Making Sense of NoSQL – A balanced, well-written overview – #bigdata #bookreview

Making Sense of NoSQL

A Guide for Managers and the Rest of Us
Dan McCreary and Ann Kelly
(Manning, paperback)

This is NOT a how-to guide for learning to use NoSQL software and build NoSQL databases. It is a meaty, well-structured overview aimed primarily at “technical managers, [software] architects, and developers.” However, it also is written to appeal to other, not-so-technical readers who are curious about NoSQL databases and where NoSQL could fit into the Big Data picture for their business, institution, or organization.

Making Sense of NoSQL definitely lives up to its subtitle: “A guide for managers and the rest of us.”

Many executives, managers, consultants and others today are dealing with expensive questions related to Big Data, primarily how it affects their current databases, database management systems, and the employees and contractors who maintain them. A variety of  problems can fall upon those who operate and update big relational (SQL) databases and their huge arrays of servers pieced together over years or decades.

The authors, Dan McCreary and Ann Kelly, are strong proponents, obviously, of the NoSQL approach. It offers, they note, “many ways to allow you to grow your database without ever having to shut down your servers.” However, they also realize that NoSQL may not a good, nor affordable, choice in many situations. Indeed, a blending of SQL and NoSQL systems may be a better choice. Or, making changes from SQL to NoSQL may not be financially feasible at all. So they have structured their book into four parts that attempt to help readers “objectively evaluate SQL and NoSQL database systems to see which business problems they solve.”

Part 1 provides an overview of NoSQL, its history, and its potential business benefits. Part 2 focuses on “database patterns,” including “legacy database patterns (which most solution architects are familiar with), NoSQL patterns, and native XML databases.” Part 3 examines “how NoSQL solutions solve the real-world business problems of big data, search, high availability, and agility.” And Part 4 looks at “two advanced topics associated with NoSQL: functional programming and system security.”

McCreary and Kelly observe that “[t]he transition to functional programming requires a paradigm shift away from software designed to control state and toward software that has a focus on independent data transformation.” (Erlang, Scala, and F# are some of the functional languages that they highlight.) And, they contend: “It’s no longer sufficient to design a system that will scale to 2, 4, or 8 core processors. You need to ask if your architecture will scale to 100, 1,000, or even 10,000 processors.”

Meanwhile, various security challenges can arise as a NoSQL database “becomes popular and is used by multiple projects” across “department trust boundaries.”

Computer science students, software developers, and others who are trying to stay knowledgeable about Big Data technology and issues should also consider reading this well-written book.

Si Dunn

Advertisements

The Practice of Network Security Monitoring – You’re compromised, so deal with it. #security #bookreview

The Practice of Network Security Monitoring

Understanding Incident Detection and Response
Richard Bejtlich
(No Starch Press – paperback, Kindle)

Security expert Richard Bejtlich’s focus in his new book is not on “the planning and defense phases of the security cycle.” Instead, he emphasizes how to handle “systems that are already compromised or that are on the verge of being compromised.”

His well-organized, well-written, 341-page book aims to help you “start detecting and responding to digital intrusions using network-centric operations, tools, and techniques.”

Bejtlich has long emphasized a “detection-centered philosophy” built around a straightforward central tenet: “Prevention eventually fails.” No matter how many digital walls and moats you build around your network, someone will find a way to tunnel in, parachute in, or sneak in via an unsuspecting employee’s $9.95 thumb drive.

“It’s becoming smarter,” he writes, “to operate as though your enterprise is always compromised. Incident response is no longer an infrequent, ad-hoc affair. Rather, incident response should be a continuous business process with defined metrics and objectives.”

You may recognize some of Bejtlich’s previous books on network security monitoring (NSM): The Tao of Network Security Monitoring; Extrusion Detection; and Real Digital Forensics.

The Practice of Network Security Monitoring is tailored toward two key audiences: (1) security professionals who have little or no experience with NSM; and (2) “more senior incident handlers, architects, and engineers who need to teach NSM to managers, junior analysts, or others who may be technically less adept.”

