Welcome!

You will be redirected in 30 seconds or close now.

ColdFusion Authors: Yakov Fain, Jeremy Geelan, Maureen O'Gara, Nancy Y. Nee, Tad Anderson

Related Topics: ColdFusion

ColdFusion: Article

Unlocking Restricted Use of CFFILE,CFCONTENT,and More

Unlocking Restricted Use of CFFILE,CFCONTENT,and More

Many developers know that the CF administrator can restrict your ability to use several tags that not only provide very useful capabilities, but can also be used to provide unauthorized access to server resources. What many don't know is that they can arrange to use those restricted tags on a case-by-case basis with the administrator's permission.

In this article, I introduce the Unsecured Tags Directory feature, which most developers don't know about and many administrators don't understand. This feature can be the key to unlocking tags that might otherwise render a developer's intended application design difficult or impossible. I'll also explain the ability to restrict tags, for those unfamiliar with that feature.

The Closed Door to CFFILE, CFCONTENT, etc.
Have you ever wanted to use a tag such as CFFILE, but when you tried, you received the following message:

Error Diagnostic Information
The CFFile tag is disabled.
The administrator has chosen to disable this functionality on this server unless executed from a specified directory.

The problem, as the message clearly states, is that the administrator has chosen to disable or restrict use of this tag (and likely others), which might be used in an unacceptable and security-compromising way. The reasoning behind the ability to restrict such tags, and the choice by an administrator to do so, is logical and defensible.

I'll explain in more detail. What many developers and administrators don't know is that there's a way to permit access to these otherwise restricted tags. It can be done in a controlled manner that requires the administrator's complicity. The end of the error message even offers a clue as to how, but those few who do notice it still may not understand what it's implying.

Why the Closed Door?
The problem with permitting unfettered use of the CFFILE tag is that it's quite powerful and can be used for many things, including deleting files on the server or moving them around. Since the CF Server generally has rights to almost all directories on a server, it's naturally a scary prospect for a server administrator to let all CF developers access whatever files they want.

The administrator can use the "Basic Security" panel in the Administrator to select which of a handful of listed (and potentially dangerous) tags should be restricted so that no CF developer can use them. At least that's the way it appears, but this article will demonstrate that it's not entirely true.

The screen in the Administrator used to set these restrictions is shown in Figure 1. As of CF5, the Basic Security features are accessed through the new "Security" link listed below the "Home" and "Logout" links at the top left of the screen. The "Tag Restrictions" link shows this page, which indicates the tags that can be restricted. It also offers the relatively new Unsecured Tags Directory. (In CF 4.5, this page is under the "Basic Security" link in the Administrator's left nav bar and appears pretty much the same.)

By default, all the tags are unrestricted (all checked). Anyone reading the screen or the CF Administration manual will likely think that turning these tags off is the "safest thing to do." Most hosted sites run by CF administrators with at least some knowledge of the restriction option will likely disable the tags.

Sadly, it's a bit like throwing the baby out with the bathwater. There is indeed reason to fear that some might misuse a tag, but one sore point is that it's an all or nothing proposition. Once disabled, that tag can't be used at all by any developer on the server (unless you know the trick that I'll demonstrate in this article).

It's certainly reasonable to fear that someone may misuse the CFFILE Action="Delete" or Action="Move" attributes, but what if you want to use the useAction="Upload" option to allow your users to upload a file to your server? Perhaps your application needs to enable uploads of résumés, product photos, or legal documents. With the CFFILE tag disabled, your application is dead in the water. It would be nice if we could restrict certain attributes or attribute/value pairs rather than the entire tag.

What About Advanced Security?
You may be wondering why CF can't be a little smarter about the restriction of tags and simply limit the files or directories your program is allowed to access. If you could identify an application user or the owner of the application, why not just restrict which files that user or application owner can access? It involves setting up Advanced Security where you map users to resources, so people see only what they should. Because it's a bit harder to set up and that feature came out only in release 4, the simpler "Basic Security" mechanism of restricting tags is more prevalent. That basic approach needn't be a showstopper if you want to allow limited rather than total restriction of the tags, as this article shows.

