Security
Controlling in SAP S/4HANA
Mit diesem Buch meistern Sie die tägliche Arbeit im Controlling mit SAP S/4HANA! Anhand anschaulicher Beispiele leitet es Sie durch den Wertefluss im SAP-System: Sie lernen, wie Sie eine aussagekräftige Kostenstellenrechnung aufbauen sowie Ihre Produkte und Dienstleistungen kalkulieren. Außerdem erfahren Sie, was das Zusammenwachsen von FI und CO für Sie bedeutet und welche neuen Planungs-, Analyse- und Reportingmöglichkeiten Ihnen zur Verfügung stehen. Viele praktische Beispiele und Tipps unterstützen Sie dabei, die Möglichkeiten des Systems voll auszuschöpfen. Aus dem Inhalt: Stammdaten und OrganisationsstrukturenUniversal JournalGemeinkostencontrollingKostenstellenrechnungInnenauftragsrechnungProduktkostenplanungKostenträgerrechnungErgebniscontrollingDeckungsbeitragsrechnung Vorwort ... 13 Einleitung ... 15 1. Integration von Controlling und Finanzbuchhaltung ... 21 1.1 ... Verschmelzung des Controllings mit der Finanzbuchhaltung im Universal Journal ... 22 1.2 ... Verknüpfung von Stammdaten der Finanzbuchhaltung und des Controllings ... 24 1.3 ... Zusammenfassung ... 27 2. Organisationsstruktur in Controlling und Finanzbuchhaltung ... 29 2.1 ... Organisationsstrukturen in der Finanzbuchhaltung ... 30 2.2 ... Organisationsstrukturen im Controlling ... 38 2.3 ... Zusammenfassung ... 47 3. Werteflüsse in das Controlling ... 49 3.1 ... Schnittstellen zur Finanzbuchhaltung ... 49 3.2 ... Schnittstellen zur Materialwirtschaft ... 60 3.3 ... Schnittstellen zur Produktion ... 75 3.4 ... Schnittstellen zum Vertrieb ... 82 3.5 ... Zusammenfassung ... 91 4. Stammdaten anlegen und pflegen ... 93 4.1 ... Kostenarten ... 94 4.2 ... Bilanz-/GuV-Strukturen, Gruppen und Hierarchien für Kostenarten anlegen und pflegen ... 109 4.3 ... Kostenstellen gruppieren ... 113 4.4 ... Kostenstellen anlegen und pflegen ... 117 4.5 ... Leistungsarten anlegen und pflegen ... 129 4.6 ... Statistische Kennzahlen anlegen und pflegen ... 134 4.7 ... Innenaufträge anlegen und pflegen ... 137 4.8 ... Projekte anlegen und pflegen ... 150 4.9 ... Zusammenfassung ... 161 5. Gemeinkosten-Controlling ... 163 5.1 ... Kostenstellenrechnung ... 163 5.2 ... Innenaufträge ... 203 5.3 ... Zusammenfassung ... 270 6. Produktkosten-Controlling ... 271 6.1 ... Produktkostenkalkulation ... 272 6.2 ... Kostenträgerrechnung ... 349 6.3 ... Reporting im Produktkosten-Controlling ... 382 6.4 ... Zusammenfassung ... 404 7. Ergebnisrechnung ... 405 7.1 ... Einführung in die Ergebnisrechnung ... 406 7.2 ... Grundeinstellungen ... 413 7.3 ... Istwertefluss ... 450 7.4 ... Reporting ... 516 7.5 ... Predictive Accounting in SAP S/4HANA ... 524 7.6 ... Zusammenfassung ... 533 Anhang ... 535 A ... Glossar ... 537 B ... Transaktionen und SAP-Fiori-Apps ... 547 C ... Weiterführende Informationsquellen ... 553 D ... Die Autorinnen ... 559 Index ... 561
User Experience mit SAP
Benutzerfreundliche, anforderungsorientierte SAP-Oberflächen? Nichts leichter als das! In diesem Buch lernen Sie Methoden und Best Practices kennen, mit denen der Fokus der Entwicklung von Anfang an auf den Erwartungen der Anwender liegt. Die Autoren zeigen Ihnen, wie Sie mit SAP-Fiori-Design und modernen SAP-Technologien Anwendungen erstellen, die der digitalen Transformation in Ihrem Unternehmen den Weg bereiten. Aus dem Inhalt: User Experience, Usability und DesignUX-Fehlgriffe und was man daraus lernen kannKonzepte von SAP Fiori 3.0Methoden und TechnikenDesigngetriebene EntwicklungPrototyping, Umsetzung und EvaluationSAP Screen PersonasSAP Fiori ElementsSAP Mobile Cards und Mobile Development Kit (MDK)SAP Cloud Platform SDK for iOSSAP CoPilot und SAP Conversational AIAugmented Reality und weitere UI-Trends Vorwort ... 15 Einleitung ... 17 TEIL I Einführung ... 23 1. Was ist eigentlich User Experience? ... 25 1.1 ... User Experience, Usability und UI-Design ... 26 1.2 ... User Experience in Zeiten von Marken, Innovationen und Social Media ... 34 1.3 ... Zusammenfassung ... 36 2. Dos and Don'ts: Faktoren für gute User Experience ... 37 2.1 ... Drei Beispiele für User Experience und was man daraus lernen kann ... 38 2.2 ... Einflussfaktoren für User Experience ... 50 2.3 ... Gute User Experience ist kein Zufall ... 53 2.4 ... Zusammenfassung ... 58 3. SAPs Weg zur neuen User Experience ... 61 3.1 ... Rückblick: die Zeit vor SAP Fiori ... 61 3.2 ... SAP Fiori - SAP entdeckt User Experience ... 69 3.3 ... SAP Fiori 2.0 - die SAP S/4HANA User Experience ... 81 3.4 ... SAP Fiori 3 - konsistent, intelligent und integriert ... 88 3.5 ... Zusammenfassung ... 95 TEIL II UX-Strategie, -Methoden und -Techniken ... 97 4. Mit Experience Management zum intelligenten Unternehmen ... 99 4.1 ... SAP S/4HANA als Mittelpunkt der Intelligent Suite ... 100 4.2 ... Neuer Kurs für Ihre UX-Strategie ... 111 4.3 ... Zusammenfassung ... 119 5. Die passende UX-Strategie ... 121 5.1 ... Blaupause für den UX-Designprozess ... 122 5.2 ... Die Rolle des UX-Designers ... 131 5.3 ... Design Thinking und ein nutzerorientierter Designprozess ... 135 5.4 ... UX-Methoden ... 137 5.5 ... Stolpersteine umgehen ... 156 5.6 ... Zusammenfassung ... 159 6. Ein Blick in den SAP-Baukasten ... 161 6.1 ... SAP-UI-Technologien und UX-Werkzeuge im Überblick ... 162 6.2 ... SAP Cloud Platform ... 168 6.3 ... Wichtige UI-Technologien ... 172 6.4 ... Werkzeuge ... 180 6.5 ... Einstiegspunkte und Clients ... 184 6.6 ... Auswahl der richtigen UX-Technologie ... 188 6.7 ... Zusammenfassung ... 189 TEIL III User Experience gestalten ... 191 7. Klassische Transaktionen mit SAP Screen Personas transformieren ... 193 7.1 ... Einsatzszenarien und Zielgruppe von SAP Screen Personas ... 194 7.2 ... Mit SAP Screen Personas arbeiten ... 208 7.3 ... Praxisbeispiel: Redesign einer SAP-Transaktion für Instandhaltungsprozesse ... 222 7.4 ... Zusammenfassung ... 235 8. Vorgefertigte User Experience: SAP Fiori Elements und SAP Build ... 237 8.1 ... Einführung in SAP Fiori Elements ... 238 8.2 ... Entwicklung von Apps mit SAP Fiori Elements ... 255 8.3 ... Praxisbeispiel: Entwicklung einer Raumplanungs-App ... 271 8.4 ... Zusammenfassung ... 291 9. Eigene SAP-Fiori-Apps entwickeln ... 293 9.1 ... Standard oder Eigenentwicklung? Einsatzmöglichkeiten für SAP-Fiori-Design und SAPUI5 ... 294 9.2 ... Praxisbeispiel 1: High-Fidelity-Prototyping mit Axure RP und SAP Fiori Design Stencils ... 308 9.3 ... Praxisbeispiel 2: Design von SAP-Fiori-Apps für das Smart-Carrier-Projekt ... 316 9.4 ... Zusammenfassung ... 329 10. SAP aus der Brieftasche: SAP Mobile Cards und Mobile Development Kit ... 331 10.1 ... Einführung in die SAP Cloud Platform Mobile Services ... 332 10.2 ... Eine OData-Service-Applikation zur Datenanbindung anlegen ... 335 10.3 ... Mobile Cards entwickeln ... 340 10.4 ... Cross-Plattform-Apps mit dem Mobile Development Kit entwickeln ... 352 10.5 ... Praxisbeispiel: Gestaltung eines innovativen Prozesses zur effizienten Raumnutzung ... 362 10.6 ... Zusammenfassung ... 370 11. Eine mobile iOS-App: SAP Cloud Platform SDK for iOS ... 373 11.1 ... Besonderheiten der mobilen Entwicklung ... 374 11.2 ... Einführung in das SAP Cloud Platform SDK for iOS ... 384 11.3 ... Praxisbeispiel: Design einer Produktkatalog-App für iOS ... 409 11.4 ... Zusammenfassung ... 431 TEIL IV Design- und Technologietrends für die User Experience der Zukunft ... 433 12. Smarte Assistenten im Geschäftsumfeld: SAP Conversational AI ... 435 12.1 ... Conversational User Experience ... 436 12.2 ... SAP Conversational AI ... 439 12.3 ... Praxisbeispiel: Entwicklung eines Chatbots mit SAP Conversational AI ... 443 12.4 ... Von SAP CoPilot zu SAP Conversational AI ... 450 12.5 ... Best Practices für die Designphase von Conversational-UX-Anwendungen ... 452 12.6 ... Zusammenfassung ... 456 13. User Experience für Geschäftsanwendungen der Zukunft ... 459 13.1 ... Interaktion per Stift ... 460 13.2 ... Interaktion mit virtuellen Objekten ... 465 13.3 ... Zusammenfassung ... 486 A. Weiterführende Literatur und Quellen ... 489 B. Die Autoren ... 497 Index ... 499
Developing Inclusive Mobile Apps
By failing to consider those with needs different to ourselves, we are telling these people they are not welcome in our app, and therefore that technology as a whole, is not for them. This is not hyperbole—23% of people in the US with a registered disability aren't online at all, that's three times more likely than the general population. When asked why they're not online, disabled respondents say their disability prevents them or that using the internet is too hard.To help your apps combat the issue of digital exclusion, this book covers considerations and tools mobile developers, or anyone creating mobile experiences, can use to make mobile work better for those with disabilities—mental or physical—and how to create a better experience for everyone.Software is not made up of cold, unthinking algorithms. Software is a craft in the truest sense of the word, and one of the greatest tools you can have as a craftsperson is empathy for the people who will be using your app. Each one of whom is an individual with different abilities, experiences, knowledge, and circumstances.WHAT YOU'LL LEARN* Create mobile experiences that work for as many people as possible* Incorporate a worldview of accessibility and customer service into your design* Work with accessibility tools and techniques commonly available for developersWHO THIS BOOK IS FORMobile developers working solo or as part of a team. UX designers, quality engineers, product owners, and anybody working in mobile.ROB WHITAKER is an iOS software development engineer at Capital One UK with a passion for improving digital experiences for everyone. He actively observes how people use technology, and considers how we can all make those interactions better. Currently he’s working on a project to make the Capital One UK app the first mobile app certified by the RNIB (Royal National Institute for Blind People).Chapter 1: What is Accessibility?• Intro to accessibility - great accessibility is a great experience for everyone• Intro to disability - ie, its not all visual• Why mobile is the best for accessible innovationChapter 2: What is Digital Inclusion?• Brief history of accessible thinking• Inclusive design & the persona spectrum• EmpathyChapter 3: Accessibility Tools on Android• Brief overview of the accessibility features & tools built into Android. What these mean for users, and how to leverage them as developers• Including code snippetsChapter 4: Accessibility Tools for iOS• Brief overview of the accessibility features & tools built into iOS. What these mean for users, and how to leverage them as developers• Including code snippetsChapter 5: Ensuring good accessibility• User research• Testing with accessibility toolsChapter 6: Visual Impairments• Practical tips for improving the experience for people with visual impairments• Including code snippetsChapter 7: Motor issues• Practical tips for improving the experience for people with motor issues• Including code snippetsChapter 8: Deaf & Hard of Hearing• Practical tips for improving the experience for people with auditory impairments• Including code snippetsChapter 9: Anxiety & Mental Health• Practical tips for improving the experience for people with visual mental health issues• Including code snippetsChapter 10: Dyslexia, Autism and Learning Difficulties• Practical tips for improving the experience for people with learning difficulties• Including code snippetsChapter 11: Poor Digital Skills• Good accessibility is not just about disability, but ability too• What skills are essential for digital life, and how do we measure up• Practical tips for improving the experience for people with poor digital skillsChapter 12: Life Circumstances• Good accessibility is not just about disability, but people's circumstances too• How circumstances such as low income, poor education etc can affect your digital interactions• Practical tips for improving the experience for people with with difficult life circumstancesChapter 13: Age, Gender & Sexuality• Theres a huge gap in digital use between 18 year olds, and those aged 60+.• How do we make sure we're not prejudicing based on age or experience, gender or sexuality when creating softwareChapter 14: Internationalization
Cloud Debugging and Profiling in Microsoft Azure
Use this collection of best practices and tips for assessing the health of a solution. This book provides detailed techniques and instructions to quickly diagnose aspects of your Azure cloud solutions.The initial chapters of this book introduce you to the many facets of Microsoft Azure, explain why and how building for the cloud differs from on-premise development, and outline the need for a comprehensive strategy to debugging and profiling in Azure. You learn the major types of blades (FaaS, SaaS, PaaS, IaaS), how different views can be created for different scenarios, and you will become familiar with the Favorites section, Cost Management & Billing blade, support, and Cloud Shell. You also will know how to leverage Application Insights for application performance management, in order to achieve a seamless cloud development experience. Application Insights, Log Analytics, and database storage topics are covered. The authors further guide you on identity security with Azure AD and continuous delivery with CI and CD covered in detail along with the capabilities of Azure DevOps. And you are exposed to external tooling and trouble shooting in a production environment.After reading this book, you will be able to apply methods to key Azure services, including App Service (Web Apps, Function Apps,and Logic Apps), Cloud Services, Azure Container Service, Azure Active Directory, Azure Storage, Azure SQL Database, Cosmos DB, Log Analytics, and many more.WHAT YOU WILL LEARN* Debug and manage the performance of your applications* Leverage Application Insights for application performance management* Extend and automate CI/CD with the help of various build tools, including Azure DevOps, TeamCity, and Cake bootstrapperWHO THIS BOOK IS FORApplication developers, designers, and DevOps personnel who want to find a one-stop shop in best practices for managing their application’s performance in the cloud and for debugging the issues accordinglyJEFFREY CHILBERTO is a software consultant specializing in the Microsoft technical stack, including Azure, BizTalk, MVC, WCF, and SQL Server. He has enterprise development experience in a wide range of industries, including banking, telecommunications, and healthcare in the USA, Europe, Australia, and New Zealand.SJOUKJE ZAAL is a managing consultant, Microsoft Cloud architect, and Microsoft Azure MVP with over 15 years of experience providing architecture, development, consultancy, and design expertise. She works at Capgemini, a global leader in consulting, technology services, and digital transformation.GAURAV ARORAA is a serial entrepreneur and startup mentor. He has a MPhil in computer science, and is a Microsoft MVP award recipient. He is a lifetime member of the Computer Society of India (CSI), an advisory member and senior mentor of IndiaMentor, certified as a Scrum trainer/coach, ITIL-F certified, and PRINCE-F and PRINCE-P certified. He is an open source developer, and a contributor to the Microsoft TechNet community. Recently, he was awarded the Icon of the Year for Excellence in Mentoring Technology Startups for the 2018-19 by Radio City, which is a Jagran Initiative, for his extraordinary work during his career of 22 years in the industry and the field of technology mentoring.ED PRICE is Senior Program Manager in Engineering at Microsoft, with an MBA in technology management. He ran Microsoft customer feedback programs for Azure Development and Visual Studio. He also was a technical writer at Microsoft for six years, helped lead TechNet Wiki, and now leads efforts to publish key guidance from AzureCAT (Customer Advisory Team).CHAPTER 1: Building Solutions in the Azure CloudCHAPTER GOAL: The first chapter will introduce the reader to the many facets of Microsoft Azure, why and how building for the cloud differs from on-prem development, and the need for a comprehensive strategy to debugging and profiling in Azure.We will cover the major types of blades (FaaS, SaaS, PaaS, IaaS).NO OF PAGES: 20SUB -TOPICS1. Microsoft Azure overview2. FaaS (Functions as a Service/Code as a Service) – a tour of Azure Functions and Logic Apps3. SaaS (Software as a Service) – Web Apps, Office3654. PaaS (Platform as a Service) – Cloud Services5. IaaS (Infrastructure as a Service) – Virtual Machines, SQL ServerChapter 2: The Azure PortalCHAPTER GOAL: The different Azure blades have many common features. This chapter will explore the Azure portal and some of the common features. The dashboard will be explained and how different views can be created for different scenarios. The Favorites section, the Cost Management & Billing blade, support, and Cloud Shell will all be introduced. The goal of the chapter is to get the reader comfortable with navigating the portal and feeling less overwhelmed, especially if this is the first time they’ve used the portal.NO OF PAGES: 35SUB - TOPICS1. Azure portal – what is a blade?2. Dashboard3. Navigation – favorites, subscription filtering, and searching4. You’re not alone – help and support5. Cost management6. Cloud shellChapter 3: Services in the CloudCHAPTER GOAL: Using examples in Azure Functions and Logic Apps, this chapter will provide an example of building an Azure Function and calling it from a Logic App. The logging and debugging capabilities will be explored in the appropriate blades.NO OF PAGES: 25SUB - TOPICS1. What is serverless?2. Azure Functions* Logic Apps* Using tags for billing Chapter 4: Application Insights and Log AnalyticsCHAPTER GOAL: Using the example built in Chapter 2, we will apply Application Insights and use it to monitor the solution.NO OF PAGES: 20SUB - TOPICS:1. Application Insights overview2. Adding to Azure Functions3. Adding Log Analytics to a Logic AppChapter 5: Databases and StorageCHAPTER GOAL: Building upon chapters 1 and 2, persistent storage will be incorporated into the example. Different implementations will be explored, including Azure SQL Database, Azure Cosmos DB, and Azure Storage Tables.NO OF PAGES: 25SUB - TOPICS:1. Azure SQL Database2. Azure Cosmos DB3. Azure Storage TablesCHAPTER 6: Azure Web AppCHAPTER GOAL: An Azure Web App will now be added to the example, and we’ll expand on the Application Insights capabilities, including custom events.NO OF PAGES: 20SUB – TOPICS:1. Overview of the Web App (functional)2. App Service blade overview – default and adding new graphs3. Diagnose and solve problemsChapter 7: Identity Security with Azure ADCHAPTER GOAL: Azure AD security will be added to the solution. OpenID will be used to secure the Azure Web App. The Logic App and Azure Function will be secured to only be accessible from the Web App (not directly to the user).NO OF PAGES: 20SUB – TOPICS:1. Overview of Azure AD2. Tracking user activity3. AD Connect Health4. AD reportingChapter 8: Continuous DeliveryCHAPTER GOAL: CI, CD will be covered. Capabilities of VSTS (covering Git, TFVC) will be shown, with the help of Build and Deployment. The chapter will focus on getting a better understanding of the state of a solution under change. What is currently deployed and where is it? How does VSTS and the Azure portal relate, and how can you get a complete view of the solution?NO OF PAGES: 25SUB – TOPICS:1. Introduction to VSTS2. Projects and dashboards3. Code – TFVC4. Code – Git5. Work, Wiki, Test – How these can be used to better understand the development process6. Build7. ReleaseChapter 9: External ToolingCHAPTER GOAL: Extend and automate CI, CD with the help of various build tools, viz. VSTS, TeamCity, and Cake bootstrapper.NO OF PAGES: 15SUB – TOPICS:1. Azure portal dashboard – widgets2. VSTS – pluginsChapter 10: Visualizing the Health of a SolutionCHAPTER GOAL: We cover troubleshooting in a production environment.NO OF PAGES: 18SUB – TOPICS:1. Remote combining reports for a complete picture2. Combining reports for a complete picture3. Disaster recovery and versioning of applications in a solution4. Enterprise reporting
Das Internet der Dinge und Künstliche Intelligenz als Game Changer
Das Internet der Dinge (IoT) und Künstliche Intelligenz (KI) bieten im Zuge der Digitalisierung große Chancen für innovative Geschäftsmodelle und Produktivitätssteigerungen von Unternehmen. Diese Chancen nutzen gegenwärtig vor allem die großen Digital-Champions und Startups. Umfassend und aktuell greifen die Autoren diese Herausforderung für etablierte Unternehmen auf. Zentrale These des Buches ist, dass diese digitalen Technologien die Spielregeln des Wettbewerbs grundlegend verändern und zu Game Changern werden. Die Autoren belegen dies in vier Blöcken: Im ersten Teil erläutern sie wichtige Begriffe. Im zweiten Teil beschreiben Timothy Kaufmann und Hans-Gerd Servatius die Entwicklung zum neuen Management 4.0-Paradigma und dessen Bausteine. Der dritte Teil beschäftigt sich mit dem Wandel der Informations- und Kommunikationstechnik hin zu einer durch IoT- und KI-Technologien geprägten digitalen Architektur. Der abschließende vierte Teil skizziert die Bausteine einer Innovationspolitik 4.0 für den digitalen Wandel, die den Rahmen für Management- und Architektur-Innovationen liefert.Dank klarer Gliederung, anschaulicher Erläuterung der neuen Konzepte und zahlreicher Beispiele aus der Praxis ist das Buch eine wichtige Orientierungshilfe für alle, die nach erfolgreichen Wegen zu einem Management 4.0 und einer digitalen Architektur suchen.TIMOTHY KAUFMANN arbeitet bei SAP als Business Development Director für neue Technologien. Er ist Mitinitiator der Open Industry 4.0 Alliance.PROF. DR. HANS-GERD SERVATIUS ist geschäftsführender Gesellschafter des Innovationsspezialisten Competivation. Daneben lehrt er an der Universität Stuttgart und der RWTH Aachen. Er ist Autor mehrerer Bücher und zahlreicher Fachartikel.Digitale Technologien verändern den Wettbewerb.- Das neue Management 4.0-Paradigma.- Digitale Geschäftsmodelle gemeinsam mit IoT- und KI-Plattformpartnern.- Integration der Objectives and Key Results (OKR-) Methode in agile Strategie- und Innovationsprozesse.- Digitaler Wandel in einer evolutionären Organisation.- Produktivitätssteigerung mit Künstlicher Intelligenz.- Eine IT-Architektur 4.0 unterstützt IoT und KI.- IoT- und KI-Architekturen.- Datengetriebene Services und die Architektur 4.0.- Geschäftsprozesse und die Architektur 4.0.- Das Wertversprechen und die Architektur 4.0.- IoT- und KI-Innovationsökosysteme und die Architektur 4.0.- Auf dem Weg zu einer Innovationspolitik 4.0.
Mastering VMware NSX for vSphere
A CLEAR, COMPREHENSIVE GUIDE TO VMWARE’S LATEST VIRTUALIZATION SOLUTIONMastering VMware NSX for vSphere is the ultimate guide to VMware’s network security virtualization platform. Written by a rock star in the VMware community, this book offers invaluable guidance and crucial reference for every facet of NSX, with clear explanations that go far beyond the public documentation. Coverage includes NSX architecture, controllers, and edges; preparation and deployment; logical switches; VLANS and VXLANS; logical routers; virtualization; edge network services; firewall security; and much more to help you take full advantage of the platform’s many features.More and more organizations are recognizing both the need for stronger network security and the powerful solution that is NSX; usage has doubled in the past year alone, and that trend is projected to grow—and these organizations need qualified professionals who know how to work effectively with the NSX platform. This book covers everything you need to know to exploit the platform’s full functionality so you can:* Step up security at the application level* Automate security and networking services* Streamline infrastructure for better continuity* Improve compliance by isolating systems that handle sensitive dataVMware’s NSX provides advanced security tools at a lower cost than traditional networking. As server virtualization has already become a de facto standard in many circles, network virtualization will follow quickly—and NSX positions VMware in the lead the way vSphere won the servers. NSX allows you to boost security at a granular level, streamline compliance, and build a more robust defense against the sort of problems that make headlines. Mastering VMware NSX for vSphere helps you get up to speed quickly and put this powerful platform to work for your organization.ELVER SENA SOSA is a data center solutions architect with 20 years' networking experience. He is the author of two VMWare Press VCP certification books, holds VCDX-NV and VCI certifications from VMWare, and he is a frequent speaker and blogger well known in the VMware community. Introduction xviiCHAPTER 1 ABSTRACTING NETWORK AND SECURITY 1Networks: 1990s 1Colocation 2Workload-to-Server Ratio 3Inefficient Resource Allocation 3The Long Road to Provisioning 3Data Centers Come of Age 4Data Center Workloads 4Workloads Won’t Stay Put 5VMWARE 6Virtualization 6What is Happening in There? 