Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Dec 15, 2003 (Vol. 8, #50 - Issue #456)
Brand New Security Scanner: SNSI
This issue of W2Knews contains:
- EDITORS CORNER
- TECH BRIEFING
- How Much Are You Paying Redmond?
- Security Lockdown Wizard Coming to Windows 2003 in SP1
- NT/2000 RELATED NEWS
- MS's Top 10 Challenges for 2004
- Microsoft Licenses Intellectual Property
- Redmond Withdraws Bunch Of Products
- Exchange SmartScreen Only Free for 10% Of Market
- NT/2000 THIRD PARTY NEWS
- Brand New Security Scanner: SNSI
- So, How Does iHateSpam Server Do In Real Sites?
- Double-Take 4.3 Service 2 Pack Available
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- NEW: Sunbelt Network Security Inspector
SPONSOR: Panda's GateDefender Stands Guard!
Are your traditional antivirus solutions really protecting your
network? Panda Antivirus GateDefender is a dedicated hardware
device installed at the Internet gateway to block viruses before
they contaminate your network. It scans 7 different communication
protocols, achieving optimum protection against external attacks.
Panda Antivirus GateDefender 7100 (25-500 seats) & Panda
Antivirus GateDefender 7200 (500 seats+) provide the highest
scalability with native load balancing that transparently adapts
to traffic volume.
Visit Panda's GateDefender Stands Guard! for more information.
Last Issue of 2003!
It's unbelievable but another year has flown by. This is issue
number 50 of 2003, and there are now 456 issues since we
started. It's still fun! The coming issue will be Monday Jan 5th,
and has the usual predictions for 2004. Got any? Send them my
way: [email protected]. If I use them, you'll get credit.
You can see W2Knews back-issues from Sept 1997 till now in the link below and they are searchable.
Another piece of BIG news is a new product that we're launching:
The Sunbelt Network Security Inspector (SNSI, pronounced "snizzy")
After extensive surveys, we came to the conclusion a LOT of you
needed a low-cost security scanner for your Windows networks,
licensed by admin, with a killer database of vulnerabilities.
Voila, here it is. It is in late beta now, and will be released
in a few weeks. Sunbelt is talking orders for SNSI since some
companies after looking at the Betas insisted on buying before
the end of the year. Read more at the Third Party News section,
or check it out here:
A lot of you liked the Media Center story in the last issue. Here
is how Media Center will be integrated in LongHorn (Windows 2005):
And there is a community for MediaCenter enthusiasts, where you
can download cool stuff like software that allows you to schedule
recordings remotely using IIS on your MediaCenter PC:
We have RSS ready for WinXPnews now, so you can plug the link
below in your favorite RSS reader. Microsoft is expected to RSS-enable Microsoft.com and all their updates this spring 2004. And
of course there will be a free MS RSS reader as well. But for the
moment, get your own RSS reader. YOU WANT ONE OF THESE, just like
you want an Adobe Acrobat Reader! Here is a free one:
And now, here are our RSS Feeds:
And here is the new SunPoll. We now know how you think about MS's
.Net framework: Seventy percent of you are OK on using it. Now,
how about J2EE?
Question: Over the next two years, do you perceive of your
J2EE apps as growing...
Vote here: rightmost column:
- In numbers
- In cost
- In general / management complexity
- Becoming more mission critical
- All of the above
Quote of the Week:
"A wise man speaks when he has something to say; A fool speaks
when he has to say something."
(email me with feedback: [email protected])
Order ScriptLogic Enterprise or Desktop Authority today!
Get a FREE iPod digital music player when you order 250 seats or
more of ScriptLogic Enterprise or 100 seats or more of Desktop
Authority. HURRY! Offer expires Dec. 31, 2003 (new customers
only, no migrations). Call ScriptLogic at 561-886-2400 today.
Centrally control drive mappings and printer deployments
Change configurations at a very granular level, and
Access desktops & files remotely w/out addtl client-side software
Visit ScriptLogic for more information.
How Much Are You Paying Redmond?
It's that time of year again: renewing support, license and software maintenance contracts. Have you done your homework and take
a look at the best way to save valuable budget?
The Updated Sunbelt/ITIC Microsoft Licensing 6.0 Report is
available now. It contains eight (8) pages of new material
highlighting the changes Microsoft made over the past several
months to add more business value to it's licensing program. It also incorporates
information about upcoming revisions that take effect in January,
2004. As an added bonus, we've included a PowerPoint presentation
that highlights the changes in a very succinct format. Sunbelt's
survey data indicates that as many as 40% of organizations will
be re-negotiating current licensing contracts or signing new
deals in/for 2004. This report gives you the information you need
to know about the changes and the best strategies for negotiating
Sunbelt is making this Updated Licensing 6.0 Report available for
the special price of $149 for the first 100 customers. The
regular price is $199. (if you bought it this spring, this is
your no-charge update) Don't delay -- this report will help you
hold onto to your hard earned IT dollars. Read more about it here:
Security Lockdown Wizard Coming to Windows 2003 in SP1
ENTMag had a good "find" that I originally overlooked. But here it
is! The security configuration lockdown wizard for Windows Server
2003 that was supposed to be delivered shortly after the
operating system shipped has now apparently been pushed into the
first service pack. Bill Gates mentioned such functionality
during his Microsoft Professional Developers Conference keynote
in Los Angeles. While discussing security enhancements coming in
future service packs, Gates said Windows 2003 SP1 could contain
a "simple configuration where you can say what the type of the
server is, and have all things locked down according to exactly
The decision to put the security feature in SP1 means the feature
has been delayed by at least a year. Windows Server 2003 SP1 is
expected to go into beta in the first half of next year and be
finished in the second half. More info at:
NT/2000 RELATED NEWS
MS's Top 10 Challenges for 2004
One of the industry's top Microsoft watchers, Kirkland, Wash.-based Directions on Microsoft, has released its annual list of
Redmond's top 10 challenges for the new year. I'll give you the
first 5 here, for the others you need to go to the SearchWin2000
For the rest:
- Serve existing customers: Analysts said that the most
important challenge for Microsoft in 2004 is what amounts to
learning how to age gracefully. Product cycles are longer, and
customers are not so fast to upgrade. Analysts said that, since
Microsoft can no longer move as fast as it once did, it must pay
attention to its existing customers and less to the pursuit
of "software grand slams."
