Cover V08, I05

Editor's Forum

Although systems administrators are pulled in all directions by new technologies that relate to their systems and networks, the one admin issue that weaves a thread through all of these concerns is security. For each new technology or business practice, there is an associated set of security concerns. For example, what affect will that new piece of equipment have on your security structure? Or worse, management has decided that electronic commerce is an essential element in the overall corporate business strategy, and implementation of an e-commerce solution is a high priority. Does midnight oil come in fifty-gallon drums?

Because security has been a topic of consistently high interest in our reader surveys, this year's editorial calendar has two security-related theme issues - this month's on network security, and another in September on OS-level security. Although I admit the dividing line is a bit arbitrary, and you can't have one without the other, the insider vs. outsider boundary seemed to be the logical place to make the cut. So, while we have tried to maintain that degree of focus in our security-related articles this month, you may also see an element of fuzziness between the two themes.

You will also see by the articles in this month's lineup, that we have tried to select articles to cover a fairly broad spectrum of network security issues. One article discusses relatively high-level design issues, while others delve into more nitty-gritty aspects of the topic. And, of course, there is the Web - the phenomenon that really brought security up to the front burner in the first place.

Before we all connected to the Internet, security matters were mostly in-house, whether on the local network or at the server operating system. The Web, however, has both hugely increased the population of potential system crackers and increased management's attention on security matters. So, while Internet connectivity has brought the world's "bad guys" to our doorsteps, or router ports, the increased management attention should have also increased the security element in your admin team's budget.

Another element in overall system administration that I see being positively affected by increased attention to security is the level of collaboration between different segments of the broader system admin team. Although collaboration and communication between systems, database, and network administrators has always been important, they are even more important now.

While employing a multi-level firewall architecture can minimize the risks associated with certain types of network services, there is also a trend toward more homogenized use of overall system resources and data assets. E-commerce solutions, for example, must have various means of accessing data on your most critical database servers - those at the very core of corporate operations. As a result, the lines between server and desktop administrators, DBAs, network managers, and telecommunications managers are blurring. And, while each individual's job is somewhat complicated by the interplay between areas of responsibility, there is also a stronger motivation for everyone to cooperate. After all, if I'm the network manager, do I want to be seen as the impediment to the realization of the grand and glorious corporate e-commerce strategy? No way. What can I do to help?

One final note on editorial policy. Almost any system administration task can be solved in various ways, depending on the specifics of any particular system environment. For that reason, we tend to give authors considerable latitude in describing their approach to an issue. Should you have a differing opinion, or possibly a better solution, we encourage you to share those ideas through our letters page.

Sincerely yours,
Ralph Barker