Archive for March, 2013:

Avaya willing to share customers with Cisco, Microsoft in three-way networking battle

Avaya CEO says company debt woes are under control

Avaya unified communications products can get along with Microsoft’s Lync Server, and many customers will probably choose to deploy both rather than just one, says Avaya’s CEO.

Despite what he sees as shortcomings of Microsoft’s real-time communications platform, businesses will see value to some of its features, and supplement those with products from Avaya, says Avaya chief Kevin Kennedy.

“Are they a full replacement for a phone system as you think about a phone system in the past? The answer is no,” Kennedy says. “Are they a full replacement of room-based videoconferencing system today? The answer would be no. Are there many things that you would have to add, to integrate with it, to make it a full system? The answer is yes.”

Nevertheless customers faced with using Lync Server for some of its features such as instant messaging may deploy other features such as voice calling in certain circumstances, directly competing with Avaya products, Kennedy says. This despite Avaya’s 50% lower consumption of network bandwidth, he says.

“The real reality is customers and employees will decide what tools they want to use, and it won’t be just one tool,” he says. “I actually think in many cases with many customers we will end up being a complement to Microsoft and Lync.”

It’s not just Microsoft that Avaya expects to share customers with, and with that in mind Avaya is embracing open standards for its UC products, “because we believe all of the answers are unlikely to come from any one company. If you want an application that can distribute an SMS to every device that you own vs. just one, well a company may want that and a company may get that from someone else other than Avaya – Microsoft, Cisco.”

Those two competitors have deep pockets that enable them to enter markets for the long-haul and ramp up sales slowly, he acknowledges, but Avaya can hang with them. “I think being one of three is a great thing,” Kennedy says. “In some sense that’s organizing for an industry, and as I further stated I think it will not be a single-vendor or a single-application, winner-take-all type of environment. As long as we continue to innovate and offer a proposition that is fundamentally different there will be a healthy place for us.”

Kennedy’s comments came during a one-on-one interview with Network World at Enterprise Connect 2013 last week. At the conference analyst Peter Hale of MTZ Ltd. said Avaya had lost market share in IP telephony to Cisco between 2011 and 2012, winding up with 12% to Cisco’s 18%.

That in part was due to paying more attention to large customers and losing smaller businesses customers, Kennedy says. “After we did the Nortel acquisition (2009), on both the contact center and the unified communications side our low-end and mid-market offerings became stale, and we were more focused on the high end.”

But with the advent of a new single-server phone system, IP Office, Avaya has started to come back. “…[T]he good news is we’re on a new product cycle, and [IP Office] that is so competitive is one of the reasons that we’re winning again.”

Kennedy says that Avaya’s recently restructured debt should keep the company clear of a cash crunch through 2017 at the earliest and enable it to continue updating its products.

The company owes $6.075 billion in long-term debt and scored an $85 million net loss during the last three months of 2012, according to the company’s latest 10-Q report to the Security and Exchange Commission.

He says that despite the stark terms of the refinancing, customers shouldn’t worry about its effects on actual products. “I would argue that through public information it is very clear that debt restructuring does not translate to an issue in product continuity. In fact it’s quite the opposite because that’s the only value to be protected,” he says. “That being said, gross margin, the ability to service debt has improved over the last five years.”

The company filed last June to sell public stock in the company but that initial public offering has stalled. He says he expected to seek an IPO in 2013, but the owners of the company, Silver Lake and TPG Capital, wanted to file earlier. “I think we filed in June and by August it had become a very dubious market and it was not optimum for us to go out,” he says. “Again, owners will make those decisions. They’re very clear for me to stay focused on improving the products, and that’s what I do.”

Meanwhile Avaya is benefitting from its 2009 purchase of Nortel’s enterprise network infrastructure gear and its customers, he says. “We’re taking over the management of their infrastructure directly. That’s a recurring revenue stream that becomes new to us as we take those contracts,” he says.

That infrastructure in combination with Avaya voice gear gives customers resources to debug networks that other vendors can’t match, he says. Customers who have Nortel equipment and choose to upgrade to the next generation choose Avaya to manage the transition.

He says Avaya supports BYOD programs with its Flare collaboration/presence/email/voice client and one-X mobile voice client or iPhones and Android devices. In addition, the company activates two softphones on PCs for every phone handset it sells, a dramatic change from four or five years ago when most sales were for hard phones.