Another Potentially Challenged Application
Another good example where this "all or nothing" approach can be a problem is when a developer wants to use CF to create an application that serves a repository of files available for download. Again, it could be photos, executable programs, documents, etc. He or she may want to permit end users to access these files only if they've logged in or have perhaps paid a fee. Creating a Web interface to perform authentication or accept payment is beyond the scope of this article, but well documented in other articles and books.

The issue here is how do you make those files available to the end user? While some would say, "Give them a user ID and let them FTP into a server," others would argue for a cleaner, more integrated approach. They may want the Web application to provide the file for download upon request. For this type of application, CFCONTENT comes to the rescue with its File attribute that allows you to send a given file's contents to the browser user (and even set its MIME type with the TYPE attribute).

The problem is that, again, the CFCONTENT FILE attribute would allow you to access any file and directory that the CF Server has access to (assuming you're not working under CF's Advanced Security approach). That's a problem, so many administrators restrict the tag. Again, if you want to do any sort of file serving, as described in this example application, it appears you're out of luck.

CFCONTENT is another example of a tag that should be restricted by attribute. While the aforementioned FILE attribute is risky and the DELETEFILE attribute is even riskier, the TYPE attribute can be used without either of those for an entirely different purpose. It simply sets the MIME type for the content of a page being created using CFML. This tag/attribute pair is especially critical for developers serving Wireless Markup Language applications or creating data to be read by a client as a spreadsheet. I do wish Macromedia would allow that CFCONTENT TYPE attribute to be permitted while restricting the other two.

The Tags - and Attributes - That Can Be Restricted
We've mentioned that CFFILE and CFCONTENT are tags that can be restricted. What are the rest? Prior to ColdFusion 5, the tags that could be restricted were CFCONTENT, CFDIRECTORY, CFFILE, CFOBJECT, CFREGISTRY, CFADMINSECURITY, and CFEXECUTE.

As you can see in Figure 1, release 5 added CFFTP, CFMAIL, and the new tag CFLOG to that list. It also added the ability to restrict not only tags but specific attributes of tags, namely DBTYPE=DYNAMIC and CONNECTSTRING, which are new attributes that can be used on any of several tags related to database processing (such as CFQUERY and CFSTOREDPROC). For the sake of this article, however, the interesting new feature is that we can now restrict by attribute rather than by tag only, as discussed in the previous sections.

Perhaps a future release might allow restriction of just CFFILE's Action="Move" or Action="Delete" attributes, while permitting Action="Upload"; I've lodged that as an enhancement request for the next release of CF, code-named Neo. (Then again, permitting uploads has its own security risks, as described in Knowledge Base Article 17407, "Security Best Practice: Evaluating the Risks of Allowing Uploading and of Attached Files on Your Server.")

Going back to the new list of restricted items in CF5, you may wonder why CFMAIL is listed. Though it pains me to point this out for fear it might be abused in pre-release 5 servers, the MIMEATTACH attribute of CFMAIL has always been available to send virtually any file off the server as an attachment in an e-mail sent via CFMAIL. Shocking news though that may be, it's also scary to think that a server administrator might disable CFMAIL entirely, now that it's possible. Again, I've requested an enhancement for Neo that this tag attribute be separately restricted, so that other more reasonable uses of CFMAIL can still be permitted.

It's always a dicey proposition explaining how security works (or doesn't), even if it helps solve problems. That's the nature of security, however. There's no sense living with your head in the sand. Folks who abuse systems often learn of things before those who control them, and they tend to keep their discoveries to themselves. As I so often write in this column, forewarned is forearmed.

Controlled Circumvention
of the Restrictions If I'm adverse to sharing security risks, why am I offering an article called "Unlocking Restricted Use of CFFILE, CFCONTENT, and More." I'll now show how to get around these sort of "global" tag restrictions. Am I again giving away the keys to the kingdom? No. In this case I'm sharing an ability to use a feature that can generally be enabled only with the concurrence and approval of the CF Administrator.

