Wednesday, June 29, 2011

Concerning NoSQL

Last night, at the KC .NET User group meeting, George Westwater gave a terrific presentation on NoSQL. The best way to understand NoSQL is to see George’s explanation—which he says he will and make it available through his blog. But in short, NoSQL databases are ones that do not use relational technology.

George’s point is that non-relational databases have been used for over 50 years in the business, this is true – I have been around awhile. He points out that Wall Street firms have been using non-relational technology ever since they started using computers. IBM still fully supports IMS, now in version 11 (12 is in beta), because these firms are still using this product and will continue to do so for a long time.

Of course, like a lot of computer business technology, there are a lot of new NoSQL products available these days, simply as a reaction to the problems of scaling relational databases for internet use. As a result, it almost looks as though NoSQL is something new. And there are a lot, I mean a L-O-T , of new products out there for this technology. The best resource to cover all of these products is http://nosql-database.org/, which has a huge listing of what is available.

My interest in the subject is primarily due to my interest in Windows Azure and the fact that Windows Azure storage is all non-relational, even the table storage. It is very fascinating and most of all, far cheaper than using SQL Azure for storage in “the cloud”.

If you are interested in learning more feel free to contact me at lkoorhan@centriq.com and for more on Windows Azure, take a look at our MS-50466 class or contact your Centriq Account Executive.



- Leslie Koorhan, .NET Expert;
MCT, MCSD (.NET), MCTS, MCDBA, MCPD LinkIn with Leslie

Bookmark and Share

Monday, June 6, 2011

KC Business Journal Names Centriq #1 Computer Training Program

Centriq Training is proud to announce it has been named Kansas City’s #1 Computer Training Program by the Kansas City Business Journal.  

Ranked by the total number of student days and the number of local students in 2010, Centriq Training outranked the competition by a wide margin.

“We are thrilled with the response we’ve received from local IT professionals for the variety of training delivery options we provide with our Centriq Choice program,” Centriq President Kevin Grawe said.

“Being the only live, in-classroom instructor led training option in the area is a commitment to the quality of training we offer,” he said. “We look forward to providing the most in-demand training for Kansas City again this year.”

To view the Top Area Computer Training Programs list and the latest issue of the Kansas City Business Journal visit http://www.bizjournals.com/kansascity/. For more information on the Centriq Choice program visit http://www.centriq.com.


- Justin Ruby, Corporate Sales Manager LinkIn with Justin 

Bookmark and Share

Managed Code Inside of SQL Server


What roles do you perform as the DBA for your organization?  Many times we find ourselves doing data related tasks that are thrust upon us because of software acquisitions, executive level business requirements, or a myriad of other reason.  Whichever the case, we end up working on some common repetitive tasks and some very specific unique ones.  One of those specific tasks that you may find yourself needing to implement is using managed code in your SQL environment. 
 
This article is not for everyone, that is to say managed code integration is not a common task like backup or index management, rather it is for administrators who find themselves in one of the following two situations; a) you have applications in your environment that were developed and supported in house, and/or b) you work closely with those who develop code to enhance or modify 3rd party applications.
 
In a typical n-tier application, we have front end code, business logic, and the data repository.  In fact we could have a data repository that supports many different front/middle tiers.  In such a case, we could develop stored procedures, triggers, or functions, on the data layer for shared use at the application layer.  We have heard the benefits of centralized administration of networks from Microsoft for years, we can think of the aforementioned approach as centralized development.
 
One problem that could arise from this approach is that an application may (and likely will) already have code written in it for its own use.  Therefore developing it again at the data layer, is time consuming, costly, and may have scaled down functionality due to the limitations of T-SQL.  SQL Server 2008 has the ability to create, what I will term as function “proxies” that are created inside of the SQL Server environment, but are defined in managed code.  Now, if your development team has developed some function that their application needs and placed it into a DLL, you as a SQL professional can centralize that function by simply calling a SQL Server function that calls out to that DLL for its implementation. 
 
Whether the reason for using this feature, is applying centralized coding, or combating the limitation of the data developer not knowing the same business logic specifics that the application developer knows, or that managed code is more capable of handling the business logic tasks than T-SQL, or leveraging the skills of each area of your business to minimize the development cycle – accessing managed code is a great option to explore.
 