Avaya’s Identity Engines portfolio also helps BYOD programs by setting aside virtual LANs for certain categories of users and making it easy for personally owned devices to access limited portions of corporate networks. “My real point is BYOD is not just a video or a unified communications client story it is also married into the ease with which we can help people do BYOD as an overlay into your networking environment,” Kennedy says.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at



Continue Reading

Microsoft MCSD Certification Training

Companies around the globe are on constant lookout for ways to increase efficiency, provide higher quality products, expand their client bases and enhance workforce productivity. Microsoft Certified Solution Developer (MCSD) training can help dedicated IT pros build the applications, architectures and network integrations that help drive businesses toward their operational goals.

What does MCSD training cover?

MCSD certification requires students to successfully complete exams in four assigned disciplines and one elective, making a total of five necessary tests. The disciplines and electives span:

Web applications development — students choose between Visual Basic .NET and Visual C# as their application development concentration
Windows applications development –the same option applies as in the previous discipline, either Visual Basic .NET or Visual C# development tracks exist
Web services and server components — students choose their preferred programming language and develop in the .NET framework
Solution architecture–this discipline carries only one exam, which tests students on defining .NET solution architectures and analyzing their requirements
Electives–three exams in this section are still active; students can choose between business process and integration solutions, e-business solutions, or Microsoft SQL server implementation and maintenance.

Many of the exams required for MCSD training have been retired by Microsoft, but those who previously passed the retired examinations will still be able to count them toward an MCSD certification. The company’s MCPD (Microsoft Certified Professional Developer) cert features newer technologies such as Visual Studio 2010 and Windows Azure.

MCSD training upgrade paths

After completing Microsoft solution developer certification, professionals can go on to earn further credentials, using their MCSD certification as a stepping stone. Microsoft Certified Technology Specialist (MCTS) certification can be earned with just two more exams after MCSD training, and the MCPD credential takes just one further exam after MCSD certification is complete.

Microsoft solution developer certification and the career market

The 2011 IT Skills and Salary Report produced by IT Training firm Global Knowledge, lists MCSD credential holders as earning a median annual salary of $85,500 during the survey period. What’s more, the Bureau of Labor Statistics (BLS) reports that job opportunities for computer software engineers and computer programmers are expected to grow by 21 percent between 2008 and 2018, with a particularly high rate of 34 percent growth in the applications development sector.

The BLS also publishes employment and mean annual salary figures for applications developers in numerous industries and various geographical locations. The following industries offered the highest employment rates for careers that make use of MCSD training as of May, 2010, according to the BLS:

Computer systems design and related services: 173,730
Software publishers: 40,300
Management of companies and enterprises: 27,040
Insurance carriers: 19,000
Computer and peripheral equipment manufacturing: 13,970

The state of California paid its 78,150 applications developers a mean wage of $102,280 in 2010, with Massachusetts and Virginia close behind at $98,400 and $96,510 respectively.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at

Continue Reading

Industry coalition objects to Google’s domain names applications, which is backed by Microsoft, Nokia and Oracle, said Google could get a competitive advantage from generic industry terms

An industry coalition with backing from Microsoft, Nokia and Oracle has objected to Google’s application for certain top-level domain strings. said it has filed objections with ICANN (Internet Corporation for Assigned Names and Numbers) over Google’s applications for generic top-level domain (gTLD) strings including “.search,” “.fly” and “.map.”

By accepting Google’s application, ICANN will enable the search giant to gain an unfair competitive advantage against other members of the community “through the improper grant of a perpetual monopoly of generic industry terms to a single company.”

Google, which controls over 79 percent of search queries in the U.S. and over 90 percent market share in Europe, doesn’t need more help against its competitors by giving it control over who gets access to new domain names, FairSearch said on Tuesday.

The industry coalition lobbies policy makers following what it describes as “growing evidence that Google is abusing its search monopoly to thwart competition.”

ICANN’s policy to open generic domain names to private parties has already attracted criticism from other fronts.

Publishing industry groups and bookseller Barnes & Noble have, for example, objected to’s application for top-level domain strings, including for “.book” and “.read.”

In its application for the “.book” gTLD, Amazon wrote that “.BOOK will be a single entity registry, with all domains registered to Amazon for use in pursuit of Amazon’s business goals.” There will be no resellers and market in “.book” domains, and Amazon will strictly control the use of “.book” domains, it added.

Placing generic domains in private hands is anticompetitive, and will allow already dominant, well-capitalized companies to expand and entrench their market power, Scott Turow, president of Authors Guild in New York, wrote in a letter to ICANN.