While an administrator can restrict various tags, and perhaps should - as in the case of a server shared by multiple, unrelated users - there are times, as we've seen, when this restriction can severely hamper a developer's intention to create some application feature.

Fortunately, release 4.5 and forward of ColdFusion provides an out for us in the form of the Unrestricted Tags Directory. Here, finally, is the key feature being introduced in this article. It's likely big news to many: any templates run in that directory (whether run directly, or called as a custom tag or by way of CFINCLUDE) will indeed be able to run any tag, regardless of whether it's restricted.

The option for setting this special directory is controlled by a text box appearing at the bottom of that Basic Security "Tag Restrictions" page shown in Figure 1. Many don't even notice the option. The Unrestricted Tags Directory form field is used to specify which directory on the server holds templates that are allowed to use the otherwise restricted tags. That's pretty much it. You may want to try it out.

Some additional background may be useful when considering the value to be chosen for this setting. As you can see in the figure, the value is set to "CFIDE\Ad-ministrator," which is where the CF code supporting the ColdFusion Administrator itself is located. Certainly, the CF Admin-istrator templates (which show you the Administrator interface) need to be able to execute any of these tags, whether they're restricted for all other programmers or not.

The value for this Unsecured Tags Directory is set by default to point to the directory where the Administrator code is stored. The value "CFIDE\Administrator" is the default you'll see indicated in the CF5 Server. In 4.5, the value will by default be set to the same directory but use the full path (in my case, e:\inetpub\wwwroot\CFIDE\ Administrator. The difference between using a full path and a relative one is the only difference between the two releases. In both releases, you could change it to point to any full path.

Indeed, in both releases you could point it to something other than the Administrator directory location, but you shouldn't need to and it's probably not a good idea (unless your Administrator has been placed in some other directory intentionally, perhaps for security reasons, and you need to correctly point to that). If you change it to something other than where the Administrator code is located and you disable the CFREGISTRY tag, you'll find that you won't be able to do anything else in the Administrator anymore. To regain access to the Administrator, you'll have to modify the registry to reset this key (HKEY_LOCAL_MACHINE\SOFTWARE\Allaire\Cold-Fusion\CurrentVersion\Server\UnsecuredTagsDirectory) to point to the Admin-istrator path and restart CF before being able to get into the Administrator again.

Using the Feature
If you shouldn't change the Unsecured Tags Directory to point anywhere other than the Administrator, how can you leverage this available feature as a developer? If you're not in control of the Administrator, how will any of this knowledge help?

I indicated that any template placed in this "unsecured" directory could execute any tags, regardless of restrictions. There-fore, to get around the restriction on the tags, simply place the needed code in the "unsecured" directory (or ask your administrator to do this for you). Again, any use of that template from anywhere on the server, whether called directly or by a custom tag call (with CFMODULE, to point to that directory) or a CFINCLUDE, will allow execution of the otherwise restricted tags. That's powerful.

Given the possibilities, it's probably all the more appropriate that the Unsecured Tags Directory value be left to point to the Administrator directory, since that will likely have security placed on it so browser users can't request a directory listing to see any file names that might allow unrestricted access to a tag or tags. It might even be appropriate to restrict access to that directory from the operating system level so that people on the same network can't even see what files are in that directory.

Indeed, the availability of this Unse-cured Tag Directory option, and the fact that it's set by default to the Administrator directory, indicates that it's critical that this directory be secured at the operating system level so that no one but authorized users can put files into the directory; otherwise developers would be able to grant themselves unfettered access to the otherwise restricted tags by placing templates there that use them.

(You may wonder if you can specify multiple values for the Unsecured Tag Directory. You can't. At least, it's not documented that you can, and I tried unsuccessfully to use semicolons, commas, and spaces to indicate multiple directory paths.)

