- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Thu, Mar 14, 2002 (Vol. 7, #21 - Issue #352)
High Availability And Security Software
  This issue of W2Knews™ contains:
  1. EDITORS CORNER
    • High Availability And Security Software
  2. TECH BRIEFING
    • The State Of Home Automation
  3. NT/2000 RELATED NEWS
    • New Important Microsoft Licensing Program 6.0 Survey
    • How Is Microsoft Planning To Keep Your Systems Secure?
  4. NT/2000 THIRD PARTY NEWS
    • Alternatives for the Computer Associates Admin Suite?
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  6. PRODUCT OF THE WEEK
    • Hacking Exposed Version 3
  SPONSOR: Aelita Software
An on-time, under budget, ZeroIMPACT Active Directory migration?
You bet! The award-winning Aelita Domain Migration Wizard can
save you time, money and aggravation, while providing a faster
ROI. Users see only the benefits of Windows 2000. Use a product
that was designed with your enterprise requirements in mind, one
that performs in the real world. But don't believe us, put us in
your lab. Get a free evaluation copy today for a limited time.
Visit Aelita Software for more information.
  EDITORS CORNER

High Availability And Security Software

Hi All,

Well, Goldman Sachs decided to do some research about what IT outfits are spending money on. Guess what. They came out with exactly the same numbers 1 and 2 that the Sunbelt Survey recently showed. IT is mainly investing in high availability/business continuity and of course security software. No real news there. But I do have a bit of other news about some of the tools Sunbelt selected. The attached is an "anonymized" version of an email we received today. We cannot print which very large organization this is, (but perhaps you can ask your Rep) [grin].

-Quote-_ "Just wanted to let you know that I'm sending your name to a lot of people out here to order the Update Expert and Retina software. The word is spreading across our organization in Europe how I manage to deploy patches to all my computers in a matter of minutes the same day they are released. We had a high level inspection team come through and they said I had the highest maintained and secure network in Europe.

"I showed them the software and configurations I use and when I showed them the Update Expert portion they were amazed. So amazed that they want to send an advisor to the "Highest IT Boss" to come to my office and see how I have the LAN and WAN networks setup and managed. I recommended to them that the organization should make the Update Expert mandatory and get a Company Wide license. (which I think will happen by the way in Europe)

"As they are going across Europe on their inspections, they are giving System Admins my name and number to call and ask me about how I run my network. Of course I mention Update Expert, explaining its features and ease of use and they immediately want to order it. So I am forwarding them your email and phone. I also recommended Retina to the inspection team and showed them why it outperforms the current network scanners we currently use and blows away a different one they want to buy a company wide license for in the near future". -End Quote-

You can find both of these tools in the Sunbelt Top 10 Best Sellers here:
http://www.w2knews.com/rd/rd.cfm?id=020314ED-Top10

Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: DOUBLE-TAKE
LIMIT DOWNTIME AND DATA LOSS WITH DOUBLE-TAKE
Failure to protect your mission critical data can sink your business.
Double-Take delivers real-time protection for your NT/W2K Servers.
A whole department sitting on their hands is extremely expensive.
With Double-Take you can mirror critical data to a target server,
and Double-Take will fail over if your source server goes down. 2001
Editor's Choice of both Windows 2000 and Network Magazine. Download
a 30-day eval copy now and start protecting your data and apps.
Visit DOUBLE-TAKE for more information.
  TECH BRIEFING

The State Of Home Automation

Last week I went to Orlando and visited the Electronic House Expo. Very interesting. It reminded me of the early PC shows in the eighties -- small, just a few large and lots of small players, and no standards to be found. A telling tale was the guide I found for a coming expo in Seattle, the www.connectionsconference.com guide had a standard for every letter in the Alphabet.

A whopping 26 different "industry standard" organizations have thrown themselves in the alphabet soup fray, varying from Bluetooth to HomePlug, HomePNA, UPnP, WAP to X10. It's dizzying! But everyone agrees it will soon become an 8 Zillion dollar industry. Sound familiar? MS-Dos, CP/M or DR-Dos, anyone?

There are a few big names trying to establish some sort of order, like for instance the UPnP (Universal Plug and Play) Forum promotes TCP/IP-based seamless proximity networking for the home and the office. They have their mission statement on a website and are backed by an impressive list of 450 outfits including Microsoft, General Electric, Intel and practically all major hardware manufacturers. I learned at the show that GE is building Windows XP embedded in their intelligent home devices.
http://www.w2knews.com/rd/rd.cfm?id=020314TB-UPNP

But there are also many other groups, take the HomePlug Alliance as an example. These people are committed to making home networks using your existing powerlines are reality. They compete head-to-head with the HomePNA that tries to do exactly the same thing over your existing phone lines!