Google has applied for a large number of gTLDs including some related to its existing brands.

Specific new strings do not have inherent value from which applicants can derive competitive advantage, as Internet users tend to use the topAlevel domain names they are already comfortable with, particularly “.com,” Google wrote in a letter to ICANN earlier this month. A new gTLD operator will need to make significant investments to raise awareness of the TLD, and persuade users to make use of the new domains, it added.

Google has, however, said in the letter that it has identified four of its current single registrant applications that it will revise: “.app,” “.blog,” “.cloud” and “.search,” as these have been identified by governments and others in the community as being potentially valuable and useful to the entire industry.

“We also believe that for each of these terms we can create a strong set of user experiences and expectations without restricting the string to use with Google products,” it added, leading to speculation that the company may agree to open up these four domains to non-Google products.

“It’s possible that Google could access the data that flows over any other website who asks to register under a gTLD owned by Google, giving it even greater advantage over all other companies on the Internet,” FairSearch said. Google did not immediately comment on FairSearch’s objections before ICANN.


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at


Continue Reading

70-236 test questions

An overview of the Microsoft 70-236 course through studying the questions and answers. A preview of actual Microsoft 70-236 test questions Actual correct Microsoft 70-236 answers to the latest 70-236 questions Our Unlimited Access Package will prepare you for your exam with guaranteed results, surpassing other Microsoft 70-236 Labs, or our competitor’s dopey Microsoft 70-236 Study Guide. Your exam will download as a single Microsoft 70-236 PDF or complete 70-236 testing engine as well as over 1000 other technical exam PDF and exam engine downloads. Forget buying your prep materials separately at three time the price of our unlimited access plan – skip the Microsoft 70-236 audio exams and select the one package that gives it all to you at your discretion: Microsoft 70-236 Study Materials featuring the exam engine.

MCTS Certification, MCITP Certification


Microsoft Certification, Microsoft Examand over 2000+
Exams with Life Time Access Membership at

Skip all the worthless Microsoft 70-236 tutorials and download 70-236 exam details with real questions and answers and a price too unbelievable to pass up. Act now and download your Actual Tests today! Difficulty finding the right Microsoft 70-236 answers? Don’t leave your fate to 70-236 books, you should sooner trust a Microsoft 70-236 dump or some random Microsoft 70-236 download than to depend on a thick Microsoft 70-236 book. Naturally the BEST training is from Microsoft 70-236 CBT at Certkingdom – far from being a wretched Microsoft 70-236 brain dump, the Microsoft 70-236 cost is rivaled by its value – the ROI on the Microsoft 70-236 exam papers is tremendous, with an absolute guarantee to pass Microsoft 70-236 tests on the first attempt.

Continue Reading

NotCompatible’ Android malware rears its ugly head, again

NotCompatible’ Android malware rears its ugly head, again
Mobile security vendor Lookout says Android malware is showing signs of sudden activity

The “NotCompatible” malware, designed to infect Android devices and turn them into unwitting Web proxies, is suddenly showing a sharp uptick in activity, according to mobile security vendor Lookout.

The malware is essentially a simple network proxy, which pretends to be a system update in order to get unwitting users to install it. The idea seems to be gaining access to protected networks through victims’ infected Android devices. It was named for its apparent command-and-control server, at

Last weekend saw the number of detections for NotCompatible rise to 20,000 per day as of last Sunday and Monday, wrote researcher Tim Strazzere, who said that the malware had been largely dormant since it was discovered in May 2012.

But while the initial discovery saw the malware being installed by hacked websites, the latest wave of NotCompatible is being spread by email spam. The usual subject line is “hot news,” and the infected messages appear to contain links to fake weight-loss articles.
NotCompatible malware
Credit: Lookout Security
The hacked Web page that can contain the NotCompatible malware.

“Depending on the user’s Android OS Version and browser, they may be prompted about the download. Many stock browsers will transparently trigger a download to the device /Downloads folder whereas Chrome displays a confirmation dialog,” wrote Strazzere.

Lookout said there is little chance of direct harm to infected devices, and victims must allow NotCompatible to be installed for it to function, further minimizing the overall threat to the majority of Android users. The best advice for safety is simply to never allow any .apk whose provenance you’re even a little bit unsure of to be installed on your phone.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at



Continue Reading

Microsoft MCSA Certification Training

The pros know: When it comes to boosting resumes and displaying skills, not all certs are created equal.

