A Penton Media Property
March 5, 2008
If you want to view this on the web go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296415-0-0-0-1-2-207
----------------------------------------
ADVERTISEMENT
Lieberman Software
$6/User Self-Service Windows Password Resets
Forgotten or expired user passwords are common IT problems at large
organizations. Employees are frequently locked out of critical systems
and IT staff waste time manually resetting passwords. Account Reset
Console reduces an organization's 7/24 Help Desk requirements and boosts
end-user productivity. Delegated users can securely reset their own
passwords via the Web or Windows logon screen, quickly and without
involving the Help Desk. Scheduled and on-demand reports, and a full
audit trail of password changes, help maintain compliance with
regulatory security standards. And by locating and disabling stale,
unused, or expired accounts, potential security breaches are closed.
Account Reset Console is only $6.00 per user, with additional discounts
available. To learn more, view the webinars or download a free
evaluation.
http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296416-0-0-0-1-2-207
----------------------------------------
IN FOCUS
--Windows Server: The New King of Downtime
by Mark Joseph Edwards, News Editor
Many of you operate networks that include a variety of server platforms,
which might include Windows, Linux, Solaris, AIX, HP-UX, or other
UNIX-based systems such as BSD. We've seen plenty of debate over which
OSs are more secure than others, but what you might not have seen is
actual data that reveals which server platforms have the best uptime
record and, conversely, which server platforms experience the most
downtime.
Recently, Yankee Group released an interesting report, "2007-2008 Global
Server Operating System Reliability Survey," based on a poll conducted
with 400 corporate managers, executives, and administrators in 27
countries that asked about the amount of downtime they experienced in
their network environment with 10 OSs.
AIX, experiencing a mere 36 minutes of downtime over the course of an
entire year, was the clear winner at 99.99 percent uptime. Coming in
dead last), and making it the new king of downtime, was Windows 2000
Server (9.86 hours of downtime), followed in the next-to-last position
by Windows Server 2003 (8.90 hours). The previous year, a few Linux
varieties (such as Turbolinux and Mandriva) experienced more downtime
than Windows. Surprised by Windows' poor showing? Here are a few more
bits of that data that might come as a surprise:
Debian, a widely used Linux distribution, experienced a significant
amount of downtime (5.08 hours), surpassed only by Windows. Red Hat
Enterprise Linux, SUSE Linux, and Solaris servers experienced very
little downtime overall last year (1.73 hours, 1.08 hours, and 1.44
hours, respectively). Ubuntu Server, a Linux OS (based in part on
Debian) that's growing in popularity by leaps and bounds, experienced
only 1.10 hours of downtime on average last year, faring better than
HP-UX, Solaris, and Red Hat!
According to the report, overall, UNIX-based systems reigned supreme in
terms of uptime, and Linux-based system have greatly improved their
uptime over the previous year.
As for Windows, downtime was worse than the previous year. According to
the report, security issues are directly to blame. Yankee Group wrote,
"The decline in Windows Server 2003 reliability statistics are dismaying
to corporations because the Microsoft server operating system is in use
at 91% of the sites we surveyed, while 74% of businesses still use
Windows 2000 Server, down from 87% in the 2006 Global Server Reliability
Survey."
"Upon deeper investigation, security was found to be the clear culprit.
In the summer and fall when Yankee Group conducted its survey, Microsoft
issued more than a dozen security alerts and patches. And to make
matters worse, many of these were critical vulnerabilities. These
statistics are significant because a majority of Windows servers carry
the bulk of the line-of-business applications, particularly Exchange
Server messaging and SQL Server databases in their firms. The increased
downtime and patch management time means more work for network
administrators," the report stated.
Yankee Group had some recommendations for Microsoft that I'm sure many
of you will agree with: "Microsoft should get an even firmer grip on
security and improve its patch management economies of scale. It is even
more imperative that Microsoft do so because of the imminent release of
the next generation server, Windows Server 2008. Microsoft must realize
the historical 20% to 30% improvements of its predecessors to keep pace
with its Linux, open source and Unix rivals. If security woes continue
to plague Windows Server 2003, it will almost certainly have an adverse
impact on customer deployment plans for Windows Server 2008."
Survey respondents were mostly from small and midsized organizations,
described as follows by Yankee Group: "Approximately 35% of the survey
respondents came from the SMBs with 1 to 100 employees, 30% from midsize
companies with 100 to 500 employees, 8% from corporations with 500 to
1,000 employees, 18% from corporations that employ 1,000 to 10,000
people, and the remaining 11% percent from large enterprises with more
than 10,000 workers."
I couldn't find a public link that provides a free copy of Yankee
Group's report. If you're interested in obtaining a copy, you can
contact the company at the URL below:
www.yankeegroup.com (http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296417-0-0-0-1-2-207)
----------------------------------------
ADVERTISEMENT
MessageOne
Critical Challenges of ESI & E-mail Retention
Ben Franklin's quip about the disaster that can occur "for want of a
nail" can now be applied to e-mail retention, since these days a missing
message can lead to costly legal and regulatory problems. That's why
it's absolutely essential to implement and automate effective e-mail
retention policies.
However, it's tough to know whether your retention policies and approach
dovetail effectively with today's complex regulations, standards, and
guidelines relating to business records. Companies of all sizes and from
all industries need expert advice to determine:
* Which messages they need to retain
* Where their e-mail archives should be stored
* For how long those messages must be kept
This live Windows IT Pro Webcast can help."Critical Challenges of E-mail
Retention" will feature two experts in the field: Howard Nirken, a
partner at the law firm DuBois, Bryant & Campbell LLP, and Bryan
Rollins, VP of Product Management at MessageOne. They'll explain how you
can solve your thorniest e-mail management, retention, and compliance
challenges.