Readers, he add, should understand “the basic use of the Linux and Windows operating systems, TCP/IP networking, and the essentials of network attack and defense.”

The examples in Bejtlich’s book rely on open source and vendor-neutral tools, primarily from Doug Burks’ Security Onion (SO) distribution.

The 13-chapter book is organized into four parts:

  • Part I: Getting Started – Introduces NSM and sensor placement issues.
  • Part II: Security Onion Deployment – Shows how to install and configure SO.
  • Part III: Tools – Examines the “key software shipped with SO and how to use these applications.”
  • Part IV: NSM in Action – Looks at “how to use NSM processes and data to detect and respond to intrusions.”

Following the technical chapters, Bejtlich offers some concluding thoughts on network security management, cloud computing, and establishing an effective workflow for NSM. “NSM isn’t just about tools,” he writes. “NSM is an operation, and that concept implies workflow, metrics, and collaboration. A workflow establishes  a series of steps that an analyst follows to perform the detection and response mission. Metrics, like the classification and count of incidents and time elapsed from incident detection to containment, measure the effectiveness of the workflow. Collaboration enables analysts to work smarter and faster.”

He also observes: “It is possible to defeat adversaries if we stop them before they accomplish their mission. As it has been since the early 1990s, NSM will continue to be a powerful, cost-effective way to counter intruders.”

Si Dunn

Juniper MX Series – A comprehensive guide for network engineers – #bookreview #juniper #networking

Juniper MX Series
Douglas Richard Hanks Jr., and Harry Reynolds
(O’Reilly, paperbackKindle)

This comprehensive, well-written handbook is aimed directly at network engineers who want to know more about the feature-rich Juniper MX Series of routers.

Actually, “handbook” is a bit of a misnomer. It takes two hands to comfortably handle this hefty, comprehensive, 864-page guide.

The two authors, both network engineers themselves, note that the Juniper MX Series is “[o]ne of the most popular routers in the enterprise and service provider market….”

They add: “The Juniper MX was designed to be a network virtualization beast. You can virtualize the physical interfaces, logical interfaces, data plane, network services, and even have virtualized services span several Juniper MX routers. What traditionally was done with an entire army of routers can now be consolidated and virtualized into a single Juniper MX router.”

The book’s chapters are:

  • 1.      Juniper MX Architecture
  • 2.      Bridging, VLAN Mapping, IRB, and Virtual Switches
  • 3.      Stateless Filters, Hierarchical Policing, and Tri-Color Marking
  • 4.      Routing Engine Protection and DDOS Prevention
  • 5.      Trio Class of Service
  • 6.      MX Virtual Chassis
  • 7.      Trio Inline Services
  • 8.      Multi-Chassis Link Aggregation
  • 9.      Junos High Availability on MX Routers

The chapters, organized by feature sets, include review questions (with answers conveniently located nearby), so you can track your learning progress.

The authors have extensive experience with the Juniper MX router series. Douglas Richard Hanks Jr., is a data center architect with Juniper Networks. Harry Reynolds has more than 30 years’ experience in networking, with a focus on LANs and LAN interconnection.

Si Dunn

For more information: (paperbackKindle)

Understanding IPv6, 3rd Edition – Welcome to the new, improved & BIGGER Internet – #bookreview #microsoft #windows

Understanding IPv6, 3rd Edition
Joseph Davies
(Microsoft Press, paperback, list price $49.99; Kindle edition, list price $39.99)

The Internet can now expand into a much bigger realm than was possible before the worldwide launch of IPv6 (Internet Protocol version 6) on June 6, 2012.

The web most of us use has long relied on IPv4, the circa-1981 Internet Protocol built around 32-bit addresses. This scheme can accommodate approximately 4.3 billion unique addresses worldwide. On a planet where (1) the population now has surpassed 7 billion and (2) many of us now have multiple devices connected to the Web, Internet Protocol version 4 recently has been in dire danger of running out of unique addresses.

IPv6 will fix that problem and offer several important new enhancements, as long as we don’t find ways to expand the Internet to parallel universes or to the people on a few trillion distant planets. IPv6 uses a 128-bit addressing scheme that can accommodate more than 340 trillion trillion trillion unique addresses. So go ahead. Get online with that second iPad, third smart phone or fourth laptop.