Many IT experts stress the fact that some accreditations are more valuable than others in today’s market. Though technologies constantly evolve and new certifications frequently become available in specific areas, the importance of holding basic credentials shouldn’t be overlooked.

Microsoft Certified Systems Administrator (MCSA) certification is among a handful of IT building blocks many professionals rely on to display their skills working with systems running Windows Server operating systems.
Market share boosts MCSA certification’s value

According to an early 2011 report from Network World, nearly 90 percent of all computers worldwide run on a Microsoft operating system. With such a vast percentage of the market using Windows, IT professionals with strong accreditations from Microsoft, including MCSA certification, are likely to be important players on any technology team.
Why the MCSA certification works for IT pros

According to Microsoft, the MCSA certification “helps enable IT professionals to demonstrate their ability to administer network and systems environments with Windows Server 2003-based business solutions.” It can be thought of as a stepping stone to the MCSE (Microsoft Certified Systems Engineer) and other certs.

Though Windows Server 2003 might sound like a dated operating system–indeed, official mainstream support from Microsoft ran out in July 2010–it’s important to be aware of the software’s staying power in world markets. Just as, according to a May 2011 report from Tech Spot, 53 percent of all PCs run Windows XP, many businesses have found no reason to replace their Windows Server 2003 platforms with Windows Server 2008 or 2008 R2 as of yet. That said, for newer technologies such as Windows Server 2008 or Exchange Server 2010, Microsoft recommends pursuing the MCITP (Microsoft Certified IT Professional) title.

According to Microsoft, IT pros eligible for MCSA candidacy typically have “one to 12 months of experience in working with a desktop operating system, a network operating system and an existing network infrastructure.” For most professionals, MCSA certification can be obtained after earning passing marks on four tests.
MCSA certification makes a difference in the job market

Microsoft boasts that workers who hold its certifications are valuable members of any IT staff, claiming, “Training and certification are necessary to maintain a high level of performance.” The company says that 63 percent of higher-level managers believe that certified individuals are more productive on the job and that certs authenticate relevant skills.

Earning MSCA certification might make a bigger paycheck a reality, too. According to information updated in May of 2011 from, annual salary for an IT manager with MCSA certification typically ranges from $55,900 to $85,817.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at


Continue Reading

Demand for IT security experts outstrips supply

Employers will pay more for certified — and experienced — IT security pros, studies find

Demand for information security experts in the United States is outstripping the available supply by a widening margin, according to a pair of recently-released reports.

A report from Burning Glass Technologies, which develops technologies designed to match people with jobs, shows that demand for cybersecurity professionals over the past five years grew 3.5 times faster than demand for other IT jobs and about 12 times faster than for all other jobs.

Burning Glass said its report is based on a study of job postings for cybersecurity professionals placed by U.S. businesses and government agencies over the past five years.

In 2012, there were more than 67,400 separate postings for cybersecurity-related jobs in a range of industries, including defense, financial services, retail, healthcare and professional services. The 2012 total is 73% higher than the number of security jobs posted in 2007, Burning Glass said.

By comparison, the number of job postings for all computer jobs grew by about 20% between 2007 and 2012. Posting for all jobs grew by only 6% during the period.

The two most sought-after jobs by employers were information security engineers and security analysts. Close to one in three of all computer security jobs advertised last year were for information security engineers. Nearly 25% of the job postings were for security analysts.

Demand for cybersecurity professionals was especially strong in Baltimore, Dallas, Atlanta, Denver, San Diego, and Richmond, Burning Glass noted.

The number of cyber security jobs in each of those cities increased by more than 100% between 2007 and 2012. Large defense contractors and IT firms appear to have driven the demand increases in all of the cities except Atlanta.

Matt Sigelman, CEO of Burning Glass Technologies, said the soaring demand for information security professionals suggests that enterprises and government agencies are putting a lot more money and effort into protecting their data against attacks and compromise.

“The other thing that jumps out at me is the question of whether there is sufficient supply in the market to meet this demand,” Sigelman said.

For instance, over the past two years the number of jobs requiring a Certified Information Systems Security Professional (CISSP) certification has jumped from 19,000 to more than 29,000. “When you see 10,000 new job postings in a two-year period in a field that has just over 50,000 CISSPs, there is a question of availability,” he said.

Another indication of the increasing difficulty U.S. employers face in finding qualified information security professionals comes from their job posting behavior. Employers typically have to repost or duplicate security job posts almost 35% more often than other IT job to find someone qualified, according to Burning Glass.