Assume your business line is the building of bridges and you frequently need to calculate the density of steel at various elevations.  You may have this function defined in one of your applications on the middle tier, and you may find that you now need to access that function from different applications and possibly inside SQL Server.  Without managed code integration, you would have to recreate the body of the function inside of SQL server or inside of the other application.  You now have the ability to create the function inside of the SQL environment, point the body of the SQL Server function to the DLL function, and simply consume the SQL function, as you normally would.  Of course, there is a little bit of “wire-up” code that you need to provide, as well as some re-architecting from the application standpoint.  You may find the benefit of the code existing in one place makes implementing managed code worth it.  However, a cost analysis to determine if this change would be of benefit would have to be conducted.  However, designing code in the first place to be able to benefit from this capability is a great way to move forward without the cost of retooling any current code.
 
The specifics of how you chose to implement this feature are as varied as the infrastructure of your company, but the benefits of now being able to reuse .NET developed code inside of SQL server is a great way to reduce total cost of ownership in a measurable way.

- Ed Dressler, SQL Server Expert; CTT+, MCDBA, and MCITP LinkIn with Ed

Bookmark and Share

IT security is not just for big business...

Yesterday in the Financial Times was a report on the current issues surrounding Cyber Security.  The report had many articles on current attacks to large enterprises and what we can can expect in 2011 (download the report here).  One of the articles titled "Market chaos leaves small businesses as primary target",  mentions an all too familiar issue with small to medium size businesses, the “accidental IT guy – or gal."

Small and medium size businesses sometimes have a person in charge of any IT issues that are put in that position because there is not a qualified person on staff or the duties just sorta of fall in their lap.  Whatever the reason, the network then becomes vulnerable to cyber thiefs because they know the network may not be secure and an easy mark for an attack.

Due to the current fiscal crisis that a lot of small and businesses are growing through, IT security is usually put on the back burner.  This usually leads to a vulnerable network, that a hacker may be able to attack and steal either data or financial information.  Think about it, why would hackers try and go after a large enterprise with its security when it could go after a small or medium size business's unprotected network?  If your business is collecting and type of data or financial information, your company is vulnerable.  This is a growing problem and one that needs to be addressed if you want to protect your business.

What is the answer to this growing problem?  Small and medium size business's need to have a trained IT security person on their staff or hire a  security consultant to do a security audit for the whole company and a penetration test to ensure all vulnerabilities are addressed and countermeasures are in place.

In this day and age the worst thing a business can do is ignore a cyber threat because they think "It won't happen to our company."   You never know it may have happened already and you just don't know it.
If you have any questions on small or medium size business IT security, please feel free to contact me.


- Tom Pruett, Cisco & Security Expert; MCT, CTT+, CISSP, CWNA, CEH, CHFI, CCSI, CCNA, MCSE LinkIn with Tom

Bookmark and Share






Latest Security Events - Two Different Issues, Same Result

In the past week 2 companies have been hit with security breaches regarding unauthorized access. Although both incidents are different in the mode of attack the outcome is still the same, unauthorized access causing downtime and loss of integrity in a system which in the long run will have more of a financial impact.

First Lockheed Martin is hit with authorized access surrounding the use of remote server access by employees using RSA token system. Right now Lockheed Martin is reporting that a remote server was hacked into and that the hacker gained access to a system by possibly using an RSA token. This is significant because RSA in March reported a security breach and that possibly tokens were stolen. Could a hacker have used a stolen token to access Lockheed Martin or could a Lockheed Martin employee token been stolen and used to gain access? The answer is not clear and we may never know. However swift action by Lockheed Martin's cyber-security unit prevented any more unauthorized access or breach of data.

Second, PBS reported thier website was defaced by hackers because of the airing of the "Wiki Leaks story" last week. The hacking group claimed they were upset over the show and decided to show PBS the power of a hacking group. The website was restored and new security measures were added to prevent this type of attack in the future.

So what do these two different security breaches have in common? Both show what happens when "a threat + a vulnerablity = a breach." It can be assumed that Lockheed Martin, the largest supplier of military airplanes, has very good security. PBS, well since they are a non-profit company, they might not have the tightest security. Both Lockheed and PBS remind us that no matter what your company, vulnerabilities have to be addressed or eventually your company will either have a major disruption or downtime.

- Tom Pruett, Cisco & Security Expert; MCT, CTT+, CISSP, CWNA, CEH, CHFI, CCSI, CCNA, MCSE LinkIn with Tom

Bookmark and Share