Load Testing ASP.NET Web Applications using Jmeter

People do not like slow responses on web sites. It just drives them away. If you would like to know how fast/slow your web site is when 100 or 1000 users access it, what you are attempting to is labelled ‘load testing’. There are many commercial and free tools that do the job for web applications running on Java, ASP.NET, PHP etc. We will specifically look at testing ASP.NET applications using the open source tool called Jmeter.


Continue reading “Load Testing ASP.NET Web Applications using Jmeter”

Tech Terminology Demystified – Android

Android is an open-source software stack for mobile devices that include an Operating System, middleware and key applications.  Android’s OS is based upon a modified version of the Linux kernel.


Google purchased the initial developer of the software, Android Inc, in 2005.  Google and other members of the Open Handset Alliance collaborated on Android’s development and release.  Currently, the Android OS is the world’s best-selling smartphone platform.

PCI DSS Compliance Program undergoes a change

Last week, Visa announced a new Payment Card Industry Data Security Standard (PCI DSS) compliance program that will fuel dynamic data authentication.


This will mean that merchants will not need to validate their compliance with the Payment Card Industry Data Security Standard (PCI DSS) if at least 75% of the merchant’s annual Visa card transactions originate on smartcard-enabled terminals.


Continue reading “PCI DSS Compliance Program undergoes a change”

Evaluation of Anti-Virus Software-Some Commonly Used Criteria

Here is a list of commonly used evaluation criteria for anti-virus software

  • • Ability to produce new virus signatures quickly
  • • Dispersed/distributed manageability
  • • Unified client features
  • • Client transparency
  • • Support for all Windows OSes and Linux
  • • Web-based management console
  • • Company strength and overall AV strategy
  • • Ability to integrate with other solutions such as Cisco NAC
  • • Proactive notification on potential outbreaks and/or problems
  • • Ability to clean up after viruses and/or spyware have infected a system
  • • Ability to quickly prevent outbreaks while new virus signatures are not yet available

Each of the above criteria has been explained further

Ability to Produce New Virus Signatures Quickly

The period between when a virus is discovered “in the wild” and when a signature or pattern file is available for clients is extremely critical. The longer it takes to get and distribute new pattern files, the more likely it is to have clients getting infected.

Dispersed/Distributed Manageability

The ability to provide Unit Computing Specialists and/or departmental administrators access to manage their own clients was also an important feature. With the diversity in departmental IT policies, it is necessary to be able to give people the ability to set policies for their department differently than  what is defined at the global level. Furthermore, departments need the ability to provide customized reports on systems under their control to their management.

Unified Client Features

The ability for client software to provide antivirus, anti-spyware, SPAM filtering, and firewall support in a single package was very high on the list of requirements. Packaging all of these features together under a single client not only reduces desktop and system tray clutter but typically takes up fewer system resources in terms of CPU and memory.

Client Transparency

Another aspect that to consider is how the client itself performed while a system was under heavy usage. Real-time scanning and monitoring needed to be as unobtrustive as possible. This also meant that any error messages or warnings that popped up as viruses were found needed to be easy to understand and answer. It was very important that the client be as transparent and easy to use as possible to users.

Support for mulitple OSes

If there are a variety of operating systems is use it is important that any solution support the full range of Windows operating systems from Windows XP and2003 all the way back to Windows 98 and Windows 95. In addition, adding support for protecting the growing number of Linux desktops and servers may also be required.

Web-Based Management Console

Enterprise management tools needed to be web-based for ubiquitous access. Not all system administrators run Windows on their desktop, so use of a Windows client-based management system is not desired in our environment. Furthermore, the console needed to be able to provide granular control over systems being managed.

Company Strength / Overall AV Strategy

Another factor in selecting an antivirus solution is how strong the company itself was. Fiscally weak or unsound companies tend to get bought out by larger corporations who may then change the levels of service a product provides even during a contract.The availability of technical support for the anti-virus software is also relevant here. This particularly the case when using free anti-virus software.

Ability to Integrate with Other Solutions

Network security is another area of focus when selecting an antivirus solution. The ability of a solution to integrate with third party solutions such as Cisco’s Network Solution. It is therefore essential that anti-virus solution be able to integrate with the existing network infrastructure.

Proactive Notification of Potential Outbreaks and/or Problems

Limited human resources means that continuous monitoring of the system may not be possible. Therefore, it is critical that any solution be able to watch systems and automatically notify system administrators of possible outbreaks or issues on the network. The ability to email or page an administrator or administrators when there appears to be an anomaly on the network should be considered.

Ability to Clean Up after Viruses and/or Spyware

Obviously another factor that must be considered when evaluating antivirus solutions is how well the product is able to clean a system after an infection. If a solution simply detects a virus but doesn’t clean it up well, it doesn’t really save an administrator any time or effort. The solution should be able to successfully clean a majority of infections without having to rebuild the system.

Ability to Prevent Outbreaks Until New Virus Signatures Are Available

Many vendors have begun to discuss “zero-day” protection, but few actually do much about it. The ability to prevent an outbreak from occurring when there is no virus signature or pattern file available is extremely important. Hundreds of systems could potentially become infected in the time it takes a virus to be detected “in the wild” to the time a new pattern is available. A feature considered key was the ability for software to keep systems protected even though they were unable to detect the virus.