IPv4 and IPv6 are now running in a dual stack that supports both addressing schemes. The transition from IPv4 to IPv6 is not seamless, however. A lot of work remains to be done by major Internet service providers (ISPs), web companies, hardware manufacturers, network equipment providers and many others to enable IPv6 on their products and services.

Joseph Davies, author of Understanding IPv6, has been writing about IPv6 since 1999. His new 674-page third edition provides both a detailed overview of IPv6 and a detailed focus on how to implement it, within a limited range of Windows products.

“There are,” he notes, “different versions of the Microsoft IPv6 protocol for Windows….I have chosen to confine the discussion to the IPv6 implementation in Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, Windows 8, Windows 7, and Windows Vista.”

This well-written and well-organized book is not for beginners. Its intended audience includes:

  • Windows networking consultants and planners
  • Microsoft Windows network administrators
  • Microsoft Certified Systems Engineers (MCSEs) and Microsoft Certified Trainers (MCTs)
  • General technical staff
  • Information technology students

Davies and Microsoft offer downloadable companion content for this book: Microsoft Network Monitor 3.4 (a network sniffer for capturing and viewing frames); and PowerPoint 2007 training slides that can be used along with the book to teach IPv6.

If you need a guide to best practices for using IPv6 in a Windows network, definitely consider getting Understanding IPv6, 3rd Edition.

Si Dunn

Take Control of Your 802.11n AirPort Network, 3rd. Ed. – Has info for new AirPort Utility 6 – #Apple #bookreview

Take Control of Your 802.11n AirPort Network, Third Edition
Glenn Fleishman
(TidBITS Publishing, Inc., ebook [ePub, Mobi, PDF], $20.00)

Attention users of Apple’s 802.11n gear in Wi-Fi networking. TidBITS Publishing recently has released a new edition of Take Control of your 802.11n Airport Network.

Its author points out: “If you’re setting up, extending, or retooling a Wi-Fi network with one or more 802.11n base stations from Apple— including the AirPort Extreme, AirPort Express, or Time Capsule— using AirPort Utility 6 on the Mac or AirPort Utility in iOS, this book will help you get the fastest network with the least equipment and fewest roadblocks. This book also has advice on connecting to a Wi-Fi network from older versions of Mac OS X and Windows 7.”

If you are still using AirPort Utility 5, pay attention.

“This third edition,” TidBITS notes, “has a significant change: it replaces its former coverage of AirPort Utility 5 in favor of focusing on AirPort Utility 6, which was released in February 2012. AirPort Utility 6 runs on 10.7 Lion or later. AirPort Utility 6 has many of the features that are documented in previous editions of this book, but it omits several options designed for mixed 802.11g and 80211.n networks and it can’t configure 802.11b and 802.11g AirPort base station models (any base station released from 1999 to 2006). Also, it supports only iCloud, not MobileMe, for remote connections.”

If you are caught in the middle and need to support both AirPort Utility 5 and AirPort Utility 6, purchasers of this ebook are given a link where they can refer to the previous edition, at no extra charge.

Says Fleishman, “The big new feature in AirPort Utility 6 is a graphical depiction of the layout of an AirPort network. This is terrific for visualizing how parts are connected and seeing where errors lie. This third edition also discusses AirPort Utility for iOS, which has a similar approach to AirPort Utility 6, and makes it possible to configure and manage an Apple base station without a desktop computer. That’s a first for Apple.”

The book is well-written, with text presented in short paragraphs for easier viewing on portable devices.

Take Control of Your 802.11n AirPort Network, Third Edition also offers a good number of uncomplicated illustrations, screenshots, tips, warnings, and lists of steps.

— Si Dunn

Head First HTML5 Programming – #javascript #html5 #programming #bookreview

Head First HTML5 Programming: Building Web Apps with JavaScript
By Eric Freeman and Elisabeth Robson
(O’Reilly, list price $49.99, paperback)

This is not your father’s turgid programming textbook.

