White Papers

• July 2006 - by Harsha Pattnaik
• This white paper provides a holistic approach to developing an IT strategy that will guide IT organizations in formulating a complete IT strategy that encompasses the big picture and its complexities.

• April 2003 - by Victor Kapella
• IT Strategy and Planning, Network and Systems Management -- This whitepaper defines incident and problem management based on the Information Technology Infrastructure Library (ITIL) Service Support best practices and BT INS's experience in the industry. It further explains the differences between incident management and problem management and offers a framework for addressing both activities.

• May 2007 - by Carolyn McConnell
• This white paper, by principal consultant Carolyn McConnell, introduces an enterprise mobility security roadmap and a means to determine your end-to-end mobility security posture. Focus is on achieving and maintaining the right security posture as mobility threats escalate and enterprise mobility capabilities advance.

• July 2002
• Network and Systems Management
• The purpose of this document is to clearly bring the issues surrounding cost-of-ownership (COO) to the forefront, as well as identify possible solutions to gaining control over these expenditures.

• February 2003
• Network and Systems Management -- This whitepaper outlines the key questions that should be answered to produce a thorough assessment of an organization's EM requirements.

• January 2001
• Network and Systems Management
• A white paper that discusses all the elements needed for a successful asset management plan.

• November 2002
• IT Infrastructure
• The telecommunications and network designer/architect is clearly competent in determining the best technical solution for a problem, but may miss the non-engineering applications and needs. This paper seeks to describe models for this design process that incorporates these intangibles as well as the technical solutions.

• January 2008 - by Andrew Elia
• This whitepaper offers an alternative approach to dealing with the need for PCI compliance. Rather than proposing how-to-comply guidance, it provides guidance on how to adapt a traditional build-versus-buy methodology, which enables organizations to make informed decisions on whether to remediate findings internally, or transfer the burden of PCI compliance via outsourced credit card handling.

• November 2005 - by Tim Rooney
• This white paper provides IT professionals a guide for how to flawlessly execute tasks for IP management, and recommends best practices for simplifying the IP management process. These best practices are derived from the BT Diamond IP leadership team’s collective experience in the IP management space obtained through numerous implementations of IP management systems, and interactions with end users and industry analysts. Many members of the team have also been active in the Internet Engineering Task Force (IETF) in evolving IP technology.

• July 2007 - by Victor Kapella
• This whitepaper describes the relationship between effective IT governance and well defined and measurable IT operational processes. It provides an overview of the ISO/IEC 20000 standard and describes how adoption can result in a set of governable IT operational processes.

• May 2004 - by Scott Wilson and Michael Trofimoff
• This white paper provides a comprehensive and proactive approach to security management by identifying the business and organizational implications of security and IT management, and by distinguishing the operational and architectural requirements for building and implementing an integrated security management system.

•  June 2007 - by Edwards Hicks, Thomas Maruska, and Michael Trofimoff
• Explains the importance of tuning IT systems to realize the full potential of digital surveillance systems, and presents real-life examples that illustrate how digital surveillance systems can be enhanced by making the appropriate links to IT

• October 2004 - by Omar Zaidi and Ronnie Ray
• This paper presents a framework for planning and executing data center consolidation efforts to ensure success with minimal risk to the business, and in that context, discusses the critical role of performance monitoring and reporting throughout the life cycle of a consolidation project.

This white paper shows how DNS servers can be deployed with anycast to achieve a number of benefits.

• January 2005 - by John Treece (Comcast) and Mike Dooley (BT Diamond IP)
• This white paper reviews the components and methods for managing updates on DOCSIS firmware devices.

• October 2004 - by Michael J. Vincent
• This white paper explains how Cisco's LAM can be used to ease migrations of static IP addressed hosts.

• January 2001
• This white paper discusses the importance of a well-defined change management process to maintain control of evolving technology, and how to put such a process in place.

• October 2004 - by Daniel L. Needles
• Expert systems to automate diagnostics, notifications, and/or escalation processes can be extremely labor intensive and expensive to implement and maintain. This paper shows how, in the case of simple behavior models, Netcool can be used to automate diagnostics, notifications, and/or escalation processes.

• March 2004 - by Mario Stelzner and Holger Jakob
• This white paper shows how the risks of a migration from Exchange 5.5 or Exchange 2000 to Exchange 2003 can be reduced and timelines be shortened by combining Exchange migrations with e-mail archiving.

