February 2007 Archives

Today, I successfully defended my PhD thesis Access Control and Service-Oriented Architectures. I would like to thank everyone who attended the defence for being there.

The introduction (Lekenpraatje) is available over at Google.

Het Lekenpraatje dat ik gehouden heb voorafgaande aan de verdediging van mijn proefschrift Access Control and Service-Oriented Architectures is verkrijgbaar bij Google.

Voor degenen die morgen bij mijn verdediging aanwezig willen zijn heb ik een aantal handige tips:

1. We beginnen om 14:00 in de Aula van de Universiteit met een "lekenpraatje". Dit is een korte introductie, in begrijpelijke taal, over het onderzoek dat ik gedaan heb. De daadwerkelijke verdediging begint om 14:15. Zorg op tijd te zijn!

2. Bij de Aula zijn ook toiletten, een garderobe en een koffiekamer.

3. Meteen na afloop van de verdediging zal er een receptie worden gehouden.

4. De UvT is goed bereikbaar per auto of trein.

5. De Aula is te vinden in het Cobbenhagegebouw (Gebouw C). Wanneer je parkeert aan het parkeerterrein aan de Westzijde (Warandelaan), dan loop je het terrein op via de slagboom en ga je het eerste gebouw aan je rechterhand binnen. Steek de hal schuin naar links over en loop door de Glazen Gang. De Aula ligt aan het einde van de gang aan je rechterkant.

6. Er is ook een plattegrond van de Universiteit beschikbaar.

7. In geval van vragen, dan is het centrale telefoonnummer van de UvT 013-466 9111. Lou-Anne en ik zullen onze telefoon waarschijnlijk niet opnemen.
   

Just a quick reminder: I will be defending my PhD thesis, titled Access Control and Service-Oriented Architectures this Wednesday at 2pm in Tilburg University's main Auditorium.

The defence will commence at 2pm with a "Introduction for Laymen" and the actual defence will take place from 2.15pm-3.00pm. Immediately after the ceremony, there will be a reception.

If you have not received a copy of the book, or if you did not get an invitation, and you would like to attend, please feel free to do so. I will make sure that I have some copies with me. If you are unable to attend and you would like to receive a copy of the thesis, please contact me, and we will work out the logistics.

While working on a product selection as part of a larger SIEM contract for a client, we put out price requests to a number of vendors that had made it to our shortlist. We asked pricing for a very specific piece of hardware and requested an indication of the expected maintenance and operations costs of their solution.

A few days after the request was sent out, I got a phone call of one of the companies. In it, the representative stated that "just selling hardware" was against their policy and that the product that we were asking for was so complex that it could only be deployed successfully if it was accompanied by a full consulting track.

I politely told the person that he might be right, and that I would be the consultant doing just that, thank you. I also recommended him to give us a price based on what we asked for, and that he should leave out the rest.

Much to my surprise, the company responded to the request by giving us a full-fledged project proposal for a full consulting track, which including some of their most senior people. As expected, the consulting would amount to about 5 times the price of the hardware that we asked for.

What is this about? Is it an attempt to project acquisition? Did the guy not listen? Does he really think that the product is so complicated that they are the only ones who can successfully deploy it? If so, why would we choose that product in the first place?

I am currently involved in a product selection process for a client. One of the products that made it to the shortlist is the Cisco Monitoring, Analysis and Response System, also known as CS-MARS.

Apart from the functionality that the machine offers, I have to say that I am very impressed with Cisco's customer service in the pre-sales phase, but even more with the fact that they have all documentation of their products publicly available on their web site.

On top of that, the documentation is of a very high quality and actually contains the information that I need for formulating and substantiating my advice and for completing my global technical design.

Compliments to Cisco! The only point of improvement is the fact that the structure of their web site leaves to be desired.

Maybe I wasn't so far off when I wrote my master thesis (and the subsequent scientific article) back in 1997 after all :)

The job on which I am currently working involves designing an architecture for a centralized logging and auditing system for heterogeneous environments. Now that the global functional architecture is nearing completion, I am listing product criteria and I am working to a short list of vendors and products that we will consider. On the list are GFI's EventManager, Cisco's Mars appliance and possible NetIQ's Security Manager.

All three products are basically capable of doing the same thing: they can collect log data from several sources (Event Logs, Syslog, SNMP traps, flat file) and understand a lot of the data provided via those mechanisms.

While I have been less than positive about Microsoft products, I am slowly revising my opinion. I still prefer Unix platforms for developers, but for office environments, Windows is really not as bad as I thought it was before.

I think there are two main reasons why I am honing my opinion:

1) I have never worked in a Windows-only environment.

2) I was never aware of products, such as MOM, SMS, etc.

I'll post a wrap-up of the functional design when it is ready and the company that I work for has given the green light.