A Simple Example: Enabling CFFILE Uploads
Admittedly, some servers will be run by tightfisted monarchs who won't be interested in considering the possibilities this enables. Maybe you still don't see the point. Here's a real example.

What if you wanted to get the administrator to allow you to use CFFILE even though it's restricted for the whole server? If some custom tag could be written to allow just the CFFILE Action="Upload", and that was given to the admin for approval and then placed by the admin in that Unsecured Directory, then that specific code could be called as needed by developers.

I offer an example of such a custom tag in Listing 1. Notice that it has to do a bit more than simply run the tag for us. First, it needs to account for the fact that we don't know if the user will provide all the attributes of the CFFILE action="Upload" tag; some of them are optional. Further, for some of the attri-butes we can't just default them to being an empty string if not provided, so you'll see the use of some CFPARAM tags to set the defaults to whatever the tag documentation says is the default value for that attribute (such as "delete" for NAMECONFLICT).

A couple of attributes ("mode" and "attributes") are needed only on Unix machines, but again we need to account for the fact that a value may or may not be passed in by setting a suitable default value. The default may not make sense for your installation (though these are ignored on Windows machines anyway), so feel free to change them if needed.

Finally, one other challenge is that the CFFILE tag returns several "file"-prefixed result variables, such as "file.ClientFile". Since a custom tag's variables are local to that tag and the caller will certainly need access to those variables, you'll see that I also set all the needed result variables to the caller scope, making them available to the caller.

Sadly, I couldn't do something simple like <CFSET caller.file=file> or even CFSET it to duplicate(file). The file scope isn't considered a structure. Although the release 5 docs say we should use "cffile" as the prefix over the older "file" prefix (as in cffile.ClientFile), the cffile scope reacts the same way, so I had to simply assign each expected return value to the caller scoped variable of the same name. (I used CFSCRIPT but it could just be 21 CFSETs [see Listing 1].)

If that file were saved as cffile_ upload.cfm and placed in the Unsecured Tags Directory (such as CFIDE\ Admin-istrator), then we could call it from anywhere on the server using:

<cfmodule template="/CFIDE/Administrator/cffile_upload.cfm"
filefield="photo" destination="d:\temp" nameconflict="overwrite" >

Notice that it's using CFMODULE's Template attribute to say "run cffile_ upload.cfm in the /CFIDE/ Administrator" directory. Of course, this would need to be called in the context of a form action page where the form has passed in an INPUT TYPE="file" field called "photo", and it's saying to store the file on the server in D:\temp, etc. It's a simple replacement for a CFFILE call that would have done the same thing:

<CFFILE ACTION="UPLOAD" FILEFIELD="photo"
DESTINATION="d:\temp" NAMECONFLICT="OVERWRITE">

All that's changed is the CFFILE Action="Upload". Everything else is the same. The power of all this is that the administrator can still prevent anyone from using CFFILE's more dangerous attributes. All they've opened up is the action="Upload".

If the admin still doesn't want to make such an extensible and reusable tag, they could just hard-code the values for the "destination" or even "filefield" attributes to make it useful for a single application only.

Another idea is to limit it to writing only to the directory of the caller by changing the DESTINATION attribute of the CFFILE tag within the custom tag to be:

Destination="#getdirectoryfrompath(cgi.CF_TEMPLATE_PATH)#"

You'd also then want to remove the CFPARAM tag at the top of the custom tag for attributes.destination, since the attribute would no longer be used. Of course, it may seem to some that such complications would make the whole concept too much bother, but I don't think so. It's still better than not being able to use the tag at all.

Finally, there's still another approach to limiting what the user can write to. You could enable the destination attribute again, but use the CFIMPERSONATE tag and its TYPE="os" attribute so users could write only to what they're authorized for. Even without Advanced Security installed, you could specify your NT domain in the tag's SecurityContext (I found I could leave it blank since my Win2k server doesn't run under the control of an NT domain server) and then pass in a username and password as attributes on the call to the custom tag. You'd wrap the CFFILE tag within this tag, as in:

<CFIMPERSONATE username="#attributes.username#"
password="#attributes.password#" securitycontext="" type="OS">
<CFFILE...>
</CFIMPERSONATE>
Thanks to Raymond Camden for suggesting that last solution.

