Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Nov 11, 2002 (Vol. 7, #70 - Issue #401)
And More Patching Woes
This issue of W2Knews contains:
- EDITORS CORNER
- And More Patching Woes, Unix This Time
- TECH BRIEFING
- So, Now You're Going To Support Tablet PC's
- Email Monitoring & Reporting Best Practices Webinar
- NT/2000 RELATED NEWS
- MS Legal Update
- MS Shooting Itself In the Other Foot?
- What Do Customers Want From MS?
- NT/2000 THIRD PARTY NEWS
- The 12 layers of Adequate Security
- Sick And Tired Of Messing With Login Scripts?
- iHateSpam Gets The Nod From PCWorld And Newsweek
- PestPatrol Update to V4.0
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- MCSE: Windows 2000 Directory Services Admin Study Guide
Can You Solve Your OS Migration Problems
Watch a Marimba and Installshield Web Seminar that discuss how you
can lower your migration and management costs and how to automate
the migration to Windows 2000/XP. Learn how you can upgrade your
systems with a minimum of desktop support visits. To learn more
about this seminar please click below:
Visit Marimba for more information.
And More Patching Woes, Unix This Time
One of your colleagues, a system admin that managed both Windows
and Unix systems, sent me this:
"Take a look some time at the quantity of patches issued between
HP-UX releases, or most any other version of Unix, for that matter.
Huge. Worse, the applications built to run on these systems are
often highly "sensitive" to patch levels within the O/S version
levels, so that if more than one application is installed on one
system, or an application is installed that doesn't exactly fit
the patch level, compatibility can become a nightmare.
Though most users might not admit it, the system can become
unstable and difficult to correct. For one example, I have had
even the otherwise highly stable RS/6000 AIX system become unstable
when a version of a terminal server application was installed that
was not a match for the minor version patch level we had.
Converting to the latest patch level then caused a problem with
the primary application on that system."
And here are some comments from an Oracle user:
"On the constant patching problems and the reader's comment concerning PeopleSoft HRMS enterprise software, I work with Oracle Enterprise Applications and I say, 'Ditto times ten'."
It looks like we as technical consumers need to continue to push
software vendors to produce Higher Quality Software! In the mean
time, check out our Top 10 Best Sellers List for November, and
see if UpdateEXPERT can help you out.
While free updating tools are available from Microsoft, most include limited or simple functionality. UpdateEXPERT provides a superior way to manage all patches released as well as enforcing software security policies. Supporting a long list of mission critical apps and WinOS flavors, UpdateEXPERT enables you to research available fixes, scan your workstations and servers, deploy updates to any number of networked machines - without remote agents - and validate that the job was done right. If you have a handful of W2K servers and/or workstations, I recommend taking UpdateEXPERT for a 15-day test drive. Here is the November 2002 Top 10 Best Seller List:
Quotes of the Day:
You know you've achieved perfection in design, not when you have
nothing more to add, but when you have nothing more to take away.
-- Antoine de Saint Exupery
If you aren't fired with enthusiasm, you will be fired with enthusiasm.
(email me with feedback: [email protected])
Your #2 headache is High Availability. It's your job to keep
mission critical data available for your users. Double-Take is
the World's Number One tool for data replication and disaster
recovery. Verified for all W2K Platforms. How it works? "Server
A dies, Server B takes over transparently". Your users won't even
know there was downtime. Double-Take outsells all other solutions
for W2K combined. It's time you check it out too. This is the
ultimate job security tool:
Visit Double-Take for more information.
So, Now You're Going To Support Tablet PC's
They have arrived. Your "early adopter power users" are going to
clamor for one, just because it's the latest and greatest. But is
it really extremely useful? No. They run WinXP with a bolted on
"digital-ink" module that allows that system to capture, save and
recognize handwriting. The thing is called MS Journal, and takes
handwritten notes. Another utility called the Tablet Input Panel
allows you to enter notes in other apps.
The plus side of these things is that you can save and search notes
that are handwritten, you can annotate slides in PowerPoint and
read long documents better than on a normal laptop. The downside
is that managing Windows itself with a pen is a headache and
clumsy. Actual handwriting recognition and transforming it onto
ASCII is still not perfect by a long shot unless you take the time
to write legibly on the screen. We're talking an MS Version 1.0
here folks. You know what that means. They usually get it right
over time though.
These things are probably good for people that are on the move
a lot, and synch up once a day or so. This is certainly not yet
ready for the mainstream use and replace everyone's desktops. For
the moment, entering normal text with the virtual keyboard is going
to get you a lot of tech support complaints, it just does not work
as well as a keyboard. Better carefully set your corporate standard
to a model that performs what your (mobile) users really need.
It's time for cautious optimism, but limited to the people that
are really good candidates for the functionality. Expect some bugs
in the new bolted-on modules though. Check out more at MS' website:
Email Monitoring & Reporting Best Practices Webinar
Introducing Insight for Exchange 3.0 (formerly Melia) and ExRay 1.1
Email abuse, Exchange security, server problems, and Exchange
management issues all have the potential to hurt email performance
and IT productivity. Don't let this happen to you and your IT staff.
We are offering you a FREE seat in the last webinar of the year
in our online Exchange educational series:
"How to Take Control of Exchange: Best Practices for Email
Monitoring & Reporting"
Date: Thursday, November 21, 2002
Time: 4:30 PM GMT/11:30 AM US Eastern / 8:30 AM US Pacific
To register now, visit:
This webinar will cover:
You will see the newest products for Exchange management: ExRay
1.1 and Insight for Exchange 3.0 (formerly Melia). And just for
attending you'll receive a FREE seat in our upcoming Exchange
2000 web training valued at $195!
- Key strategies for preventing Exchange management problems
- Best practices for email monitoring and reporting
- Valuable Exchange management tips that you can benefit from immediately
- Critical products all administrators can leverage to dramatically reduce downtime, eliminate abuse, and enforce policies
Seating is limited and this is your last chance to attend this
webinar in 2002. Don't miss this exciting Exchange event! To
register now, visit:
NT/2000 RELATED NEWS
MS Legal Update
As you know, I generally do not spend a lot of time discussing
the MS legal situation, and I have said over the last few years
that it's "business as usual" for us in the trenches. And it will
continue to be that way as well. The appeals judge that was supposed
to review the settlement that MS made with the Dept of Justice
actually pretty much approved it without much change.
That means that the rogue states who did not want to join the
original settlement have been told to go home. It also signals to
the companies (Sun Microsystems specifically) that instigated this
whole lawsuit, that they need to compete and come out with better
products in the marketplace instead of trying to fight competitors
in court. MS has promised to make it easier to compete with them
and now has smooth uninstall options for IE, Media Player and their
Messenger, among others. (You need to first install Service Packs
for this though). Sun is vowing to keep the suit alive, but the
600 (!) MS lawyers will be providing enough legal air cover to
keep Sun off their backs.
The US court case is really over though. The restrictions on MS
business practices (never really a major part of their operations)
go into effect for 5 years. There are no realistic grounds for
another appeal, and if any States would try it, this would be a
waste of taxpayer money. Very little "politics" was actually
involved in the final resolution. The case has been run through
the courts in a legitimate way. MS will be free to improve its
products long into the future. Their legal woes are not going to
be completely over though. With 40 Billion in cash, anyone can
sue and try to get some of that hoard in a settlement. More over,
MS board members have been made responsible for compliance with
the terms of the settlement.
So, how is the case in Europe getting along? The US and EU have
two different types of complaints, and it is certainly not an
apples-to-apples comparison. In Europe the scene is that the MS
competitors are claiming Redmond is illegally muscling its way
into software that runs servers and so called neighboring markets.
It's a slow going process and if any punishments would be decided
that MS thinks are unacceptable, the thing would go into appeals
and another 2-3 years would pass. In other words, again, for us
in the trenches both in the US and EU it is business as usual
and we should see improved MS products. I hope MS has learned a
lesson though, and that the improvements are going to be mainly
in improved code regarding security. We do not need more features.
We need code that does not need patches all the [email protected]*n time !!
The key requirements for MS under the latest court ruling are:
- Make it possible for computer makers and users to disable access to middleware programs, such as Web browsers and media players.
- Establish Uniform licensing and pricing terms for the 20 largest computer makers.
- Releases information needed to help other companies make products,
including server programs, that work with Microsoft operating systems for PCs.
- No retaliation or threats to retaliate, against personal computer makers, software companies or other partners for supporting non-Microsoft software.
- Establish a compliance committee of at least three outside members of its board, which will appoint an internal compliance officer.
- Be subject to settlement terms for five years, unless extended by judge for up to two years.
- Offer a separate version of Windows, at a lower price, that excludes any additional middleware programs the company adds.
- Distribute Sun's Java technology with Windows.
- Auction the right to sell versions of its Office software for other use on operating systems other than Windows.
- Disclose and license the source code used to develop its Internet browser software.
MS Shooting Itself In the Other Foot?
Client/Server News is a paid industry newsletter that I have read
for years. They are very good in getting the inside scoop of the
IT industry, and worth the $600 subscription per year. They just
came out with more data about paying for security which was recently
discussed in an earlier W2Knews issue. Here is their copy:
"Microsoft apparently hired Zoomerang to do a survey asking people
about updates, daily security patches, Service Packs and the like
and how much they would be willing to pay for them. Obviously MS
is intent on repeating its Licensing 6 mistake and is laying the
groundwork to make people pay to remedy the deficiencies and
vulnerabilities in its software just like Microsoft VP Craig Mundie
recently suggested it was up to."
You can find Client Server News here:
What Do Customers Want From MS?
Network World did a thorough survey about what customers want from
Redmond. The results are definitely interesting, but nothing new.
Here is a short extract from the full article:
"If customers had any doubt as to Microsoft's dominance in the
server and desktop markets they need look no further than the
latest numbers from IDC. The research showed Microsoft accounted
for a 49% share of the 5.7 million new server operating system
licenses shipped worldwide in 2001, an increase of 7% over the
previous year. The nearest competitor was Linux at 25.7%. And
Microsoft took home a whopping 95% of the desktop market, a 1%
increase over the previous year.
To get a sense of what this huge collection of customers would
like to see next from Microsoft, we polled a cross section of
them. These were their top issues:
Full article over at:
- Patch management
- Management tools:
"The fact that so many Microsoft products have become critical cogs
in corporate network infrastructures means Microsoft must improve
its management tools, users say. They need better system admin tools
for logging, monitoring, Active Directory management and workstation
- Consistency in product upgrades
- Integration with other vendors"
And the brand new Active Administrator tool we just came out with
is going g r e a t g u n s. The orders are rolling in for that
puppy. It even made it in the Top 10 Best Sellers this month!
THIRD PARTY NEWS
The 12 layers of Adequate Security
So, in the last issue, we gave you 26 definitions of different
kinds of security tools. Obviously you do not need all of these.
But how to "layer" your security? You could use the OCTAVE
"Octave is a self-directed information security risk evaluation
that enables organizations to make information-protection decisions
based on risks to the confidentiality, integrity and availability
of their critical information technology assets. An interdisciplinary analysis team consisting of an organization's staff members manages the evaluation process and makes decisions about protecting their critical IT assets." Here are the layers they recommend. I have added some links to suggested tools for each layer.
- Chief Security Officer. Get one.
- OCTAVE methodology
Operationally Critical Threat, Asset and Vulnerability Evaluation methodology for conducting threat assessments. Developed by CERT Coordination Center, Pittsburgh.
- Intrusion-detection systems
- Virus scanners
- Policy management software
- Vulnerability testing
- Proper system administration
- Active content filtering
- Incident response plan/ continuity of operations
Sick And Tired Of Messing With Login Scripts?
The new ScriptLogic version 4.1, helps you manage your Win-clients.
This last release gives you a performance increase and with cool
new features: multithreaded management components and a brand new
engine that processes the client logon request. The new support
for multiple profiles gets you enterprise scalability.
The latest version provides you with enhancements in validation logic and now uses a four-part validation logic scheme. You can also use the new Service Manager to configure multiple servers and services with just one click. More enhancements include a very useful logoff agent, a new dialog box for Assign Logon Script, a new API and updated global options. Check the eval out at:
iHateSpam Gets The Nod From PCWorld And Newsweek
iHateSpam just got a 4-STAR review in PCWorld. Here is an extract
from the December 2002 issue:
"iHateSpam -- available for a free 30-day trial -- has many useful
features, including a way to block messages that are in foreign
character sets, a fully customizable iHateSpam toolbar, easily
configurable spam folders, and a powerful way to create customized
filtering rules. iHateSpam for Outlook worked flawlessly in checking
my Hotmail account. I simply added the account, and I was off and
running. The Outlook version caught an impressive 96 percent."
Newsweek Magazine, December 2002 Issue:
"Software site Download.com lists more than 200 such programs ...
[but] among the best programs we've tested or heard about: iHateSpam
($29.95) works directly with Outlook or Outlook Express. Exploiting
the power of peer-to-peer networks, it reports spam that the software
missed to other users of the program. McAfee's Spamkiller ($40)
gets a thumbs down because it overcharges and generates complaints
to the spammer's e-mail account and ISP. Since spammers often hijack
other people's accounts, this has the ironic effect of sending the
complaint to an innocent user. Anti-spam spam?"
Sunbelt just received an order for 5,000 units from a very large
energy company that really likes the idea to have their end users
manage all their own email, including junk which gets filtered into
quarantine folders by iHateSpam. Get a 30-day eval here:
PestPatrol Update to V4.0
It's finally here! PestPatrol version 4 is available from our web
site. The update is free of charge to all PestPatrol customers
whose subscriptions are current. Licensed users are being sent
notification by e-mail of where and how to download the new
version. If you are a home user, have an evaluation copy of
PestPatrol version 3.x, and are not yet ready to purchase, you
should download new evaluation software:
This Week's Links We Like. Tips, Hints And Fun Stuff
Need a new corporate (private) jet? This one on EBAY will kick butt.
Got "carpal tunnel"? This vertical mouse is a pretty good alternative.
You guys went wild on the optical illusion fave link last issue.
Here are more of these mind-bending "Lightness Perception and
Lightness Illusions. You just do not believe your own eyes!
This is just entirely cool... New Verbatim CD-R Blanks look like
old vinyl 45's.
Yup. It was inevitable. Here is your new corporate multi-media fridge:
PRODUCT OF THE WEEK
MCSE: Windows 2000 Directory Services Admin Study Guide
MCSE: Windows 2000 Directory Services Administration Study Guide
is as sizable as its title would indicate, providing its readers
with ammunition for use in both real life and on the Active
Directory exam (70-217). As is typical of technologies for which
certification tests exist, the actual skills you need to set up
and work with Active Directory are related to (but not the same
as) the knowledge you need to pass the Microsoft certification
exam on the subject. The authoring team on this book has done a
good job of covering all the subjects covered in the Microsoft
outline of the Active Directory test's objectives. They've also
backed their written work with a good-quality assessment test
(with answers) on CD-ROM, suitable for use when you don't want
to tote schlepp the book around.