Insurance firm migrates to Oracle 10G database powered by Sun servers

Grepalife, a Yuchengcoowned insurance company, has recently acquired a new generation server computing platform designed to provide faster processing systems and better service turnaround time for clients and its sales force.

The company is among the first in the country to migrate its main application systems from the previous Oracle 8i version to the Oracle Database 10G Enterprise Edition, the most ideal platform for enterprises that need to support high volume online transaction processing and query intensive data warehousing applications.

"Our goal is to make our service ever faster and better for our clients. Our advanced IT infrastructure, coupled with the excellent capabilities of our people, is among the most important springboards that will propel Grepalife to the top of the industry," said Grepalife president and CEO Victor P. Quisumbing.

This one-time multi-million peso investment enabled Grepalife’s online transactions such as logging in, policy inquiry, and loan processing to be faster by 100 percent.

This system has the clustering and load balancing capability that prevents long computer down time and clogging.

Systems running on the new server platform are already being used in Underwriting, New Business, Cash, Premium Accounting, Policyholder Services, Group Administration, Group Accounting, and other departments, with highly positive feedback.

The new server is powered by clustered central database servers consisting of three Sun Microsystems X4200 with X86 64bit Opteron technology processors, Red Hat Linux 4.0 Enterprise Edition, and a redundant array of data storage devices built around the Oracle Database 10G Enterprise Edition computing engine, all with enough capacity to support future expansion.

Author: Edu H. Lopez @ www.mb.com.ph

Read more ...

SAP Shows Solid Earnings, Firm Stance Against Oracle

SAP on Thursday narrowly topped analyst profit estimates in its third quarter, raking in $579 million on sales of $3.44 billion.

Analysts were looking for sales of $3.46 billion in the quarter, a target the German software giant would surely have met or exceeded if not for currency fluctuations related to the strength of the euro. Most analysts pegged SAP for a third-quarter profit of $575 million.

"Given the current currency situation and the concerns of the market, we would assess the report as a success," DZ Bank analyst Oliver Finger wrote in a research note following SAP's earnings report.

While the story this quarter was the company's 11-percent surge in licensing sales, which rose to $1.02 billion, Chief Financial Officer Werner Brandt cautioned that SAP probably wouldn't hit the upper end of its previous estimates of 15 percent to 17 percent growth for the full fiscal year.

"It appears less likely that product or software revenue growth will reach the upper end of the aforementioned ranges," Brandt said during a conference call with analysts. However, he said, the company expects to still top earnings-per-share estimates for the full year, ranging from $7.32 to $7.54 a share.

During the conference call, CEO Henning Kagermann and Leo Apotheker, SAP's president of customer solutions and operations, spent a considerable amount of time defending the company's performance in head-to-head battles with arch-rival Oracle over large customer accounts.

While Oracle has claimed that it consistently dominated SAP in landing new customer accounts, Apotheker said SAP actually had won in 85 percent of the 247 deals for which the two companies competed during the quarter.

The company also announced Thursday that it beat out Oracle for a large contract with retailing giant Wal-Mart during third quarter. According to SAP executives, Wal-Mart will implement SAP ERP Financials to replace some of its legacy software systems, including its JD Edwards enterprise resource planning (define) applications, and integrate it with other internal systems. The first phase of the installation is planned for completion in 2010.

Reaffirming the company's plan to grow its customer base to more than 100,000 clients by 2010 through aggressively targeting the small- and mid-sized business sector, SAP announced that it would invest more than $560 million in the coming year to market and develop Business By Design, its first software-as-a-service (SaaS) (define) offering, announced last month.

SAP also announced it would be launching a new mid-market product that features a flexible architecture and new deployment models -- and implying it too will be delivered to customers in an on-demand model or both on-demand and on-premise. The company said further details and a specific timeline for the new product's delivery will wait until SAP's annual analyst conference in December.

On Thursday, Kagermann reiterated that SAP would continue to follow its long-time plan of making only small, strategic acquisitions -- rather than follow Oracle's strategy of constant acquisition.

That comment come in spite of SAP's contrary move last week, when it broke from tradition to purchase business intelligence and analytics software vendor Business Objects for $6.8 billion.

Less than a week later, Oracle announced its intention to acquire middleware provider BEA Systems for $6.7 billion. According to some industry insiders, SAP's Business Objects deal inadvertently assisted Oracle's acquisition strategy by ensuring the German company would be unlikely to engage in an expensive bidding war so soon after making a massive purchase of its own.

SAP shares pulled back $1.69 a share, or three percent, to $54.61 in Thursday afternoon trading.

Author: Larry Barrett

Read more ...

Oracle Patches 51, Updates Vulnerability-Scoring System

Oracle's October Critical Patch Update (CPU) addresses 51 vulnerabilities spread across the company's product portfolio, a marked improvement over last October's update. The quarterly release also introduces an update to the system it uses to score the severity of vulnerabilities.

Oracle's namesake database products, which have 27 disclosed vulnerabilities, get the majority of the 51 fixes. According to Oracle's advisory, seven of the database vulnerabilities may be remotely exploitable without authentication.

Oracle Application Server gets 11 fixes, seven of which are remotely exploitable without authentication. There are eight security fixes for the Oracle E-Business Suite and one is remotely exploitable without authentication. Oracle Collaboration Suite gets seven fixes. Oracle PeopleSoft Enterprise PeopleTools gets two security fixes, and one new security fix for PeopleSoft Enterprise Human Capital Management.

The 51 flaws addressed in this month's update continue the decrease in reported vulnerabilities, which numbered 65 in the July update and are considerably fewer than the 100 the company fixed last October. That update also marked the first time that Oracle revealed how many flaws were remotely exploitable without authentication. The remote exploit flaws are among the most dangerous in that they are more accessible and hence more easily exploited than local flaws, which first require local access as well as some form of authentication.

This year's update also includes version 2 of the Common Vulnerability Scoring System (CVSS), which provides a benchmarking base metric system in order to score the relative severity of a reported vulnerability. The company adopted the system last year to expand its security information disclosure method.

"It is worthwhile to reiterate again that CVSS provides a standard-based approach for assessing the criticality of vulnerabilities," Eric Maurice, manager for security in Oracle's global technology business unit, wrote on Oracle's security blog.

"In other words, CVSS assists customers to understand the significance of a given vulnerability in their environment, and assess the priority that should be given to patching that specific vulnerability against production requirements."

With CVSS 2.0, he continued, a number of changes have been introduced that make the standard more representative of real-world vulnerabilities.

But while the new version of CVSS has more parameters, Amichai Shulman, CTO of application data security company Imperva, said that the scores have remained the same.

"Based on our analysis, we recommend that security officers take a close look at the details composing the risk score rather than accepting the score itself," Shulman wrote in an e-mail sent to InternetNews.com.

"For example, the highest-ranked vulnerability is only 6.5 out of 10, yet it is easy to exploit remotely and allows the attacker to take complete control of the database. This is a serious vulnerability, but its score does not reflect that fact."

Regardless of how Oracle actually measures the severity of the vulnerabilities, the imperative for Oracle users is to update and do so quickly.

"Oracle users should understand that the period after a CPU has been issued is ironically more risky than the period before the CPU is published, as it gives black hats who may not have known about certain vulnerabilities directions where to look for them," Slavik Markovich, CTO of database security vendor Sentrigo, wrote in an e-mail sent to InternetNews.com.

"Based on the severity level of the vulnerabilities patched in this CPU, users should be sure to take the steps necessary to protect their organizations' data by heeding the advice of Oracle with regard to patch specifications and procedures."

Author: Sean Micheal Kerner @ internetnews.com

Read more ...