Every manufacturerfrom heavy-duty industrial and automotive to consumer products and packaged goodsfaces one ongoing challenge: time. Timeall the delay and latency still remaining within your business processesimpacts every level of the organization, adds to your costs, saps your productivity and reduces profits. Ultimately, time reduces the value you can return to expectant shareholders. Through relentless cost-cutting and deep investments in ERP, supply chain management and other technologies youve focused on achieving optimum performancehigher productivity and efficiencies to drive profit and value.But as you continue those strategies, do more with less and drive revenue growth, shareholders want evidence of new value-producing opportunities.Meanwhile, an unprecedented wave of new regulations and the heightened awareness of corporate governance standards demand attention and investment.Its up to you to meet these expectations and find and deliver new value while

While governments rally to bring some order to the worldwide economic crisis, customer confidence in the financial industry as a whole is waning. Surviving institutions may indeed be thrivingor at least, safe and soundbut they still must prove to their customers and their regulators that they have their own houses in order. People see banks as a secure, safe place and they want to believe that their personal data and financial assets are being taken care of, says Dwayne Melancon, Vice President of Corporate and Business Development for Tripwire, Inc., a provider of configuration control software based in Portland, OR. But trust only goes so far. That means institutions must be able to prove that theyre doing all the right things; among other things, appropriately auditing and controlling the IT environment. Now, perhaps more than ever, an institutions mandatory compliance with government guidelines plays a crucial role in restoring customer confidence, one institution at a time

Hospitals and health systems have become so dependent on automation that to say IT has become the lifeblood of the healthcare enterprise is neither a stretch nor a pun. And like the patients whose vital signs must be continuously observed by sophisticated critical care monitors, the moment has arrived for a similar system to monitor the health of the IT operation.The stakes have never been higher. After two decades of heavy investment in clinical information systems, IT and patient care have become inextricably bound. In a very real sense, the wellbeing of the patient depends on the well-being of the IT systems that support delivery of care to that patient.

The regulatory environment means that monitoring what information leaves your organization is as vital as protecting it from external attacks. Email is one of the most likely routes by which data may leak, maliciously or more often accidentally. A successful Data leak Prevention system will address the issue of email by policy, in a way that integrates with the systems your business has in place to address governance, risk and compliance rather than through a series of standalone tools.

The enterprise threat landscape has dramatically changed with the proliferation of a new generation of content security threats. Todays cyber attacks harvest sensitive corporate data and expose companies to the risk of losing revenue, employee productivity, customer relationships, and market reputation. As the headlines prove, targeted threats are hitting companies faster and in larger quantities than they ever have before. This white paper reviews the content security threat landscape and how it has evolved into a more dangerous environment, increasing the risks and costs for enterprises. This paper discusses how conventional content security approaches are inadequate at defending against todays threats and how a new paradigm is needed to provide sufficient protection. Enterprises need a solution that identifies risks immediately and creates better protection. At the same time, they need a solution that reduces the complexity in acquiring, deploying, and managing security.

Credit card theft and exposure incidents have risen sharply in the last several years, and the pace of these incidents continues to accelerate. The cost of financial fraud associated with these transgressions reaches into the millions of dollars, and the resulting identity theft victimizes millions of people annually. To decide how to protect customer account data when processing credit card transactions, a posse of major credit card companies gathered and issued the Payment Card Industry Data Security Standard (PCI DSS). The PCI Standard is comprised of 12 separate standards organized into six different control objectives.

As attitudes to work and information continue to evolve away from those of the past, organizations are become more aware of the acute need to control the information that flows into, through and out of their networks. This paper demonstrates the need for a high-profile acceptable use policy to prevent data leakage, gives practical guidance on how to use current investments in IT security technologies at the gateway and endpoint to support this policy, and describes where new investment should realistically be made.

There has been a growth in online services which facilitate buying online for consumers, leading to an increase in credit card fraud and identity theft. The information required to complete online transactions is sufficiently personal and sensitive that a set of Security Standards has been implemented in order to protect it - the Payment Card Industry Data Security Standard. Any company that accepts credit card payments, processes credit card transactions, stores credit card data, or in any other way touches personal or sensitive data associated with credit card payment processing, is affected by PCI DSS.