“Posting behavior suggests the possibility of a particular shortage of managers and analysts with cyber security expertise,” Burning Glass noted in its report.

Julie Peeler, director of ISC2 Foundation, the developer of the CISSP program, said there is no doubt that soaring demand is exacerbating an already difficult demand and supply situation for security experts.

Ove the next year, Peeler estimated that there will be a need for 330,000 more IT security professionals worldwide. It’s not clear that close to that many new professionals are graduating each year, she said.

A recent ISC2 Foundation survey of some 12,000 information security professionals worldwide found that a shortage of talent has had a dramatic impact on the ability of organizations to defend against or recover from a cyberattack.

“[The shortage] is causing a strain on the existing workforce,” Peeler said. “They are having to work harder and longer hours.”

More than half of the respondents to the ISC2 survey said the shortage is the ability of their organizations to defend against cyberthreats, she said.

The growing shortage has meant better salaries for information security professionals compared to many other IT jobs.

According to Burning Glass, cybersecurity jobs on average offer a premium of about $12,000 over the the average for all computer jobs — the advertised salary for cybersecurity jobs in 2012 was $100,733 versus $89,205 for all computer jobs.

People with security certifications appeared to be getting a modestly higher salary, the Burning Glass report found. In many cases, companies appear to require security certification as a way to filter experienced candidates from the non-experienced ones, Sigelman noted.

“Demand is high, but demand in and of itself does not create opportunity” for everyone, cautioned Roger Cressey senior vice president at Booz Allen Hamilton.

While it is true that employers are looking for more information security professionals than ever, they only want workers with long experience in areas like network security governance, policies and procedures. “You got to have the right skills set” Cressey said.

He noted that U.S. universities today are not training enough people to deal with the explosive growth in demand for IT security specialists.

Pete Lindstrom, an analyst with Spire Security cautioned against “irrational exuberance” on the IT security job market. “The need for security professionals should not be a cause for celebration. I worry that it is more emotional reaction than warranted pragmatism,” he said.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at

Continue Reading

14 dirty IT tricks, security pros edition

The IT security world is full of charlatans and wannabes. And all of us have been “advised” by at least one of them.

All you want in an IT security consultant is expertise, unbiased advice, and experienced recommendations at a reasonable price. But with some, you get much more than you bargained for.

For example: Big-ticket items that solve tiny problems you don’t have. Surprises about the feature set after you’ve already signed the dotted line. Disregard for your deadlines or what happens to your systems once the work is done.

It’s often challenging to see the shady practices coming. After all, those who employ them sometimes work for the most prestigious firms, have the friendliest handshakes, express compassion for your security woes. Some aren’t even malicious; they just don’t know how to efficiently solve your problems.

Here are 14 dirty IT security tricks to be aware of before you bring in that outside consultant or vendor. If you have experienced one of these or have another to offer, share it in the comments.

Dirty IT security consultant trick No. 1: Feigning practical experience
A funny TV commercial once depicted a couple of tech consultants getting nervous when asked to help deploy the solution they just designed. “Hey, we’re only consultants!” they retort.

Like most “Dilbert” cartoons, there’s more than a little bit of truth at work here: Many consultants have never deployed the solutions they are selling.

We’ve all encountered this ploy, either in the form of an outright lie about hands-on experience or just an IT consultant who is less forthcoming than they should be about how often they roll up their sleeves and get work done.

If you want to avoid consultants who employ this trick, just ask, “How many times have you implemented the specific solution you are recommending right now?” Then follow it up: “Can I have references?”

Dirty IT security consultant trick No. 2: Proposing one solution for all
Some IT security consultants are all too ready to describe their solution as the one solution you’ve been waiting for to solve all (or most) of your IT security problems.

Not that they take the time to even listen to your problems. Their eyes glaze over anytime they aren’t actively speaking. They can’t wait to interrupt you to start in again about this wonderful solution they’ve brought to you in the nick of time.

There’s just one problem: None of the consultant’s past customers has solved all their security problems.

When you ask a consultant employing this tactic whether prior customers solved their security issues, he’ll say yes. When you ask for customer references, he’ll look surprised, give you caveats, and push you not to call them. If you do call and find out the truth, wait to hear the consultant claim the installation failed because the customer didn’t implement the solution the way he told them to, customized it too much, or simply didn’t listen to him.

Don’t be fooled by claims of incompetence when it comes to previous customers.

Dirty IT security consultant trick No. 3: Knowledge bluffing
How many times has a consultant claimed to be an expert in a particular area, only to have their bluff unmasked because they muff the correct use of technical terms?

