Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Thu, Oct 4, 2001 (Vol. 6, #76 - Issue #311)
NT4.0 Retirement Announced
This issue of W2Knews contains:
- EDITORS CORNER
- New Microsoft Licensing Survey Results
- TECH BRIEFING
- Getting IIS Security Training
- NT/2000 RELATED NEWS
- NT4.0 Retirement Announced
- News from the Microsoft Exchange Conference
- NT/2000 THIRD PARTY NEWS
- Sweet Security Solution
- Get Free 3-rd Party Defragger Performance Test Utility
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
Waiting for your current desktop management system to work as promised?
Clear the air with Marimba. Watch the "Migrating to Windows 2000"
webinar and see how Marimba gives you seamless integration with W2K
technologies such as Active Directory, MSI and WMI; support for remote
laptops (dial-up or VPN); scalability to support your entire enterprise,
including non-Windows machines; and application self-healing.
Visit Marimba for more information.
New Microsoft Licensing Survey Results
Here is your promised Executive Summary!
We received 4,550 responses from the survey in just five full days
of posting it. This is more than triple the response we have had from
any survey we have done in the last three years and it underscores
what a crucial issue the new Licensing 6.0 Program is for nearly
every corporation. Below is a summary of the chief findings of the
Giga / Sunbelt survey.
(Disclaimer: as a self-selecting survey, the findings are not absolute
and no one can predict with any certainty how any of us will act in
the future. That said, the findings track very closely with similar
surveys and other published reports and anecdotal evidence).
80 Percent of respondents have a negative view of the 6.0 Program;
less than three percent had a positive view of the Licensing 6.0
Program. 80 Percent of the respondents said their costs would increase
under 6.0. Less than three percent (2.6 percent) said their costs
would decrease. Just under seven percent (7) said their costs would
remain the same. Approximately 42 percent said their Licensing costs
would rise by 20 to 50 percent. 19 percent said costs would double
Of the 80 percent of negative responses -- 24 percent viewed it as
"extremely negative" and said they are exploring alternatives to using
Microsoft products. About 36 percent of the respondents said they
are actively contemplating switching from Microsoft software to
competitors. Among the products most frequently mentioned: Linux on
the desktop; remaining with NetWare on the Server side; Star Office
and Corel (WordPerfect) for the Office productivity suite and Apache
and/or Netscape instead of IIS.
Forty-five percent of the installed base will NOT migrate -- mainly
due to lack of funds. 32 percent of the respondents said they "may
NOT decide to migrate" after they finish reviewing the terms. Only
about seven (7) percent of those polled said they would definitely
migrate their products under the new 6.0 Licensing Program. 41% said
they will "Do Nothing". 18 Percent said they will purchase an Upgrade
Advantage license. Only about six (6) percent of respondents will
upgrade to Microsoft's Enterprise Agreement 6.0.
Just over half -- 51 percent -- indicated they would like Microsoft
to delay the launch of the 6.0 Licensing Agreement until at least
next May 31; but 37 percent said it didn't matter (presumably these
are the same businesses that will elect to "do nothing") and only
12 percent did NOT want Microsoft to delay introducing the new
Recurring Themes from the 856 responses that were in essay format:
Overall, time, further due diligence on the part of corporations
and their purchasing departments and any future response on the
part of Microsoft, will play a very large role in actually
determining whether or not the survey responses come to pass.
- Microsoft is a monopoly
- A growing number say they will switch (though this may just be
an angry response that is unfeasible in practice)
- Thus far, if the customers responses are to be believed: Linux,
Star Office and NetWare/eDirectory, iPlanet and Apache could
see direct gains.
However, it is clear that the overwhelming majority of corporate
accounts do not fully comprehend the terms and conditions of the
new Microsoft Licensing 6.0 Program and its potential impact on
their individual organizations.
In summary, corporate customers should perform all the necessary
due diligence to fully understand the terms of their contracts in
order to make the truest assessment of whether or not their costs
will rise, remain unchanged or increase and by how much. Knowing
what's on your corporate network, moving to centralize procurement
practices and minimize and eliminate any issues of software non-
compliance will go a long way towards strengthening your
organization's negotiating power.
So there you have it. A somewhat formal but very clear picture
about the new licensing. We'll see how Microsoft responds.
(email me with feedback: [email protected])
GoToMyPC allows you to roll out a cost-effective, Web-based secure
corporate remote-access solution for 80% less than a comparable VPN
solution - in just minutes. Your employees will be able to access,
and use their office computers from any Web browser -anytime, anywhere.
It?s a revolutionary solution for your teleworkers, travelers and
work extenders. Roll out and administer a corporate telework solution
for as little as $250 per month.
Visit GoToMyPC for more information.
Getting IIS Security Training
SANS sent me this:
"Due to the overwhelming demand created by the recent worms, such as
code red and NIMDA worm, and to try to accommodate folks that were
unable to attend the first sessions that were sold out, SANS is
offering one more round of the one day class Securing Microsoft's
IIS Web Server.