High-privilege administrative accounts hold the keys to the most sensitive IT functionality and information resourcesyet paradoxically, this level of access is far too often based on little more than trust alone. Membership in a root or administrative user group is often the sole basis for access to the heart of IT itselfbut these accounts are typically shared and may afford little visibility into the specific actions of any one privileged user. Despite these risks, high-privilege access has been implicated in episodes such as the subversion of large numbers of business systems and manipulated trading information at major financial services and health care enterprises. Abuse of access privileges has also factored into the corporate governance scandals of recent years, suggesting the role it may yet play in the outcomes of the present worldwide economic crisis.

The investment global companies spend in developing and maintaining software applications is significant. Forrester Research predicts that in 2008, companies in North America and Europe will spend at least $181 billion in new software application development and development for upgrades and maintenance1. This investment in software applications indicates the growing importance and reliance on software applications and their value to a companys overall capitalization. In the mid-80s only 20% to 30% of an organizations capitalization was comprised of intangible assets, including intellectual property found in software applications. Now, 70% to 80% of its capitalization is made up of these intangible assets2. Software applications help meet customer and competitive needs, but they also provide a primary avenue for attackers to evade traditional network barriers. These applications, particularly externally facing, web-based ones, represent a significant opportunity and risk to every org

Enterprises are becoming increasingly interested in easy-to-use email encryption, as a wide variety of privacy and data protection regulations now apply to small, medium and large organizations across a wide variety of industries. Effective secure messaging technologies keep sensitive information private, prevent anyone from tampering with the contents of messages and authenticate the identity of both the sender and recipient. And all organizations, regardless of their size, require encryption to be both user- and IT-friendly.

Traditional security operations do not detect irregular activity, never change state of threat awareness and provide minimal situational awareness. This white paper demonstrates how a new breed of enterprise command and control addresses this by increasing security, improving control and reducing costs.

Motivated by the lure of profits from the sale of stolen confidential information, cyber criminals today are shifting to the Web as their chosen attack vector, which provides an ideal environment for cyber crime. Many Web threats can be deployed unbeknownst to the user, requiring no additional action than merely opening a Web page. Large numbers of users, an assortment of technologies, and a complex network structure provide criminals with the targets, exploitable weaknesses, and anonymity required for largescale fraud. Web threats pose a broad range of risks, including financial damages, identity theft, loss of confidential business information, theft of network resources, damaged brand or personal reputation, and erosion of consumer confidence in e-commerce. These high stakes, the pervasive use of the Web, and the complexity of protecting against Web threats combine to form perhaps the greatest challenge to protecting personal and business information in a decade.

The combination products market is moving forward with a new direction and emphasis regarding product safety and FDA requirements. Navigant consulting estimated the market at $5.9 billion in 2004 and predicted a 10% compound annual growth rate that will see the market reach approximately $9.5 billion in 2009. The FDA received 275 combination product submissions in 2005. According to one survey, an estimated 30% of new products under development are combo products - involving medical devices embedded with pharmaceutical or biologics components. On the forefront, a new crop of experimental heart stents have been filed with the FDA. The Abbott Labs absorb product represents a significant change to existing drug eluting stent technology. Along with new breakthrough technologies like absorb, FDA regulatory centers are struggling with the changes and challenges that these new technologies posit. But for manufacturers, along with these exciting new opportunities, the convergence of drugs/

While combination products are experiencing dramatic growth, the convergence of drugs/biologics and devices brings a host of regulatory challenges. Manufacturers must ensure their products meet cGMP practices as well as pass muster with the FDA, ISO, and USP. Dr. Steven Richter of Microtest Labs addresses the critical issues associated with this complex process, including defining the FDAs regulatory framework, reviewing new developments in FDA thinking, and identifying future considerations in developing effective quality assurance systems.

Any form of sexual harassment is capable of amounting to unlawful discrimination for which the employer will be liable. Harassment by Email text, Emails containing Explicit Images or the showing of Explicit Images, for example sexual images sent in an email, fall squarely into this arena. The key element that dictates whether or not conduct amounts to harassment is whether the victim finds the conduct in question unwelcome. Thus it is irrelevant if another employee considers the same email content or image to be amusing or otherwise inoffensive; the point is that if an employee finds the content or image offensive, and if the material in it is sexual, then it becomes unlawful harassment. Where harassment is sexual in nature, the victim would be able to take a claim of unlawful discrimination to an employment tribunal and these Courts have taken the view consistently over a period of many years that sexual harassment is capable of causing a injury to the employee and is thus a form of u

High-privilege administrative accounts hold the keys to gain access to the most sensitive IT processes and proprietary data - yet this level of access is far too often based on little more than trust alone. In this whitepaper, Enterprise Management Associates (EMA) examines this critical issue in IT security administration in light of the Symark approach to helping businesses move from a trust-based system to a secure, auditable process in order to provide a higher standard of control and better support for regulatory compliance.

The headlines are scary:

This document has been prepared in accordance with the Australian Prudential Regulation Authority (APRA) Australian Prudential Standard (APS) APS 330 Capital Adequacy: Public Disclosure of Prudential Information (APS 330). APS 330 mandates the release to the investment community and general public of information relating to ANZs capital adequacy and risk measurement practices. APS 330 has been established to implement Pillar 3 of the international framework for bank capital adequacy, known as Basel II 1. In simple terms, Basel II consists of three mutually reinforcing pillars: Pillar 1 covers the rules for calculating the minimum capital required for a banks credit, operational and market risk. There is a range of approaches that may be adopted by banks, ranging from simple to more sophisticated risk measurement and management approaches. Pillar 2 covers a review of the adequacy of the Pillar 1 capital, taking into account all the rest of the risks a bank faces, as well as cu

Consumer electronics and applications are proliferating in corporate IT environments, significantly increasing the threat of lost and stolen data. Personal devices such as Smartphones and Mobile Internet Devices (MIDs) are now commonly brought to work and used for business purposes. This consumerization of corporate IT is predicted to accelerate in coming years1 as Digital Natives2 - those raised playing computer games - penetrate corporate ranks. This generation not only has a great fascination with ultra-modern electronic gadgets, they also have a natural ability to operate them. This fact along with continued progress in microelectronics, telecommunications, and consumer product offerings will make it virtually impossible for IT departments to stop the spread of consumer habits and tools in the workplace. In preparation, significant attention must be paid to the definition and enforcement of IT security policies related to personal devices and orresponding changes in security threat

Consumer electronics and applications are proliferating in corporate IT environments, significantly increasing the threat of lost and stolen data. Personal devices such as Smartphones and Mobile Internet Devices (MIDs) are now commonly brought to work and used for business purposes. This consumerization of corporate IT is predicted to accelerate in coming years1 as Digital Natives2 - those raised playing computer games - penetrate corporate ranks. This generation not only has a great fascination with ultra-modern electronic gadgets, they also have a natural ability to operate them. This fact along with continued progress in microelectronics, telecommunications, and consumer product offerings will make it virtually impossible for IT departments to stop the spread of consumer habits and tools in the workplace. In preparation, significant attention must be paid to the definition and enforcement of IT security policies related to personal devices and orresponding changes in security threat

Consumer electronics and applications are proliferating in corporate IT environments, significantly increasing the threat of lost and stolen data. Personal devices such as Smartphones and Mobile Internet Devices (MIDs) are now commonly brought to work and used for business purposes. This consumerization of corporate IT is predicted to accelerate in coming years1 as Digital Natives2 - those raised playing computer games - penetrate corporate ranks. This generation not only has a great fascination with ultra-modern electronic gadgets, they also have a natural ability to operate them. This fact along with continued progress in microelectronics, telecommunications, and consumer product offerings will make it virtually impossible for IT departments to stop the spread of consumer habits and tools in the workplace. In preparation, significant attention must be paid to the definition and enforcement of IT security policies related to personal devices and orresponding changes in security threat

Consumer electronics and applications are proliferating in corporate IT environments, significantly increasing the threat of lost and stolen data. Personal devices such as Smartphones and Mobile Internet Devices (MIDs) are now commonly brought to work and used for business purposes. This consumerization of corporate IT is predicted to accelerate in coming years1 as Digital Natives2 - those raised playing computer games - penetrate corporate ranks. This generation not only has a great fascination with ultra-modern electronic gadgets, they also have a natural ability to operate them. This fact along with continued progress in microelectronics, telecommunications, and consumer product offerings will make it virtually impossible for IT departments to stop the spread of consumer habits and tools in the workplace. In preparation, significant attention must be paid to the definition and enforcement of IT security policies related to personal devices and orresponding changes in security threat

Consumer electronics and applications are proliferating in corporate IT environments, significantly increasing the threat of lost and stolen data. Personal devices such as Smartphones and Mobile Internet Devices (MIDs) are now commonly brought to work and used for business purposes. This consumerization of corporate IT is predicted to accelerate in coming years1 as Digital Natives2 - those raised playing computer games - penetrate corporate ranks. This generation not only has a great fascination with ultra-modern electronic gadgets, they also have a natural ability to operate them. This fact along with continued progress in microelectronics, telecommunications, and consumer product offerings will make it virtually impossible for IT departments to stop the spread of consumer habits and tools in the workplace. In preparation, significant attention must be paid to the definition and enforcement of IT security policies related to personal devices and orresponding changes in security threat

A Unified Approach for IT, Audit and Operation Teams * Are you confident your network is secure and meeting IT security policies? * Does your organization have an internal security policy? * Can you measure and enforce your IT compliance against that policy? * Are your critical security risks being identified and fixed? This paper provides a detailed discussion of the internal and external regulatory challenges now faced by organizations, the scope of these challenges, and 4 key ways in which they can be addressed through better business processes and automation.

The US took unprecedented action in the early 2000s to enact major reforms in corporate governance so that the excess and abuses that had occurred at the end of the preceding bust could never occur again. Following the passage of the Sarbanes-Oxley Act of Congress of 2002, US regulators felt that they had solved the problems that led to the failure of companies such as Enron, Tyco and WorldCom in the late 1990s. Now, in 2008, we are feeling the effects of the global economic crisis, which stemmed directly from the US credit crisis. Considering the major corporate governance reforms we have gone through and the expenses we have incurred as a result, why should the credit crisis have occurred in the first place?

As organizations look to reduce costs across a wide range of operational disciplines, IT will become under the radar more and more. The impact of project slippage, poor quality delivery and inadequate solutions will not be tolerated. This may prove a pain-point for many organizations who have traditionally failed in these critical areas. Testing, like all project disciplines, has areas that can be quickly improved within an organization. One of the key areas where cost-savings and project efficiencies can be generated is through the use of test automation. The ideal is to reduce time and cost and improve quality. However, to maximise the benefits across all three needs some simple principles to be followed. This paper is aimed at lifting the lid on what makes test automation a viable option for an organization and recommends some sound advice in the implementation of a test automation strategy. This whitepaper looks at how planning and proper use of automated test tools can reduce the

Any organization concerned about information security would discover that endpoints are the universal Achilles heel of risk. Endpoints bring three significant new risks. First, attacks increasingly bypass traditional perimeter-focused security and enter endpoints and the enterprise network through a variety of methods, such as interaction with malicious Web sites. Second, a large number of endpoints are mobile so they may be used both inside and outside the traditional perimeter of security controls. Finally, endpoints present a huge logistical challenge to IT staff who often must manage deployment of policies and controls for multiple security agents on each physical device. Endpoints need proper security controls, or they face higher odds of falling to a vulnerability exploit. Successful exploits of vulnerabilities on endpoints can lead to stolen data, disruptions of business operations, and potential penalties for noncompliance with laws and regulations on security. To respond to th

When users login to their computers with local administrator privileges they greatly increase the risk of security breaches by viruses, malware and malicious users. By removing administrative privileges and implementing the security best practice of Least Privilege these threats can be avoided and network security increased. However, when managing a least privilege computing environment systems must not only be locked down, but also still allow end users to perform all necessary tasks for their jobs. This paper presents several least privilege implementation options and discusses the benefits and issues associated with managing each solution.

How TriGeo meets PCI compliance requirements.

As an IT professional you are tasked with balancing the often conflicting goals of confidentiality, integrity and availibility, the corner stone of information security. In addition to these core business objectives, many of you currently face regulatory pressures, or will in the near future, as pressure mounts among government and consumer groups. You've likely addressed these issues, and those of the foreseeable future, by implementing a defense in depth strategy. That strategy combines several best of breed technologies including firewalls, intrusion detection, perhaps even intrusion prevention to provide multiple obstacles to the would-be attacker, and equally important multiple information sources from which to detect malicious behavior.

The prospect of increased agility and the increasing cost and complexity of IT has contributed to the rapid adoption of virtualization technologies. Virtualization makes it possible to build and deploy IT releases and changes into production faster and more economically than ever. Some virtualization experts claim that virtualized environments are fundamentally no less secure than physical environments. However, others claim that virtualization can enable better security. Who is correct? Both claims can be correct, but only under certain conditions. Every day, information security practitioners live with the reality that they are a single change away from a security breach that could result in front page news, brand damage, or regulatory fines. These issues are clearly not confined to security, but impact business at the highest level. Consequently, security practitioners strive to implement IT controls to mitigate issues such as the risk of fraud, loss of confidential customer informa

In todays business environment, having robust disaster recovery is no longer a luxury, it is a necessity. Given the high probability and variety of events that cause outages, including natural disasters (hurricanes, earthquakes, snow storms, flooding) and man made events (power outages, terrorism, viruses) a disruption to business systems is not a question of if, but when. Disaster recovery needs to be core to your IT strategy. With the increasing number of x86 based servers running mission critical applicationssuch as Microsoft SQL Server, Exchange Server, CRM applications, Oracle databasesthe need for disaster recovery has never been more relevant and urgent. Additionally with multi-tier dependencies, many unprotected lower tier applications (eg., DNS, AD) will compromise recovery for your dependent Tier 1 service (e.g., database). IT and business executives often struggle to protect their IT infrastructures due to a lack of pragmatic, cost-effective and reliable solutions.

As enterprises everywhere face the SOX compliance challenge, Information Technology (IT) plays a central role in helping successfully meet SOX audit requirements. But what specifically are auditors looking for? What controls must IT managers put in place to satisfy these audit requirements? And how can they implement those controls, without high costs and without turning their data center inside out? This paper provides an overview of internal IT controls for SOX compliance, from an auditors perspective. It is designed to help IT managers establish a best-practices approach to database security and developing SOX metrics for database activity auditing. The overarching goal is to achieve and maintain SOX compliance for a reasonable investment and without negatively impacting business processes, productivity or agility.

In April 2000, Visa launched its Cardholder Information Security Program (CISP) -- a set of mandates designed to protect its cardholders from identity theft and other misuse.Visa outlined key security requirements, along with a program for validation and auditing. In December of 2004, Visa and MasterCard joined forces to simplify compliance for merchants and payment processors with the jointly-developed, 12-point PCI standard. The scope of these requirements is quite broad, incorporating best practices for perimeter security, data privacy, and layered security.

The Payment Card Industry Data Security Standard (PCI DSS) was designed to protect sensitive cardholder and merchant payment data. The PCI standard includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This has mandated merchants, card processors, point-of-sale vendors and financial institutions to comply with PCI requirements; these data security requirements are now a permanent feature of compliance obligations. However, meeting PCI obligations has proved to be a challenge for customers. Many merchants and service providers are struggling with the increased complexity associated with PCI DSS. Although the drive to protect credit card data is vital, many customers have yet to implement the technology and processes needed to address the PCI-specific requirements. Even companies that have adopted the standards are discovering significant holes in their PCI compliance strategy. Many companies per

Most people know the formula for good physical health: eat right, exercise regularly and undergo an annual checkup. Fewer people, however, realize that federal law requires many businesses to follow procedures for good network health, especially when it comes to protecting personal medical information. Because a new set of security-focused regulations under the federal law known as the Health Insurance Portability and Accountability Act (HIPAA) becomes effective in April of 2005, many companies need to review the health of their systems that create, receive, transmit, or maintain health information.

The headlines are scary:

This white paper demonstrates that data from lost backup tapes can be read without expensive hardware and software technology. This statement is unrealistic and unacceptable and shows a complete misunderstanding of the security implications. Here are six common misconceptions about the protection of backup tapes.

As an on demand web service, QualysGuard enables immediate compliance with key GLBA security guidelines by allowing subscribers to automatically discover and manage all devices and applications on the network, identify and remediate network security vulnerabilities, measure and manage overall security exposure and risk, and ensure compliance with internal and external policies for GLBA. Security is a crucial part of protecting consumers personal nonpublic information processed electronically by financial institutions under GLBA. Security provisions of GLBA are complex and process intensive. Qualys guide explains how on demand security audits make GLBA compliance easier to achieve.

IT Security requires effective control over physical IT assets. Radio Frequency Identification (RFID) methodologies bridge gaps left by conventional process, electronic/software, and barcode tracking solutions. Using compact, rugged, specially designed tags and flexible integration frameworks, leading RFID solutions like Clarity ITAM from Xterprise help implement effective perimeter control, discovery and audit, chain of custody visibility, and end-of-life processes. Implementation is quick, with rapid financial and operational returns.

IT Security requires effective control over physical IT assets. Radio Frequency Identification (RFID) methodologies bridge gaps left by conventional process, electronic/software, and barcode tracking solutions. Using compact, rugged, specially designed tags and flexible integration frameworks, leading RFID solutions like Clarity ITAM from Xterprise help implement effective perimeter control, discovery and audit, chain of custody visibility, and end-of-life processes. Implementation is quick, with rapid financial and operational returns.

IT Security requires effective control over physical IT assets. Radio Frequency Identification (RFID) methodologies bridge gaps left by conventional process, electronic/software, and barcode tracking solutions. Using compact, rugged, specially designed tags and flexible integration frameworks, leading RFID solutions like Clarity ITAM from Xterprise help implement effective perimeter control, discovery and audit, chain of custody visibility, and end-of-life processes. Implementation is quick, with rapid financial and operational returns.

IT Security requires effective control over physical IT assets. Radio Frequency Identification (RFID) methodologies bridge gaps left by conventional process, electronic/software, and barcode tracking solutions. Using compact, rugged, specially designed tags and flexible integration frameworks, leading RFID solutions like Clarity ITAM from Xterprise help implement effective perimeter control, discovery and audit, chain of custody visibility, and end-of-life processes. Implementation is quick, with rapid financial and operational returns.

IT Security requires effective control over physical IT assets. Radio Frequency Identification (RFID) methodologies bridge gaps left by conventional process, electronic/software, and barcode tracking solutions. Using compact, rugged, specially designed tags and flexible integration frameworks, leading RFID solutions like Clarity ITAM from Xterprise help implement effective perimeter control, discovery and audit, chain of custody visibility, and end-of-life processes. Implementation is quick, with rapid financial and operational returns.

Author: Avi D. Bartov Small and medium-sized enterprises can protect websites against application vulnerabilities with simple, easy-to-use, and affordable service. Firewall, Intrusion prevention and Detection System (IDS/IPS) are not enough to protect your Website against todays application vulnerabilities.

Mike Ferguson of Intelligent Business Strategies defines what data governance is and then looks at the requirements that need to be met for full data governance to be implemented. He also discusses how to systematically build re-usable data services to automate the tasks needed to formally govern data on an enterprisewide basis in order to accelerate the time to production and guarantee rock-solid data. Most companies would agree that today, data is the very lifeblood of their business. It is created, maintained and exchanged through the organisation from one end to the other as part of everyday business operations. Yet for many, this invaluable asset is plagued with problems. For example, identifiers and datanames are inconsistent across systems for the same data. Also subsets of the same data are often duplicated across systems, making it difficult to maintain and keep any changes to this data synchronised. Customer data, for example, may be created by front office sales personnel bu

There are many changes in V6R1 and it will take time to fully comprehend and understand the implications of them all. Based on briefings and COMMON presentations from IBM, we've outlined some important points to think about if you are considering implimenting V6R1 for tape encryption.

Large healthcare providerssuch as hospitals, medical groups, clinics and labsencompass workflows and systems that are as varied as the organizational structures and histories of these highly diverse entities. Protecting data on endpoints in such widely varying environments requires the ability to work within a complex web of systems while balancing the absolute priority for patient care with the need to protect private information.From an operational perspective, hospitals are especially complex. Patients are typically brought in by attending physicians who have an at will relationship with the institution and may take their customers elsewheremuch like the relationship between travel agents and hotels or airlines. Although not employed by the organization, these referring doctors require complete access to all patient data (with all the ensuing risks that external data access poses). Once in the system, patients interact their with the referring doctor as well as intern

As todays IT organizations face unprecedented business pressures and compliance requirements, they must ensure that their file-based data is available whenever and wherever applications and users need it. In order to reduce the risk of downtime, lost productivity, or financial exposure, this data must not only be availableit must be well protected with a reliable data backup and business continuity strategy.This paper focuses on the Brocade StorageX replication solution.