- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Thu, Oct 4, 2001 (Vol. 6, #76 - Issue #311)
NT4.0 Retirement Announced
  This issue of W2Knews™ contains:
    • New Microsoft Licensing Survey Results
    • Getting IIS Security Training
    • NT4.0 Retirement Announced
    • News from the Microsoft Exchange Conference
    • Sweet Security Solution
    • Get Free 3-rd Party Defragger Performance Test Utility
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • Viruses Revealed
  SPONSOR: Marimba
Waiting for your current desktop management system to work as promised?
Clear the air with Marimba. Watch the "Migrating to Windows 2000"
webinar and see how Marimba gives you seamless integration with W2K
technologies such as Active Directory, MSI and WMI; support for remote
laptops (dial-up or VPN); scalability to support your entire enterprise,
including non-Windows machines; and application self-healing.
Visit Marimba for more information.

New Microsoft Licensing Survey Results

Here is your promised Executive Summary!

We received 4,550 responses from the survey in just five full days of posting it. This is more than triple the response we have had from any survey we have done in the last three years and it underscores what a crucial issue the new Licensing 6.0 Program is for nearly every corporation. Below is a summary of the chief findings of the Giga / Sunbelt survey.

(Disclaimer: as a self-selecting survey, the findings are not absolute and no one can predict with any certainty how any of us will act in the future. That said, the findings track very closely with similar surveys and other published reports and anecdotal evidence).


80 Percent of respondents have a negative view of the 6.0 Program; less than three percent had a positive view of the Licensing 6.0 Program. 80 Percent of the respondents said their costs would increase under 6.0. Less than three percent (2.6 percent) said their costs would decrease. Just under seven percent (7) said their costs would remain the same. Approximately 42 percent said their Licensing costs would rise by 20 to 50 percent. 19 percent said costs would double or triple.

Of the 80 percent of negative responses -- 24 percent viewed it as "extremely negative" and said they are exploring alternatives to using Microsoft products. About 36 percent of the respondents said they are actively contemplating switching from Microsoft software to competitors. Among the products most frequently mentioned: Linux on the desktop; remaining with NetWare on the Server side; Star Office and Corel (WordPerfect) for the Office productivity suite and Apache and/or Netscape instead of IIS.

Forty-five percent of the installed base will NOT migrate -- mainly due to lack of funds. 32 percent of the respondents said they "may NOT decide to migrate" after they finish reviewing the terms. Only about seven (7) percent of those polled said they would definitely migrate their products under the new 6.0 Licensing Program. 41% said they will "Do Nothing". 18 Percent said they will purchase an Upgrade Advantage license. Only about six (6) percent of respondents will upgrade to Microsoft's Enterprise Agreement 6.0.

Just over half -- 51 percent -- indicated they would like Microsoft to delay the launch of the 6.0 Licensing Agreement until at least next May 31; but 37 percent said it didn't matter (presumably these are the same businesses that will elect to "do nothing") and only 12 percent did NOT want Microsoft to delay introducing the new licensing scheme.

Recurring Themes from the 856 responses that were in essay format:

  • Microsoft is a monopoly
  • A growing number say they will switch (though this may just be an angry response that is unfeasible in practice)
  • Thus far, if the customers responses are to be believed: Linux, Star Office and NetWare/eDirectory, iPlanet and Apache could see direct gains.
Overall, time, further due diligence on the part of corporations and their purchasing departments and any future response on the part of Microsoft, will play a very large role in actually determining whether or not the survey responses come to pass.

However, it is clear that the overwhelming majority of corporate accounts do not fully comprehend the terms and conditions of the new Microsoft Licensing 6.0 Program and its potential impact on their individual organizations.

In summary, corporate customers should perform all the necessary due diligence to fully understand the terms of their contracts in order to make the truest assessment of whether or not their costs will rise, remain unchanged or increase and by how much. Knowing what's on your corporate network, moving to centralize procurement practices and minimize and eliminate any issues of software non- compliance will go a long way towards strengthening your organization's negotiating power.

So there you have it. A somewhat formal but very clear picture about the new licensing. We'll see how Microsoft responds.

Warm regards,

Stu Sjouwerman (email me with feedback: [email protected])

GoToMyPC allows you to roll out a cost-effective, Web-based secure
corporate remote-access solution for 80% less than a comparable VPN
solution - in just minutes. Your employees will be able to access,
and use their office computers from any Web browser -anytime, anywhere.
It?s a revolutionary solution for your teleworkers, travelers and
work extenders. Roll out and administer a corporate telework solution
for as little as $250 per month.
Visit GoToMyPC for more information.

Getting IIS Security Training

SANS sent me this:

"Due to the overwhelming demand created by the recent worms, such as code red and NIMDA worm, and to try to accommodate folks that were unable to attend the first sessions that were sold out, SANS is offering one more round of the one day class Securing Microsoft's IIS Web Server.

As you know, the root cause allowing the worms to spread is poorly configured Microsoft IIS web servers. If we don't learn to deploy IIS properly, then any vulnerability in IIS can be used to start another worm and we will have to go through the whole mess again. In this world of copycat attacks, it is a significant and immediate possibility.

In fact, the Gartner Group now recommends against the use of IIS. Please ask your MCSEs and others managing Windows systems to get your IIS systems configured safely. Microsoft certification does NOT cover this material or much security at all. We each need to do our part to get this mess cleaned up.

SANS Instructors, Jason Fossen and Eric Cole are once again touring the nation in the coming weeks to teach special one-day courses on Securing IIS. We have confirmed dates for eight cities: San Diego CA, Houston TX, Denver CO, Chicago IL, Raleigh NC, Pittsburgh PA, Vancouver Canada, and Washington DC. For further information and to register, please go to:

Or, if you do not have the time to do this, grab a copy of SecureIIS:


NT4.0 Retirement Announced

Look what I found on the MS website today! I'm quoting here:

"After five years of service, the Microsoft® Windows NT® Server 4.0 operating system is being retired. The decision to discontinue Windows NT Server 4.0 reflects the growing demand for the Windows® 2000 Server Family of operating systems, which offer greater reliability, manageability, and scalability.

"Effective October 1, 2001, Windows NT Server 4.0, Windows NT 4.0, Enterprise Edition, and Windows NT 4.0 Client Access Licenses (CALs), will no longer be available through volume licensing programs. Additionally, all version, competitive, and product upgrade licenses for Windows NT Server 4.0 and Windows NT 4.0, Enterprise Edition will no longer be available in retail. However, licenses for full versions of Windows NT 4.0 Server and Windows NT 4.0 Enterprise Edition, as well as Windows NT 4.0 CALs, will continue to be sold in retail channels for the foreseeable future".

And then there are some notes about "downgrade" installations. Meaning you can buy W2K but install NT4.0 instead and later upgrade. It has not been announced yet when SUPPORT for NT4.0 will be retired as well. This retirement announcement only is regarding availability. Dang, looks they are serious about pushing people to W2K by pulling NT out of the Volume Licensing Programs. You may ask yourself, "How much time before it will disappear from retail shelves too?" For that, check the chart below.

Here are some more important guidelines about the different product lifecycles. You should have a look at how they do this. It's a slow process of making the old stuff more expensive and difficult. That in turn makes the migration the next level progressively more "attractive". ;-) Many of your users may still run W95. That will be DEAD by the end of this year. That's three months! Ouch.

Expiration dates:

  • Windows 95 (December 31, 2000)
  • Windows 98 / 98 SE (June 30, 2002)
  • Windows NT 4.xx (June 30, 2002)
  • Windows 2000 (March 31, 2003)
Dead, "No-longer-supported"
  • MS DOS x.xx (December 31, 2001)
  • Windows 3.xx (December 31, 2001)
  • Windows 95 (December 31, 2001)
  • Windows NT 3.5x (December 31, 2001)
  • Windows 98/98 SE (June 30, 2003)
  • Windows NT 4.xx (June 30, 2003)
Here is the link to the NT 4.0 retirement MS-page:

And here is the link to the lifecycle policies and the related FAQ's

News from the Microsoft Exchange Conference

Well, to begin with it was very quiet in there. One of the booth personnel there told me that 65% of the registered attendees did not show, but that number may be wrong. Many of the other exhibitors were complaining that there were half the people compared to last year. Not so surprising of course looking at how difficult it was to get in there to begin with. Here is a shot of me trying to get through security at the Orlando Florida Convention Center [GRIN]:

But seriously, here are a few tools I noticed that are interesting from the system admin perspective:

CAMEO Recon is a powerful content policy tool that gives administrators complete control over e-mail in all users? Exchange mailboxes. CAMEO Recon can scan the entire Exchange Information Store including all users? folders (Inbox, Deleted Items, Sent Items, Calendar, Notes, etc.) looking for matches to either a directly entered word or phrase or a detailed Critical Word List of up to 200 words and phrases.

Actions on matched messages include things like deleting the message, copy it for review, stripping off the attachment that was included with the matched message, or any combination.

All actions are invisible to users and CAMEO Recon can scan thousands of messages an hour. CAMEO Recon works with Exchange 5.5 and Exchange 2000 and runs from a typical W2K Workstation. Pricing starts at $995 for one administrative license and up to 500 mailboxes. CAMEO Recon is licensed on a per administrator console and mailbox basis. You need one administrator license and a license for the number of mailboxes you wish to scan. Sybari and NetIQ (Both Target Award 2001 winners, see the shots from the show here) joined forces to deliver a comprehensive protection and management of Exchange 2000. Sybari is the developer of Antigen, which is a very popular anti-virus, content management and e-mail security solution. NetIQ created the Performance and Availability Solution for Exchange, and now these two tools will work together so that you can manage Antigen from NetIQ's Console. Neat.

I told you the pickings were slim. Here are some short takes from other vendors -- Microsoft claims they now have 94 million seats using Exchange -- NetIQ extends MS-MOM with a bunch of XMP's (remember these as "eXtended MOM Packs") -- MS released the beta of Mobile Information Server -- MDD releases PasswordStation.NET that helps users to reset passwords themselves -- and MS announces Pocket PC on steroids. That's pretty much it regarding MEC.


Sweet Security Solution


A high school network administrator installed Event Log Monitor on classroom servers to evaluate system performance. The next day, ELM alerted him that one of his students was trying to break into the system. Within 15 minutes, the would-be hacker was in the Principal's office waiting for his parents to arrive.

With Event Log Monitor (ELM) you can keep an eye on especially the Security Event Log and get yourself alerted in many ways. This means you can deploy it as a very effective host based, low cost Intrusion Detection System (IDS).

As you know, a majority of the security breaches are from internal sources. For instance password breaking attempts are by far the most common way that is used to try to penetrate. Using ELM it is easy to see which machine is being targeted and take preventive measures.

Turning on W2K auditing is only half the work. You need a tool that also alerts in real-time when something like this happens. ELM makes you the first to know and allows you to keep tabs on your security perimeter. Because school boxes aren't the only computers that script kiddies or employees like to hack into.

ELM has long ago surpassed just monitoring event logs and is now an enterprise level monitoring tool you can use for many things. It's easy to use, a great value, and packed with features. It collects the event log messages from Windows NT and Windows 2000 systems, performance data, and system configuration data. It can monitor services, processes and flat files and fire services back up when they go down.

And, it notifies you when important events or critical (security) problems occur. Its powerful filtering and notification engine help you simplify your system and security administration tasks. Real-time monitoring guarantees your business continuity by minimizing server downtime and ELM functions as an Intrusion Detection System to prevent security breeches.

Without real-time monitoring you have to rely on your users to detect problems. With Event Log Monitor, you can count on being the first to know as soon as a problem occurs and reduce stress. Cost? Extremely affordable. Check prices and 30-day eval here:

Get Free 3-rd Party Defragger Performance Test Utility

NSTL announced the public release of a new "Test-For-Yourself" utility in an effort to help answer the question; 'Can the enterprise market viably use the disk performance tool built into the W2K O/S?'

The leading test lab for IT, NSTL collaborated with leading defrag specialists at Executive Software International. The free test program enables you to compare Diskeeper against the manual utility included in W2K in order to allow you to see for yourself which tool is best for your specific machines.

"In today's economic climate it is now more important then ever to find out if and how much better a third party tool may be over free but often 'crippled' utilities offered by the OS," said Lloyd Holder, CEO of NSTL.

In laboratory tests designed to determine, and then document, how much fragmented files impacted system performance, NSTL discovered gains of 56 - 81% on Microsoft Windows NT and even greater performance increases (over 200%) after defragmentation on W2K. Such results show the vital necessity of defragmenting every desktop and server on a site. However, the question now is 'which product is best' for my site?

The "Test-For-Yourself" utility enables you to conduct comparative defragmentation performance tests on your own machines. By comparing core functionality like the speed and performance differences, you can make the correct decision.

"Test-For-Yourself" utility includes NSTL's proprietary "fragger" disk fragmenting tool used in the system performance tests conducted at NSTL laboratories. "Fragger" was designed by NSTL to provide a clinically sound test bed enabling accurate measurement of the dramatic performance and TCO benefits of routine defragmentation on Windows NT and Windows 2000 operating systems.

The free "Test-For-Yourself" utility is available on Sunbelt's website from the Diskeeper Download Page:


This Week's Links We Like. Tips, Hints And Fun Stuff

  • Microsoft announces the Strategic Technology Protection Program (STPP)
  • ComputerWorld's Shark Tank has a fun short story about a "tech boss"
  • VisualRoute's eMailTracker allows you to graphically track email addresses to servers. Cool for troubleshooting.
  • Public Service Announcement: New York Fire Department's Widows and Children fund can use your help. Hundreds of firefighters are missing in action.

    Viruses Revealed

    Defend your system against the real threat of computer viruses with help from this comprehensive resource. Up-do-date and informative, this book presents a full-scale analysis on computer virus protection. Through use of case studies depicting actual virus infestations, this guide provides both the technical knowledge and practical solutions necessary to guard against the increasing threat of virus attacks. From the publishers of "Hacking Exposed". Here's a link to it: