|
|
Sponsor
Lieberman Software
$6/User
Self-Service Windows Password Resets
Forgotten or expired user passwords
are common IT problems at large organizations. Employees are frequently
locked out of critical systems and IT staff waste time manually
resetting passwords.
Account Reset Console reduces an organization's 7/24 Help Desk
requirements and boosts end-user productivity. Delegated users can
securely reset their own passwords
via the Web or Windows logon screen, quickly and without involving the
Help Desk. Scheduled and on-demand reports, and a full audit trail of password
changes, help maintain compliance
with regulatory security
standards. And by locating and disabling stale, unused, or expired
accounts, potential security
breaches are closed. Account Reset Console is only $6.00 per user, with
additional discounts available. To learn more, view the webinars or
download a free evaluation.
www.liebsoft.com/index.cfm/products?id=1524
|
|
In Focus
Windows
Server: The New King of Downtime
by Mark Joseph Edwards, News Editor
Many of you operate networks that include a variety of
server platforms, which might include Windows, Linux, Solaris, AIX,
HP-UX, or other UNIX-based systems such as BSD. We've seen plenty of
debate over which OSs are more secure than others, but what you might
not have seen is actual data that reveals which server platforms have
the best uptime record and, conversely, which server platforms
experience the most downtime.
Recently, Yankee Group released an interesting report, "2007-2008 Global
Server Operating System Reliability Survey," based on a poll conducted
with 400 corporate managers, executives, and administrators in 27
countries that asked about the amount of downtime they experienced in
their network environment with 10 OSs.
AIX, experiencing a mere 36 minutes of downtime over the course of an
entire year, was the clear winner at 99.99 percent uptime. Coming in
dead last), and making it the new king of downtime, was Windows 2000
Server (9.86 hours of downtime), followed in the next-to-last position
by Windows Server 2003 (8.90 hours). The previous year, a few Linux
varieties (such as Turbolinux and Mandriva) experienced more downtime
than Windows. Surprised by Windows' poor showing? Here are a few more
bits of that data that might come as a surprise:
Debian, a widely used Linux distribution, experienced a significant
amount of downtime (5.08 hours), surpassed only by Windows. Red Hat
Enterprise Linux, SUSE Linux, and Solaris servers experienced very
little downtime overall last year (1.73 hours, 1.08 hours, and 1.44
hours, respectively). Ubuntu Server, a Linux OS (based in part on
Debian) that's growing in popularity by leaps and bounds, experienced
only 1.10 hours of downtime on average last year, faring better than
HP-UX, Solaris, and Red Hat!
According to the report, overall, UNIX-based systems reigned supreme in
terms of uptime, and Linux-based system have greatly improved their
uptime over the previous year.
As for Windows, downtime was worse than the previous year. According to
the report, security issues are directly to blame. Yankee Group wrote,
"The decline in Windows Server 2003 reliability statistics are dismaying
to corporations because the Microsoft server operating system is in use
at 91% of the sites we surveyed, while 74% of businesses still use
Windows 2000 Server, down from 87% in the 2006 Global Server Reliability
Survey."
"Upon deeper investigation, security was found to be the clear culprit.
In the summer and fall when Yankee Group conducted its survey, Microsoft
issued more than a dozen security alerts and patches. And to make
matters worse, many of these were critical vulnerabilities. These
statistics are significant because a majority of Windows servers carry
the bulk of the line-of-business applications, particularly Exchange
Server messaging and SQL Server databases in their firms. The increased
downtime and patch management time means more work for network
administrators," the report stated.
Yankee Group had some recommendations for Microsoft that I'm sure many
of you will agree with: "Microsoft should get an even firmer grip on
security and improve its patch management economies of scale. It is even
more imperative that Microsoft do so because of the imminent release of
the next generation server, Windows Server 2008. Microsoft must realize
the historical 20% to 30% improvements of its predecessors to keep pace
with its Linux, open source and Unix rivals. If security woes continue
to plague Windows Server 2003, it will almost certainly have an adverse
impact on customer deployment plans for Windows Server 2008."
Survey respondents were mostly from small and midsized organizations,
described as follows by Yankee Group: "Approximately 35% of the survey
respondents came from the SMBs with 1 to 100 employees, 30% from midsize
companies with 100 to 500 employees, 8% from corporations with 500 to
1,000 employees, 18% from corporations that employ 1,000 to 10,000
people, and the remaining 11% percent from large enterprises with more
than 10,000 workers."
I couldn't find a public link that provides a free copy of Yankee
Group's report. If you're interested in obtaining a copy, you can
contact the company at the URL below:
www.yankeegroup.com
Sponsor
MessageOne
Critical
Challenges of ESI & E-mail Retention
Ben Franklin's quip about the disaster that can occur "for want of a
nail" can now be applied to e-mail retention, since these days a missing
message can lead to costly legal and regulatory problems. That's why
it's absolutely essential to implement and automate effective e-mail
retention policies.
However, it's tough to know whether your retention policies and approach
dovetail effectively with today's complex regulations, standards, and
guidelines relating to business records. Companies of all sizes and from
all industries need expert advice to determine:
* Which messages they need to retain
* Where their e-mail archives should be stored
* For how long those messages must be kept
This
live Windows IT Pro Webcast can help."Critical Challenges of E-mail
Retention" will feature two experts in the field: Howard Nirken, a
partner at the law firm DuBois, Bryant & Campbell LLP, and Bryan
Rollins, VP of Product Management at MessageOne. They'll explain how you
can solve your thorniest e-mail management, retention, and compliance
challenges.
Don't delay -- register
for this free live event, sponsored by MessageOne, today!
www.windowsitpro.com/go/seminars/MessageOne/retention/?partnerref=secmid0305
|
Security News and Features
VMsafe Takes Security to a New
Level
VMware's new VMsafe technology aims to prevent common
malware attacks from becoming successful by giving security vendors a
new level of visibility into virtual machines.
To view the rest of this article, click here
McAfee Announces New VM Products and
Services
On the heels of VMware's launch of VMsafe, McAfee
announced new products and services targeted at both VMware and Windows
Server 2008.
To view the rest of this article, click here
Finjan Discovers Underground Market for FTP
Credentials
Finjan uncovered an operation that's using specialized
tools to steal and market FTP logon credentials. Some of those
credentials belong to servers operated by prominent companies whose Web
sites are among the top 100 to top 500 sites in terms of traffic.
To view the rest of this article, click here
Recent
Security Vulnerabilities
If you subscribe to this newsletter, you also receive
Security Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these discoveries
at
www.windowsitpro.com/departments/departmentid/752/752.html
Give and Take
SECURITY
MATTERS BLOG: Sandman Library Gives Access to Windows Hibernation
Files
by Mark Joseph Edwards
All of you programmers out there might be interested to
learn about a new library, written in C, that lets you access the
Windows hibernation file.
windowsitpro.com/blog/index.cfm?action=BlogIndex&DepartmentID=949
FAQ: Enable
BitLocker Via the Command Line
by John Savill
Q: How do I enable BitLocker from the command line?
Find the answer at
www.windowsitpro.com/Article/ArticleID/98219
SHARE YOUR
SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems
and solutions in Security Pro VIP's Reader to Reader column. Email your
contributions to r2r@securityprovip.com. If we
print your submission, you'll get $100. We edit submissions for style,
grammar, and length.
Products
Log Management
Tool Adds Database-Log Support
By Renee Munshi
LogRhythm announced a new version of its log and event
management system. LogRhythm 4.0 adds the Universal Database Log Adapter
(UDLAT), which provides access to log data generated by ODBC-compliant
databases and the applications they support. LogRhythm 4.0 also includes
new metadata fields for database and application logs and contextual
event forwarding technology that enables identification and alerting of
anomalies within application, database, and network activity. Finally,
the new version adds new LogMart data mining capabilities to aggregate
multiple logs in one view to support intrusion detection, incident
response, audit investigations, forensics, and e-discovery. For more
information, go to
www.logrhythm.com/
Resources and Events
Are you confident that you've minimized the risks
associated with the potential exposure of sensitive information? Join
Windows IT Pro in this free event on April 30 to learn about software
tools, Exchange management, and other solutions that can help you take
control of all the mobile devices in your organization.
www.windowsitpro.com/go/mobile/?code=030308er
Register for a Web Seminar--Win a FREE iPod Shuffle
Increase your knowledge and win! View one of several Web seminars to be
entered to win one of three iPod Shuffles (an $80 value). To be
eligible, register before April 11, 2008.
www.windowsitpro.com/Events/
Migrating Microsoft Exchange and Microsoft SQL Data
Do you have difficulty backing up Exchange and SQL Server systems within
the allotted time or waste resources because some servers are severely
overutilized while others are underutilized? Read this white paper to
find a solution that will eliminate these problems.
www.windowsitpro.com/go/wp/storevault/sql/?code=022708er
Featured White Paper
The same real-time replication capabilities that
administrators use to protect data assets can also be used in other
ways. Many IT organizations use them to reduce or even eliminate the
impact of using Microsoft SQL Server Reporting Services for scheduled
and ad-hoc reporting on production databases. Download this white paper
to learn how to speed report creation without affecting the performance
of your production database.
www.windowsitpro.com/go/wp/doubletake/sqlreporting/?code=022708er
Announcements
Check out all the info-packed publications offered by
Windows IT Pro!
If you're receiving the HTML version of this email newsletter, click
"Our Publications" in the menu bar; otherwise, click the link
below:
store.pentontech.com/index.cfm?s=1&cid=18000306&promotionid=18003253&code=
|
|
If you use a product that has made a tremendous impact in your
organization and is a product that you can't live without, tell us about
it at whatshot@windowsitpro.com
and we'll feature your review in a future issue of the magazine, under
the "What's Hot" section.
|
|