Sometimes you don’t even have to dig too deep or ask them anything technical. One of my favorite encounters with this particular practice was when a “certified novel expert” showed up to help my company with its Novell network. I kid you not. The guy claiming to be the master at a particular technology couldn’t even pronounce the name correctly. It’d be funny if it weren’t so embarrassing.

Dirty IT security consultant trick No. 4: Full-court sales press
Rushing decisions reeks of recommended sales tactics. How many times have we heard this: “Hey, I’ll give you 20 percent off the regular pricing if you buy today, before the end of our quarter.”

It doesn’t bother your security consultant that it’s the 13th of the month and you’re thinking his company has a weird fiscal calendar. I don’t know about you, but whenever I’m offered a discount to buy by a particular day, I always wait until after the day and expect the same discount.

I’m sure buying early would help make their bonus bigger — but I don’t care about their bonus. I care about my company. If they want a bigger bonus, they better make me feel like I’m am an idiot for not implementing their product today. An appeal to their own financial gain is the least of my concerns, especially if I feel they’re trying to rush my thoughtful consideration.

Dirty IT security consultant trick No. 5: Eye candy
I don’t mind vendors bringing beautiful people to a sales meeting, as long as they’re knowledgeable about the product. But when these trophy salespeople are clueless about the offering and have little to no experience in the industry, they’re wasting a seat in the conference room.

Employing models at a security conference is one thing. But when we’ve moved beyond handing out brochures and have begun the product demo and question-and-answer session, it’s time to get serious. Sway me with knowledge and experience, not a pretty smile.

Dirty IT security consultant trick No. 6: Recommending tiny solutions to specific problems for big money
Ever have a consultant pitch you a new, whiz-bang product that’s just great at detecting XYZ? “It’s a complex issue that is hard to stop, but this product does it better than anything else.”

Before you sign up for this expensive, targeted solution, ask yourself two questions: Has your company been exploited by XYZ before, and is your company likely to be exploited that way in the future?

If the answer is no to both of these questions, then reconsider the purchase no matter how awesome the solution.

Dirty IT security consultant trick No. 7: Travel bribes
They come in and insinuate that if you buy their product they will be able to “recommend” you as a visitor to their annual conference meeting in some exotic locale: “Buy our expensive IPS and you’ll have a week in Maui coming up soon.”

Or they fund an expensive “networking” trip for you before you buy the product.

I can’t say I really hate this technique, even though what your consultant is suggesting is usually unethical and sometimes illegal. Who doesn’t want to visit a nice vacation spot, stay in a five-star hotel, and eat in restaurants they could never otherwise afford?

Of course, it always pisses off the consultant when you decide not to buy. When I get offered something that might be mistaken for a bribe, I think it’s best if I don’t buy any product, just so no one gets the wrong idea. But thanks for the trip!

Dirty IT security consultant trick No. 8: “One last thing”
I hate this trick most of all. The consultant brags and brags about a particular solution, even demos its awesomeness. It is awesome. You’ll take 10 of them. Then after you’ve convinced management to allocate the money to buy it, the consultant tells you a tiny fact that crushes all the advantages.

I’ve been told after signing a contract that the data storage I was shown in the demo, which I thought was part of the product, is extra. After signing a contact, I’ve been told the solution has a few bugs. Those bugs, it turns out, invalidated the product. I’ve been told, after the fact, that the solution doesn’t work as well on my wider enterprise, though the consultant was very familiar with my environment. I’ve had consultants leave out annual service costs, mandated upgrades, and all sorts of details that tipped what I thought was a good decision to become a bad decision.

And they tell you the new information with a smile.

Dirty IT security consultant trick No. 9: Ignoring your deadline
From the outset, you tell the consultant or vendor your drop-dead date for finishing a particular implementation or project. They work with you, gain your trust, and their solution seems perfect for your company. You place your order, and all of a sudden they don’t have a product, installers, or trainers that can fit your schedule. It’s hurry up and wait.

You wonder how they didn’t hear you repeatedly at the beginning when you asked if they could make the date expectations you were directed to meet. Their changing date forces you to make another purchase decision, eat into another budget, or reschedule a major vacation. It’s never fun.

Dirty IT security consultant trick No. 10: Promoting product — and getting kickbacks
We expect consultants to be impartial and to recommend the best solutions for our companies. Lots of consultants make extra money from their “partners” to push particular solutions. We get that. But pushing a product without telling you about the possible conflict of interest goes beyond the pale.