Summary
The ability to call upon restricted tags (indeed to restrict them in the first place) may be something that's not well understood by many CF developers and administrators. I hope this article provides information and ideas, as well as justification to approach your administrator to propose some alternatives if you work in an environment where some needed tag is restricted.

Administrators, if you've set tags to be restricted but haven't locked down that cfide\administrator directory to keep developers from freely placing files there, you've left the barn door open. I hope, too, that you'll consider using advanced security to restrict who can access what, but that's a subject for a future article (or two).

*  *  *

Here's one last bonus tip, since this issue of CFDJ is about using custom tags. Did you know that CF 5 introduced a means to name more than one location for globally accessible, server-wide custom tags? (This has nothing to do with the Unsecured Tags Directory.) Previously, the default location was cfusion\customtags (i.e., wherever you installed CF under the cfusion directory, such as c:\cfusion). Now you can indicate more than one location using the "custom tag paths" link in the Administrator's "Extensions" section on the main "Server" page (the first one you normally see after logging into the Administrator). While the interface for adding multiple directories is new, you could do it in previous releases by providing a comma-separated list of directories in HKEY_LOCAL_MACHINE\SOFTWARE\ Allaire\ColdFusion\CurrentVersion\Custom Tags\CFMLTagSearchPath.

Don't forget, this isn't the only way to create alternatives to the default cfusion\customtags directory for placement of globally accessible custom tags. You've always been able to create any number of subdirectories under that directory. The normal call of a custom tag as <cf_yourtagname> will look for yourtagname.cfm first in the current directory where the caller is located, then in cfusion\customtags, then in any of its subdirectories. If you wanted to run a specific tag in a specific subdirectory of cfusion\customtags, you could also use CFMODULE and its NAME attribute. See the CF docs for more information on that tag.

*  *  *

Some of you may be looking for Part 2 of my "Toward Better CF Administration" article that I started last month (CFDJ, Vol. 4, issue 1). Since the focus of this issue is custom tags (and it's got plenty of content already), we've decided to push that off until next month.

