Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Thu, Nov 8, 2001 (Vol. 6, #86 - Issue #321)
Opt-in To Get WinXPNews!
This issue of W2Knews contains:
- EDITORS CORNER
- Opt-in To Get WinXPNews! / Securing America Investment Act
- TECH BRIEFING
- What Are The 2001 Top Selling Techie Tools?
- More on HIPAA (this is for USA readers)
- NT/2000 RELATED NEWS
- W2K Service Pack 3 Begins Testing
- XP Slower Than W2K? - Microsoft Hits Back
- NT/2000 THIRD PARTY NEWS
- Dramatic Price Drop For New High Availability Tool
- Security Update: ONE Layer of Protection is NOT Enough
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- Hack Proofing Windows 2000 Server
WANT TO DECREASE COSTS ASSOCIATED WITH YOUR HELPDESK?
With the current state of the economy it is critical that
organizations look at ways of cutting costs and saving money.
The implementation of eSupport technology can make your helpdesk
agents more productive, increase customer satisfaction, and show
an ROI the minute you start using the solution. Download this
free white paper, 'Assisted Web-Based Customer Support'
Visit Control-F1 for more information.
Opt-in To Get WinXPNews! / Securing America Investment Act
We're very happy to announce our new weekly E-Zine for home users
and small business: WinXPnews. You can now go to the site and opt
in to get it. A Beta issue is on line now, and next week you will
see the first real issue. What you told us is you wanted are articles
covering the sections below, and of course we'll also cover all kinds
of new stuff coming out for WinXP. It will be focused on power users
and small office networks.
Check out our Beta Issue and SUBSCRIBE NOW! at:
- Editor's Corner
- Hints, Tips, Tricks & Tweaks
- How To's: All The New XP Features
- WinXP Security: Updates & Patches
- Upgrading & Compatibility Issues
- WinXP Configuring & Troubleshooting
- Fave Links
US Congress Representatives Weller and Crowley have proposed a bill
that will allow you to deduct from your taxes, any investments made
to secure your building and network infrastructure. If this bill would
pass, it will be RETROACTIVE to September 11, 2001. We have a copy
of this bill in PDF format on one of our security consulting pages
in the "White Papers, Documents and Other Files section. It's called
Securing America Investment Act of 2001 (PDF - 32,024 bytes) and it
would be VERY peachy if this thing came to be reality. It's in the House
Ways and Means Committee now. Write your representative you'd like to
see this bill passed. now, that would grease the budget wheels!
(email me with feedback: [email protected])
SPONSOR: Event Log Monitor
Prevent Downtime: ELM Helps You Prevent IT From Hitting The Fan
You need to be the first to know, and stay ahead. ELM will help as it
is real-time Business Continuity and Security Monitoring software for
NT/W2K, but also for TCP/IP devices and clusters. ELM is now a full
enterprise level monitoring tool packed with features but still for a
very low price. Collect event log-, performance-, and config data, ping
web pages and get notified in a variety of ways when they do not respond.
Powerful filtering engine. The Real-time monitoring guarantees your
business continuity, minimizes server downtime and reduces stress.
You'll be the first to know, not the last. 30-day eval:
Visit Event Log Monitor for more information.
What Are The 2001 Top Selling Techie Tools?
Many people ask us what the Best Sellers are in the different categories.
Of course it's the safest bet to use the tools that everyone else already
is using. So, for your "year-end budget spending spree", here are the
winners of 2001 year-to-date in each category with their links:
Best Seller Active Directory Tools: FAZAM 2000
Best Seller Exchange Tools: CAMEO
Best Seller High Availability / Disaster Recovery: DOUBLE-TAKE
Best Seller Network Management Tools: SUNBELT REMOTE ADMINISTRATOR
Best Seller Performance Management: DISKEEPER
The Three Best Sellers in Security Tools:
- EVENT LOG MANAGER
Best Seller Storage Management: STORAGECENTRAL
Best Seller System Administration Tools: SCRIPTLOGIC
Best Seller Sunbelt Online Shop: NTACCESS (lost admin password cracker)
More on HIPAA (this is for USA readers)
Let?s face it. If the government did not enforce it and if it was
not required by law, most of us would not even consider implementing
some of the requirements set forth in the HIPAA. However, if you are
in the health industry... Well, it?s the law. When I say the health
industry I mean ANYONE who has anything to do with a patients Private
Health Information (PHI).