• January 2005 - by Kerry Litten
• This paper describes a practical way to implement ITIL best practices that incorporates the benefits of two approaches while overcoming their shortcomings.

• May 2004 - by Felicia Nicastro
This whitepaper is a high-level overview of security patch management issues.

• June 2004 - by Ruud Louwersheimer
• This white paper explains the basics of Anycast and why networking organizations should consider implementing it in their IPv4 networks.

• October 2004 - by Tim Rooney
• This white paper demonstrates how to calculate the ROI that can be achieved using IPControl based on a number of variables and cost assumptions typical of most networking environments. It also highlights many of the "soft" benefits of IPControl that also should be considered when making an investment decision.

• May 2005 - by Scott Kirkwood
• This white paper explains the difference between traditional outsourcing and intelligent outsourcing using the ITIL framework. It will further delineate the steps required to successfully pursue an intelligent outsourcing strategy.

• January 2004 - by Michael Dooley and Alex Drescher
• This paper discusses the challenges faced by enterprises when managing the allocation, distribution and use of IPv4 address space, and proposes a solution for building a next-generation IP address management system.

• October 2002 - by Jim Tiller
• A secure virtual private network (VPN) is the combination of tunneling, encryption, authentication, access control, and auditing technologies and services used to transport traffic over the Internet or any insecure network that uses the TCP/IP protocol suite for communication.

• February 2007 - by Tim Rooney
• This white paper presents an overview of the main migration technologies that can be used to transition from an IPv4 network to an IPv6 network and will suggest several strategies to implement that transition.

• July 2007 - by Craig J. LaCava
• This white paper examines ISO/IEC 20000 implementation best practices and the characteristics of the most successful programs we have observed.

• March 2003 - by John Herbert
• This whitepaper examines a resilient network design commonly found in the enterprise arena, and investigates the Cat's Cradle Effect, which can slow down a fast network, overload networking equipment and cause high packet loss.

• April 2004 - by Kerry Litten
• This white paper outlines the type of information required by IT Service Management stakeholders as well as the appropriate supporting metrics and provides a starting point for organizations wishing to enhance their service reporting in order to more effectively manage their IT services.

• July 2003 - by Michael Trofimoff
• This white paper provides readers with the tools to identify the impact that IT projects have on business objectives, the metrics and measurements needed to quantify and isolate that impact, and how to present the results to management for maximum effect, that is, connecting the "dots" of effort, impact, and measurable return.

• August 2007 - by Michael Lindsay
• This white paper discusses why companies inappropriately focus on the recovery of IT core services at the expense of other critical business services, and proposes a five-step process to implement a comprehensive business continuity plan.

• February 2006 - by Matthew Tighe and Dan Hastings
• This white paper identifies the basic steps involved in developing a complete, top-down, expense management solution, and provides advice on the key activities that need to be performed throughout this process.

• August 2005 - by James S. Tiller
• This white paper demonstrates the importance of security program maturity, discusses the process of determining its effectiveness, and shows how this will help you gain long-term valuation of your security investments.

• July 2002
• Unicode attempts to be a comprehensive solution for electronically mapping all the characters of the world's languages, allowing a theoretical total of over 65,000 characters in its 16-bit character definition. Unicode extensions are installed by default with Microsoft Internet Information Server (IIS) versions 4.0 and 5.0, allowing the web servers to recognize non-Latin characters. The IIS Unicode Exploit allows users to run arbitrary commands on the web server. IIS servers with the Unicode extensions loaded are vulnerable unless they are running current patches. This paper will explain in detail how this seemingly harmless service can lead to a system compromise, and what can be done to minimize that vulnerability.

• October 2003 - by George Sadlier
• This paper reviews the risks inherent in mobile computing and examine some of the controls that are available to help mitigate these risks. Particular attention is paid to data encryption, both "at rest"and "in transit."

• May 2004 - by Tim Rooney
• This white paper provides a functional description and benefits of the NetControl(TM) software product for IP address management and an analysis of the potential cost of and return on investment for this product.

• October 2004 - by Daniel L. Needles
• This white paper helps managers and engineers tasked with creating, maintaining, and/or using a distributed EMS architecture to measure, design and implement a holistic solution to enable Netcool self-monitoring.

• May 2004 - by Michael Martone
• This paper compares the advantages and disadvantages of open-source tools to commercial products, and explores the effective use of open-source tools.