Indeed, even if you are not interested whatsoever in messing around with JavaScript and learning how to be an HTML5 programmer, you may still enjoy reading this book and studying how it is put together.

Head First HTML5 Programming is a fun and entertaining mixture of graphics, text and coding examples. But, more than that, this “multi-sensory learning experience” has been put together “[u]sing the latest research in cognitive science and learning theory….”

How often have you heard someone say a computer programming book is “fun and entertaining”?

Yes, Head First HTML5 Programming is still a how-to book, and it is one that focuses on creating web apps using JavaScript — not exactly a fertile field for comedy.

But the book promises “to start by going from zero to HTML5 in 3.8 pages (flat)” — and delivers. By the third page, you begin using a whimsical “HTML5-O-Matic” to update standard HTML to HTML5. And by the bottom of the fourth page, you are “officially certified to upgrade any HTML to HTML5.”  (It takes just three steps and a bonus round to get there, by the way.)

Even the book’s table of contents is zany, amusing and informative, with funny graphics and snarky summaries of what you will find in each chapter and appendix. 

And don’t be intimidated by this book’s physical size. It has 574 pages, but it presents information in small, manageable chunks, surrounded by eye-pleasing white space and lots of illustrations that will make you grin or chuckle even as you learn something new.

By the way, you don’t have to know JavaScript to use this book. The first few chapters provide  an excellent and palatable JavaScript overview.

However, if you think you are serious about becoming an HTML5 programmer but don’t yet have any experience in  HTML markup and CSS  (cascading style sheets), the two writers recommend that you tackle one other book first: Head First HTML with CSS & XHTML (list price, $39.99 paperback. There is also a Kindle edition.)  

Whether you know HTML, CSS and JavaScript or not, however, you should plan on doing the book’s exercises. Cutting “class” is not an option with this book. “Some of (the exercises) are to help with memory, some are for understanding, and some will help you apply what you’ve learned,” the writers point out.

They add: “Most reference books don’t have retention and recall as a goal, but this book is about learning, so you’ll see some of the same concepts come up more than once.”

The software and hardware requirements for writing HTML5 and JavaScript code are minimal: “[Y]ou need a text editor, a browser, and, sometimes, a web server (it can be locally hosted on your personal desktop).”

They recommend that you use more than one browser while learning HTML5 and JavaScript. And, to use some HTML5 features and JavaScript APIs, you will have to “serve files from a real web server rather than loading a file….” But they explain how to do this.

Head First HTML5 Programming advertises that it will promises to help “load HTML5 and JavaScript straight into your brain,” and it seems to start doing that right after you open its pages — as long as you keep an open mind about using a programming book that is actually enjoyable and fun to read while it instructs.

Si Dunn

Here’s the book scaring me this Halloween: America the Vulnerable – #bookreview #data #security

Subtitled “Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare,” America the Vulnerable is written by Joel Brenner, former inspector general at the National Security Agency.

Brenner has recent experience at the highest levels in national intelligence, counterintelligence and data security. And he has studied firsthand many of the threats and attacks against our national, corporate and personal interests.

“During my tenure in government,” he writes, “I came to understand how steeply new technology has tipped the balance in favor of those–from freelance hackers to Russian mobsters to terrorists to states like China and Iran–who want to learn the secrets we keep, whether for national, corporate, or personal security.” He adds: “The truth I saw was brutal and intense: Electronic thieves are stripping us blind.”

Everything from Social Security numbers to technological secrets that cost billions to develop are being taken — stolen from military and corporate data networks and individual computers, possibly including yours.

His book will leave you wide-eyed and wondering who is surreptitiously poking around inside your computer right at this moment and what they are taking or “borrowing” for sinister purposes.

 Likely the Chinese and the Iranians and Russian mobsters and others, including hackers, are in there or have been there recently.

And Brenner explains how you may be unknowingly helping them find and transfer sensitive and vital information, even when you do something seemingly innocuous as plugging in a thumb drive to your laptop.

You won’t need to watch any monster movies to get scared this Halloween. Brenner’s book or its Kindle version can give you a very serious case of chills and frights. 

Si Dunn