As you know, the root cause allowing the worms to spread is poorly
configured Microsoft IIS web servers. If we don't learn to deploy
IIS properly, then any vulnerability in IIS can be used to start
another worm and we will have to go through the whole mess again.
In this world of copycat attacks, it is a significant and immediate
In fact, the Gartner Group now recommends against the use of IIS.
Please ask your MCSEs and others managing Windows systems to get
your IIS systems configured safely. Microsoft certification does
NOT cover this material or much security at all. We each need to
do our part to get this mess cleaned up.
SANS Instructors, Jason Fossen and Eric Cole are once again touring
the nation in the coming weeks to teach special one-day courses on
Securing IIS. We have confirmed dates for eight cities: San Diego
CA, Houston TX, Denver CO, Chicago IL, Raleigh NC, Pittsburgh PA,
Vancouver Canada, and Washington DC. For further information and
to register, please go to:
Or, if you do not have the time to do this, grab a copy of SecureIIS:
NT/2000 RELATED NEWS
NT4.0 Retirement Announced
Look what I found on the MS website today! I'm quoting here:
"After five years of service, the Microsoft® Windows NT® Server 4.0
operating system is being retired. The decision to discontinue
Windows NT Server 4.0 reflects the growing demand for the Windows®
2000 Server Family of operating systems, which offer greater
reliability, manageability, and scalability.
"Effective October 1, 2001, Windows NT Server 4.0, Windows NT 4.0,
Enterprise Edition, and Windows NT 4.0 Client Access Licenses (CALs),
will no longer be available through volume licensing programs.
Additionally, all version, competitive, and product upgrade
licenses for Windows NT Server 4.0 and Windows NT 4.0, Enterprise
Edition will no longer be available in retail. However, licenses
for full versions of Windows NT 4.0 Server and Windows NT 4.0
Enterprise Edition, as well as Windows NT 4.0 CALs, will continue
to be sold in retail channels for the foreseeable future".
And then there are some notes about "downgrade" installations.
Meaning you can buy W2K but install NT4.0 instead and later upgrade.
It has not been announced yet when SUPPORT for NT4.0 will be retired
as well. This retirement announcement only is regarding availability.
Dang, looks they are serious about pushing people to W2K by pulling
NT out of the Volume Licensing Programs. You may ask yourself, "How
much time before it will disappear from retail shelves too?" For
that, check the chart below.
Here are some more important guidelines about the different product
lifecycles. You should have a look at how they do this. It's a slow
process of making the old stuff more expensive and difficult. That
in turn makes the migration the next level progressively more
"attractive". ;-) Many of your users may still run W95. That will
be DEAD by the end of this year. That's three months! Ouch.
- Windows 95 (December 31, 2000)
- Windows 98 / 98 SE (June 30, 2002)
- Windows NT 4.xx (June 30, 2002)
- Windows 2000 (March 31, 2003)
Here is the link to the NT 4.0 retirement MS-page:
- MS DOS x.xx (December 31, 2001)
- Windows 3.xx (December 31, 2001)
- Windows 95 (December 31, 2001)
- Windows NT 3.5x (December 31, 2001)
- Windows 98/98 SE (June 30, 2003)
- Windows NT 4.xx (June 30, 2003)
And here is the link to the lifecycle policies and the related FAQ's
News from the Microsoft Exchange Conference
Well, to begin with it was very quiet in there. One of the booth
personnel there told me that 65% of the registered attendees did
not show, but that number may be wrong. Many of the other exhibitors
were complaining that there were half the people compared to last
year. Not so surprising of course looking at how difficult it was
to get in there to begin with. Here is a shot of me trying to get
through security at the Orlando Florida Convention Center [GRIN]:
But seriously, here are a few tools I noticed that are interesting
from the system admin perspective:
CAMEO Recon is a powerful content policy tool that gives
administrators complete control over e-mail in all users?
Exchange mailboxes. CAMEO Recon can scan the entire Exchange
Information Store including all users? folders (Inbox, Deleted
Items, Sent Items, Calendar, Notes, etc.) looking for matches
to either a directly entered word or phrase or a detailed
Critical Word List of up to 200 words and phrases.
Actions on matched messages include things like deleting the
message, copy it for review, stripping off the attachment that
was included with the matched message, or any combination.
All actions are invisible to users and CAMEO Recon can scan
thousands of messages an hour. CAMEO Recon works with Exchange
5.5 and Exchange 2000 and runs from a typical W2K Workstation.
Pricing starts at $995 for one administrative license and up
to 500 mailboxes. CAMEO Recon is licensed on a per administrator
console and mailbox basis. You need one administrator license
and a license for the number of mailboxes you wish to scan.
