with our HP colleagues.

In terms of content, we saw some excellent keynote sessions.  Meg Whitman took the stage on Tuesday morning to outline her three-pronged corporate strategy, focussed on cloud, security and information optimisation (or big data management).  This in turn was layered over the 4 main areas of offering that HP provides – infrastructure, software, services and solutions.  All good stuff.  Meg went on to discuss a number of HP customer case studies, which (by my count) were all NonStop customers, perhaps bar one.  State Bank of India, a massive NonStop user in the card payments space, was one example, and as we all know, they’ve been happy NonStop users for many years.  It was great to see NonStop getting such prominence, even if it was implied – and this fact was referred to by other HP NED/BCS execs over the coming days.  Meg then introduced Jeffrey Katzenberg, from Dreamworks, who gave a very entertaining presentation, including live animals (!), and a sneak-peak of the upcoming Madagascar movie – some of the stats around production of a Dreamworks animated presentation are quite astounding.  The 2 ½ minute Madagascar promo that we saw took an amazing 6TB of storage.  Three seconds of animation can take a skilled animator a week to complete.  Each movie takes an average of 5 years to produce, and 3D is complicating things even further.  Of course, HP provides the infrastructure that underpins everything Dreamworks does, and this was refreshing to hear from such a creative environment where hardware components are often assumed to be of a different flavour.

Other notable sessions included the HP NonStop: The Platform for Continuous Business, presented by Ric Lewis and Randy Myer, which for most of us was our first chance to see Ric presenting on NonStop.  He came across as very aware of the value that NonStop brings to HP, and very understanding of the considerable legacy that a lot of us bring to the NonStop environment.  Everyone at the show seemed extremely upbeat about the enthusiastic way Ric has jumped into his role.  If you want to hear more from Ric and Randy, I would recommend this interview that they gave at the show: http://t.co/XGTj3Fq2 

Closer to home, Karen Copeland, NonStop Security Product Manager, presented a couple of times on NonStop security.  It’s always great to see what’s coming up in this critical area, and it’s even nicer when you see a few of your products forming an important part of the HP product roadmap.  As usual, Karen did an excellent job.

Another interview I’ve come across since the show completed is Rafal Los (Twitter: @Wh1t3Rabbit), Chief Security Evangelist at HP, interviewing HP NED Master Technologist Justin Simmonds – Raf is well known in security circles and Justin does a great job of bringing him up to speed on NonStop.  Take a listen at http://bit.ly/Ks8Cez.

Wednesday evening saw the hosting of the NonStop Community Reception, which was held thanks to the generosity of twenty-one NonStop vendors, at the Grand Lux Café.  This turned out to be a fantastic event, not just for catching up with old friends, but for making new ones as well, with many different vendors and NonStop users represented.  Indeed, we estimated there to be over 200 people there at the peak of the gathering – it got quite cozy in that relatively small room!  Still, a great night – thank you again to all the vendors who helped make it possible.

Things started winding down on Thursday, with many having just enough energy to checkout the entertainment for the week – Sheryl Crow and Don Henley.  Excellent food and cocktails were a welcome accompaniment to some fantastic music.

All in all, another excellent conference.  We look forward to the NonStop Technical Boot Camp that was just announced for San Jose Oct 14-16, and to doing it all again in Vegas next year!

Andrew Price

XYPRO Technology Corporation
HP NonStop Server Security
and Encryption Solutions

XYPRO Technology to Distribute Voltage SecureData Encryption Solution

Voltage’s FPE, Tokenization, and Masking solutions added to XYPRO’s comprehensive security offerings

XYPRO Technology Corporation, the market leader in HP NonStop server security, audit, compliance, and FIPS-validated encryption solutions, today announced that it would begin reselling the Voltage SecureData solution suite, to complement its existing NonStop security products.