• November 2002
• This white paper will give telecom managers, network planners, and engineers a more detailed look at how PKI works in a VPN environment.

• April 2005 - by Michael J. Vincent
• This paper looks at the emerging technology of presence and its role in future communications. It discusses the difference between presence - a location service - and a converged network - the design, equipment and protocols that make the next generation of end-user connectivity a reality.

• August 2007 - by Steve Sanderlin
• This white paper describes the relationship between Microsoft Office Project Server 2003 and Microsoft Office Project Server 2007, as well as the differences in extracting data for reporting from each. It also provides a basic understanding of how schema in Project Server 2007’s reporting database is organized and how this compares and contrasts with the database schema of Project Server 2003.

• October 2001
• ISO 17799 defines information as an asset that may exist in many forms and has value to an organization. The goal of information security is to suitably protect this asset in order to ensure business continuity, minimize business damage, and maximize return on investments.

• March 2003 - By Felicia Nicastro
• The patch management process is a critical element in protecting any organization against emerging security threats. Formalizing the deployment of security-related patches should be considered one of the key elements in a Security Group's program to enhance the safety of information systems for which they are responsible. This whitepaper offers a starting point for an organization to practice secure patch management procedures.

• July 2003 - by Jim Tiller
• This white paper explains the requirements placed on the U.S. power industry as a result of the publication of Presidential Decision Directive 63 (PDD 63), which states that by May 2003, the U.S. shall achieve and maintain the necessary security measures to swiftly eliminate any vulnerabilities and ensure the continuity of critical systems.

• May 2005 - by Jim Tiller
• The long-term affects of a common security infrastructure are many and with it comes the ability to manage security as a service to the business and demonstrate its role in broader corporate objectives.

• October 2003 - by Michael Dooley and Alex Drescher
• This paper discusses the challenges faced by service providers when managing the allocation, distribution and use of IPv4 address space, and proposes a solution for building a next-generation IP address management system.

• June 2005 - by Tim Rooney
• This white paper offers approaches to streamlining efforts to keep IP networks up and running for critical DHCP and DNS services, then discusses the IPControl Sapphire appliance, which achieves the next level in protecting DHCP and DNS services.

• June 2000 - by Scott Kirkwood
• The use of frame relay has grown significantly over the past several years as traditional host-based systems with dedicated point-to-point links have been replaced with distributed client/server networks. As the use of frame relay has grown, several physical and data link layer components have evolved, which has increased the efficiency and interoperability of frame relay devices.

• August 2006 - by Kerry Litten
• This white paper, written by senior principal consultant Kerry Litten, provides a step-by-step guide to achieving effective IT governance by improving existing mechanisms, which are often informal, not clearly defined and lacking in transparency (i.e., the basis for decisions taken is not always clear).

• February 2005 - by Tim Rooney
• This paper discusses various interoperable configurations supported within stock Windows developed by Microsoft and BIND developed by the Internet Systems Consortium. It also reviews deployment configurations supported with the help of BT Diamond IP’ IPControl™ software from solely Microsoft AD DNS configurations to mixed Microsoft and BIND DNS.

• May 2006, by Michelarcangelo La Porta
• IT Infrastructure
• This white paper lays the foundation for an analytical description of the throughput and loss performances of an ideal Diffserv-compliant router. We call such a description the ingress-egress characterization of the ideal Diffserv router.

• July 2002 - by Craig J. LaCava
• Convergence of voice and data over the same communications services has long been the goal of service providers and enterprise organizations. Telecommunications managers anticipate cost savings and enhanced control over their networks by combining voice traffic with data traffic.

• June 2000 - by Peter J. Salmeri and James N. Barrett
• Microsoft's Windows 2000 operating system offers an organization a significant amount of new functionality and design flexibility. However, these benefits do come at a price; design complexity has increased considerably. The Windows NT structure grew and users started to require access to resources in other domains. Microsoft answered this need with the ability to have domains trust each other.

• September 2001
• A concise discussion of the issues surrounding the deployment of Windows 2000 Professional and Windows XP Professional, with the intention of assisting organizations with the decision-making process.

• March 2000 - by James N. Barrett
• Operating Systems and Directory Services
• Windows 2000 offers an entirely new paradigm to the design of a domain hierarchy. As organizations have grown, domain design requirements have become more complex. The system of manual trusts has grown cumbersome, particularly for organizations that have dozens or hundreds of domains.