Sybari and NetIQ (Both Target Award 2001 winners, see the
shots from the show here) joined forces to deliver a comprehensive protection and management of Exchange 2000. Sybari is the developer of
Antigen, which is a very popular anti-virus, content management and e-mail security solution. NetIQ created the Performance and Availability Solution
for Exchange, and now these two tools will work together so that
you can manage Antigen from NetIQ's Console. Neat.
I told you the pickings were slim. Here are some short takes from
other vendors -- Microsoft claims they now have 94 million seats
using Exchange -- NetIQ extends MS-MOM with a bunch of XMP's
(remember these as "eXtended MOM Packs") -- MS released the beta
of Mobile Information Server -- MDD releases PasswordStation.NET
that helps users to reset passwords themselves -- and MS announces
Pocket PC on steroids. That's pretty much it regarding MEC.
THIRD PARTY NEWS
Sweet Security Solution
...15 MIN. LATER HE WAS IN THE PRINCIPAL'S OFFICE!
A high school network administrator installed Event Log Monitor on
classroom servers to evaluate system performance. The next day, ELM
alerted him that one of his students was trying to break into the
system. Within 15 minutes, the would-be hacker was in the Principal's
office waiting for his parents to arrive.
With Event Log Monitor (ELM) you can keep an eye on especially the
Security Event Log and get yourself alerted in many ways. This means
you can deploy it as a very effective host based, low cost Intrusion
Detection System (IDS).
As you know, a majority of the security breaches are from internal
sources. For instance password breaking attempts are by far the most
common way that is used to try to penetrate. Using ELM it is easy to
see which machine is being targeted and take preventive measures.
Turning on W2K auditing is only half the work. You need a tool that
also alerts in real-time when something like this happens. ELM makes
you the first to know and allows you to keep tabs on your security
perimeter. Because school boxes aren't the only computers that script
kiddies or employees like to hack into.
ELM has long ago surpassed just monitoring event logs and is now an
enterprise level monitoring tool you can use for many things. It's
easy to use, a great value, and packed with features. It collects
the event log messages from Windows NT and Windows 2000 systems,
performance data, and system configuration data. It can monitor
services, processes and flat files and fire services back up when
they go down.
And, it notifies you when important events or critical (security)
problems occur. Its powerful filtering and notification engine help
you simplify your system and security administration tasks. Real-time
monitoring guarantees your business continuity by minimizing server
downtime and ELM functions as an Intrusion Detection System to
prevent security breeches.
Without real-time monitoring you have to rely on your users to
detect problems. With Event Log Monitor, you can count on being
the first to know as soon as a problem occurs and reduce stress.
Cost? Extremely affordable. Check prices and 30-day eval here:
Get Free 3-rd Party Defragger Performance Test Utility
NSTL announced the public release of a new "Test-For-Yourself"
utility in an effort to help answer the question; 'Can the enterprise
market viably use the disk performance tool built into the W2K O/S?'
The leading test lab for IT, NSTL collaborated with leading defrag
specialists at Executive Software International. The free test program
enables you to compare Diskeeper against the manual utility included
in W2K in order to allow you to see for yourself which tool is best
for your specific machines.
"In today's economic climate it is now more important then ever
to find out if and how much better a third party tool may be over
free but often 'crippled' utilities offered by the OS," said
Lloyd Holder, CEO of NSTL.
In laboratory tests designed to determine, and then document, how
much fragmented files impacted system performance, NSTL discovered
gains of 56 - 81% on Microsoft Windows NT and even greater performance
increases (over 200%) after defragmentation on W2K. Such results show
the vital necessity of defragmenting every desktop and server on a
site. However, the question now is 'which product is best' for my site?
The "Test-For-Yourself" utility enables you to conduct comparative
defragmentation performance tests on your own machines. By comparing
core functionality like the speed and performance differences, you
can make the correct decision.
"Test-For-Yourself" utility includes NSTL's proprietary "fragger"
disk fragmenting tool used in the system performance tests conducted
at NSTL laboratories. "Fragger" was designed by NSTL to provide a
clinically sound test bed enabling accurate measurement of the
dramatic performance and TCO benefits of routine defragmentation
on Windows NT and Windows 2000 operating systems.
The free "Test-For-Yourself" utility is available on Sunbelt's
website from the Diskeeper Download Page:
This Week's Links We Like. Tips, Hints And Fun Stuff
Microsoft announces the Strategic Technology Protection Program (STPP)
ComputerWorld's Shark Tank has a fun short story about a "tech boss"
VisualRoute's eMailTracker allows you to graphically track email
addresses to servers. Cool for troubleshooting.
Public Service Announcement: New York Fire Department's Widows and
Children fund can use your help. Hundreds of firefighters are missing
PRODUCT OF THE WEEK
Defend your system against the real threat of computer viruses with
help from this comprehensive resource. Up-do-date and informative,
this book presents a full-scale analysis on computer virus protection.
Through use of case studies depicting actual virus infestations, this
guide provides both the technical knowledge and practical solutions
necessary to guard against the increasing threat of virus attacks.
From the publishers of "Hacking Exposed". Here's a link to it: