Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Apr 7, 2003 (Vol. 8, #14 - Issue #420)
Enterprise Wide Patching: How To?
This issue of W2Knews contains:
- EDITORS CORNER
- Enterprise Wide Patching: How To?
- New W2Knews Refer-A-Friend Campaign
- Server Consolidation Survey Results
- TECH BRIEFING
- Set Processor Affinity For A Device Driver
- Trend Toward New Security Architecture
- NT/2000 RELATED NEWS
- W2K3 Will Be Released April 24, 2003
- Can Microsoft Be Secure?
- Redmond Unveils Office 2003 Lineup
- NT/2000 THIRD PARTY NEWS
- Download The New UpdateEXPERT V6.0!
- Replication For Business Continuity: Webinar April 9-th
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- ScriptLogic: Cut Your Help Desk Support Calls by 50%
SPONSOR: VeriSign - The Value of Trust
Secure all your Web servers now - with a proven 5-part strategy.
The FREE Server Security Guide shows you how to:
DEPLOY THE LATEST ENCRYPTION and authentication techniques
DELIVER TRANSPARENT PROTECTION with the strongest security
without disrupting users. And more. Get your FREE Guide now:
Visit VeriSign - The Value of Trust for more information.
Enterprise Wide Patching: How To?
I think I have some pretty exciting news. Up to now, with any tool
out there, patching over a variety of platforms has been at worst
an incredible headache and at best somewhat cumbersome if you
have many machines in lots of different locations. Any tool
available out there had its built-in limitations in that kind
No more. UpdateEXPERT V6.0 just came out. I got a web-demo of this
new version. WOW. This is a full, real enterprise level patching
architecture. You have a well designed model that allows for
completely centralized (but also decentralized if you want)
worldwide patching, with an incredible flexibility built in and
an extensive database of patches that goes way beyond any other
solution out there in the sense of depth and reliability.
It easily outclasses any tool that uses the MS XML database,
can't be talked about on the same day as a matter of fact.
UpdateEXPERT V6 now supports AD, has an improved security model,
validates patches in more advanced ways and many more cool
features. You may think I'm overdoing it a bit here, well I'm
just my normal enthusiastic self after seeing this demo.
Anyone that has bought UpdateEXPERT in the past is going to be
delighted with the power of this new version. I think you will be
especially pleased with the upgrade policy. They really pulled
off a masterpiece with this one. Check out the specs in the Third
Party Tools Section, or go to the new V6.0 page here:
New W2Knews Refer-A-Friend Campaign
We've got a spectacular prize for the Q2 2003 campaign. It's
the Netsurfer Chair! Know a colleague that does not get W2Knews?
Refer them as a subscriber and the both of you have a chance to
win this piece of ultimate Internet furniture. Click below,
complete your profile and refer a friend! Here is a picture of
the chair I'm talking about:
Have your friends use the link below to subscribe to W2Knews if
they aren't already a member:
Server Consolidation Survey Results
Well, they are clear. Just half a year later the amount of people
seriously thinking about and working on server consolidation has
increased significantly. Here are the numbers so you can draw
your own conclusions. The Survey question was:
Is server consolidation becoming a priority?
And, we have a new SunPoll over in the NT/2000 RELATED NEWS
section. We'd like to know how fast you are going to migrate
your NT4 servers to W2K3!
- We have no plans to consolidate servers
September 2002: 37.01% - 104 votes
April 2003: 29.97% - 125 votes
- We're considering consolidation now
September 2002: 17.08% - 48 votes
April 2003: 17,98% - 75 votes
- We're already trying to consolidate as much as we can
September 2002: 45.9% - 129 votes
April 2003: 52.03% - 217 votes
UNDO department: The correct expression is "a shot across the
bow", instead of "a shot before the bow".
(email me with feedback: [email protected])
SPONSOR: Quest Software
Who's Helping You Migrate to Exchange 2000?
Don't let an Exchange migration disrupt your business! Ease your
Active Directory and Exchange 2000 anxiety by putting our field-
proven methods and tools to use. Download our technical brief,
Migrating to Exchange 2000 Using FastLane Migrator, and get a
clear grasp on the typical migration scenarios and best practices
for migrating an entire organization to Exchange 2000, using our
Visit Quest Software for more information.
Set Processor Affinity For A Device Driver
W2K admins with multiprocessor systems are probably familiar with
the procedure for setting a particular application to work with a
specific processor. This is known as assigning processor affinity
for an application, and in certain circumstances it can be extremely
useful. If you have a dual-processor system with Web server software
and database software, you can assign each one to a specific CPU
so they don't step on each other's toes, so to speak. But it's also
possible to assign hardware drivers to a specific processor. Click
here for the full tip:
If you are looking for a fully automatic solution to load balance
a bunch of applications on an SMP server, you should check out
AutoPilot Enterprise Edition. This tool is deceptively simple
but in reality has a supercomputer CPU load balancing pedigree
and runs effortlessly in the background and increases throughput
by looking at many potential bottlenecks on your server and
telling the NT Kernel what to do. Think of AutoPilot as an IQ-boost
for your Operating System, especially if you are thinking server
Trend Toward New Security Architecture
The Security Wire e-zine had an interesting little article that
pointed to next-generation security tools for the Fortune 1000.
They quote The Yankee Group, which claimed that many large
outfits are launching next-generation security architectures, a
trend that could show a trend away from traditional security
In fact, Yankee recommends its large enterprise clients stop
purchasing traditional security appliances, such as firewalls or
Intrusion Detection Systems, as stand-alone items to avoid
funneling cash into what it says may soon be obsolete technology.
Instead, Yankee recommends companies draft a plan to adopt the
The shift, outlined in two reports on the "security service switch,"
is well under way and will result in another wave of consolidation
within the security industry, says Matthew Kovar, Yankee's director
of Security Solutions & Services.
Kovar says 25 percent of the 100 largest U.S. companies are launching
these next-generation approaches this year. The new approach will see
appliances such as firewalls evolve and be combined into integrated
systems providing security services and security management in a
A similar evolution happened with networks, Kovar says, where network
providers have rolled various components--bridges, hubs, routers,
etc.--into single products. For security, the shift should result in
better management of security events, as multiple services and tools
will be working in tandem.
The main distinction is the goal of the deployment. "Security appliances
have traditionally been aimed at improving network performance rather
than truly securing at an application level," Kovar says. "That's like
going to the Wright brothers to ask them to get you to the moon when
you should be going to NASA."
Kovar says more than a dozen companies have already moved into the
space, from network vendors like TippingPoint and Mazu Networks to
application security firms like NeoScale and Netilla and traditional
security vendors such as NetScreen and Symantec. Those and other
vendors are now likely takeover targets from network equipment vendors
like Cisco Systems, Nokia, Siemens and Ericsson, he adds. Here is
a link to the actual press release of Yankee:
If you are not in the Fortune 1000, and need a tool to patch your
networks, the best selling tool to do that is UpdateEXPERT. The new
version 6.0, however, coming to think of it, even IF you are in the
world's 2000 largest corporations, will do just fine. You SHOULD
check it out, as it now will support your large environment too:
NT/2000 RELATED NEWS
W2K3 Will Be Released April 24, 2003
Well, we're ready for it. That means, we're going to have a cautious
look under the hood, and see when we want to plan for an upgrade.
We'll document our own experience for you, but it may be a while
before we get to it. How about you?
MS has been eating its own dogfood as usual and has W2K3 in production
environments. They say that W2K3 has been through well over half a
million preview betas and a line-by-line code audit was done as part
of the $200 million Trustworthy Computing initiative.
Redmond claims that W2K3 can cut the number of servers needed by
20%-30%, perform twice as fast across workloads, cut overall
management costs by 20% and cut NT4 costs by 50%. They said 35% of
the people who tested it were able to redeploy IT staff to other
From what we have seen up to now, W2K3 is a pretty mature and stable
environment, and if you are running NT, this is compelling. If you
already run W2K, you have some time. Of course this version is
supposed to be more secure, so that might be a reason to look at it.
Microsoft's main focus in their marketing is to make people that run
NT upgrade to W2K3. So here is the new SunPoll:
In what timeframe are you going to migrate your NT4 servers to W2K3?
Vote here, leftmost column:
- Pretty much right away
- 3-6 months
- 6-12 months
- 12-24 months
- Never. I'm going to either leave them at NT4 or move that server to Linux
And here is a link to an interview with a TechTarget security expert
on why the upgrade to W2K3 might be worth it for you:
Can Microsoft Be Secure?
Practically three quarters of security experts in large enterprises
that were surveyed by Forrester Research, do not believe that MS's
products are safe. And though 77% of them think that security is
priority #1 when using Windows, a whopping 89% uses Windows for
sensitive applications. Interesting disconnect there, right?
Forrester draws the obvious conclusion that too little companies
take sufficient responsibility to really secure their Windows
environments. 40% indicated that they are not really planning to
do much more about security than they already do, but 59% of
the victims of a security breach have really changed their
operating basis and "did something about it".
The way networks were being patched also was surveyed. Seen the
fact that there is an average time delay of 305 days between the
announcement of a vulnerability and it actually being exploited
for hacking attempts, too few system admins were applying patches
for fear of destabilizing their systems, and simply no time to
keep up with the stream of patches. The Forrester Report is over
here (you have to buy it though):
Redmond Unveils Office 2003 Lineup
When MS releases its Office 2003 suite in June, several new bundles
of applications will join the Office lineup, including a high-end
Professional edition and a new Small Business edition.
Microsoft's current Office suite, Office XP, has three retail
editions: Standard, Professional, and Developer. Microsoft
also sells a Students and Teachers version of Office XP, offering
all the apps included in the Standard Edition at a lower cost.
THIRD PARTY NEWS
Download The New UpdateEXPERT V6.0!
It has a new Agent Architecture, now you can manage locked down
and/or isolated machines. New powerful patch validation options.
All components use encrypted communications, and the database is
CRC-checked. You can now delegate access rights! Active Directory
is fully supported. You can use the OUs to manage your machines
more efficiently. Profiles are enhanced for ease of use. Enhanced
GUI makes searching for patches a lot easier. Multiple Management
Consoles mean now distributed management and reporting is possible.
Additional key information regarding the v6.0 release:
Version 5.x customers will have 6 months to transition to v6.x. Version 5.x
customers wanting to familiarize themselves with v6.x prior to
transitioning can do so by running a separate occurrence of
UpdateEXPERT v6.x on a separate console. (using the same serial number).
- Pricing has not changed.
- Version 6.0 live trials are available from Sunbelt's web site.
- Existing v5.x customers wishing to move to v6.x will need to
uninstall v5.x. Additionally, it is possible to export the machine
list prior to uninstalling v5.x to be used in v6.x. Either way,
please contact Tech Support for a clean transition.
Now You Can Keep Your Networks Patched Enterprise Wide!
Replication For Business Continuity: Webinar April 9-th
The IT community agrees; ensuring company longevity, data must be
stored in multiple locations. Double-Take is helping many companies
-- just like yours -- implement business continuity plans centered
on data replication. Learn more by attending a unique first webinar
hosted by Sunbelt Software, about replication for business continuity
April 9-th 11:30 Eastern Standard Time. Put this in your planner!
Topic: Business Continuity
Time: Wed, 9 Apr 2003, 11:30 AM Eastern Daylight Time (EDT)
Duration: 60 minutes
Meeting URL (Address):
To add this meeting to your Outlook calendar, click the following
URL or enter it in your browser:
(This URL works for Internet Explorer users with Outlook 2000 or later.)
TO ATTEND THE MEETING
To get to the audio for this presentation,
- Click the following Meeting URL or enter it in your browser:
Or alternatively, use the following URL:
- On the "Enter Meeting" page that appears, supply this
information if requested:
Your Name: (enter your name)
and then click the ENTER button at the bottom of the page.
Meeting ID: Business Continuity
Meeting Key: 880000
Conference Center Name: sunbelt
Telephone Conference Call Information:
See you there!
This Week's Links We Like. Tips, Hints And Fun Stuff
Microsoft's code names for all products:
A UK Subscriber sent this: "since you're in the habit of sending
funny links out with the newsletter, it's only polite to give you
one back. Here's one England style :)
All security problems solved. A very technical article (ftp):
IronPort launched a real-time e-mail monitoring site called SenderBase
which offers a variety of methods for analyzing both the volume and
source of e-mail being sent to addresses managed by several thousand
participating ISPs, universities and corporate sites:
A site that is highly critical of MS, with a very offensive name too:
Optical illusion? Doctored Video? Self-camouflaging technology by
recording video of the background and displaying it on a surface in
real time? Check this out from the Tachi Laboratory at the University
PRODUCT OF THE WEEK
ScriptLogic: Cut Your Help Desk Support Calls by 50%
"Every once in a while a product comes along that just seems to get
the pieces right, providing both simplicity and power. ScriptLogic
fits the bill on both counts." - MCP Magazine
Fully functional 45 day DOWNLOAD
Logon, logoff and shutdown scripting
Install/update software packages
Create Outlook mail profiles
Enforce security policies
... And Much More
Free Born to Network T-shirt offer is available to US residents only.