Don't delay -- register for this free live event, sponsored by
MessageOne, today!
http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296418-0-0-0-1-2-207
----------------------------------------
SECURITY NEWS AND FEATURES
--VMsafe Takes Security to a New Level
VMware's new VMsafe technology aims to prevent common malware attacks
from becoming successful by giving security vendors a new level of
visibility into virtual machines.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296419-0-0-0-1-2-207
--McAfee Announces New VM Products and Services
On the heels of VMware's launch of VMsafe, McAfee announced new products
and services targeted at both VMware and Windows Server 2008.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296420-0-0-0-1-2-207
--Finjan Discovers Underground Market for FTP Credentials
Finjan uncovered an operation that's using specialized tools to steal
and market FTP logon credentials. Some of those credentials belong to
servers operated by prominent companies whose Web sites are among the
top 100 to top 500 sites in terms of traffic.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296421-0-0-0-1-2-207
--Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security Alerts,
which inform you about recently discovered security vulnerabilities. You
can also find information about these discoveries at
www.windowsitpro.com/departments/departmentid/752/752.html
(http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296422-0-0-0-1-2-207)
GIVE AND TAKE
--SECURITY MATTERS BLOG: Sandman Library Gives Access to Windows
Hibernation Files
by Mark Joseph Edwards
All of you programmers out there might be interested to learn about a
new library, written in C, that lets you access the Windows hibernation
file.
windowsitpro.com/blog/index.cfm?action=BlogIndex&DepartmentID=949
(http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296423-0-0-0-1-2-207)
--FAQ: Enable BitLocker Via the Command Line
by John Savill
Q: How do I enable BitLocker from the command line?
Find the answer at
www.windowsitpro.com/Article/ArticleID/98219
(http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296424-0-0-0-1-2-207)
--SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and solutions in
Security Pro VIP's Reader to Reader column. Email your contributions to
r2r@securityprovip.com (mailto:r2r@securityprovip.com). If we print your
submission, you'll get $100. We edit submissions for style, grammar, and
length.
PRODUCTS
--Log Management Tool Adds Database-Log Support
By Renee Munshi
LogRhythm announced a new version of its log and event management
system. LogRhythm 4.0 adds the Universal Database Log Adapter (UDLAT),
which provides access to log data generated by ODBC-compliant databases
and the applications they support. LogRhythm 4.0 also includes new
metadata fields for database and application logs and contextual event
forwarding technology that enables identification and alerting of
anomalies within application, database, and network activity. Finally,
the new version adds new LogMart data mining capabilities to aggregate
multiple logs in one view to support intrusion detection, incident
response, audit investigations, forensics, and e-discovery. For more
information, go to
www.logrhythm.com/ (http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296425-0-0-0-1-2-207)
RESOURCES AND EVENTS
Are you confident that you've minimized the risks associated with the
potential exposure of sensitive information? Join Windows IT Pro in
this free event on April 30 to learn about software tools, Exchange
management, and other solutions that can help you take control of all
the mobile devices in your organization.
www.windowsitpro.com/go/mobile/?code=030308er
(http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296426-0-0-0-1-2-207)
Register for a Web Seminar--Win a FREE iPod Shuffle
Increase your knowledge and win! View one of several Web seminars to be
entered to win one of three iPod Shuffles (an $80 value). To be
eligible, register before April 11, 2008.
www.windowsitpro.com/Events/ (http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296427-0-0-0-1-2-207)
Migrating Microsoft Exchange and Microsoft SQL Data
Do you have difficulty backing up Exchange and SQL Server systems within
the allotted time or waste resources because some servers are severely
overutilized while others are underutilized? Read this white paper to
find a solution that will eliminate these problems.
www.windowsitpro.com/go/wp/storevault/sql/?code=022708er
(http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296428-0-0-0-1-2-207)
FEATURED WHITE PAPER
The same real-time replication capabilities that administrators use to
protect data assets can also be used in other ways. Many IT
organizations use them to reduce or even eliminate the impact of using
Microsoft SQL Server Reporting Services for scheduled and ad-hoc
reporting on production databases. Download this white paper to learn
how to speed report creation without affecting the performance of your
production database.
www.windowsitpro.com/go/wp/doubletake/sqlreporting/?code=022708er
(http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296429-0-0-0-1-2-207)
ANNOUNCEMENTS
Check out all the info-packed publications offered by Windows IT Pro!
If you're receiving the HTML version of this email newsletter, click
"Our Publications" in the menu bar; otherwise, click the link below:
store.pentontech.com/index.cfm?s=1&cid=18000306&promotionid=18003253&code=
(http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296430-0-0-0-1-2-207)
CONTACT US
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).
http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296431-0-0-0-1-2-207
http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296432-0-0-0-1-2-207
You are subscribed to this newsletter as boy.blogger@gmail.com
Manage your Security UPDATE subscription at
http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296433-0-0-0-1-2-207.
Be sure to add Security_UPDATE@email.windowsitpro.com
to your spam filter's list of allowed senders.
To contact us:
About Security UPDATE content -- mailto:letters@windowsitpro.com
About technical questions -- http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296435-0-0-0-1-2-207
About your product news -- mailto:products@windowsitpro.com
About your subscription -- mailto:windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- mailto:salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://ct.email.windowsitpro.com/rd/cts?d=33-3317-803-202-62923-296436-0-0-0-1-2-207
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2008, Penton Media, Inc. All rights reserved.
No comments:
Post a Comment