Tuesday, June 26

Workshop details

Role Management: Developing a strategy for enterprise roles

This workshop will cover how to develop roles for access control and how to evaluate role discovery and role management products. Roles will be examined from an IT perspective, focusing on the use of roles, rules, and policy to manage access rights. Participants will also learn popular role discovery techniques. The workshop will cover how to align IT roles to business responsibilities, and discuss the opportunities and challenges this approach presents. The course includes a discussion on experiences, results, and lessons learned from enterprises that have conducted role definition efforts. The workshop will conclude with recommendations on product evaluation and governance.

Workshop details

Security Metrics that Matter

Can your enterprise count on you? What security metrics are in your repertoire? Security professionals are seeking some sort of ‘holy grail’ of metrics often without a clear understanding that metrics come with different objectives – productivity, quality, cost effectiveness and, in security, risk management. The secret to a strong metrics program is understanding your objectives. This session will explain the most popular objectives for security metrics programs and provide specific guidance in decision making and resource allocation in order to meet those objectives. Attendees will leave with instructions on calculating information asset value, quantifying risk, measuring productivity, and evaluating cost effectiveness.

Workshop details

REST Easy

Awareness of REST as a simpler and more scalable means of delivering network accessible services continues to rise, as does frustration with the complexity and interoperability issues of the web services framework (WSF). Representational State Transfer (REST) is an architectural style for distributed systems that provides constraints on component interaction in order to maximize the scalability and evolvability of networked applications. The most ubiquitous implementation of the REST style is the Web itself.

This workshop will provide an explanation of REST and how it compares to SOAP and the WSF. We will discuss the architectural underpinnings of REST: identifiable resources, a uniform interface, resource representations, statelessness, and hypermedia. A working, RESTful system will be demonstrated using the Java Restlet Framework. Workshop attendees will come away with a solid understanding of REST, knowledge of how to design and build RESTful applications, as well as guidelines for evaluating REST vs. SOAP for enterprise systems.

Workshop details

Knowledge Management 2.0: Putting Social Software to Work

Growth and innovation are back on the strategic front-burner for most CXOs. Many realize the only way to out-think, out-perform and out-deliver the competition is to leverage human/intellectual capital. New ideas for markets, products, and customer services often emerge from unexpected sources. Social computing trends promise new ways for organizations to strengthen its relationship connectivity across communities and networks that increasingly include external parties. This session examines how social software (e.g., blogs, tagging, bookmarks, social networking) is positioned to transform how an organization captures, synthesizes and applies what it “knows” to improve business productivity and performance. Adoption of any emerging technology always raises issues related to media hype, risk, maturity and integration with existing systems. Pragmatic advice on how to move forward with social software will be provided to avoid any aura of “irrational exuberance”.

Workshop details

Advanced Considerations for Mature Identity Management (IdM) Deployments

This session is aimed at organizations that have already deployed IdM services and are in their second, third, or higher deployment cycle. The topics to be discussed come from real world experiences and deployments. The areas of discussion are:

• Determining your next area of coverage
• Developing identity data services—a foundational element of the Burton Group Reference Architecture
• Advanced use of IdM technologies such as virtual directories, federation, and integration tools
• Governance models for solving business issues such as compliance and audit

Workshop details

Provisioning Deployment: Planning Considerations and Recommended Practices

User and resource provisioning continues to be one of the hottest topics in the identity management space. Regulatory compliance, administrative efficiency, cost savings, and tighter security controls are driving the provisioning market at a rapid pace. Experiences are unfolding as enterprises increasingly invest in and deploy provisioning solutions. This workshop will review the practices in place at successful organizations and discuss evolving trends in project planning, design, and deployment. Additionally, the workshop will review vendor solutions and technological approaches. With its in-depth knowledge and increasing real-world experience, Burton Group will advise you on how to plan, design, and deploy a provisioning solution within your organization.

Workshop details

Application Security Workshop

Attackers go for the lowest hanging fruit. Very often, this means attacking applications. Attack points range from vulnerabilities that allow unauthorized users access to backend data, exploit coding errors to execute remote commands, and lure unsuspecting surfers to malicious web sites via cross site scripting.

This workshop will address two main areas of concern for enterprises. First, the reasons for creating robust, secure software and applications will be explained. Methods for weaving security throughout the software development lifecycle will be discussed. We’ll also discuss tools and techniques for increasing security throughout the SDLC, such as code reviews, code scanning, and XML/Web application firewalls, and security services.

The second half of the workshop focuses on common web application coding errors, using the OWASP Top 10 as a starting point. Code examples will be shown and attendees will be advised on how developers can avoid introducing these vulnerabilities into their own applications.