The law leaves two common questions:
And not necessarily in that order.
- Why?, and
- What is it?
The answer to number 1 is pretty simple. In today?s litigation-happy
world it?s a pretty good idea to have all your ducks in a row if you
are in the health industry. Also, anything is much more efficient when
you apply codified order to it. It may take a while but according to
the experts it will save the health industry billions in the long run
and more importantly protect patients rights.
Now the answer to number 2 is a bit more involved. However, here is
the general idea. The law is split into four parts: 1) Transaction
and Code Set Standards 2) Privacy Standards 3) Security Standards 4)
Identifier Standards. Only the Transaction Rule and the Privacy Rule
have been made final. The other two are still proposed. Although,
the Security Rule is not expected to change much if at all because
of it?s workings in and with the Privacy Rule.
What the heck does that mean?
Well the Transaction rule is pretty simple. It deals with the
electronic transfer of PHI, or EDI (Electronic Data Interchange).
Basically if you are using ANSI X12 with the Code Sets set forth
in HIPAA you're all right.
The Privacy Rule consists of the 5 requirements:
The Security Rule is a bit more involved but still decipherable.
The Security Rule is divided into four parts.
- Designate an individual to oversee the privacy procedures as the
- Provide information to patients regarding their privacy rights
and how their info can be used.
- Adopt clear privacy policies and procedures.
- Train the employees so they understand the privacy procedures.
- Secure patient records with individually identifiable health
Each one of these is broken down into several parts. But the good
news is that the Privacy and Security Rule have been reduced to an
understandable outline that is actually available in one location.
It is actually easy to understand now. Have a look at it here:
- Administrative Procedures
- Physical Safeguards to Guard Data Integrity, Confidentiality,
- Technical Security Services To Guard Data Integrity,
Confidentiality, and Availability
- Technical Security Mechanisms to Guard Against Unauthorized
Access to Data That Is Transmitted Over A Communications Network
Now, the really good news. Sunbelt Software now offers complete
services to help you design and implement a compliance program
tailored to your organization. For more information on HIPAA and
Sunbelt Services contact:
Product and Services Consultant
Sunbelt Software Dist. Inc.
1-800-688-8404 Ext. 221
NT/2000 RELATED NEWS
W2K Service Pack 3 Begins Testing
In the next coming days, pre-authorized testers will begin to receive
their W2K SP3 test kits to try to break it. These kits normally list
data about the release, its installation, and the bugs it fixes. Like
we said before, this new SP will not include more new features, but
things addressed are setup, application compatibility, OS reliability,
and a whole bunch of at least 200 known security vulnerability fixes.
According to Microsoft, "SP3 is slated for release the first half of
2002." Source: By David Worthington, BetaNews
XP Slower Than W2K? - Microsoft Hits Back
This is actually data written up by some one in Microsoft, as a defense
against the InfoWorld tests done with the CSA Benchmark Suite that
we covered in issue #319.
"Windows XP has great overall performance, and plenty of external
evidence to back this up. However, one particular benchmark suite,
from CSA Research, arrives at the wrong conclusion ? alleging that
Windows 2000 is significantly faster than Windows XP. As of 29th
October, this has appeared in InfoWorld. The information below provides
a broader appreciation of Windows XP performance and highlights some
of the limitations with the InfoWorld/CSA testing.
"The basic claim 'Windows 2000 significantly outperformed Windows
XP' is false when compared against results from established benchmarks,
including BAPCo?s Sysmark 2001 and Webmark 2001 and eTesting Lab?s
Business and Content Creation Winstone. Extensive independent tests
results validate Windows XP Performance is comparable with Windows
2000. Examples are:
"The InfoWorld benchmark findings do not agree with real-world
experience: Windows XP is in production use with tens of thousands of
users ? including a high percentage of IT Professionals and Developers.
"Today there are, conservatively, over 150,000 deployed seats of Windows
XP in enterprise customers. Microsoft has not received any indications
that users are experiencing reduced performance compared with Windows
2000. We have had extensive feedback that Windows XP is better
performing than Windows 9X.
"Leading Analysts confirm the overall improvements in Windows XP ?
including performance improvements. The CSA benchmark used is the wrong
tool for making generalized conclusions about OS performance. This
is because: The CSA benchmark is non-deterministic and violates
measurement principles. This includes the issue that aspects of the
workload cannot be separately measured, and it is difficult to ensure
consistency across different test runs or configurations.
"The actual benchmark workload has an extreme profile, which does not
map to real-world usage. For example, the workload includes several
concurrent high traffic database applications on the client PC which
is virtually unheard of in customer scenarios ? unless it was a on
"Many of today?s respected benchmarks do incorporate background
processing and are not purely linear, as the article suggests. However,
they include better isolation and measurement of background workloads ?
ensuring better reproducibility.
"The reduced productivity claim in incorrect ('11 percent performance
hit, or 53 minutes added to an 8-hour day'). The math implies that a
user would be running this benchmark ? which is already extreme ? for
the whole of their working day. Findings from an independent body
indicate that there are productivity gains with Windows XP, for more
information please refer to:"
End quote. So, as expected Microsoft disagrees violently with the
CSA conclusions. Many people have sent me feedback on this, and quite
a few see both better and worse results on different machines. Probably
best to test thoroughly in your own environments!
THIRD PARTY NEWS
Dramatic Price Drop For New High Availability Tool
Are you running a server environment of up to 10 machines, and want
to prevent downtime? All automatic, 24/7 by 365? Add a smart little
system admin to every mission critical box? Here is a new way to do
that. And it just became very cheap too! Keep on reading for the new
pricing. Availant Manager for Windows extends your current systems
management by adding predictive capabilities and carefully conceived
automated responses to anticipated (or current) problems.
The Availant Manager product comprises a core technology component
and a collection of plug-in agents each designed for a specific
application or component. The current version of Availant Manager
has Availant Manager Agents for:
There is a lot more information on the Sunbelt website: screenshots,
white papers, quickstart guides, prices, user guides, and of course
eval copies you can download and test. But the best news is last:
The prices went permanently from $795 for Windows Server Agents to
just $350 and the SQL, IIS and Exchange agents went from $795 down
to only 150. The whole suite together is $650 which is a steal.
- Windows Server
- Microsoft Exchange
- Microsoft SQL*Server
- Microsoft IIS
Security Update: ONE Layer of Protection is NOT Enough
Recently, the New York Times' networks were crippled by a new
variant of the Nimda worm, known as "Nimda.E". The new worm has
cropped up on many networks which were thought to have been
protected, causing congestion, disruption of service and general
The bitter lesson learned -- anti-virus protection is simply NOT
enough. SurfControl, a well known global company in content security,
can cover you with the comprehensive SuperScout line of Web and
email filtering products, designed to add extra layers of protection
against virus attacks.
SuperScout Can Help You Block "Nimda.E" and Other Web-Borne Viruses
in three quite easy steps:
Stop assuming that just AV protection is enough. Download SuperScout
Web Filter and SuperScout Email Filter FREE for 30 days and test them
for yourself. You have nothing to lose. Click Here:
- Download your FREE filtering software trials now at the link below:
- In SuperScout Web Filter, create a rule to block the virus's EXE file
- Use SuperScout Email Filter to work with your current anti-virus
software and block viruses at the gateway.
This Week's Links We Like. Tips, Hints And Fun Stuff
There's a nasty bug in XP MDAC 2.7 that affects XP performance:
Good article about Linux adoption, and what they really replace.
The guys at Proxim have 100Mb Wireless up and running. Pretty cool.
PRODUCT OF THE WEEK
Hack Proofing Windows 2000 Server
This book is a complete guide to securely configure a W2K network.
There is a lot of coverage of IIS 5.0, hundreds of configuring and
implenting hints, tips and FAQ's. It also goes into depth re. Kerberos,
Distributed Security Services, Public Key Infrastructure and how to
build a long-term security plan for your organization.