I remember one consultant, many years ago, who advised me on what networking equipment to buy. He didn’t tell me that he was getting a vendor kickback, and after we became “friends,” or so I thought, he tricked me into buying more network equipment than I could ever have used. It was enough network ports for three times the number of Ethernet runs I needed.

To this day I have memories of all that equipment, hundreds of thousands of dollars’ worth, sitting unused in a backroom storage area. It was my mistake. The consultant? He bought a brand-new boat that year.

Dirty IT security consultant trick No. 11: Knowingly recommending products that will be discontinued
Twice recently I’ve encountered customers who were lured into buying solutions just months before their end of life.

In one case, it was high-speed networking equipment. The other was a network access control solution. Each spent megadollars to deploy what ended up being a discontinued product. In one instance, the consultant later let it slip that he was suspicious the solution was going to be discontinued because he had heard all the developers were let go last year.

Isn’t that a tidbit you might want to know before making a buying decision?

Dirty IT security consultant trick No. 12: Saying one thing, signing another
One thing consultants are very good at is translating your needs into a vendor’s purchasing nomenclature. This is especially important when customizing or purchasing a partial solution. You want X of this and Y of that, and the consultant ensures these needs are met, cutting through any possible miscommunication.

Except when they don’t.

No matter how many times you’re told what you’re going to get, make sure it’s part of the contract. Too often, the product arrives, the project is supposed to begin, and something is missing — something expensive. The customer goes back to the vendor and finds out the consultant didn’t include a particular item on the contract.

The consultant will retort that they were clear about what was and wasn’t on the contract, even if you are dead sure what they said verbally was different. Then you have to come up with the additional budget to get what you want or otherwise scratch the entire project.

Dirty IT security consultant trick No. 13: Shortchanging accountability
Doctors take an oath to do no greater harm to their patients than when they first arrived. I wish consultants had a similar oath.

Too often consultants implement projects poorly, leaving their customers to endure service outages in their wake. Knowing that the only thing that changed in your environment was what the consultant just installed is of no consequence. That just moves the consultant to openly wonder whether something unrelated is causing the outage on the very system they messed with.

Insist on a contract that makes your consultant accountable for unexpected service outages due to no fault of your own.

Dirty IT security consultant trick No. 14: Consultants who make big changes before leaving
Lastly, my favorite consultant trick is the one where they make a major change just before they get on a plane home for the weekend or take an extended vacation. Sure, the resulting outage isn’t always their fault, but if you’re going to make big changes to an IT network, do it a few days before you skip town. Nothing is worse than having to leave multiple, unanswered emails and phone calls to a consultant while your user base is experiencing downtime.


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at

Continue Reading

Best Practices for SUN SCJP Certification Exam Preparation

Preparing for any Sun SCJP Certification is about STUDYING and PRACTICING (practicing code snippets). The two together gives sure shot success in the exam.

For Studying

There are some excellent books for SCJP 5 and SCJP 6 Certification, to get start. In addition to books, explore numerous other resources on the Web.

MCTS Certification, MCITP Certification

SUN Certification, SUN Exam and over 2000+
Exams with Life Time Access Membership at

To begin with:

•Make yourself familiar with Sun’s exam process, objectives, registration etc. See Sun’s SCJP page for details.

•Enrol to a SCJP forum to post questions, and reinforce your own understanding by answering other people’s questions.

•Take as many mock exams as possible. Use these to determine where additional study is needed, and as a guide to when you are ready.

Practice, Practice, and Practice SCJP

After you’ve prepared with appropriate books, browsed through the specifications, read tutorials, articles, and notes, all that’s left to do is practice both sample exam questions and codes. Choose programming exercises that help you focus on the exam objectives, and don’t avoid the stuff you’re afraid of. Better to make mistakes on your own time than in the exam itself.

Discussion forums

Another important piece in the SCJP certification preparation game is to belong to a study-group by enrolling in an online discussion forum. Several broad-based Java forums maintain threads about certification issues, and some are devoted solely to certification. In a forum, you can quiz your peers about their study techniques, learn about some of the lesser-known certification resources, get support when you’re stressed about the upcoming exam, and find out how others have fared in the effort to get certified.

Continue Reading

What’s the Business Value of SOA? Show It with KPIs

What’s the Business Value of SOA? Show It with KPIs

If you’re in IT, you’re being asked to add more business value than ever. In fact, today’s “CIOs are being asked to become drivers of the business while at the same time many are trying to replace old and inflexible infrastructures with modern and flexible ones,” according to InformationWeek’s Analytics 2009 Global CIO Survey. This report adds that “across the globe CIOs are fighting the stubborn perception that IT in general-and CIOs and their teams in particular-are cost centers rather than creators of value and accelerators of innovation.” Does this sound familiar? Whether you already have an SOA in place-or you’re just getting started with SOA-it is essential to prove business benefits.

Today, measuring cost and revenue impact as well as other SOA metrics is vital to any leading organization. Measuring the value and tracking changes to these metrics are critical as your SOA grows and its portfolio expands. Recent surveys from Forrester Research show organizations are increasingly implementing SOA as a business enabler. Furthermore, recent Gartner research concluded that:

More than 60% of organizations said their SOA projects had a positive impact on their organization’s ability to grow revenue; and
SOA projects generated positive returns…typically within 10 months


MCTS Certification, MCITP Certification

Best SOA Certification, SOA Exam at

A proven way to demonstrate an SOA’s business value is through Key Performance Indicators (KPIs). KPIs use a language your business colleagues understand: metrics. They give you the means to measure a return on your SOA investment and directly link SOA projects to real business improvements:

What KPIs you can use to start measuring SOA results
How leading organizations-Avnet, Coca-Cola Enterprises and France Telecom-measure how SOA contributes to business success
How Software AG can help you analyze and deliver on your SOA-based KPIs

Software AG, provides a complete solution for SOA Governance, CentraSite, that enables customers to manage their IT assets and measure their business value.

If you’re looking for an introduction to SOA, please read our book, SOA Adoption for Dummies.

Continue Reading

Microsoft MCDBA Certification Training

Microsoft MCDBA Certification Training

Database administrators continue to grow beyond the commodity status they developed in the early 2000s, now earning the opportunity to shape strategy at many large companies. Microsoft Certified Database Administrator (MCDBA) training helps MBAs learn how to convert their tactics into code, while helping DBAs support long-term platform migrations.

How MCDBA training enhances career value
According to the U.S. Bureau of Labor Statistics, database administrators often enjoy annual salaries above $66,000 and can expect consistently strong job prospects over the next 10 years. However, government statistics back up research by private analysts at Foote Partners, showing that database administrator certification on its own doesn’t automatically lead to instant career success. Salary surveys indicate that the highest paid DBAs blend their experience from other job roles with the kinds of skills developed during MCDBA certification programs.

For instance, a business professional with an MBA can use MCDBA training to understand the mechanics of the systems he or she uses to track a company’s information. Acting as a project manager or as a liaison between engineers and end users can result in significantly higher compensation than a peer would earn in a strictly administrative role.

Earning the database administrator certification
According to Microsoft, MCDBA certification targets professionals with one year or more of experience working with SQL Server and requires passing four separate exams:

Microsoft SQL Server Administration exam.
SQL Server Design exam.
Microsoft Windows 2000 Server or Windows Server 2003 exam.
One elective exam from a list chosen by Microsoft’s education team, usually involving .NET or network infrastructure.

As experienced DBA professionals have noted in trade magazines like InfoWorld and SQL Magazine, Microsoft has retired many of the required exams for the MCDBA certification. Professionals switching careers into an information technology specialty may only have the option to pursue a vendor-neutral database administrator certification program. However, seasoned networking and infrastructure experts with previous Windows credentials can use the MCDBA certification to formalize their database skills.
Advantages of MCDBA certification

Though most database vendors share common elements of the Structured Query Language in use since the 1970s, each software company adds its own refinements and enhancements over time. These “forks” result in database platforms that can feel familiar to administrators moving from one vendor to another, but still require specific training and experience. Microsoft released versions of its SQL Server in 2005 and 2008, while competitors like Oracle released their own versions of SQL platforms in the years since. Still, many of Microsoft’s enterprise customers remain committed to platforms for years, if not decades.

Microsoft Certified Database Administrator training offers the biggest benefits to professionals in companies that require support for custom MS-SQL installations. Many of these companies understand that they can prolong the useful lives of their databases by leveraging today’s faster hardware and cheap memory upgrades. Therefore, databases running on platforms dating to 2000 and 2005 are common in enterprise environments. After a glut of MCDBA professionals hit the market in 2005 and 2006, the certification continues to grow in value at companies that rely on legacy support or that want to prepare for migration to a newer platform.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at


Continue Reading

Follow Us

Bookmark and Share

Popular Posts