This new market looks like a large roulette table at the moment. There are a lot of players from different industries (IT, Power companies, Telecom, Appliances) that have all different starting points and agendas. All of them are placing their bets on the table, with many players betting on more than one number and signing up for several of these standards alliances. The problem is of course that all this stuff needs to interface with each other and there lies the rub. Faites vos jeux! The issue is that there is no real "killer app" that will drive this industry. Entertainment comes close but just by itself is not cutting it, and Home Office is a second potential killer app but also not powerful enough to drive full home automation.

You can also compare it with a bunch of rivals that all eye a large chunk of loot, and everyone is positioning, weaving and bobbing to be in the best spot to start reaping those zillions. The divergence of all these different technologies has been closely followed by Microsoft and obviously they want to play a major role in this whole game. However, there are some other powerful (pun intended) players that are opposing that with all their might and hate to see MS move into their turf.

Admittedly it is a challenge to make all this work together:

  • Wired and wireless networking
  • Distributed Audio and Video
  • Home Theater
  • Security / Closed Circuit TV
  • Secure internet access
  • Lighting control
  • Heating, Ventilation and Air Conditioning control
  • A whole bunch of other stuff that will be here "Real Soon Now"
And have all of that available from one console and a non-tech enduser that needs to control all of that. Can you see the potential support nightmare?

So, what does a techie do who wants to start automating their home? Well, from what I see, there are a few options. The low-end is X10 which if you implement it well will work fine but is slooow. There are a few other standards, LONworks and CEBus. These are faster and definitely more advanced. Simplifying it big-time, they are 2-way as opposed to X10 which is just one-way. X10 devices cannot answer back after they receive a command.

And then there is UPnP. Think local network neighborhood on your home server, and ALL your home devices show up, from the fridge to the air conditioner to all the lights to the garage door as well as the other PCs, printers and wireless devices you may have. Sounds cool doesn't it? Too bad it is still a while before we will see it, for the moment it is vaporware. The stacks are not even released but are supposed to see the light in Q2. I would not expect any consumer devices until 2003.

At the Expo, the latest thing that everyone seemed to push was video over CAT5E. In other words, the sales reps were saying, "you do not need that cumbersome and expensive coax anymore". There may be a point to that, but you don't know what killer app will emerge which would need mega-bandwidth. Not having the coax would be a real problem at that point. So, the solution is to "flood-wire" (a term I picked up at the show) your home with structured wiring so that you are prepared for any kind of thing that will surface.

You can start with X10 if you want, and upgrade later to a new standard which will certainly come. From what I understand, they will be backward compatible. I would stick with the large players as these have the best chance to survive the coming consolidation and inevitable shake-out period. The largest and oldest player in the home security bizz is HAI, and their OmniPro II is a pretty powerful piece of gear which even comes with an Ethernet port. I decided I'm going to get one myself. For structured wiring and X10 stuff I would check out Leviton at:
http://www.w2knews.com/rd/rd.cfm?id=020314TB-Leviton

  NT/2000 RELATED NEWS

New Important Microsoft Licensing Program 6.0 Survey

DUE TO SOME TECHNICAL DIFFICULTY AT THE BACK END OF THE SURVEY PROVIDER, SOME OF YOU COULD NOT GET THE SURVEY COMPLETED. PLEASE TAKE 5 MINUTES TO FILL OUT THIS IMPORTANT SURVEY, THE PROBLEMS ARE FIXED NOW.

You will probably know that coming August 1, 2002 is the deadline for Microsoft's new Licensing Program 6.0. The new licensing scheme, which favors a subscription-based "leasing model", will introduce sweeping changes to the way corporations will do business with Microsoft. It will potentially have a large financial as well as technology impact on your business. To date, many customers have voiced concern and confusion over the new terms and conditions of the Licensing Program 6.0, what it means to their company in terms of value and whether or not their firms can afford it.

Sunbelt and Information Technology Intelligence Corp. (ITIC is our new Analyst Partner) have an important survey for you that you can complete in less than 5 minutes. We need to know how far you are in getting prepared for your new licensing. I'd like you to go to this link and answer these questions. Most of them are just a "one click". Thanks very much in advance!
http://www.w2knews.com/rd/rd.cfm?id=020311RN-LP60survey

How Is Microsoft Planning To Keep Your Systems Secure?

Windows & .NET Magazine has a good article about that on their web site that you might like to read. It gives a good summary of all the initiatives. This is a short quote from that page:

"Last October, Brian Valentine, senior vice president of Microsoft's Windows Division, previewed the company's Strategic Technology Protection Program (STPP), a new six-pronged initiative that MS hopes will simplify and expedite the arduous security update process. In February 2002, Valentine reaffirmed that the STPP initiative is alive and well but, predictably, behind schedule. I've prepared a progress report on each component of the STPP vision and a brief description of how each initiative will help keep systems current and secure." To read the document, visit the following URL:
http://www.w2knews.com/rd/rd.cfm?id=020314RN-STPP

  THIRD PARTY NEWS

Alternatives for the Computer Associates Admin Suite?