More Stories By Charlie Arehart

A veteran ColdFusion developer since 1997, Charlie Arehart is a long-time contributor to the community and a recognized Adobe Community Expert. He's a certified Advanced CF Developer and Instructor for CF 4/5/6/7 and served as tech editor of CFDJ until 2003. Now an independent contractor (carehart.org) living in Alpharetta, GA, Charlie provides high-level troubleshooting/tuning assistance and training/mentoring for CF teams. He helps run the Online ColdFusion Meetup (coldfusionmeetup.com, an online CF user group), is a contributor to the CF8 WACK books by Ben Forta, and is frequently invited to speak at developer conferences and user groups worldwide.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
High-velocity engineering teams are applying not only continuous delivery processes, but also lessons in experimentation from established leaders like Amazon, Netflix, and Facebook. These companies have made experimentation a foundation for their release processes, allowing them to try out major feature releases and redesigns within smaller groups before making them broadly available. In his session at 21st Cloud Expo, Brian Lucas, Senior Staff Engineer at Optimizely, will discuss how by using...
In this strange new world where more and more power is drawn from business technology, companies are effectively straddling two paths on the road to innovation and transformation into digital enterprises. The first path is the heritage trail – with “legacy” technology forming the background. Here, extant technologies are transformed by core IT teams to provide more API-driven approaches. Legacy systems can restrict companies that are transitioning into digital enterprises. To truly become a lead...
SYS-CON Events announced today that Daiya Industry will exhibit at the Japanese Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ruby Development Inc. builds new services in short period of time and provides a continuous support of those services based on Ruby on Rails. For more information, please visit https://github.com/RubyDevInc.
As businesses evolve, they need technology that is simple to help them succeed today and flexible enough to help them build for tomorrow. Chrome is fit for the workplace of the future — providing a secure, consistent user experience across a range of devices that can be used anywhere. In her session at 21st Cloud Expo, Vidya Nagarajan, a Senior Product Manager at Google, will take a look at various options as to how ChromeOS can be leveraged to interact with people on the devices, and formats th...
SYS-CON Events announced today that Yuasa System will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Yuasa System is introducing a multi-purpose endurance testing system for flexible displays, OLED devices, flexible substrates, flat cables, and films in smartphones, wearables, automobiles, and healthcare.
SYS-CON Events announced today that Taica will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Taica manufacturers Alpha-GEL brand silicone components and materials, which maintain outstanding performance over a wide temperature range -40C to +200C. For more information, visit http://www.taica.co.jp/english/.
As hybrid cloud becomes the de-facto standard mode of operation for most enterprises, new challenges arise on how to efficiently and economically share data across environments. In his session at 21st Cloud Expo, Dr. Allon Cohen, VP of Product at Elastifile, will explore new techniques and best practices that help enterprise IT benefit from the advantages of hybrid cloud environments by enabling data availability for both legacy enterprise and cloud-native mission critical applications. By rev...
Organizations do not need a Big Data strategy; they need a business strategy that incorporates Big Data. Most organizations lack a road map for using Big Data to optimize key business processes, deliver a differentiated customer experience, or uncover new business opportunities. They do not understand what’s possible with respect to integrating Big Data into the business model.
Recently, REAN Cloud built a digital concierge for a North Carolina hospital that had observed that most patient call button questions were repetitive. In addition, the paper-based process used to measure patient health metrics was laborious, not in real-time and sometimes error-prone. In their session at 21st Cloud Expo, Sean Finnerty, Executive Director, Practice Lead, Health Care & Life Science at REAN Cloud, and Dr. S.P.T. Krishnan, Principal Architect at REAN Cloud, will discuss how they b...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities – ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups. As a result, many firms employ new business models that place enormous impor...
SYS-CON Events announced today that Dasher Technologies will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Dasher Technologies, Inc. ® is a premier IT solution provider that delivers expert technical resources along with trusted account executives to architect and deliver complete IT solutions and services to help our clients execute their goals, plans and objectives. Since 1999, we'v...
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.
SYS-CON Events announced today that TidalScale, a leading provider of systems and services, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. TidalScale has been involved in shaping the computing landscape. They've designed, developed and deployed some of the most important and successful systems and services in the history of the computing industry - internet, Ethernet, operating s...
SYS-CON Events announced today that TidalScale will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. TidalScale is the leading provider of Software-Defined Servers that bring flexibility to modern data centers by right-sizing servers on the fly to fit any data set or workload. TidalScale’s award-winning inverse hypervisor technology combines multiple commodity servers (including their ass...
Amazon is pursuing new markets and disrupting industries at an incredible pace. Almost every industry seems to be in its crosshairs. Companies and industries that once thought they were safe are now worried about being “Amazoned.”. The new watch word should be “Be afraid. Be very afraid.” In his session 21st Cloud Expo, Chris Kocher, a co-founder of Grey Heron, will address questions such as: What new areas is Amazon disrupting? How are they doing this? Where are they likely to go? What are th...
SYS-CON Events announced today that IBM has been named “Diamond Sponsor” of SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California.
Infoblox delivers Actionable Network Intelligence to enterprise, government, and service provider customers around the world. They are the industry leader in DNS, DHCP, and IP address management, the category known as DDI. We empower thousands of organizations to control and secure their networks from the core-enabling them to increase efficiency and visibility, improve customer service, and meet compliance requirements.
Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant tha...
SYS-CON Events announced today that IBM has been named “Diamond Sponsor” of SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California.
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, will lead you through the exciting evolution of the cloud. He'll look at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering ...