Rochissa org
1 / 11

RochISSA - PowerPoint PPT Presentation

  • Uploaded on Web Site Design Refresh By Robert Combo, CISSP, SCSA EDS@Xerox, Network Security Services Current Issues. 100% all static HTML - Inefficient to maintain Time consuming for updates Meager content; “boring”. Objectives. Updated content

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' RochISSA' - kylynn-davis

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Rochissa org

Web Site Design Refresh

By Robert Combo, CISSP, SCSA

EDS@Xerox, Network Security Services

Current issues
Current Issues

  • 100% all static HTML - Inefficient to maintain

  • Time consuming for updates

  • Meager content; “boring”


  • Updated content

    • Add RochISSA.Org documentation such as by-laws, meeting minutes, presentations, “The Top 10 Reasons to Join RochISSA.Org”, etc

    • Links to relevant sites such as ISSA National, SANS Internet Storm Center, security tools and education, etc, etc

    • Local relevant job postings

  • Possible additional features

    • Calendar of Events, newsletters, RSS news feeds, blog, sponsored links, surveys, moderated forums, security tip of the week??, other?

  • Consider Updated Site Theme

Site theme cont
Site Theme (cont)

  • Build upon current theme? – Beige/Tan

  • Copy ISSA national theme for continuity? Such as the route of the NYC ISSA chapter

Solution cms
Solution: CMS

  • Content Management System

    • WCM – Web Content Management

      • A system used to facilitate publication of content to the web easily and quickly

      • Allow multiple content authors to publish directly to the web without knowing coding techniques

      • Many use the idea of a “Workflow”, AKA content authors submit to an approver

      • Version control/Rollback functionality

      • Templates and object reusability

Cms product varieties
CMS Product Varieties

  • Over 1700 CMS products, both commercial and open source available

  • Ranges from very simple, to “Enterprise level complexities” for deployment

  • Various foundations: PHP, Perl, JAVA, and others

Cms products evaluated
CMS Products Evaluated

  • Magnolia – JAVA, LGPL, supposed ease of use - is used by site. JSR-170 supported

  • – Java/XML based, GPL, complex, recent updates - looks to be designed with large CMS deployments in mind.

  • Lenya – Apache foundation - Java based, GPL, recent updates, complex. Not all functions available in GUI, some CLI required

  • - Java based, GPL, simple, but not recently updated

  • Nukes – Java based, GPL, looks quick/easy, but requires JBoss (GPL) app server

  • Mambo/Joomla – PHP, GPL, ease of use, possible security issues but apparent quick patching cycles, limited versioning, not search engine friendly URL's, but large development community

  • Typo3 – PHP, GPL, complex, possible security issues

  • Moveable Type – commercial, but free for non-profit. Perl, Apache, limited functionality

Final candidates
Final Candidates


  • Good:

    • JAVA, can be launched in any J2EE container, extensible with any Java API

    • Browser based admin and content editing

    • JSR-170 compliant

    • Role based user management

  • Bad:

    • Lack of real development community


  • Good:

    • Large development community, lots of plug-ins and templates available

    • Scored 10/10/10 for ease of use, admin interface, and flexibility on

  • Bad:

    • Possible security issues but apparent quick patching cycles, limited version control, not search engine friendly URL's

Cms the final answer
CMS - The Final Answer?

  • NO! A Content Management System is just a tool

  • To attract existing and potential new members to the site, there should be interesting and updated content

  • Web site should infuse a concrete value add of membership to visitors - first impression

  • Group involvement! – Looking for article contributors, graphic design ideas/assistance, and possibly bloggers

  • Email us your site ideas:


  • Comparison tool for 532+ CMS products

  • - CMS News and Info

  • - "JSR-170: What's in it for me?"

  • - Comparison of 15 top Open Source CMS packages