Voltage SecureData is a comprehensive data-centric security solution, uniting end-to-end encryption, tokenization and data masking for the protection -- end-to-end – of sensitive information, including data subject to compliance, such as PCI DSS, and without impacting business process, work flow and applications. Leveraging patented technology and solution innovations, including Voltage Identity-Based Encryption™ (Voltage IBE™) and Voltage Format-Preserving Encryption™ (Voltage FPE™), Voltage SecureData is the most comprehensive data protection platform, securing data as it is captured, processed and stored across the variety of devices, operating systems, databases and applications. It is used by corporate enterprises, financial institutions, healthcare organizations, government agencies, utilities, retailers and service providers.

“XYPRO is extremely pleased to bring the Voltage SecureData solution to our customers,” said Andrew Price, director, Product Management at XYPRO. “As PCI, GLBA, Basel III, OCC, HIPAA, FISMA, FedRAMP, FERC, NERC and other compliance regulations continue to demand protection of sensitive data, our customers need a range of options for that protection. Voltage SecureData, with its support for Format-Preserving Encryption, tokenization and data masking is the most comprehensive enterprise-wide solution for end-to-end data encryption.”

"We are excited to add XYPRO to our list of global distributors. As the technology and market leader in data-centric security for the NonStop platform, this was a logical step for us, and we look forward to helping XYPRO customers meet their data security and compliance requirements,” said Jeremy Stieglitz, vice president of Business Development, Voltage Security.

About XYPRO
Founded in 1983, XYPRO Technology Corporation is the market leader in HP NonStop server security, audit, compliance assessment and FIPS-validated encryption solutions. XYPRO solutions meet the strict requirements of companies who manage, access and transport sensitive data using heterogeneous hardware platforms and multiple communications media. XYPRO helps mission critical businesses manage their security risks, protect assets and gain a competitive edge through compliance, while improving efficiency.
 www.xypro.com

About Voltage
Voltage Security®, Inc. is the world leader in providing data-centric encryption and key management solutions for combating new and emerging security threats. With innovative, powerful and easy-to-use encryption and tokenization solutions for protecting sensitive business data, Voltage customers are able to address privacy regulations and best practices from around the world. Voltage customers adopting data-centric encryption include some of the largest companies in the world across a wide variety of industries including payments, financial, insurance, medical, e-commerce and more. Voltage solutions include three groundbreaking encryption approaches: Identity-Based Encryption™ (IBE), Format-Preserving Encryption™ (FPE), and Page-Integrated Encryption™ (PIE). Voltage solutions have changed how enterprises protect their most valuable assets—their customer data. Offerings include Voltage SecureMail™, Voltage SecureData™, Voltage SecureData Payments™, Voltage SecureFile™, Voltage SecureData Web™ and Voltage Cloud Services™, which provides cloud scale encryption and key management for their businesses, partners and customers. The company has been issued several patents based upon breakthrough research in mathematics and cryptographic systems. To learn more about Voltage customers please visit voltage.com/customers.

###

Voltage Identity-Based Encryption, Voltage Format-Preserving Encryption, Page Integrated Encryption, Voltage SecureMail, Voltage SecureData, Voltage SecureData Payments, Voltage SecureData Web, Voltage SecureFile, and Voltage Cloud Services are trademarks of Voltage Security, Inc. All other trademarks are property of their respective owners.

Join XYPRO for Our Next Two Webinars Covering: Database Management and Security & Compliance Professional Services

Database Management  May 24, 2012 - 8:00 AM Pacific

Register Now


Database Management Solutions for the HP NonStop. XYPRO offers Merlon Software Corporation’s database management software solutions on a global scale. Merlon’s products provide companies who rely on NonStop servers for storing and processing vast amounts of data with the means to efficiently administer even the most complex database environments.  Join Ken Waterson (Merlon Software) and Kevin Boham (XYPRO) for a comprehensive overview of Merlon-The Total NonStop Database Solution.  Register Now.

Security & Compliance Professional Services - May 31, 2012 - 8:00 AM Pacific

Register Now

Security & Compliance Professional Services Webinar: The mission of XYPRO’s Professional Services group is to not only service what we sell, but to make the process as painless, efficient and robust as possible. From project management for our products and services to training and support, our aim is to ensure your operational readiness and security. Partnering with XYPRO Professional Services guarantees the products are effective, efficient and fully implemented.  This webinar will explain the benefits of leverageing the XYPRO PRO Services in detail, with additional emphasis on XYPRO’s PCI XPress Service, a comprehensive offering covering all aspects of PCI compliance as it relates to your NonStop server.  Register Now.

Barry Forbes

VP of Sales & Marketing

XYPRO Technology Corporation

www.xypro.com

Shedding Some Light on SCTUG

At the spring SCTUG we had the pleasure of having Randy Meyer, Director NonStop Product Management, Strategy & Technology-HP, do a presentation on the “Nonstop roadmap for the next 3 years and beyond”. This presentation focused on data center elasticity, converging systems onto both the private and public cloud, and touched on their relationship with Intel and how that influences changes in the future.

One very interesting bit of information Randy mentioned was that they are currently in the works to sell several  blades to a few very large mobile phone carriers in Japan. The purpose of these systems was to create a gateway to allow U.S. phones to work in Japan, creating essentially a “GSM Phone Gateway”.

Our next presentation was done by Randy Ireland and Khody Khodayari of NTS, where they showed off their new performance analyzer, NTS Bridge. It collects all of its metrics from the NonStop using under-the-covers system calls and uploads it into the NTS group. It then analyzes the data, running it through multiple sets of analyzers, then it compiles a report within minutes and sends it back to the customer.  The report outlines possible pitfalls, system degradation and can pinpoint system issues and specific timeframes, which allows the customer to play back the data to make tuning decisions. They also build a gadget that shows the status of every NonStop in your infrastructure. It is no different than a system monitoring system, but they condensed it down to a Windows desktop gadget. One thing they kept pointing out was that these systems were basically built by kids fresh out of school without any NonStop experience. The presenters reiterated several times that you don’t need to have NonStop experience to work on NonStop.

Justin Simond’s, Master Technologist Enterprise Architect - HP, presentation "Migrating from Oracle to Nonstop" was focused on the external costs and overhead of running on Oracle vs. the Nonstop. He highlighted several benefits of running dbs on NonStop, lower DBA costs, size of the database, number of transactions etc. This was certainly the most technically detailed of the presentations.

Jay Price
Sales Representative
XYPRO Technology Corporation
www.xypro.com

Does the P in PCI stand for “Painful”?

Let’s see if we can do something about that…

At a recent tradeshow I attended, I was involved in many customer discussions about PCI DSS.  PCI compliance continues to be a big deal for many HP NonStop users, and the issue isn’t going away.  Indeed, the card schemes are mandating PCI compliance in more and more countries for the card issuers, in addition to the merchant acquirers who have had to be compliant for some time now.

Many software vendors offer products that assist with PCI compliance, but at the end of the day, compliance is an ongoing process, not just a product.  For a lot of organizations who process Cardholder Data (CHD), achieving compliance will take a multi-month project.

At XYPRO we’ve been helping customers achieve PCI compliance for many years – as one of our customers said sometime back “XYGATE software was integral to us achieving PCI compliance” – so we’ve spent some time thinking about how we can make that process less painful, quicker, and more manageable.

The result of that thinking is XYPRO’s latest product and services solution bundle – XYGATE PCI XPress.  XYGATE PCI XPress consists of the XYGATE products and functionality required to achieve PCI compliance, along with a set of packaged services to simplify your PCI DSS compliance process.  XYGATE PCI XPress ensures that:

• CHD is only accessible by authorized users and processes
• Role-based access controls are in place
• All necessary NonStop resources are secured according to the granular subject-operation-object model
• Access to any/all sensitive data and applications is tracked
• All relevant security and audit events are centralized, and optionally sent to your Security Information and Event Management (SIEM) device of choice
• Users can be authenticated against whichever user data store is in use in your environment, be it RSA SecurID, Active Directory, LDAP, or many other sources
• All necessary Best Practises are being followed

Many other important areas are also covered.

When installed and configured through the XYGATE PCI XPress package, XYGATE PCI XPress will help address at least 9 of the 12 high-level PCI requirements.

As part of the PCI Package, XYPRO will also provide a statement of work covering the services to be provided to implement these products, along with other system configuration work that will be required.  A project plan outlines all steps that we will undertake, all tasks that the customer is required to perform, and those that we will perform together.  Realistic timeframes are provided, and we will optionally manage the entire project if required.

From the onset of the project on through to its completion, we may also be engaged to coordinate with your QSA to ensure that your NonStop platform and application compliance proceeds smoothly. What could be simpler?

Our new Manager of Professional Services, Sales Support and Education, Rob Lesan, has put this solution together. If you would like more information on XYGATE PCI XPress, please contact Rob or me.

Andrew Price
Director, Product Management
Andrew_P@xypro.com
XYPRO Technology Corporation

Rob Lesan
Manager of Professional Services
Rob_L@xypro.com
XYPRO Technology Corporation

XYPRO Announces Global Distribution Agreement with IdentityForge

XYPRO to exclusively distribute the IdentityForge Advanced Adapter for HP NonStop servers

SIMI VALLEY, Calif.--XYPRO® Technology Corporation, specialists in HP NonStop server software since 1983, have announced their agreement to become the exclusive worldwide distributors of the IdentityForge (IdF) Advanced Adapter for the HP NonStop server.

Centralized User Provisioning is becoming an important solution to enterprise security, and helps to reduce the risk of data breaches. Identity Management solutions are widely deployed in many enterprise environments, but prior to the IdF Advanced Adaptor for HP NonStop, NonStop, users could not be managed by those Enterprise Identity Management systems. The IdF Advanced Adapter provides an industry standard, enterprise LDAPv3 interface for User and Alias provisioning and reconciliation and native real-time, bi-directional identity synchronization between the HP NonStop server and your enterprise identity management infrastructure or external application.

“Becoming a worldwide distributor for the IdF Advanced Adapter is another step XYPRO has taken to further our global footprint and reinforce our position as a worldwide leader of HP NonStop server security software and solutions,” said Lisa Partridge, President at XYPRO.

Using the IdF Advanced Adapter, the Oracle Identity Manager for User Provisioning and Identity Management can fully participate with the HP NonStop server software. The same is true for RACF, ACF2, TOP Secret, RED HAT, Oracle Solaris, Salesforce CRM, or HP /UX – the IdF Advanced Adapter for NonStop is compatible with them all.

“IdentityForge is excited to be working with XYPRO Technology, the acknowledged leader in HP NonStop security. This partnership was a natural fit for us as we look to expand our footprint in the NonStop market, and other mission critical environments,” said Chad Cromwell, Chief Technology Officer at IdentityForge.

This release of the HP NonStop (Tandem) Advanced Adapter includes certified, “out-of-the-box”, integrated solutions for Oracle Identity Manager (OIM), Microsoft Forefront Identity Manager (FIM 2010), IBM Tivoli (ITIM), SAP Netweaver, CA Identity Manager, VOICETRUST Biometrics, the Dot NET Factory EmpowerID, and any other standard LDAPv3 Client or LDAP Adapter. Businesses worldwide are already benefiting from the HP NonStop Advanced Adapter by utilizing the Oracle Identity Manager (OIM) NonStop solution to automatically incorporate NonStop accounts into their existing Identity Management infrastructure.

Read more news at: https://www.xypro.com/xypro/resources/news

Barry Forbes

VP of Sales & Marketing

XYPRO Technology Corporation

www.xypro.com

From the CEO's Desk

It’s been a while since I’ve had the time to write this column because of how busy we have been at XYPRO over the last year.  In part, this was fueled by the HP decision to bundle our XYGATE Merged Audit (XMA) software with the HP NonStop Operating System Mission-Critical Edition software package.

While we cannot speak for HP or the NonStop product group, I can tell you that we have seen tremendous growth in the market for our products.  So much so, that we outgrew our website, our staff, and even our building.

After 26 years in the same building, taking over more and more space as other tenants moved out, we finally took over the last bit of space that was available to us.  We had another challenge; because of the great range of NonStop servers we support, we were about to exceed the maximum weight that our second floor computer room could support.

So this past November, over the long American Thanksgiving weekend, we packed up our bags and our systems and moved to a 15,000 square foot ground floor suite with a larger datacenter capable of supporting our accelerated growth.  This office is twice the size of the old one, positioning us for the future.

Some old-timers may remember that Jimmy Treybig tried for years to get the city of Cupertino to rename Tantau Avenue to Tandem Avenue.  Well Jimmy, we hope we made you proud because our new office is located on Guardian Street.  Even better, our new datacenter is non-stop, with redundant power, dedicated climate control and connectivity.  Now how cool is that?

As I said earlier, we also outgrew our staff, allowing us to hire from the outside and promote from the inside.  Lisa Partridge has assumed day-to-day responsibilities for XYPRO and was named President. Barry Forbes was promoted to VP, Sales and Jim Hinsch to architect.  We hired Andrew Price as our Director of Product Management, Rob Lesan as our Manager of Professional Services, Dave Teal joined as a pre-sales support and education specialist, Gabe Alvarez joined our Sales Team in Latin America and we even welcomed our summer intern, Rayna Burgess on as a full time member of our QA staff.  Most recently, we extended a heartfelt welcome to Mr Feng Lin to represent XYPRO in Asia Pacific.

Scott Uroff is still part of the management team as our Chief Architect, and several of our employees passed the new PCI SSC Internal Security Assessor Program (ISA).  At our upcoming internal Kick-Off event, one employee will receive a plaque in recognition of 5 years of service at XYPRO and three employees will receive their 10 year plaques.  Add those milestones to the 4 of us who already have our 20 year plaques and everyone in between!  All the better to serve our rapidly enlarging number of customers.

Our website is completely new too, with easier navigation to the information that you want to see, including access to our datasheets, whitepapers, and on-demand webinars.

I would like to move to our products for a moment.  HP understood for a long time that separation of duties is important to help prevent insider attacks.  This was the main driver for the multiple levels of security administration within the Safeguard security software.  But HP couldn’t fund every possible feature that customers wanted or needed, so XYPRO stepped up our game to help keep NonStop servers secure from hacking, even by insiders.

We like to say that we wrote the book on NonStop security (twice!), because it is true.  But we could only write the books after we spent a lot of time determining the current and future product functionality required for NonStop customers to be successful in their industries. At the time we didn’t think of it as predicting the future, but of course HP is now bundling some of our products within the NonStop OS to help protect our customers from the rise in cybercrime, so I guess we were.

And the insider threat has only gotten stronger, which is why XYPRO took separation of duties to its logical conclusion within XYGATE Access Pro.  Our peerless auditing capabilities within each XYGATE module, and collectively within our Merged Audit module, allow all NonStop server audit information to be sent to off-board and Enterprise audit logging solutions, such as those from ArcSight® an HP Company and  RSA® enVision.  XYPRO’s ability to work with virtually any of the SIEM devices and enterprise audit consolidators allows companies that use these systems to manage audit records generated by their NonStop servers, and preventing the audit from being changed after the fact.

We hope that you will visit with XYPRO staff either by attending a class or by coming by our booth at the dozens of HP NonStop server and security-related events that we attend all over the world.  We love meeting our customers so that we can better understand and serve your security needs. Remember to visit our blog, and follow us on our many social media channels, such as Facebook, Twitter, and LinkedIn.

Finally, while I cannot tell you who these companies are, or what the arrangements will entail, I am happy to announce that we are in the process of forging partnering agreements with several other vendors in the NonStop space. While Larry Ellison is trying to take out HP by dropping support for Oracle on Itanium, we know that HP has a secret weapon called NonStop SQL and we have the tools to properly secure this advanced database.  It’s certainly one of many reasons we are excited to be part of the NonStop community and intend to take full advantage of this evolving market.

No matter how you measure it, 2011 was our best year ever.  Revenue, customers, professional services, partners, products, head count - all grew at rates greater than previous years.  Important to our customers is that our expansion this year is based on executing long term growth plans.  So, as the economy continues to recover, we will have more solutions to protect your precious business information and reputation that will help grow the NonStop community beyond anything that has been seen before.

I hope that all NonStop community members join us and have as good a year as we have planned for ourselves.

Sheila Johnson
CEO, XYPRO Technology Corporation