Workshop details

Web 2.0 What the @#% Is It?

What is Web 2.0? That depends, in large part, on who is answering the question. At best the concept is ambiguous and poorly defined, but that doesn't mean it's not related to real technology trends. This workshop is a tour de force of the World Wide Web and recent advances in Web technologies frequently associated with Web 2.0. Senior Analyst Richard Monson-Haefel of Application Platform Strategies will explain what Web 2.0 is, what it is not, what customers need to know and what they can safely ignore.

The World Wide Web (the Web) appears to be undergoing a massive revolution, but in fact the fundamentals remain the same and recent advances are simply natural extensions of the massive hypermedia system we call the Web. This workshop will explain the fundamentals and recent advances and place them in context for business application developers and managers. Technologies such as rich internet applications (RIA), Ajax, mash-ups, folksonomies, and other technologies often associated with "Web 2.0" will be explained clearly so audience members will walk away understanding exactly what Web 2.0 is and where the hype ends and real applications begin.

Workshop details

The New Collaboration/Content Competitive Landscape: IBM Lotus versus Microsoft, Round 2

IBM Lotus and Microsoft have been the leading enterprise vendors in enterprise messaging for more than a decade. In 2007, as Microsoft rolls out a much-expanded SharePoint and other new or updated products such as Office Communications Server and Exchange Server 2007, and as IBM releases Notes/Domino 8 along with new social software tools, the scope of competition will expand to include collaboration and content management. This market dynamic holds new opportunities and challenges for all enterprises, even those not currently committed to either IBM or Microsoft products, as it will further consolidate market share between IBM and Microsoft. Topics for this workshop include:

• Overviews of the new Microsoft and IBM collaboration and content management offerings
• Assessments and comparisons of the companies’ strategies, strengths, and limitations
• Enterprise adoption scenarios and planning guidelines

Workshop details

Developing an Enterprise Network Architecture

This full-day workshop teaches the skills IT managers need to develop an enterprise network architecture. Leveraging the Reference Architecture for Networks, the workshop will provide a decision-making framework and methodology for technology selection. The workshop will cover the principles, technical positions and template frameworks Burton Group has developed through its consulting experience with many large enterprises. Attendees will learn valuable technical information and understand how to create network plans that support business initiatives.
Topics this workshop will cover include:

• Network architecture value and benefits
• Network architecture development methodology
• Network architecture framework
• Architectural principles
• Technical positions: Network Protocols, IP addressing, Routing Protocols, QoS, IP Multicast, Switching and Routing, Local Area Networking, WAN/MAN Services, Wireless LANs, Remote Access, Resiliency, IP Telephony, Internet Access, Storage Area Networking, and WAN Performance Optimization
• Architectural templates: large/medium/small sites, campus, WAN/MAN, Internet access
• Creation of Gap analysis and migration plans
• Architecture implementation and review process

Who Should Attend
This workshop is designed specifically for enterprise network architects and technologists involved with network planning, network designers and consultants, and integrators and VARs.

Workshop details

SOA: Soup to Nuts

Service-oriented architecture (SOA) is an approach to system design in which the core unit of design is a shared, reusable service. SOA can deliver numerous benefits, such as increased flexibility and agility, reduced cost of ownership, better alignment between IT and business, and improved consistency and compliance. But SOA requires significant changes in the way projects are funded, designed, developed, managed, and maintained.

This full day workshop examines SOA from many different perspectives, including an overview of SOA; SOA technologies and infrastructure; service-oriented design approaches for business logic, data access, and infrastructure functionality; and SOA governance programs.

Time will be set aside during the day to allow participants to discuss their experiences (good and bad) in a birds-of-a-feather (BOF) like setting

Workshop details

SharePoint and Office2007: New Enterprise Collaboration/Content Opportunities and Risks

Microsoft SharePoint (composed of Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007) is Microsoft's strategic collaboration and content server, and it has strategic implications -- with both good and bad potential -- for enterprise planning. As the server-side counterpart to Microsoft Office, and encompassing everything from blogs to enterprise content management, SharePoint has the potential to help organizations more effectively collaborate and manage content. If unsuccessfully deployed, however, SharePoint can exacerbate rather than advance enterprise collaboration and content management planning, with the potential for out-of-control content dissemination and explosive growth in unmanaged workspaces. This workshop, a one-day subset of a CCS consulting workshop, covers topics including:

• A SharePoint introduction, including enterprise challenges Microsoft seeks to address with SharePoint 2007
• Detailed analysis of SharePoint capabilities, maturity, and limitations
• Competitive landscape projections