Barracuda Neworks makes a fine line of inbound (and outbound?!) SPAM filters deployed in-line with your email server and the outside world. These devices provide a web interface both for management and configuration as well as for end-users to trawl through suspect quarantined e-mail searching for treasure. You can see how the device is performing under its current load right from the front page of this built-in website and then it can also send scheduled e-mail messages with various statistical reports. Unfortunately, what it does not do, is alert you of odd behavior in any meaningful pro-active way. After all, who has time to read through all those daily statistics reports from all their devices?!

The obvious answer to this problem then is to monitor the device through our facorite Open Source monitoring platform, Zenoss but that is where we run into a glitch. It turns out that Barracudas cannot be probed with SNMP, the standard way such devices are probed until you get to the 400-series and even then, the exposed MIB is not an enterprise specific one with Barracuda goodies but just the generic OS one, courtesy of the underlying Linux engine. Ah, you say, but doesn't Barracuda make a REST-based API available? Well yes, they do, but now we're writing a command based datasource and even then, this feature is not available until the 400-series and up.

Read on to learn how PBnJ Solutions built a Zenoss ZenPack to monitor Barracudas from the 200-series on up, now allowing everyone to not only get an alarm when the inbound queue is overflowing but also collect some great SPAM statistics over time.

ComputerWorld has come out with its set of predictions for security related incidents likely to make headlines in 2004. Especially telling is their statement that "Many will begin to understand that the problem isn't with the technology, it's with the people!", something us technology people have been trying to get across for years. What makes anyone think 2004 will be any different?

Both USB ports and free access to each and every IM service do nothing to remind employees that the computing resources and data they manipulate on a daily basis belong to the company, not them. Yes, it is a people problem when these tools are used to carry confidential data into the wrong hands, but how do you reinforce this message and how do you remove temptation?
On the IM front we might see companies use internal messaging systems such Jabber and Sametime. USB ports are not so easy to control especially since these USB drives are so small and easily hidden. Perhaps some vendor will come up with a way to control allowable devices by vendor id and product code? For example, this could easily be part of the TrustedCore efforts put forth by Phoenix Technologies' cME project. (Unfortunately this project's design appears to be extremely Windows-centric and it is not clear whether any OSS can make effective use of it.)

And so, as usual, efforts are already underway to come up with technology-based solutions for what ComputerWorld so accurately pointed out, are really people problems...
Some things just don't change!