This was a recent question on the Sunbelt NTSYSADMIN forum. You might be interested to see the answer I cooked up:

OK, I've seen all the Anti-CA messages as well as the web-page... So what do you guys ('n gals) recommend for managing a site of about 120 (Dell) users and 10 servers (1 x AIX, 1 OS2 (Voicemail))? a nice suite would be nice & neat. Tivoli? HPOpenView? ???"
Regards, Erich

Hi Erich,

For a site like yours, best-of-breed is the answer. Big (and expensive) frameworks like Tivoli and Openview are overkill. Microsoft's SMS is also too heavy for your environment.

The tools you need/want are so diverse that a "suite" does not give you much more benefit such as perceived "integration" over simply the best tools to get the job done. Best-of-breed tools will cost you a little more time up front to select, but save you enormous amounts of time and headaches on a daily basis once you get going.

in place of AIMIT = ? Someone mentioned Peregrine...

There are several good Asset Management packages out there, all to a large extent equivalent. However I would first have a look at Altiris (see link). Their people know what they are talking about, especially from a system administration perspective, which is their background. Not the only ones but a good candidate:
http://www.w2knews.com/rd/rd.cfm?id=020314TP-Altiris

in place of ControlIT = ? VNC?

From my perspective VNC is free, but not secure enough. Yes there is a commercial "secure" version, but that does not compare with Sunbelt Remote Admin which was written for-and-by system admins. Keep in mind that hackers are continually scanning for the existence of VNC on systems because it is widespread, and the ports it uses are known. Hence VNC is an inviting backdoor for hackers. Have a look at Radmin instead. They call it "the pcAnywhere killer":
http://www.w2knews.com/rd/rd.cfm?id=020314TP-Radmin

in place of NetworkIT = ?

Network Health Monitors are plentiful. The CA tool you are looking at is geared to larger networks. You can probably get away with a lower cost tool that does just as well. eEye's Iris and Network Instrument's Observer are two very popular packages. Iris is a next-generation network protocol analyzer or "sniffer" that will give you everything you need:
http://www.w2knews.com/rd/rd.cfm?id=020314TP-Iris

in place of ShipIT = ?

Automated Software Delivery is something Microsoft SMS does well but that needs its own server and if you only have 10, this may not be the best solution. For just 120 users I would recommend Prism Deploy. It is simple, easy, powerful, and IT WORKS. You would be surprised to see the amount of software deployment tools that break all the time, and/or literally take days messing with scripts. Not this one:
http://www.w2knews.com/rd/rd.cfm?id=020314TP-PrismDeploy

in place of ArcServeIT = ? BUExec or NetBUPro?

In last year's Target Awards, Veritas Backup Exec won out with a landslide over all other tools in popularity, so I guess that is a safe bet. As an alternative you could look at UltraBac which is not bad either. You can get those anywhere.

And for good measure, I would throw in one of these "Swiss army knives" of system administration like Hyena, Dameware or UltraAdmin.

  FAVE LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

  • Want to know what your IP Address is without running ipconfig from the DOS box? This cute 'lil site will tell you.

  • http://www.w2knews.com/rd/rd.cfm?id=020314FA-whatismyip
  • Just for some balance, Linux also has its problems. If you actually compare them, the amount of vulnerabilities found in Windows and all Linux flavors combined are almost the same on a yearly basis. So just choose the best OS platform for the application and PRACTICE SECURE COMPUTING.

  • http://www.w2knews.com/rd/rd.cfm?id=020314FA-LinuxBux
  • How the British automate their homes and hook 'em up to the Net.

  • http://www.w2knews.com/rd/rd.cfm?id=020314FA-UKHomeAuto
  • Thorough write-up on Win2K Operation Masters, aka FSMO (to be pronounced as 'fismo') roles in Active Directory migration, done by a mega roll-out team.

  • http://www.w2knews.com/rd/rd.cfm?id=020314FA-FSMO
  • MS is building new a file system that will begin to form the underpinnings of the next major version of its OS. Interesting article.

  • http://www.w2knews.com/rd/rd.cfm?id=020314FA-NewFileSystem
      PRODUCT OF THE WEEK

    Hacking Exposed Version 3

    "Still the best for vulnerability assessment and penetration testing"
    Reviewer: Richard Bejtlichfrom Texas, USA.

    I am a senior engineer for managed network security operations, which includes conducting vulnerability assessments against client networks. I read this edition to gain insights into ways to better assess a client's security posture, and also to understand some of the attacks I see while monitoring intrusion detection systems. Of the books I've read, Hacking Exposed remains the best guide to systematically assess and (if necessary) compromise hosts. By understanding black hat methods, defenders can better prepare for the tidal wave of exploits washing upon the networking shore.
    http://www.w2knews.com/rd/rd.cfm?id=020311BW-HackingExposed3