6Portability 8Virtualize Away 8Extending Virtualization to Storage 9Virtual Networking and Security 9NSX to the Rescue 10The Bottom Line 13CHAPTER 2 NSX ARCHITECTURE AND REQUIREMENTS 15NSX Network Virtualization 16Planes of Operation 16NSX Manager Role and Function 18ESXi Hosts 19vCenter Server 20vSphere Distributed Switch 21NSX VIBs 23Competitive Advantage: IOChain 24IOChain Security Features 24NSX Controllers 25NSX Controller Clustering 26NSX Controller Roles 26NSX Edge 28ESG Sizing 30NSX Role-Based Access Control 30Overlay and Underlay Networks 32Replication Modes for Traffic Going to Multiple Destinations 34The Bottom Line 36CHAPTER 3 PREPARING NSX 39NSX Manager Prerequisites 39Open Ports and Name Resolution 40Minimum Resource Requirements for NSX Data Center Appliances 40vSphere HA and DRS 41IP Addressing and Port Groups 43Installing the Client Integration Plug-in 44Installing NSX Manager 44Associating NSX Manager to vCenter 46Adding AD/LDAP to NSX 47Linking Multiple NSX Managers Together (Cross- vCenter NSX) 51Multi-site Consistency with Universal Components 51Primary and Secondary NSX Managers 53Preparing ESXi Clusters for NSX 54Creating a Universal Transport Zone on the Primary NSX Manager 56vSphere Distributed Switches Membership 57Adding Secondary NSX Managers 58The Bottom Line 59CHAPTER 4 DISTRIBUTED LOGICAL SWITCH 61vSphere Standard Switch (vSS) 62Traffic Shaping 63Understanding Port Groups 64NIC Teaming 65Ensuring Security 66Virtual Distributed Switch (vDS) 67Virtual eXtensible LANs (VXLANs) 68Employing Logical Switches 71Three Tables That Store VNI Information 73Collecting VNI Information 74Centralized MAC Table 75VTEP Table 76We Might as Well Talk about ARP Now 79Filling In the L2 and L3 Headers 79Switch Security Module 81Understanding Broadcast, Unknown Unicast, and Multicast 83Layer 2 Flooding 83Replication Modes 83Deploying Logical Switches 84Creating a Logical Switch 85The Bottom Line 85CHAPTER 5 MARRYING VLANS AND VXLANS 87Shotgun Wedding: Layer 2 Bridge 87Architecture 88Challenges 89Deployment 90Under the Hood 102Layer 2 VPN 102NSX Native L2 Bridging 103Hardware Switches to the Rescue 103Hardware VTEPs 103Deployment 104Under the Hood 104The Bottom Line 105CHAPTER 6 DISTRIBUTED LOGICAL ROUTER 107Distributed Logical Router (DLR) 107Control Plane Smarts 108Logical Router Control Virtual Machine 108Understanding DLR Efficiency 111Another Concept to Consider 115Let’s Get Smart about Routing 117OSPF 119Border Gateway Protocol (BGP) 120Oh Yeah, Statics Too 123Deploying Distributed Logical Routers 125The Bottom Line 134CHAPTER 7 NFV: ROUTING WITH NSX EDGES 137Network Function Virtualization: NSX Has It Too 137This is Nice: Edge HA A 138Adding HA 139Let’s Do Routing Like We Always Do 140Deploying the Edge Services Gateway 144Configuring BGP 151Configuring OSPF 154Configuring Static Routes 155Routing with the DLR and ESG 156Using CLI Commands 156Default Behaviors to Be Aware Of 157Equal Cost Multi-Path Routing157The Bottom Line 160CHAPTER 8 MORE NVF: NSX EDGE SERVICES GATEWAY 163ESG Network Placement 163Network Address Translation 164Configuring Source NAT 166Configuring Destination NAT 166Configuring SNAT on the ESG 167Configuring DNAT on the ESG 169ESG Load Balancer 171Configuring an ESG Load Balancer 173Layer 2 VPN (If You Must) 178Secure Sockets Layer Virtual Private Network 179Split Tunneling 180Configuring SSL VPN 180Internet Protocol Security VPN 187Understanding NAT Traversal 188Configuring IPsec Site-to-Site VPN with the ESG 188Round Up of Other Services 190DHCP Service 191Configuring the ESG as a DHCP Server 192DHCP Relay 194Configuring the DLR for DHCP Relay 196DNS Relay 198Configuring DNS Relay on the ESG 199The Bottom Line 200CHAPTER 9 NSX SECURITY, THE MONEY MAKER 203Traditional Router ACL Firewall 203I Told You about the IOChain 204Slot 2: Distributed Firewall 206Under the Hood 207Adding DFW Rules 210Segregating Firewall Rules 214IP Discovery 215Gratuitous ARP Used in ARP Poisoning Attacks 216Why is My Traffic Getting Blocked? 218Great, Now It’s Being Allowed 219Identity Firewall: Rules Based on Who Logs In 220Distributing Firewall Rules to Each ESXi Host: What’s Happening? 220The Bottom Line 222CHAPTER 10 SERVICE COMPOSER AND THIRD-PARTY APPLIANCES 223Security Groups 224Dynamic Inclusion 225Static Inclusion 226Static Exclusion 226Defining a Security Group through Static Inclusion 227Defining a Security Group through Dynamic Inclusion 229Customizing a Security Group with Static Exclusion 231Defining a Security Group Using Security Tags 231Adding to DFW Rules 233Service Insertion 236IOChain, the Gift that Keeps on Giving 236Layer 7 Stuff: Network Introspection 236Guest Introspection 237Service Insertion Providers 238Security Policies 239Creating Policies 239Enforcing Policies 243The Bottom Line 245CHAPTER 11 VREALIZE AUTOMATION AND REST APIS 247vRealize Automation Features 247vRA Editions 249Integrating vRA and NSX 250vRealize Automation Endpoints 250Associating NSX Manager with vRealize Automation 252Network Profiles 253vRA External, Routed, and NAT Network Profiles 255Reservations 258vRealize Orchestrator Workflows 261Creating a Blueprint for One Machine261Adding NSX Workflow to a Blueprint 264Creating a Request Service in the vRA Catalog 265Configuring an Entitlement 268Deploying a Blueprint that Consumes NSX Services 271REST APIs 273NSX REST API GET Request 275NSX REST API POST Request 275NSX REST API DELETE Request 276The Bottom Line 277APPENDIX THE BOTTOM LINE 279Chapter 1: Abstracting Network and Security 279Chapter 2: NSX Architecture and Requirements 280Chapter 3: Preparing NSX 280Chapter 4: Distributed Logical Switch 281Chapter 5: Marrying VLANs and VXLANs 283Chapter 6: Distributed Logical Router 284Chapter 7: NFV: Routing with NSX Edges 286Chapter 8: More NVF: NSX Edge Services Gateway 287Chapter 9: NSX Security, the Money Maker 289Chapter 10: Service Composer and Third-Party Appliances 290Chapter 11: vRealize Automation and REST APIs 291Index 293
Tribe of Hackers Security Leaders
TRIBAL KNOWLEDGE FROM THE BEST IN CYBERSECURITY LEADERSHIPThe Tribe of Hackers series continues, sharing what CISSPs, CISOs, and other security leaders need to know to build solid cybersecurity teams and keep organizations secure. Dozens of experts and influential security specialists reveal their best strategies for building, leading, and managing information security within organizations. Tribe of Hackers Security Leaders follows the same bestselling format as the original Tribe of Hackers, but with a detailed focus on how information security leaders impact organizational security.Information security is becoming more important and more valuable all the time. Security breaches can be costly, even shutting businessesand governments down, so security leadership is a high-stakes game. Leading teams of hackers is not always easy, but the future of your organization may depend on it. In this book, the world’s top security experts answer the questions that Chief Information Security Officers and other security leaders are asking, including:* What’s the most important decision you’ve made or action you’ve taken to enable a business risk?* How do you lead your team to execute and get results?* Do you have a workforce philosophy or unique approach to talent acquisition?* Have you created a cohesive strategy for your information security program or business unit?Anyone in or aspiring to an information security leadership role, whether at a team level or organization-wide, needs to read this book. Tribe of Hackers Security Leaders has the real-world advice and practical guidance you need to advance your cybersecurity leadership career.MARCUS J. CAREY is a cybersecurity researcher and inventor with patents in cryptography and cybersecurity and over 25 years of experience in protecting the public, private, and government sectors. He was the Founder and CEO of Threatcare which was acquired by ReliaQuest. Follow Marcus on Twitter at @marcusjcarey. JENNIFER JIN graduated from The University of Texas at Austin in 2017 and started her first job at Threatcare soon after. She became Threatcare's Head of Communications and Marketing before Threatcare was acquired by ReliaQuest. Jennifer is now the Product Marketing Manager at Mio and is the co-author of Tribe of Hackers. Follow Jennifer on Twitter at @jen_jin. Acknowledgments viiIntroduction viii01 Marcus J. Carey 102 Ian Anderson 603 James Arlen 1404 Mark Arnold 2505 Andrew Bagrin 3106 Zate Berg 3607 Tash Bettridge 4608 Philip Beyer 5009 Kyle Bubp 5810 Joanna Burkey 6411 Bill Burns 7012 Lesley Carhart 7813 Christopher Caruso 8314 Mike Chapple 9115 Steve Christey Coley 9816 Jim Christy 10217 Chris Cochran 11018 Edward Contreras 11419 Dan Cornell 11720 Mary Ann Davidson 12421 Kimber Dowsett 13222 David Evenden 13623 Martin Fisher 14124 Chris Hadnagy 14725 Andrew Hay 15326 Mark Hillick 15727 Terence Jackson 16528 Tanya Janca 16829 David Kennedy 17430 Joe Krull 18031 Robert M. Lee 18832 Rafal Los 19433 Tracy Z. Maleeff 19934 Jeffrey Man 20235 Angela Marafino 20936 James Medlock 21237 Kent Nabors 22138 Charles Nwatu 22839 Greg Ose 23240 Edward Prevost 23941 Ray [REDACTED] 24442 Stephen A. Ridley 24943 David Rook 25544 Marina Segal 25945 Khalil Sehnaoui 26246 Jackie Singh 26747 Dan Tentler 27148 Eugene Teo 27449 Dominique West 27950 Jake Williams 28351 Wirefall 288Appendix: Recommended Reading 293
Penetration Testing For Dummies
TARGET, TEST, ANALYZE, AND REPORT ON SECURITY VULNERABILITIES WITH PEN TESTINGPen Testing is necessary for companies looking to target, test, analyze, and patch the security vulnerabilities from hackers attempting to break into and compromise their organizations data. It takes a person with hacking skills to look for the weaknesses that make an organization susceptible to hacking.Pen Testing For Dummies aims to equip IT enthusiasts at various levels with the basic knowledge of pen testing. It is the go-to book for those who have some IT experience but desire more knowledge of how to gather intelligence on a target, learn the steps for mapping out a test, and discover best practices for analyzing, solving, and reporting on vulnerabilities.* The different phases of a pen test from pre-engagement to completion* Threat modeling and understanding risk* When to apply vulnerability management vs penetration testing* Ways to keep your pen testing skills sharp, relevant, and at the top of the gameGet ready to gather intelligence, discover the steps for mapping out tests, and analyze and report results!ROBERT SHIMONSKI is an ethical hacker and a professional IT leader who has led numerous efforts to architect, design, strategize and implement enterprise solutions that must remain secure. Rob has been involved in security and technology operations for over 25 years and has written his books from the trenches of experience.
Knockout Networking for Financial Advisors and Other Sales Producers
90% of financial advisors fail at being financial advisors. Why? Because advisors, brokers, reps, and agents need to see more people to make more sales appointments. And nobody in their firm, agency, branch, or shop trains them how! Knockout Networking for Financial Advisors is the only book written for sales producers in the financial services industry focused on making more connections through networkingIn the wake of the COVID 19 pandemic, networking, developing relationships, generating referrals, and making important connections are as important as ever. The ideas and approaches in Knock Out Networking for Financial Advisors can be applied immediately to virtual meetings, online networking groups, social media, podcasts, and of course, phone calls. The problem is, most advisors and sales producers are not born networkers; they develop the skills and confidence through education, training, practice, and having a positive attitude.Knockout Networking for Financial Advisors covers everything you need to know about going to the right places (virtual or not!), saying the right things, and meeting the right people―essential skills for a financial advisor or sales producer that's serious about making more and better connections! The result? More prospects, more referrals, and more business.Author Michael Goldberg is a networking specialist, speaker, trainer, author (and boxer!) focused on helping financial advisors, brokers, agents, reps, wholesalers, and other sales producers grow their business or practice through networking.In this �must read if you�re a financial advisor� book, you will learn how to:* Confidently meet and greet new people in business settings* Further define your Target Market to establish more and better connections* Deliver a �knockout� elevator speech (not a script!)* Generate more prospects and referrals from current client base* Establish important relationships generating more business opportunitiesBottom line, networking is the most effective way to attract more prospects, more referrals, and more business to your corner. Remember�keep the left up!MICHAEL GOLDBERG is a networking expert specializing in helping financial advisors, brokers, agents, reps, product wholesalers, and other sales producers grow their business. His clients include Morgan Stanley, Merrill Lynch, John Hancock Investments, Northern Trust, Griffin Capital, SAP, Brother International, Rabobank, Guardian Life, Jackson National, State Farm Insurance, and Chubb. Michael is also a two-time TEDx speaker, a Certified Speaking Professional and an award-winning adjunct professor at Rutgers University. Preface xiPART 1 OPENING ROUNDS 1CHAPTER 1 NETWORKING IS THE KEY TO A SUCCESSFUL CAREER (ESPECIALLY IN FINANCIAL SERVICES) 3Why Financial Advisors Should Network 3Top Producers Should Network Too 6Why Financial Advisors Don’t Network 8CHAPTER 2 WHAT IS NETWORKING? HAVING A NETWORKING MINDSET 17Six Reasons for Networking 18Why Understanding the Six Reasons for Networking is Important 23What is Networking Anyway? 28CHAPTER 3 WHY YOU WON’T CONNECT WITH EVERYONE: THE ONE-THIRDER DYNAMIC 37One-Thirder Dynamic 39Two-Thirder Dynamic 42Focus on the One-Thirders! 43Zero-Thirder Dynamic 44Mirror Image 46Sometimes You Can Reduce the Fraction 47PART 2 THE RULES OF NETWORKING™ 49CHAPTER 4 NO SELLING EVER: KEEP BOBBING AND WEAVING 51The Cost of Selling at a Networking Event 54Trade Shows: An Exception to the Rule 60CHAPTER 5 EVERYONE IS NOT A PROSPECT: DON’T WASTE YOUR PUNCHES 63What is a Prospect Anyway? 65True and Probable Referral Sources 69Natural Market 71Prospecting is Important! 73CHAPTER 6 FOCUS ON A TARGET MARKET: HIT THOSE FOCUS MITTS 75How I Discovered My Target Market 76Do You Have the Right Formula? 81How to Discover, Establish, and Develop Your Target Market 84Why Advisors Resist Having a Target Market 90Remember, Stay Focused! 92CHAPTER 7 CREATE (AND USE!) YOUR ELEVATOR SPEECH: THE PEEC STATEMENT™ 93Profession 96Expertise 99Environments 101Call to Action 103The Rules of the PEEC Statement 106Sample PEEC Statements 112CHAPTER 8 BUSINESS CARDS BREED BUSINESS: AND OTHER RULES OF NETWORKING™ 115Have Your Business Cards and Other Tools of the Trade 116It is Never About You 119Always Be Positive, Professional, and Respectful 120Look the Part 121Know about Contacts, Leads, and Referrals 122Count Your Chickens and Eggs 124Eat and Drink Strategically 124Initiate Conversations by Introducing Yourself and Asking Questions 125Have a Goal and a Plan 126Listen More, Talk Less 127Keep Your Eyes Focused on Your Conversation 127Introduce Others with Passion 128Implement a Time Limit 129Intend to Follow Up 130Terminate Conversations Politely 131It’s a We Thing, Not a Me Thing 132Get to Know: The Know, Like, and Trust Factor 133Have Fun! 133PART 3 WHERE TO GO, WHAT TO SAY, AND WHO TO MEET 135CHAPTER 9 WHERE TO GO? CHAMBERS, ASSOCIATIONS, AND OTHER HIGH-POTENTIAL EVENTS 137Not All Events are Created Equal 138Hard Contact Meetings 140Soft Contact Meetings 142You Can’t Just Show Up 153CHAPTER 10 WHAT TO SAY? HOW TO START A CONVERSATION, ASK GOOD QUESTIONS, AND CONNECT 155What Prevents Us from Listening? 156Four-Step Process for Active Listening 157Initiate Conversations by Introducing Yourself and Asking Questions 159CHAPTER 11 WHO WILL YOU MEET? THE FACES OF NETWORKING 167The Faces of Networking 168People Seldom Change 175PART 4 SPECIAL TOPICS 177CHAPTER 12 HOW TO HANDLE AWKWARD SITUATIONS: FORGETTING NAMES AND OTHER WEIRD MOMENTS 179How Do I Introduce Myself? 180How Do I Introduce Others in a Conversation Without Being Rude? 182How Do I Introduce Others and Walk Away? 182What Should I Do If I Forget Someone’s Name? 183How Do I Ask Someone for a Business Card? 185How Do I Take Notes on Someone’s Business Card? 186How Do I Know When to End a Conversation? 187What If I’ve Done Something Embarrassing or Stupid? 189CHAPTER 13 KNOCKOUT LINKEDIN STRATEGIES: BOOM! 191Step 1: Define Your LinkedIn Marketing Goals 194Step 2: Pick Your Target Market on LinkedIn 195Step 3: Create the Right Messaging for Social Media 196Step 4: Tell Your Story to Engage People 197Step 5: Optimize Your LinkedIn Profile to Five Stars 197Step 6: Set Up the Right Networking Dashboards to Track LinkedIn Success 198Step 7: Post Something of Value Each Day on LinkedIn 199Step 8: Engage with Your First- and Second-Degree LinkedIn Network 200Step 9: Reach Out Via Direct Message to Your LinkedIn Connections 200The Bottom Line 201CHAPTER 14 GENERATING MORE REFERRALS: WHY DON’T YOU GET MORE? 203Reasons You’re Not Getting Referrals 204Knockout Ways to Generate More Referrals 210CHAPTER 15 ONE-ON-ONE NETWORKING MEETINGS: HOW TO PUNCH UP YOUR TIME OVER COFFEE 219Best Practices 221Your PUNCH Card 222Important Points to Keep in Mind 227One-on-One Meeting PUNCH Card 230PART 5 DEVELOPING AND IMPLEMENTING YOUR NETWORKING SYSTEM 231CHAPTER 16 THE FOUR PHASES OF NETWORKING: PREPARATION, PRESENTATION, FOLLOW-UP, MAINTENANCE 233Preparation 234Presentation 240Follow-up 247Maintenance (OOSIOOM) 250CHAPTER 17 WHAT NOW? 90-DAY GOALS: PUTTING YOUR “DAILY FIGHT PLAN” INTO ACTION! 255Goals 258Objectives or Tasks 262Business and Networking Examples 263Daily Fight Plan (DFP) 264Daily Fight PlanTM 267Final Round 268Acknowledgments 271About the Author 273Index 275
SQL Server 2019 für Administratoren
Mit dem Microsoft SQL Server verwalten Sie große Datenmengen sicher und effizient. Wie die Administration in Produktivumgebungen gelingt, zeigt Ihnen dieses Praxishandbuch. Ob es um die hybride Nutzung in der Cloud geht oder um die richtige Wartung, Backups & Replikation, Skalierbarkeit, Hochverfügbarkeit oder Monitoring: Hier finden Sie alle relevanten Themenbereiche erklärt. Anschauliche Workshops und praxisnahe Hinweise lassen sich direkt auf Ihre tägliche Arbeit einsetzen. Aus dem Inhalt: Installation und KonfigurationServer-SicherheitBackup und RecoveryPowerShell und T-SQLAutomatisierungSkalierbarkeitReplikationHochverfügbarkeitslösungenÜberwachung (Monitoring)Troubleshooting und Performance-TuningKomponenten für Entwickler (Master Data Services, StreamInsight)Integration Services, Reporting Services, Analysis ServicesPraxisworkshops Vorwort ... 25 1. Die Versionsgeschichte von SQL Server ... 29 1.1 ... Entwicklung bis Microsoft SQL Server 2005 ... 30 1.2 ... Von Microsoft SQL Server 2008 zu SQL Server 2014 ... 32 1.3 ... SQL Server 2016 -- wichtige Neuerungen im Überblick ... 40 1.4 ... SQL Server 2017 -- wichtige Neuerungen im Überblick ... 43 1.5 ... SQL Server 2019 -- Aussichten auf die Neuerungen im Überblick ... 48 2. Zukunftssicherheit, Stabilität und Performance im Enterprise-Bereich ... 65 2.1 ... Kapazitätsplanung von Prozessor, Speicher und I/O ... 65 2.2 ... Erfassen von Leistungs- und Baseline-Daten ... 66 2.3 ... Sequenzieller und Random I/O ... 68 2.4 ... Dimensionierung des E/A-Subsystems ... 69 2.5 ... RAID und SAN -- Konfiguration ... 70 2.6 ... SQL Server und virtuelle Umgebungen -- was ist zu beachten? ... 75 2.7 ... Ausblick auf zukünftige Technologien -- Storage im Netz ... 76 3. Die SQL-Server-Editionen im Überblick ... 79 3.1 ... Standard Edition ... 79 3.2 ... Business Intelligence Edition ... 80 3.3 ... Enterprise Edition ... 80 3.4 ... Parallel Data Warehouse und Data Warehouse Fast Track Edition ... 80 3.5 ... Spezielle Editionen ... 81 3.6 ... Microsoft Azure SQL-Datenbank ... 84 3.7 ... Zusammenfassung ... 88 4. Installation von SQL Server und Aktualisierung auf neue Versionen ... 89 4.1 ... Überlegungen zur Installation ... 90 4.2 ... Vorbereitung -- Was Sie vor der Installation erledigen sollten ... 94 4.3 ... Die vollständige Installation ... 95 4.4 ... Durchführen einer unbeaufsichtigten Installation ... 120 4.5 ... Installation einer Instanz unter Linux ... 127 4.6 ... Installation einer Instanz in der Cloud ... 133 5. Konfigurieren von SQL Server ... 135 5.1 ... Der SQL Server-Konfigurations-Manager ... 135 5.2 ... Die SQL-Server-Protokolle ... 138 5.3 ... SQL-Server-Startparameter ... 145 5.4 ... »sqlcmd« -- das Tool für die Kommandozeile ... 148 5.5 ... Die Konfiguration der Instanz ... 150 5.6 ... Konfigurieren von SQL Server mit der PowerShell ... 156 5.7 ... SQL-Server-Agent-Grundkonfiguration ... 158 5.8 ... Konfiguration von SQL Server mithilfe der Richtlinienverwaltung (policy management) ... 160 5.9 ... Hilfsprogramm-Kontrollpunkte (Utility Control Point, UCP) ... 166 6. Die SQL-Server-Systemdatenbanken im Überblick ... 181 6.1 ... Aufbau und Funktionsweise von SQL-Server-Systemdatenbanken ... 182 6.2 ... Verschieben (Move) von Systemdatenbanken ... 184 6.3 ... Neuerstellen von Systemdatenbanken ... 187 6.4 ... Konfigurieren von Systemdatenbanken ... 190 7. Grundlegendes Know-how für Administratoren und Entwickler ... 195 7.1 ... SQL Server verwalten -- SQL Server Management Studio (SSMS) ... 195 7.2 ... Dynamische Verwaltungssichten (Dynamic Management Views, DMV), Katalogsichten ... 209 7.3 ... Datenbanken anlegen ... 215 7.4 ... T-SQL -- Die wichtigsten Befehle für den Administrator ... 222 7.5 ... Views -- Daten aus anderen Perspektiven ... 225 7.6 ... Benutzerdefinierte Funktionen ... 227 7.7 ... Gespeicherte Prozeduren ... 229 7.8 ... Wichtige gespeicherte Prozeduren ... 235 7.9 ... Trigger ... 239 7.10 ... Interessante T-SQL-Neuerungen für Entwickler ... 250 7.11 ... SQL Server 2014 -- T-SQL Enhancements ... 250 7.12 ... SQL Server 2016/2017 -- T-SQL Enhancements ... 250 7.13 ... SQL Server 2019 -- T-SQL Enhancements ... 253 7.14 ... Dynamische Datenmaskierung (Dynamic Data Masking, DDM) ... 253 7.15 ... UTF-8-Unterstützung ab SQL Server 2019 ... 267 8. PowerShell ... 269 8.1 ... Warum PowerShell? ... 269 8.2 ... Was bietet PowerShell? ... 270 8.3 ... Wie wird PowerShell installiert und aufgerufen? ... 271 8.4 ... Beispiel: Anzeigen der Instanzen von SQL Server in HTML ... 276 8.5 ... DBATOOLS -- PowerShell-Skripte für den Administrator ... 277 8.6 ... SQLWATCH -- ein Open-Source-Monitoring-Projekt ... 277 9. Backup und Restore ... 279 9.1 ... Sicherungsverfahren ... 279 9.2 ... Wiederherstellungsmodelle (Recovery Model): Ein Überblick über die Backup-Möglichkeiten ... 281 9.3 ... Sicherung von Dateigruppen ... 287 9.4 ... Systemdatenbanken richtig sichern und wiederherstellen ... 287 9.5 ... Datenbank-Snapshots: Datenbankzustände konservieren und wiederherstellen ... 287 9.6 ... Backup-Strategie ... 292 9.7 ... Medien ... 295 9.8 ... Workshops: Datenbanken mit verschiedenen Methoden richtig sichern ... 299 10. SQL-Server-Sicherheit ... 321 10.1 ... Das SQL-Server-Authentifizierungskonzept ... 321 10.2 ... Serverrollen ... 330 10.3 ... Authentifizierungsstufe »Datenbank« -- Datenbankberechtigungen ... 337 10.4 ... Eigenständige Datenbanken ... 349 10.5 ... Berechtigungen auf allen Ebenen ... 356 10.6 ... Schemas ... 374 10.7 ... Datenverschlüsselung mit Zertifikaten und Schlüsseln ... 378 10.8 ... Verbindungsserver/Delegation (Linked Server) ... 394 10.9 ... Eine Einführung in SQL-Server-Container ... 400 11. Automatisieren von administrativen Aufgaben ... 405 11.1 ... Der SQL Server Agent ... 406 11.2 ... Erstellen von Aufträgen und Ausführen von SSIS-Paketen ... 406 11.3 ... Wartungspläne (Maintenance Plans) und T-SQL-Skripte ... 414 11.4 ... Konfigurieren des SQL Server Agents ... 424 11.5 ... Was sind Proxy-Konten, und welche Bedeutung kommt ihnen zu? ... 430 11.6 ... Automatische Optimierung (automatic tuning options) ... 430 11.7 ... Machine Learning Services ... 432 12. Einrichten von Warnungen und Benachrichtigungen ... 433 12.1 ... Konfigurieren von Datenbank-E-Mail ... 433 12.2 ... Einrichten von Warnungen ... 447 12.3 ... Anlegen von Operatoren ... 452 12.4 ... Warnungen zu Leistungsstatus, Fehlernummern und WMI ... 455 13. Skalierbarkeit von SQL Server ... 457 13.1 ... Verteilen der SQL-Server-Dienste ... 458 13.2 ... SQL Server und NLB-Cluster ... 459 13.3 ... Skalierung der Analysis Services ... 462 13.4 ... Skalierbare freigegebene Datenbanken ... 463 13.5 ... Skalierbarkeit von Datenbanken mit Hilfe der Peer-to-Peer-Transaktionsreplikation ... 464 13.6 ... AlwaysOn -- nicht nur ein Thema für Hochverfügbarkeit ... 464 13.7 ... Service Broker -- Skalierung für Entwickler ... 465 13.8 ... Workshop -- SQL Server in der Cloud installieren ... 470 14. Verteilung von Daten -- Replikation ist kein Hexenwerk ... 487 14.1 ... Einführung in die Replikation ... 487 14.2 ... Die Rollenverteilung bei einer Replikation ... 492 14.3 ... Replikationsarten ... 493 15. Hochverfügbarkeitslösungen ... 517 15.1 ... Hochverfügbarkeit -- was ist das eigentlich genau? ... 518 15.2 ... Lastenausgleich durch Network Load Balancing (NLB) ... 519 15.3 ... Failover-Cluster ... 521 15.4 ... Clusterarten ... 525 15.5 ... Datenbankspiegelung ... 526 15.6 ... Protokollversand ... 535 15.7 ... Kombinieren von Lösungen für hohe Verfügbarkeit ... 537 15.8 ... AlwaysOn -- Mission Critical, die neue Hochverfügbarkeitslösung ... 539 15.9 ... SSIS und AlwaysOn ... 543 15.10 ... Workshop I: Einrichten einer Datenbankspiegelung ... 543 15.11 ... Workshop II: Einrichten des Protokollversands ... 554 15.12 ... Workshop III: Einrichten von AlwaysOn ... 562 16. Überwachen von SQL Server ... 581 16.1 ... Überwachen der SQL-Server-Aktivität mit SQL Server Monitor ... 581 16.2 ... Ablaufverfolgung von SQL Server mit dem Profiler ... 585 16.3 ... Erweiterte Ereignisse (Extended Events) ... 592 16.4 ... Die Windows-Leistungsüberwachung (Performance Monitor) ... 599 16.5 ... Synchronisation von Windows-Leistungsüberwachungs- und SQL-Server-Profiler-Dateien ... 603 16.6 ... SQLdiag ... 605 16.7 ... SQL-Server-Auditing ... 608 16.8 ... Konfigurieren des Datenauflisters (Data Collection) ... 617 17. Hilfreiche Tools von Drittherstellern ... 631 17.1 ... Monitoring ... 631 17.2 ... Backup ... 632 17.3 ... Analyse ... 633 17.4 ... DBA-Tätigkeiten ... 634 17.5 ... Die Onlinegemeinde ... 635 18. Problembehebung und Performance-Tuning ... 637 18.1 ... Richtiges Verwalten von Daten ... 637 18.2 ... Daten lesen und schreiben ... 639 18.3 ... Wie werden Abfragen ausgeführt? ... 641 18.4 ... Der Datenbankoptimierungsratgeber ... 646 18.5 ... Ressourcenkontrolle (Resource Governor) ... 667 18.6 ... Indizes: Wichtiges Mittel für eine gute Performance ... 673 18.7 ... Statistiken und Wartungspläne (maintenance plans) ... 683 18.8 ... Datenkomprimierung ... 685 18.9 ... Change Data Capture ... 688 18.10 ... Datenbankoperationen ... 692 18.11 ... Parallelitätsprobleme (Deadlocks) ... 700 18.12 ... Partitionierung -- wenn Tabellen sehr groß werden ... 704 18.13 ... In-Memory OLTP (Online Transaction Processing) ... 707 18.14 ... Zusammenfassung der Performancethemen ... 716 19. Applikations- und Multiserver-Verwaltung ... 719 19.1 ... Vorteile und Einsatz der Multiserver-Verwaltung ... 719 19.2 ... DAC -- Datenebenenanwendung (data-tier application) ... 727 19.3 ... Registrierte SQL Server und Servergruppen ... 734 19.4 ... Zentraler Verwaltungsserver (Central Management Server) ... 740 20. Weitere Komponenten für Entwickler und Anwender ... 745 20.1 ... Master Data Services ... 745 20.2 ... StreamInsight ... 749 20.3 ... Data Quality Services ... 756 20.4 ... Columnstore-Indizes (Columnstore Indexes) ... 760 21. ETL-Prozesse mit den Integration Services ... 763 21.1 ... Möglichkeiten zum Massenimport ... 764 21.2 ... Der Import/Export-Assistent ... 768 21.3 ... SSIS-Anwendungen: Erstellen von DTSX-Paketen mit den SQL Server Data Tools ... 772 21.4 ... Erstellen von Wartungsplänen mit den SQL Server Data Tools ... 803 22. Parallel Data Warehouse (PDW) ... 805 22.1 ... Grundlagen und Schlüsselmerkmale ... 805 22.2 ... Auch in Azure gibt es DWH-Lösungen ... 806 22.3 ... Symmetrisches Multiprocessing ... 807 22.4 ... Massive parallele Verarbeitung ... 807 22.5 ... Parallel Data Warehouse -- Architektur ... 809 22.6 ... Parallel Data Warehouse -- Knoten ... 811 22.7 ... Datenlayout -- PDW-Schemadesign ... 814 22.8 ... Verwaltung ... 816 23. Die Reporting Services ... 817 23.1 ... Neuerungen in den Reporting Services ... 817 23.2 ... Bereitstellung und Skalierung der Reporting Services ... 819 23.3 ... Installation und Konfiguration im einheitlichen Modus ... 822 23.4 ... Workshops ... 837 24. Analysis Services -- Datenanalyse für jedermann ... 863 24.1 ... Beispielszenario für ein Analysis-Services-Projekt ... 863 24.2 ... Was sind die SQL Server Analysis Services (SSAS)? ... 865 24.3 ... Microsoft Excel und Analysis Services ... 872 24.4 ... Das Sicherheitskonzept der Analysis Services ... 872 24.5 ... SQL Server -- PowerPivot und DAX ... 874 24.6 ... PolyBase ... 875 24.7 ... Machine Learning und R ... 877 25. Big Data -- Analysewerkzeuge für SQL Server ... 879 25.1 ... Daten und der Umgang damit ... 879 25.2 ... Was ist eigentlich Big Data? ... 879 25.3 ... Microsoft Big Data Cluster für SQL Server ... 880 25.4 ... Bereitstellung von Big Data Clusters für SQL Server ... 881 25.5 ... Fazit ... 881 Aussichten: Was bringt die Zukunft? ... 883 Anhang: Deutsch - Englisch/Englisch - Deutsch ... 887 Index ... 923
Practical Rust Projects
Go beyond the basics and build complete applications using the Rust programming language. The applications in this book include a high-performance web client, a microcontroller (for a robot, for example), a game, an app that runs on Android, and an application that incorporates AI and machine learning.Each chapter will be organized in the following format: what this kind of application looks like; requirements and user stories of our example program; an introduction to the Rust libraries used; the actual implementation of the example program, including common pitfalls and their solutions; and a brief comparison of libraries for building each application, if there is no clear winner.Practical Rust Projects will open your eyes to the world of practical applications of Rust. After reading the book, you will be able to apply your Rust knowledge to build your own projects.WHAT YOU WILL LEARNWrite Rust code that runs on microcontrollers * Build a 2D game* Create Rust-based mobile Android applications* Use Rust to build AI and machine learning applicationsWHO THIS BOOK IS FORSomeone with basic Rust knowledge, wishing to learn more about how to apply Rust in a real-world scenario.SHING LYU is a software engineer who is passionate about open source software. He's worked on Rust professionally at Mozilla, on the Firefox (Gecko) and Servo browser engine project. Currently, he is working at DAZN, a sports streaming platform as a backend developer, with a focus on AWS and serverless technology. Shing has worked for many world famous brands such as Mozilla and Intel. He is also active in the open source community. Being one of the founders of the Taiwan Rust community, he loves to share his enthusiasm for Rust with people.Chapter 1, IntroductionThis chapter gives a short introduction to why Rust is a solid tool for building all kinds of application, and a brief overview of the format and organization of the book.● Introduction● Why Rust?● Who should read this book?● Chapters overviewChapter 2, Building a command-line programThis chapter will teach you how to build a command-line program with Rust.● What are we going to build? (We'll build a cowsay-like tool)● Building a binary program in Rust● Handling positional arguments● Handling optional arguments● Building a text-based user interface with ncurses● SummaryChapter 3, Creating graphical user interfaces (GUIs)This chapter will teach you how to build a cross-platform GUI program in Rust.● What are we going to build? (A desktop cat breed photo viewer)● Introduction to GTK+● Components of a GUI program● Creating a window● Handling user input● Supporting multiple operating system● SummaryChapter 4, Building a gameThis chapter will teach you how to build an 2D game with Rust● What are we going to build? (A 2D cat volleyball game)● Game frameworks in Rust● Building a 2D game in Rust● Rendering the map● Controlling the character with keyboard● Enemies incoming!● Adding sound effects● SummaryChapter 5, Going mobileThis chapter will demonstrate how to build an Android app using Rust● How to make Rust run on Android● What are we going to build? (A pokedex-like cat breed catalog)● Building the app skeleton● Showing pictures● Adding searchChapter 6, Programming embedded devicesThis chapter will demonstrate how to program an embedded device in Rust using a hardware development board. We'll also be using a QEUM emulator so readers can follow along without the hardware.● What are we going to build? (Either a STM32 development board or Arduino, still need more research)● How cross-compilation works?● Introducing the development board and QEUM● Setting up the toolchain for embedded programming● Communication using serial port● Programming the hardware timer● Debugging on an embedded device● SummaryChapter 7, Artificial intelligence and machine learningThis chapter will introduce machine learning libraries in Rust and show a simple image recognition demo● How does machine learning work● What are we going to build? (A cat image detector)● Mathematical background● Preparing the dataset● Training the model● Making predictionsChapter 8, Advanced topicsThis chapter will discuss other more advanced use of Rust. Each section will introduce one application, existing projects for that kind of application and their status. But we'll not go into the detail as the previous chapters.● Working with other languages● Operating system - Redox● The vast universe of Rust applications
Der Prozess mobiler Entwicklungsprojekte: Muster agiler Methoden
SUCHEN SIE EIN PROZESSMODELL FÜR EIN MOBILES ENTWICKLUNGSPROJEKT? SIE FRAGEN SICH, NACH WELCHEM PROZESSMODELL APPS IN DER PRAXIS ENTWICKELT WERDEN?Suchen Sie ein Prozessmodell für ein mobiles Entwicklungsprojekt? Sie fragen sich, nach welchem Prozessmodell Apps in der Praxis entwickelt werden?Florian Siebler-Guth zeigt in seinem Buch, dass in der Praxis kein anerkanntes Prozessmodell für mobile Entwicklungsprojekte verwendet wird. Herkömmliche Methoden – Scrum und XP – könnten zwar angepasst werden, sie berücksichtigen aber nicht die Besonderheiten mobiler Entwicklungsprojekte und sind vielen Teams zu formal. Daher fokussiert der Autor auf die Gemeinsamkeiten agiler Methoden, die sogenannten „Muster agiler Methoden“, beispielsweise auf Muster wie „Iteration“ im Sinne eines inkrementell-iterativen Vorgehens oder wie „Informelle Kommunikation“. Basierend auf Interviews mit professionellen App-Entwicklern aus der Praxis wird klar: Die Muster werden in Abhängigkeit vom Entwicklungskontext unterschiedlich gewichtet. Aufbauend auf den Erkenntnissen der geführten Interviews entwickelt Florian Siebler-Guth mit „Crystal Mobile“ ein Prozessmodell für das Mobile App Development. Mit dem gewichteten Musterkatalog und mit „Crystal Mobile“ liefert er einen Werkzeugkasten, der in keiner Software-Schmiede fehlen darf – besonders, wenn darin Apps produziert werden.Ein spannendes Buch für alle, die mehr über Agilität und agile Handlungsweisen, insbesondere in der mobilen Entwicklung erfahren wollen.FLORIAN SIEBLER-GUTH ist Master of Science Software Engineering. Er arbeitet als Programmierer beim Bundesinstitut für Arzneimittel und Medizinprodukte in Bonn. Dort betreut er die Datenbank AMIS, in der bundesweit zugelassene Medikamente registriert werden, und die eGov-Suite. Daneben bildet er Auszubildende und Anwärter des gehobenen Dienstes in C#, Java und Design Patterns aus. In seiner Freizeit programmiert er Apps und schreibt Bücher über Java-Programmierung. Das methodische Vorgehen beschreiben - Zentrale Begriffe definieren - Besonderheiten mobiler Projekte benennen - Die Interviews planen und durchführen - Die Interviews analysieren, die Muster diskutieren - Die Ergebnisse zusammenfassen - Anhang
Next-Generation Machine Learning with Spark
Access real-world documentation and examples for the Spark platform for building large-scale, enterprise-grade machine learning applications.The past decade has seen an astonishing series of advances in machine learning. These breakthroughs are disrupting our everyday life and making an impact across every industry.NEXT-GENERATION MACHINE LEARNING WITH SPARK provides a gentle introduction to Spark and Spark MLlib and advances to more powerful, third-party machine learning algorithms and libraries beyond what is available in the standard Spark MLlib library. By the end of this book, you will be able to apply your knowledge to real-world use cases through dozens of practical examples and insightful explanations.WHAT YOU WILL LEARN* Be introduced to machine learning, Spark, and Spark MLlib 2.4.x* Achieve lightning-fast gradient boosting on Spark with the XGBoost4J-Spark and LightGBM libraries* Detect anomalies with the Isolation Forest algorithm for Spark* Use the Spark NLP and Stanford CoreNLP libraries that support multiple languages* Optimize your ML workload with the Alluxio in-memory data accelerator for Spark* Use GraphX and GraphFrames for Graph Analysis* Perform image recognition using convolutional neural networks* Utilize the Keras framework and distributed deep learning libraries with Spark WHO THIS BOOK IS FORData scientists and machine learning engineers who want to take their knowledge to the next level and use Spark and more powerful, next-generation algorithms and libraries beyond what is available in the standard Spark MLlib library; also serves as a primer for aspiring data scientists and engineers who need an introduction to machine learning, Spark, and Spark MLlib.BUTCH QUINTO is founder and Chief AI Officer at Intelvi AI, an artificial intelligence company that develops cutting-edge solutions for the defense, industrial, and transportation industries. As Chief AI Officer, Butch heads strategy, innovation, research, and development. Previously, he was the Director of Artificial Intelligence at a leading technology firm and Chief Data Officer at an AI startup. As Director of Analytics at Deloitte, Butch led the development of several enterprise-grade AI and IoT solutions as well as strategy, business development, and venture capital due diligence. He has more than 20 years of experience in various technology and leadership roles in several industries including banking and finance, telecommunications, government, utilities, transportation, e-commerce, retail, manufacturing, and bioinformatics. Butch is the author of Next-Generation Big Data (Apress) and a member of the Association for the Advancement of Artificial Intelligence and the American Association for the Advancement of Science.
Mach's einfach: 98 Anleitungen Heimnetzwerke
In diesem Buch erfahren Sie, wie Sie Ihre Computer, Smartphones und Tablets sowie die Ihrer Familie in einem eigenen Heimnetzwerk miteinanderverbinden. Das erleichtert nicht nur den Datenaustausch und damit die Kommunikation, sondern auch das gemeinsame Nutzen von Ressourcen: Alle Computer eines Netzwerks verwenden z. B. denselben Internetzugang oder greifen auf denselben Drucker zu. Ausgehend von den gngigsten Betriebssystemen und den am hufigsten eingesetzten Routern wie der FRITZ!Box von AVM und dem Speedport der Telekom, richten Sie mit diesem Buch ein kleines Netzwerk fr Ihr Zuhause oder Ihr Bro ein - drahtlos oder kabelgebunden und inklusive Fernzugriff von unterwegs sowie eigenem Webserver. Das Buch beschreibt die erforderlichen und ntzlichen Software-Tools und zeigt auch die Tcken und mglichen Probleme auf, die beim Einrichten eines Heimnetzwerks gelst werden wollen, ohne dass man zeitraubende Support-Hotlines in Anspruch nehmen muss.
AWS Certified Solutions Architect
Die Zertifizierung zum AWS Certified Solutions Architect Associate verschafft Ihnen einen klaren Vorteil, wenn Sie als Cloud-Spezialist arbeiten wollen. Für das neue, überarbeitete Associate-Examen ist dieses umfassende Lehrbuch eine große Hilfe. Es deckt alle relevanten Aspekte ab. Im ersten Teil lernen Sie die wichtigsten Services kennen wie Elastic Compute Cloud (EC2), Virtual Private Cloud (VPC), Route 53 und Simple Storage Service (S3), um nur einige wenige zu nennen. Manchmal scheint es für einen Anwendungfall mehrere AWS Services zu geben. Sie erfahren, wo die feinen Unterschiede sind und wann Sie welchen Service nutzen. Der zweite Teil des Buchs enthält Best Practices und wichtige Prinzipien, sodass Sie später Systeme für die Cloud sinnvoll designen, sicher implementieren und effizient betreiben können.In jedem Kapitel gibt es am Ende eine Zusammenfassung mit den wichtigsten Inhalten für die Prüfung, außerdem beispielhafte Übungen, die Ihnen helfen, Ihr Verständnis für das Thema des Kapitels zu überprüfen, und anhand derer Sie sich ein Bild von den Prüfungsfragen machen können. Durch das Buch erhalten Sie Zugang zu einer englischsprachigen Lernumgebung mit Karteikarten, Übungsaufgaben und einigen anderen Hilfen.Ben Piper, AWS Certified Solutions Architect, ist IT-Berater. Er hat mehr als 20 Schulungen zu den Themen Amazon Web Services, Cisco Routing und Switching, Puppet Configuration Management und Windows Server Administration erstellt.David Clinton, AWS Certified Cloud Practitioner, ist ein Linux-Server-Administrator, der mit IT-Infrastruktur schon sowohl im akademischen als auch im Unternehmensumfeld gearbeitet hat. Er hat mehr als 20 Videokurse zu Amazon Web Services und anderen Technologien erstellt.Einführung xxvEinstufungstest xxxiiTEIL I ZENTRALE AWS-SERVICES 1KAPITEL 1 EINFÜHRUNG IN CLOUD-COMPUTING UND AWS 3Cloud-Computing und Virtualisierung 4Cloud-Computing-Architektur 5Cloud-Computing-Optimierung 5Die AWS-Cloud 7Architektur der AWS-Plattform 12AWS-Zuverlässigkeit und Compliance 14Modell der gemeinsamen Verantwortung 14Service-Level-Agreements von AWS 14Die Arbeit mit AWS 15Die AWS-Befehlszeilen-Schnittstelle (CLI) 15AWS-SDKs 16Technische Unterstützung und Ressourcen im Web 16Support-Stufen 16Weitere Support-Ressourcen 17Zusammenfassung 17Prüfungsschwerpunkte 18Übung 18Testfragen 19KAPITEL 2 AMAZON ELASTIC COMPUTE CLOUD UND AMAZON ELASTIC BLOCK STORE 21Einleitung 22EC2-Instanzen 22Bereitstellung Ihrer Instanz 23Konfiguration des Instanzverhaltens 28Preismodelle für Instanzen 28Lebenszyklus von Instanzen 30Markierung von Ressourcen mit Tags 30Servicelimits 31EC2-Speicher-Volumes 31EBS-Volumes (Elastic Block Store) 32Instanz-Speicher-Volumes 34Zugriff auf Ihre EC2-Instanz 34Sicherung Ihrer EC2-Instanz 36Sicherheitsgruppen 36IAM-Rollen 37NAT-Geräte 37Schlüsselpaare 38Weitere EC2-Services 38AWS Systems Manager 38Platzierungsgruppen 38AWS Elastic Beanstalk 39Amazon Elastic Container Service und AWS Fargate 39AWS Lambda 39VM Import/Export 39Elastic Load Balancing und Auto Scaling 39AWS-CLI – Beispiel 40Zusammenfassung 41Prüfungsschwerpunkte 42Testfragen 43KAPITEL 3 AMAZON SIMPLE STORAGE SERVICE UND AMAZON GLACIER 49Einleitung 50S3-Servicearchitektur 51Präfixe und Trennzeichen 51Umgang mit großen Objekten 52Verschlüsselung 52Protokollierung 53Beständigkeit und Verfügbarkeit von S3 54Beständigkeit 54Verfügbarkeit 55Datenkonsistenz 55S3-Objektlebenszyklus 56Versionierung 56Lebenszyklusregeln 56Zugriff auf S3-Objekte 57Zugriffssteuerung 57Vorsignierte URLs 59Hosting von statischen Websites 59S3 und Glacier Select 60Amazon Glacier 61Speicherkosten 61Weitere speicherbezogene Services 62Amazon Elastic File System 62AWS Storage Gateway 63AWS Snowball 63AWS-CLI – Beispiel 63Zusammenfassung 64Prüfungsschwerpunkte 65Testfragen 67KAPITEL 4 AMAZON VIRTUAL PRIVATE CLOUD 71Einleitung 72CIDR-Blöcke von VPCs 72Sekundäre CIDR-Blöcke 73IPv6-CIDR-Blöcke 73Subnetze 74Subnetz-CIDR-Blöcke 74Availability Zones 75IPv6-CIDR-Blöcke 76Elastic Network Interfaces 77Primäre und sekundäre private IP-Adressen 77Zuordnung von Elastic Network Interfaces 77Internet-Gateways 78Routing-Tabellen 78Routen 79Die Standardroute 79Sicherheitsgruppen 81Regeln für eingehenden Datenverkehr 81Regeln für ausgehenden Datenverkehr 82Quell- und Zieladressen 83Zustandsbehaftete Firewall 83Netzwerk-Zugriffskontrolllisten 84Regeln für eingehenden Datenverkehr 84Regeln für ausgehenden Datenverkehr 86Gemeinsame Nutzung von Netzwerk-Zugriffskontrolllisten und Sicherheitsgruppen 87Öffentliche IP-Adressen 87Elastic-IP-Adressen 88Network Address Translation (NAT) 89NAT-Geräte 90Konfiguration von Routing-Tabellen für NAT-Geräte 91NAT-Gateway 92NAT-Instanz 93VPC-Peering 93Zusammenfassung 94Prüfungsschwerpunkte 95Testfragen 97KAPITEL 5 DATENBANKEN 101Einleitung 102Relationale Datenbanken 102Spalten und Attribute 103Verwendung mehrerer Tabellen 103Structured Query Language (SQL) 105Online Transaction Processing vs. Online Analytic Processing 105Amazon Relational Database Service 106Datenbank-Engines 106Lizenzierung 107Optionsgruppen für Datenbanken 108Datenbankinstanzklassen 108Speicherung 109Read Replicas 113Hochverfügbarkeit (Multi-AZ) 115Backup und Wiederherstellung 116Automatisierte Snapshots 117Wartungsaufgaben 117Amazon Redshift 118Datenverarbeitungsknoten 118Datenverteilungsstil 118Nicht relationale Datenbanken (NoSQL) 118Speichern von Daten 119Abfrage von Daten 119Arten von nicht relationalen Datenbanken 120DynamoDB 120Partitions-und Hash-Schlüssel 120Attribute und Elemente 121Durchsatzkapazität 122Lesen von Daten 124Zusammenfassung 125Prüfungsschwerpunkte 126Testfragen 128KAPITEL 6 AUTHENTIFIZIERUNG UND AUTORISIERUNG –AWS IDENTITY AND ACCESS MANAGEMENT 133Einleitung 134IAM-Identitäten 135IAM-Richtlinien 135Benutzer-und Root-Konten 137Zugriffsschlüssel 139Gruppen 141Rollen 142Authentifizierungstools 142Amazon Cognito 143AWS Managed Microsoft AD 143AWS Single Sign-On 143AWS Key Management Service 144AWS Secrets Manager 144AWS CloudHSM 144AWS-CLI – Beispiel 145Zusammenfassung 146Prüfungsschwerpunkte 147Testfragen 148KAPITEL 7 CLOUDTRAIL, CLOUDWATCH UND AWS CONFIG 153Einleitung 154CloudTrail 155Verwaltungsereignisse 156Datenereignisse 156Ereignisverlauf 156Pfade 156Integritätsprüfung für Protokolldateien 159CloudWatch 160Metriken von CloudWatch 160Grafische Darstellung von Metriken 162Mathematische Operationen mit Metriken 164CloudWatch Logs 166Protokollströme und Protokollgruppen 166Metrikfilter 167CloudWatch Agent 167Übermittlung von CloudTrail-Protokollen an CloudWatch Logs 168CloudWatch-Alarme 169Zu überwachende Datenpunkte 169Schwellenwert 170Alarmstatus 170Benötigte Anzahl an Datenpunkten und Auswertungsintervall 170Fehlende Daten 171Aktionen 172AWS Config 173Der Konfigurationsrekorder 174Konfigurationselemente 174Konfigurationsverlauf 174Konfigurations-Snapshots 175Überwachung von Änderungen 176Zusammenfassung 177Prüfungsschwerpunkte 178Testfragen 179KAPITEL 8 DOMAIN NAME SYSTEM UND NETZWERK-ROUTING: AMAZON ROUTE 53 UND AMAZON CLOUDFRONT 183Einleitung 184Das Domain Name System (DNS) 184Namespaces 185Nameserver 185Domains und Domainnamen 186Domainregistrierung 186Domainebenen 186Fully Qualified Domain Names 186Zonen und Zonendateien 187Typen von Ressourcendatensätzen 187Alias-Datensätze 188Amazon Route 53 189Domainregistrierung 189DNS-Verwaltung 189Überwachung der Verfügbarkeit 191Routing-Richtlinien 192Datenverkehrsfluss 195Amazon CloudFront 196AWS-CLI – Beispiel 198Zusammenfassung 198Prüfungsschwerpunkte 199Testfragen 200TEIL II WELL-ARCHITECTED FRAMEWORK 205KAPITEL 9 DIE SÄULE »ZUVERLÄSSIGKEIT« 207Einleitung 208Berechnung der Verfügbarkeit 208Verfügbarkeitsunterschiede zwischen klassischen und nativen Cloud-Anwendungen 209Kein grenzenloses Vergnügen 212Erhöhung der Verfügbarkeit 213EC2 Auto Scaling 213Startkonfigurationen 214Startvorlagen 214Auto-Scaling-Gruppen 216Auto-Scaling- Optionen 217Backup und Wiederherstellung von Daten 222S3 222Elastic File System 222Elastic Block Storage 223Ausfallsicherheit von Datenbanken 223Einrichtung eines ausfallsicheren Netzwerks 224Überlegungen beim VPC-Entwurf 224Externe Konnektivität 225Verfügbarkeitsorientierter Entwurf 225Entwurf einer Anwendung mit 99 Prozent Verfügbarkeit 226Entwurf einer Anwendung mit 99,9 Prozent Verfügbarkeit 227Entwurf einer Anwendung mit 99,99 Prozent Verfügbarkeit 228Zusammenfassung 230Prüfungsschwerpunkte 230Testfragen 232KAPITEL 10 DIE SÄULE »LEISTUNG UND EFFIZIENZ« 237Einleitung 238Leistungsoptimierung für zentrale AWS-Services 238Datenverarbeitung 239Speicherung 243Datenbanken 247Netzwerkoptimierung und Lastverteilung 248Automatisierung der Infrastruktur 251CloudFormation 251Automatisierungstools von Drittanbietern 253Kontinuierliche Integration und Implementierung 254Überprüfung und Optimierung von Infrastrukturkonfigurationen 255Lasttests 256Visualisierung 257Optimierung von Datenoperationen 258Caching 258Partitionierung/Sharding 260Komprimierung 261Zusammenfassung 261Prüfungsschwerpunkte 262Testfragen 264KAPITEL 11 DIE SÄULE »SICHERHEIT« 269Einleitung 270Identity and Access Management 270Schutz Ihrer AWS-Zugangsdaten 271Feingranulare Autorisierung 272Berechtigungsgrenzen 273Rollen 275Durchsetzung von ressourcenbasierten Richtlinien 280Investigative Kontrollen 281CloudTrail 281CloudWatch Logs 282Protokollsuche mit Athena 283Prüfung von Ressourcenkonfigurationen mit AWS Config 284Amazon GuardDuty 287Amazon Inspector 289Schutz der Netzwerkgrenzen 290Netzwerk-Zugriffskontrolllisten und Sicherheitsgruppen 290AWS Web Application Firewall 291AWS Shield 291Datenverschlüsselung 292Ruhende Daten 292Daten auf dem Übertragungsweg 294Zusammenfassung 295Prüfungsschwerpunkte 295Testfragen 297KAPITEL 12 DIE SÄULE »KOSTENOPTIMIERUNG« 301Einleitung 302Planung, Nachverfolgung und Kontrolle der Kosten 303AWS-Budgets 303Überwachungstools 305AWS Organizations 306AWS Trusted Advisor 306Onlinerechner 307Kostenoptimierung bei der Datenverarbeitung 309Maximierung der Serverdichte 309Reserved Instances 310Spot-Instanzen 311Auto Scaling 313Elastic Block Store Lifecycle Manager 314Zusammenfassung 314Prüfungsschwerpunkte 315Testfragen 316KAPITEL 13 DIE SÄULE »OPERATIONAL EXCELLENCE« 321Einleitung 322CloudFormation 322Erstellen von Stacks 323Löschen von Stacks 324Verwendung mehrerer Stacks 324Stack-Aktualisierungen 327Verhinderung von Aktualisierungen spezifischer Ressourcen 328Außerkraftsetzung von Stack-Richtlinien 330CodeCommit 330Erstellen eines Repositorys 331Repository-Sicherheit 331Interaktion mit einem Repository via Git 331CodeDeploy 334Der CodeDeploy-Agent 334Bereitstellungen 335Bereitstellungsgruppen 335Bereitstellungstypen 335Bereitstellungskonfigurationen 336Lebenszyklusereignisse 337AppSpec-Datei 338Auslöser und Alarme 339Rollbacks 340CodePipeline 340Kontinuierliche Integration 340Kontinuierliche Bereitstellung 340Erstellen einer Pipeline 341Artefakte 343AWS Systems Manager 343Aktionen 344Erkenntnisse 346Zusammenfassung 348Prüfungsschwerpunkte 349Testfragen 350ANHANG ANTWORTEN AUF DIE TESTFRAGEN 355Kapitel 1: Einführung in Cloud-Computing und AWS 356Kapitel 2: Amazon Elastic Compute Cloud und Amazon Elastic Block Store 357Kapitel 3: Amazon Simple Storage Service und Amazon Glacier Storage 359Kapitel 4: Amazon Virtual Private Cloud 360Kapitel 5: Datenbanken 363Kapitel 6: Authentifizierung und Autorisierung – AWS Identity and Access Management 366Kapitel 7: CloudTrail, CloudWatch und AWS Config 368Kapitel 8: Domain Name System und Netzwerk-Routing: Amazon Route 53 und Amazon CloudFront 370Kapitel 9: Die Säule »Zuverlässigkeit« 372Kapitel 10: Die Säule »Leistung und Effizienz« 375Kapitel 11: Die Säule »Sicherheit« 377Kapitel 12: Die Säule »Kostenoptimierung« 379Kapitel 13: Die Säule »Operational Excellence« 381Stichwortverzeichnis 385
Design and Analysis of Security Protocol for Communication
The book combines analysis and comparison of various security protocols such as HTTP, SMTP, RTP, RTCP, FTP, UDP for mobile or multimedia streaming security protocol. Over the past few decades, digital communication has grown by leaps and bounds. The expanding use of the internet in our day-to-day lives has resulted in a six-fold increase in the number of internet users in the past two decades alone, leading to an evolution of technologies for home use such as cloud computing, artificial intelligence, big data analytics and machine learning. However, insecurity or loss of information continues to be a major concern with multiple cases across the globe of breach of information or platforms leading to loss of data, money, faith and much more. There are many different security protocols for various types of applications of the internet like email, web browsing, webchat, video streaming, cloud-based communication, closed group communication, banking transactions, e-commerce and many more both at network level and user end. Security has evolved to counter many kinds of attacks like intrusion, manipulation, spoofing and so on, for which techniques like cryptography, message digest, digital signature, steganography, watermarking, time stamping, access control, etc., have been incorporated into various layers of communication, resulting in protocols like HTTP, SMTP, RTP, RTCP, FTP, UDP and many more. The 16 chapters in this book, all written by subject matter experts, analyze and compare the various protocols which might act as a Mobile Communication Security Protocol or Multimedia Streaming Security Protocol. The main goal of the book is to help the engineer proper utilize the correct security application for the application at hand. Audience Research scholars and engineers working in the area of security protocols for communication will find this book a handy reference guide. Software and hardware engineers, who work specifically in the area of communication protocols, will find this book a useful resource as all the security protocols it covers are compared and compiled in one place, thus ensuring their proper utilization. In addition, graduate and post-graduate students will find this book an ideal guide in courses on electronics and communication engineering, telecommunication engineering, network engineering, computer science and engineering and information technology. The purpose of designing this book is to discuss and analyze security protocols available for communication. Objective is to discuss protocols across all layers of TCP/IP stack and also to discuss protocols independent to the stack. Authors will be aiming to identify the best set of security protocols for the similar applications and will also be identifying the drawbacks of existing protocols. The authors will be also suggesting new protocols if any. Preface xiii 1 History and Generations of Security Protocols 1 Bright Keswani, Poonam Keswani and Rakhi Purohit 1.1 Introduction 2 1.2 Network Security 2 1.3 Historical Background of Network Security and Network Timeline 4 1.4 Internet Architecture and Security Aspects 5 1.4.1 IPv4 and IPv6 Architecture 6 1.4.1.1 Structure of IPv4 6 1.4.1.2 IPv6 Architecture 7 1.4.2 Attack Through IPv4 8 1.4.2.1 Internet Attacks Common Methods 8 1.4.2.2 Internet Security Technology 10 1.4.3 IPv6 IP Security Issues 11 1.5 Different Aspects of Security of the Network 12 1.6 Evolution of Security Protocols for Network 13 1.6.1 Understanding the Key Components of Network Security 13 1.6.2 A Deep Defense Strategy 14 1.6.3 How Does the Next Generation Network Security System Work Best 15 1.7 Network Security Protocols 17 1.7.1 Application Layer 17 1.7.1.1 Good Privacy (PGP) 17 1.7.1.2 Email/Multipurpose Security (S/MIME) 18 1.7.1.3 HTTP Secure (S-HTTP) 18 1.7.1.4 Hypertext Transfer Protocol (HTTPS) in Secure Sockets Layer 19 1.7.1.5 Secure E-Commerce (SET) 19 1.7.1.6 Kerberos 19 1.7.2 Transport Layer 20 1.7.2.1 Secure Sockets Layer (SSL) 20 1.7.2.2 Transport Layer Security (TLS) 21 1.7.3 Network Layer 21 1.7.3.1 Internet Protocol Security (IPSec) 22 1.7.3.2 Virtual Private Network (VPN) 23 1.7.4 Data Link Layer 24 1.7.4.1 Point-to-Point Protocol (PPP) 24 1.7.4.2 Remote Authentication User Service (RADIO) 24 1.7.4.3 Terminal System Access Control Access Control Equipment (TACACS +) 25 1.8 Current Evolution of Red Security 25 1.8.1 Hardware Development 25 1.8.2 Software Development 27 1.9 Future Security Trends 27 References 27 2 Evolution of Information Security Algorithms 29 Anurag Jagetiya and C. Rama Krishna 2.1 Introduction to Conventional Encryption 30 2.2 Classical Encryption Techniques 31 2.2.1 Substitution Based 32 2.2.1.1 Caesar Cipher 32 2.2.1.2 Monoalphabetic Cipher 32 2.2.1.3 Playfair Cipher 33 2.2.1.4 Polyalphabetic Cipher 35 2.2.2 Transposition Based 36 2.2.2.1 Simple Columnar 36 2.2.2.2 Rail Fence Cipher 37 2.3 Evolutions of Modern Security Techniques 38 2.3.1 Stream Cipher Algorithms 38 2.3.1.1 One Time Pad (OTP) 40 2.3.1.2 RC-4 41 2.3.1.3 A5/1 43 2.3.2 Block Cipher Algorithms 44 2.3.2.1 Feistel Cipher Structure 46 2.3.2.2 Data Encryption Standard (DES) 48 2.3.2.3 Triple Data Encryption Standard (TDES) 56 2.3.2.4 International Data Encryption Algorithm (IDEA) 58 2.3.2.5 Blowfish 60 2.3.2.6 CAST-128 62 2.4 Conclusion 66 References 67 Practice Set 67 Review Questions and Exercises 70 3 Philosophy of Security by Cryptostakes Schemes 79 Hemant Kumar Saini 3.1 Philosophy of Public Key Cryptosystems (p-k Cryptography) 79 3.2 RSA Algorithm 81 3.3 Security Analysis of RSA 84 3.4 Exponentiation in Modular Arithmetic 85 3.5 Distribution of Public Keys 87 3.6 Distribution of Secret Keys Using Public Key Cryptosystems 89 3.7 Discrete Logarithms 91 3.8 Diffie–Hellman Key Exchange 91 3.9 Review Exercise 93 References 94 4 Zero-Share Key Management for Secure Communication Across a Channel 95 P. R. Mahalingam and K. A. Fasila 4.1 Introduction 95 4.2 Background 96 4.3 Zero-Share Key Management System 98 4.4 Simulation 100 4.5 Complexity and Analysis 103 4.6 Conclusion and Future Trends 106 References 107 5 Soft Computing-Based Intrusion Detection System With Reduced False Positive Rate 109 Dharmendra G. Bhatti and Paresh V. Virparia 5.1 Introduction 109 5.1.1 Soft Computing for Intrusion Detection 111 5.1.2 False Positive 112 5.1.3 Reasons of False Positive 113 5.2 Existing Technology and Its Review 115 5.3 Research Design 118 5.3.1 Conceptual Framework 118 5.3.2 Preprocessing Module 121 5.3.3 Alert Monitoring Module 123 5.4 Results With Implications 124 5.4.1 Preprocessing Module Benchmark 126 5.4.2 Alert Monitoring Module Benchmark 129 5.4.3 Overall Benchmark 130 5.4.4 Test Bed Network Benchmark 131 5.5 Future Research and Conclusion 133 References 135 6 Recursively Paired Arithmetic Technique (RPAT): An FPGA-Based Block Cipher Simulation and Its Cryptanalysis 141 Rajdeep Chakraborty and J.K. Mandal 6.1 Introduction 141 6.2 Recursively Paired Arithmetic Technique (RPAT) 142 6.2.1 An Example of RPAT 144 6.2.2 Options of RPAT 145 6.2.3 Session Key Generation 146 6.3 Implementation and Simulation 147 6.4 Cryptanalysis 150 6.5 Simulation Based Results 152 6.6 Applications 152 6.7 Conclusion 153 Acknowledgment 153 References 153 7 Security Protocol for Multimedia Streaming 155 N. Brindha, S. Deepa and S. Balamurugan 7.1 Introduction 156 7.1.1 Significance of Video Streaming 156 7.2 Existing Technology and Its Review 162 7.3 Methodology and Research Design 166 7.4 Findings 167 7.5 Future Research and Conclusion 169 References 169 8 Nature Inspired Approach for Intrusion Detection Systems 171 Mohd Shahid Husain 8.1 Introduction 171 8.1.1 Types of Intrusion Detection Systems 172 8.2 Approaches Used for Intrusion Detection Systems 173 8.2.1 Intrusion Detection and Prevention Systems 173 8.2.2 Performance Criteria of Intrusion Detection Systems 174 8.3 Intrusion Detection Tools 175 8.4 Use of Machine Learning to Build Dynamic IDS/IPS 176 8.5 Bio-Inspired Approaches for IDS 178 8.6 Conclusion 179 References 181 9 The Socio-Behavioral Cipher Technique 183 Harshit Bhatia, Rahul Johari and Kalpana Gupta 9.1 Introduction 183 9.2 Existing Technology 184 9.3 Methodology 186 9.3.1 Key Arrangement 187 9.3.2 Key Selection 188 9.3.3 Mathematical Operations 189 9.3.4 Algorithm 191 9.3.5 Encryption Operation 192 9.3.6 Decryption Operation 193 9.3.7 Mathematical Modeling 201 9.4 Conclusion: Future Scope and Limitations 205 References 208 10 Intrusion Detection Strategies in Smart Grid 211 P. Ponmurugan, C. Venkatesh, M. Divya Priyadharshini and S. Balamurugan 10.1 Introduction 212 10.2 Role of Smart Grid 212 10.3 Technical Challenges Involved in Smart Grid 213 10.4 Intrusion Detection System 216 10.5 General Architecture of Intrusion Detection System 217 10.6 Basic Terms in IDS 218 10.7 Capabilities of IDS 219 10.8 Benefits of Intrusion Detection Systems 219 10.9 Types of IDS 220 10.10 IDS in a Smart Grid Environment 222 10.10.1 Smart Meter 223 10.10.2 Metering Module 223 10.10.3 Central Access Control 224 10.10.4 Smart Data Collector 224 10.10.5 Energy Distribution System 225 10.10.6 SCADA Controller 225 10.11 Security Issues of Cyber-Physical Smart Grid 225 10.12 Protecting Smart Grid From Cyber Vulnerabilities 227 10.13 Security Issues for Future Smart Grid 229 10.14 Conclusion 230 References 230 11 Security Protocol for Cloud-Based Communication 235 R. Suganya and S. Sujatha 11.1 Introduction 236 11.2 Existing Technology and Its Review 237 11.3 Methodology (To Overcome the Drawbacks of Existing Protocols) 238 11.4 Findings: Policy Monitoring Techniques 238 11.5 Future Research and Conclusion 240 Reference 241 12 Security Protocols for Mobile Communications 243 Divya Priyadharshini M., Divya R., Ponmurugan P. and Balamurugan S. 12.1 Introduction 244 12.2 Evolution of Mobile Communications 246 12.3 Global System for Mobiles (GSM) 248 12.4 Universal Mobile Telecommunications System (UMTS) 250 12.5 Long Term Evolution (LTE) 251 12.6 5G Wireless Systems 254 12.7 LoRA 257 12.8 5G Integrated With LoRA 258 12.9 Physical Layer Security and RFID Authentication 259 12.10 Conclusion 259 References 260 13 Use of Machine Learning in Design of Security Protocols 265 M. Sundaresan and D. Boopathy 13.1 Introduction 266 13.2 Review of Related Literature 269 13.3 Joint and Offensive Kinetic Execution Resolver 271 13.3.1 Design of JOKER Protocol 273 13.3.2 Procedure 276 13.3.3 Procedure 278 13.3.4 Simulation Details and Parameters 279 13.3.4.1 Packet Delivering Ratio Calculation 279 13.3.4.2 Packet Loss Ratio Calculation 279 13.3.4.3 Latency (Delay) Calculation 279 13.3.4.4 Throughput Calculation 280 13.4 Results and Discussion 280 13.5 Conclusion and Future Scope 283 References 283 14 Privacy and Authentication on Security Protocol for Mobile Communications 287 Brajesh Kumar Gupta “Mewadev” 14.1 Introduction 288 14.2 Mobile Communications 289 14.3 Security Protocols 291 14.4 Authentication 294 14.5 Next Generation Networking 298 14.6 Conclusion 302 References 303 15 Cloud Communication: Different Security Measures and Cryptographic Protocols for Secure Cloud Computing 305 Anjana Sangwan 15.1 Introduction 305 15.2 Need of Cloud Communication 306 15.3 Application 309 15.4 Cloud Communication Platform 310 15.5 Security Measures Provided by the Cloud 310 15.6 Achieving Security With Cloud Communications 312 15.7 Cryptographic Protocols for Secure Cloud Computing 314 15.8 Security Layer for the Transport Protocol 315 15.9 Internet Protocol Security (IPSec) 317 15.9.1 How IPsec Works 318 15.10 Kerberos 320 15.11 Wired Equivalent Privacy (WEP) 326 15.11.1 Authentication 326 15.12 WiFi Protected Access (WPA) 327 15.13 Wi-Fi Protected Access II and the Most Current Security Protocols 328 15.13.1 Wi-Fi Protected Access 329 15.13.2 Difference between WEP, WPA: Wi-Fi Security Through the Ages 329 15.14 Wired Equivalent Privacy (WEP) 329 15.15 Wi-Fi Protected Access (WPA) 330 15.16 Conclusions 330 References 331 Index 333 Dinesh Goyal received his PhD in 2014 on "Secure Video Transmission in a Cloud Network" and is now Dean of Academics as well as a member of the Dept. of Computer Science & Engineering, Suresh Gyan Vihar University, India. His research interests are related to information & network security, image processing, data analytics and cloud computing. S. Balamurugan is the Director of Research and Development, Intelligent Research Consultancy Services(iRCS), Coimbatore, Tamilnadu, India. He also serves as R&D Consultant for many companies, startups, SMEs and MSMEs. He has published 40 books, 200+ articles in international journals/conferences as well as 27 patents. He is Editor-in-Chief of Information Science Letters and International Journal of Robotics and Artificial Intelligence. His research interests include artificial intelligence, IoT, big data analytics, cloud computing, industrial automation and wearable computing. He is a life member of IEEE, ACM, ISTE and CSI. Sheng-Lung Peng is a Professor of the Department of Computer Science and Information Engineering at National Dong Hwa University, Hualien, Taiwan. He received PhD degree in Computer Science from the National Tsing Hua University, Taiwan. He is an honorary Professor of Beijing Information Science and Technology University of China, a supervisor of the Chinese Information Literacy Association and of the Association of Algorithms and Computation Theory. His research interests are in designing and analyzing algorithms for bioinformatics, combinatorics, data mining, and networks. He has published more than 100 international conference and journal papers. O. P. Verma is the Principal at GB Pant Govt. Engineering College, New Delhi, India. Previously, he was at the Department of Computer Science & Engineering, Delhi Technical University, New Delhi, India. His research interests include image processing, soft computing, machine learning, evolutionary computing.
Disruption durch digitale Plattform-Ökosysteme
Disruption ist das Schlagwort einer Digitalmoderne, in der digitale Plattform-Ökosysteme eine neue Ökonomie erzeugen. Es expandiert eine Plattform-Ökonomie, die etablierte Unternehmen und Industrien in ihren Grundfesten erschüttert. Die Erschütterungen werden von dem Phänomen der Disruption ausgelöst. In Literatur und Praxis wird der Begriff der Disruption aber inflationär für nahezu alles herangezogen. Daher zielt das vorliegende kompakte Buch auf die kohärente Klärung des Begriffs der Disruption als ein Axiom der Digitalmoderne ab. Zudem erläutert der Autor die Expansionsdynamiken digitaler Plattform-Öko-Systeme durch Big Data-Management und Anwendungen der schwachen Künstlichen Intelligenz. Die Ausführungen zeigen die Relevanz der Disruptionstheorie praxisorientiert am Beispiel der digitalen Transformation eines großen Verlagshauses. Der Autor bietet mit seinem Werk Denkwerkzeuge und -anregungen, jedoch keinen schablonenhaften Ratgeber. Damit richtet sich das Buch an alle, die sich mit disruptiven Dynamiken der Digitalisierung kritisch auseinandersetzen und eigene Gedanken weiterentwickeln möchten.Michael Jaekel verfügt über langjährige Berufs- und Führungserfahrung in der internationalen Strategieberatung, im globalen Portfolio Management und im Big Deal Management namhafter Großunternehmen im In- und Ausland. Weiterhin ist er gefragter Redner und Autor zu Themen wie der strategischen Transformation von Geschäftsmodellen, Entwicklung von Apps-Öko-Systemen und Smart City Initiativen.Zwei Gesichter der Disruption.- Digitale Plattform-Ökosysteme in einer expandierenden Digitalsphäre.- Möglichkeiten und Grenzen Künstlicher Intelligenz.
LPIC-1
* UMFASSENDES LINUX-WISSEN FÜR ADMINISTRATOREN* AKTUELLE LPIC-1-PRÜFUNGSZIELE (VERSION 5.0)* ALLE INHALTE FÜR DIE PRÜFUNGEN AUSFÜHRLICH ERLÄUTERT INKLUSIVE KONTROLLFRAGENTDieses Buch dient der effektiven Vorbereitung auf die LPI-Prüfungen 101 und 102, die zum LPIC-1-Zertifikat führen. Der Inhalt des Buches entspricht den aktuellen Prüfungszielen aus dem Oktober 2018 (Version 5.0).Anselm Lingnau bereitet den prüfungsrelevanten Stoff für Sie geordnet und verständlich auf. Er behandelt alle Themen, die Sie zum erfolgreichen Bestehen der beiden LPIC-1-Prüfungen beherrschen müssen, wie zum Beispiel:* Umgang mit der Linux-Kommandozeile und den wichtigsten Hilfsprogrammen* Grundkenntnisse SQL, Lokalisierung und Shellprogrammierung* Einfache Administrationsaufgaben: Umgang mit Protokolldateien, Verwalten von Benutzerkonten und Gruppen, Systemstart und -stopp* Installation eines Arbeitsplatzrechners und Anschließen an ein existierendes lokales NetzKontrollfragen am Ende des Buches bieten Ihnen eine effektive Möglichkeit zum LPIC-1-Selbststudium. So werden Sie zum Linux-Experten und können Ihre Zertifizierung erfolgreich meistern.AUS DEM INHALT:* LPI-Prüfung: Organisation und Tipps* Dokumentation* Kommandos* Pipelines und Filter* Reguläre Ausdrücke und Editoren* Prozesse* Hardware* Plattenspeicher* Systemstart und Init-System* Software- und Paketverwaltung* Virtualisierung* Shells und Skripte* X11* Systemverwaltung* Drucken* Internationalisierung und Lokalisierung* Netzwerke* SicherheitAnselm Lingnau beschäftigt sich seit mehr als 25 Jahren mit Linux und war über ein Jahrzehnt lang als Trainer, Fachautor und Berater für die Linup Front GmbH im Einsatz. Er und seine Kollegen haben zahlreichen Kursteilnehmern geholfen, LPI-Prüfungen zu bestehen. Außerdem hielt Anselm Lingnau Vorträge und Workshops über Linux- und Open-Source-Themen auf Veranstaltungen wie LinuxTag, CeBIT sowie FrOSCon und ist aktiv beim LPI engagiert. Aktuell ist er als Softwareentwickler für die Arxes-Tolina GmbH tätig.
Applied Incident Response
Incident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary. Applied Incident Response details effective ways to respond to advanced attacks against local and remote network resources, providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including:* Preparing your environment for effective incident response* Leveraging MITRE ATT&CK and threat intelligence for active network defense* Local and remote triage of systems using PowerShell, WMIC, and open-source tools* Acquiring RAM and disk images locally and remotely* Analyzing RAM with Volatility and Rekall* Deep-dive forensic analysis of system drives using open-source or commercial tools* Leveraging Security Onion and Elastic Stack for network security monitoring* Techniques for log analysis and aggregating high-value logs* Static and dynamic analysis of malware with YARA rules, FLARE VM, and Cuckoo Sandbox* Detecting and responding to lateral movement techniques, including pass-the-hash, pass-the-ticket, Kerberoasting, malicious use of PowerShell, and many more* Effective threat hunting techniques* Adversary emulation with Atomic Red Team* Improving preventive and detective controlsSTEVE ANSON is a SANS Certified Instructor and co-founder of leading IT security company Forward Defense. He has over 20 years of experience investigating cybercrime and network intrusion incidents. As a former US federal agent, Steve specialized in intrusion investigations for the FBI and DoD. He has taught incident response and digital forensics techniques to thousands of students around the world on behalf of the FBI Academy, US Department of State, and the SANS Institute. He has assisted governments in over 50 countries to improve their strategic and tactical response to computer-facilitated crimes and works with a range of multinational organizations to prevent, detect and respond to network security incidents. PART I PREPARE 1CHAPTER 1 THE THREAT LANDSCAPE 3Attacker Motivations 3Intellectual Property Theft 4Supply Chain Attack 4Financial Fraud 4Extortion 5Espionage 5Power 5Hacktivism 6Revenge 6Attack Methods 6DoS and DDoS 7Worms 8Ransomware 8Phishing 9Spear Phishing 9Watering Hole Attacks 10Web Attacks 10Wireless Attacks 11Sniffing and MitM 11Crypto Mining 12Password Attacks 12Anatomy of an Attack 13Reconnaissance 13Exploitation 14Expansion/Entrenchment 15Exfiltration/Damage 16Clean Up 16The Modern Adversary 16Credentials, the Keys to the Kingdom 17Conclusion 20CHAPTER 2 INCIDENT READINESS 21Preparing Your Process 21Preparing Your People 27Preparing Your Technology 30Ensuring Adequate Visibility 33Arming Your Responders 37Business Continuity and Disaster Recovery 38Deception Techniques 40Conclusion 43PART II RESPOND 45CHAPTER 3 REMOTE TRIAGE 47Finding Evil 48Rogue Connections 49Unusual Processes 52Unusual Ports 55Unusual Services 56Rogue Accounts 56Unusual Files 58Autostart Locations 59Guarding Your Credentials 61Understanding Interactive Logons 61Incident Handling Precautions 63RDP Restricted Admin Mode and Remote Credential Guard 64Conclusion 65CHAPTER 4 REMOTE TRIAGE TOOLS 67Windows Management Instrumentation Command-Line Utility 67Understanding WMI and the WMIC Syntax 68Forensically Sound Approaches 71WMIC and WQL Elements 72Example WMIC Commands 79PowerShell 84Basic PowerShell Cmdlets 87PowerShell Remoting 91Accessing WMI/MI/CIM with PowerShell 95Incident Response Frameworks 98Conclusion 100CHAPTER 5 ACQUIRING MEMORY 103Order of Volatility 103Local Memory Collection 105Preparing Storage Media 107The Collection Process 109Remote Memory Collection 117WMIC for Remote Collection 119PowerShell Remoting for Remote Collection 122Agents for Remote Collection 125Live Memory Analysis 128Local Live Memory Analysis 129Remote Live Memory Analysis 129Conclusion 131CHAPTER 6 DISK IMAGING 133Protecting the Integrity of Evidence 133Dead-Box Imaging 137Using a Hardware Write Blocker 139Using a Bootable Linux Distribution 143Live Imaging 149Live Imaging Locally 149Collecting a Live Image Remotely 154Imaging Virtual Machines 155Conclusion 160CHAPTER 7 NETWORK SECURITY MONITORING 161Security Onion 161Architecture 162Tools 165Snort, Sguil, and Squert 166Zeek (Formerly Bro) 172Elastic Stack 182Text-Based Log Analysis 194Conclusion 197CHAPTER 8 EVENT LOG ANALYSIS 199Understanding Event Logs 199Account-Related Events 207Object Access 218Auditing System Configuration Changes 221Process Auditing 224Auditing PowerShell Use 229Using PowerShell to Query Event Logs 231Conclusion 233CHAPTER 9 MEMORY ANALYSIS 235The Importance of Baselines 236Sources of Memory Data 242Using Volatility and Rekall 244Examining Processes 249The pslist Plug-in 249The pstree Plug-in 252The dlllist Plug-in 255The psxview Plug-in 256The handles Plug-in 256The malfi nd Plug-in 257Examining Windows Services 259Examining Network Activity 261Detecting Anomalies 264Practice Makes Perfect 273Conclusion 274CHAPTER 10 MALWARE ANALYSIS 277Online Analysis Services 277Static Analysis 280Dynamic Analysis 286Manual Dynamic Analysis 287Automated Malware Analysis 299Evading Sandbox Detection 305Reverse Engineering 306Conclusion 309CHAPTER 11 DISK FORENSICS 311Forensics Tools 312Time Stamp Analysis 314Link Files and Jump Lists 319Prefetch 321System Resource Usage Monitor 322Registry Analysis 324Browser Activity 333USN Journal 337Volume Shadow Copies 338Automated Triage 340Linux/UNIX System Artifacts 342Conclusion 344CHAPTER 12 LATERAL MOVEMENT ANALYSIS 345Server Message Block 345Pass-the-Hash Attacks 351Kerberos Attacks 353Pass-the-Ticket and Overpass-the-Hash Attacks 354Golden and Silver Tickets 361Kerberoasting 363PsExec 365Scheduled Tasks 368Service Controller 369Remote Desktop Protocol 370Windows Management Instrumentation 372Windows Remote Management 373PowerShell Remoting 374SSH Tunnels and Other Pivots 376Conclusion 378PART III REFINE 379CHAPTER 13 CONTINUOUS IMPROVEMENT 381Document, Document, Document 381Validating Mitigation Efforts 383Building On Your Successes, and Learning from Your Mistakes 384Improving Your Defenses 388Privileged Accounts 389Execution Controls 392PowerShell 394Segmentation and Isolation 396Conclusion 397CHAPTER 14 PROACTIVE ACTIVITIES 399Threat Hunting 399Adversary Emulation 409Atomic Red Team 410Caldera 415Conclusion 416Index 419
Formative Assessment and Feedback Tool
In this book, Kevin Duss tackles the well-known problem in the teaching structure of today’s universities that despite the immense potential of formative feedback towards students is not or only insufficiently applied. The author uses existing research and modern technologies to develop a web-based feedback application that enhances both objective and perceived student performance. This work makes a first step towards a design theory for formative feedback applications and gives guidance for their successful implementation.
Programming Persistent Memory
Beginning and experienced programmers will use this comprehensive guide to persistent memory programming. You will understand how persistent memory brings together several new software/hardware requirements, and offers great promise for better performance and faster application startup times—a huge leap forward in byte-addressable capacity compared with current DRAM offerings.This revolutionary new technology gives applications significant performance and capacity improvements over existing technologies. It requires a new way of thinking and developing, which makes this highly disruptive to the IT/computing industry. The full spectrum of industry sectors that will benefit from this technology include, but are not limited to, in-memory and traditional databases, AI, analytics, HPC, virtualization, and big data.PROGRAMMING PERSISTENT MEMORY describes the technology and why it is exciting the industry. It covers the operating system and hardware requirements as well as how to create development environments using emulated or real persistent memory hardware. The book explains fundamental concepts; provides an introduction to persistent memory programming APIs for C, C++, JavaScript, and other languages; discusses RMDA with persistent memory; reviews security features; and presents many examples. Source code and examples that you can run on your own systems are included.WHAT YOU’LL LEARN* Understand what persistent memory is, what it does, and the value it brings to the industry* Become familiar with the operating system and hardware requirements to use persistent memory* Know the fundamentals of persistent memory programming: why it is different from current programming methods, and what developers need to keep in mind when programming for persistence* Look at persistent memory application development by example using the Persistent Memory Development Kit (PMDK)* Design and optimize data structures for persistent memory* Study how real-world applications are modified to leverage persistent memory* Utilize the tools available for persistent memory programming, application performance profiling, and debuggingWHO THIS BOOK IS FORC, C++, Java, and Python developers, but will also be useful to software, cloud, and hardware architects across a broad spectrum of sectors, including cloud service providers, independent software vendors, high performance compute, artificial intelligence, data analytics, big data, etc.STEVE SCARGALL is a persistent memory software/cloud architect within Intel’s Data Center Group (DCG). He contributes to the SNIA NVM Programming Technical Work Group, PMDK, NDCTL, and other open sources projects. With more than 18 years of enterprise application and filesystem IO performance analysis, Steve now works on the exciting and disruptive bleeding edge of persistent memory application design solutions. He works with ISVs and CSPs to enable and deliver persistent memory solutions.CHAPTER 1: INTRODUCTION TO PERSISTENT MEMORYThis introduces the reader to the Persistent Memory technology. What is it, What does it do, and Why the industry needs it.1. Introduction2. Describe current dominant architecture designs using DRAM and Storage3. Definition of Persistent Memorya. Type N NV-DIMM as first instantiation of Persistent Memory (PM)b. 3DXP as first NVDIMM-P technology4. Brief introduction of new capability enabled with Persistent Memory5. Describe why persistent memory is required and what benefits it bringsCHAPTER 2: OPERATING SYSTEM SUPPORT FOR PERSISTENT MEMORYThis chapter describes the requirements to use Persistent Memory hardware.1. Recap of traditional File-based programming model for I/O-based storage2. ACPI extensions – how OS recognizes PM3. Using as fast storage via driver4. DAX and the Programming Model. Mmap today with buffer cache vs. DAX5. Windows vs. Linux considerations.6. Emulating Persistent MemoryCHAPTER 3: FUNDAMENTAL CONCEPTS OF PERSISTENT MEMORY PROGRAMMINGThis chapter introduces the fundamentals of persistent memory programming. Why it’s different to current programming methods, and what developers need to keep in mind when programming for persistence.1. Cover variety of basic concepts: Relative pointers, consistency/atomicity across power fails, re-do logs2. Cache hierarchy and need for flushing3. Powerfail safe domain and different architecturesCHAPTER 4: PERSISTENT MEMORY PROGRAMMING APISWalk through the PMDK (Persistent Memory Developer Kit) and describe the intent behind each one. Examples will use C and C++ (low-level programming).CHAPTER 5: JAVA, PYTHON AND OTHER HIGH LEVEL LANGUAGESThis chapter will describe how to use the high level language bindings delivered by PMDK using Java and Python examples.CHAPTER 6: CREATING AN IN-MEMORY DATABASE STORAGE ENGINEThis chapter describes how to write an in-memory database storage engine from scratch using the PMDK. It will describe the new thinking model required for application developers and describe how the new programming paradigm should be used. By the end of the chapter, the reader will have implemented a working storage engine for a popular open source in-memory database.CHAPTER 7: TOOLS FOR PROFILING AND DEBUGWalk through the tools available for persistent memory programming, application performance profiling, and debugging issues.
Angewandte Kryptographie (6. Auflg.)
InhaltDer Schutz vertraulicher Daten und der persönlichen Identität spielt im Zeitalter der Vernetzung und des E-Commerce eine zentrale Rolle sowohl für Einzelpersonen als auch für Unternehmen in allen Größen. Die angewandte Kryptographie spielt dabei eine zentrale Rolle. Sie umfasst die Themen Verschlüsselung, Public-Key-Kryptographie, Authentifikation, digitale Signatur, elektronisches Bargeld, Blockchain-Technologie und sichere Netze.Leicht verständlich werden die Grundlagen der für viele Anwendungen wichtigen Blockchain-Technologie erklärt.Anhand von praktischen Beispielen wird gezeigt, wie kryptographische Algorithmen, zum Beispiel Hash-Funktionen, bei der Blockchain eingesetzt werden.Ziel des Buches ist es, Grundwissen über Algorithmen und Protokolle zu vermitteln und kryptographische Anwendungen aufzuzeigen. Mit so wenig Mathematik wie nötig, aber vielen Beispielen, Übungsaufgaben und Musterlösungen wird dem Leser der Schritt von der Theorie zur Praxis vereinfacht.Aus dem Inhalt:• Klassische Chiffren• Moderne Blockchiffren• Public-Key-Kryptographie• Authentifikation und digitale Signatur• Public-Key-Infrastruktur• Public-Key-Systeme• Elektronisches Bargeld• Elektronische Zahlungssysteme• Blockchain-Technologie und Bitcoin• Politische Randbedingungen
Click Here to Kill Everybody
Der weltweit bekannte IT-Sicherheitsexperte Bruce Schneier deckt die eklatanten Sicherheitslücken unserer hypervernetzten Welt auf. Identitäts- und Datendiebstahl sind dabei noch das geringste Risiko. Hacker können sogar die Kontrolle über Ihr Auto, Ihre Alarmanlage oder das nationale Stromnetz übernehmen, solange das Internet of Things nicht sicherer wird. Bruce Schneier zeigt in diesem Buch anhand beunruhigender und zugleich aufschlussreicher Fallbeispiele, wie leicht es für Hacker ist, Sicherheitslücken in Software und Protokollen auszunutzen und nahezu jedes technische Gerät unseres Alltags zu kompromittieren. Die Risiken sind unüberschaubar und können katastrophale Ausmaße annehmen. Dennoch haben Unternehmen und Regierungen bisher scheinbar kein großes Interesse daran, die IT-Sicherheit zu verbessern. Bruce Schneier beleuchtet ausführlich, wie die aktuellen Sicherheitsmängel entstanden sind und welche enormen Auswirkungen sie in Zukunft auf unser tägliches Leben haben könnten. Er fordert Regierungen mit konkreten Handlungsvorschlägen auf, das Internet of Things zukünftig verantwortungsvoll zu regulieren, und macht deutlich, was getan werden muss, um die Sicherheitslücken zu schließen.
Praktische Einführung in Hardware Hacking
Sicherheitsanalyse und Penetration Testing für IoT-Geräte und Embedded Devices »Smarte« Geräte sind allgegenwärtig und sie sind leicht zu hacken - umso mehr sind Reverse Engineers und Penetration Tester gefragt, um Schwachstellen aufzudecken und so Hacking-Angriffen und Manipulation vorzubeugen. In diesem Buch lernen Sie alle Grundlagen des Penetration Testings für IoT-Geräte. Die Autoren zeigen Schritt für Schritt, wie ein Penetrationstest durchgeführt wird: von der Einrichtung des Testlabors über die OSINT-Analyse eines Produkts bis hin zum Prüfen von Hard- und Software auf Sicherheitslücken u.a. anhand des OWASP-Standards. Sie erfahren darüber hinaus, wie Sie die Firmware eines IoT-Geräts extrahieren, entpacken und dynamisch oder statisch analysieren. Auch die Analyse von Apps, Webapplikationen und Cloudfunktionen wird behandelt. Außerdem finden Sie eine Übersicht der wichtigsten IoT-Protokolle und ihrer Schwachstellen. Es werden nur grundlegende IT-Security-Kenntnisse (insbesondere in den Bereichen Netzwerk- und Applikationssicherheit) und ein sicherer Umgang mit Linux vorausgesetzt. Die notwendigen Elektronik- und Hardwaredesign-Grundlagen geben Ihnen die Autoren mit an die Hand.