- Security: No surprise here. The vulnerabilities have
overwhelmed any discussion of innovation. "MS's patch management
technologies are themselves a patchwork," analysts at the firm
wrote. Microsoft says these technologies will improve. The
company must deliver on its promises.
- Produce clear, reliable road maps: Customers need to know
what's coming out and when. The idea of asking customers to put
up cash and then giving them vague product sets and delivery
dates is unrealistic, analysts said. Independent software vendors
also need to know what's coming down the road. Knowing when
service packs are coming and what they contain will help
- Rebuild the partner network. Except for the largest
enterprises, most companies purchase Microsoft software or
integration services through a partner. Directions on Microsoft
analysts said that the nature of the partnerships has changed
over the years, with much action moving to the Internet and more
functionality going into Windows. The company must use the
partners effectively to stave off defections to Java.
- Counter Linux. The open source OS is starting to find
enterprise traction, and Microsoft must figure out how to keep it
at bay. Analysts said that Microsoft must stop Linux at the
server, before it gets a foothold on the desktop. Microsoft won't
have a new desktop OS to answer challenges from Linux for the
next few years. Microsoft also has to improve its Unix migration
Microsoft Licenses Intellectual Property
Redmond decided to start making money with their IP. There are
now two technologies that can license: ClearType and yes,
believe it or not: the FAT file system! The latter has caused
some noise, as no one ever believed they would ever have to pay
for that. Especially makers of digital cameras and removable
media. They now have a choice. Either pay a quarter per device,
or change their file system which is very unlikely. Redevelopment
is way more expensive. It's even more interesting which other
things MS might cook up that are now suddenly "for pay", and what
others will do to challenge these patents. There are people that
claim many examples of prior art to FAT exist. I know from
personal experience (yes my age shows here) that it bears close
resemblance to the CPM file system. Here is the data on FAT:
Redmond Withdraws Bunch Of Products
Next week, a long list of products are going to be withdrawn. Some
of these are Windows 98 and SQL Server 7. According to Redmond,
this is to comply with legal requirements following from the Sun
lawsuit regarding Java. Some products will be re-appearing in a
modified form by the end of December, for example these are Office
XP Pro with FrontPage, Publisher 2002, Windows NT 4.0 and Small
Business Server 2000. Oh, this notice is about availability, and
not support which is something completely different with dates
extending years from now. Windows 98 support though will end in a few
weeks. Here is the MS notice:
Exchange SmartScreen Only Free for 10% Of Market
You all know that Bill Gates announced that there will be a junk
email filter in Exchange 2003. He kind of spent a few seconds at
Comdex talking about it. What he did not say was that it is only
given for free to companies that are under the fairly expensive
Microsoft Software Assurance. Everyone else has to pay, (price has
not been set yet) and it will be released somewhere first half
I started asking myself, well how many people are under this
Software Assurance? Some research showed that at this point
roughly 34% of MS customers have migrated to the new Licensing
6.0 Plan and of that figure, approximately 28% have Software
Assurance. Do the math. That's less than 10%. Their PressPass
site shows that it is limited to "SA-only".
If you want to know what's in Software Assurance, Microsoft
has NOT rolled back prices on licensing agreements or SA. And
despite the added business value, cash strapped customers
simply may not have the budget for SA. But part of what MS
Want to get the nitty gritty about the very latest changes to MS
Licensing 6.0? Here is a brand new $149 report that might save
you many thousands of dollars:
- Free home usage rights for Office, Visio, FrontPage and Publisher
- Free TechNet Web-based support - with the Online Concierge Chat. Depending on Terms and conditions of individual contract will give you a specific number of free Web-based tech support incidents
- Free training vouchers for Microsoft CTEC worth $300 to $400 for desktop ONLY training
- Ability to pay as you go for hot fixes
- Step Up program to move easily from Standard to Enterprise Edition SKUs
THIRD PARTY NEWS
Brand New Security Scanner: SNSI
"A World-Class Vulnerability Scanner That Won't Make a Hole in
Your Budget." --Laura DiDio, Senior Analyst, Yankee Group
We are thrilled to announce SNSI: Close the door on hackers!
But, you can't close the door if you don't know which one is open.
That's why we designed Sunbelt Network Security Inspector (SNSI
pronounced "snizzy"): A low-cost, quick-install, fast-result
vulnerability scanner that uses a top quality, commercial-grade
database of ranked vulnerabilities.
We are taking orders from companies that want to order before the
end of the year.
- Prioritized vulnerability reports provide detailed and easy-to-follow instructions on how to fix holes fast, so you can focus on the most critical security issues.
- Configurable scans: create your own scans or use predefined scans such as "high risk" or the "SANS top 20".
- Windows platform support: Find holes in Windows 95/98/ME/NT/2000 and Windows Server 2003 machines.
- The easy, all-new interface has a short learning curve: just point,
right-click and QuickScan.
- SNSI is licensed per Administrator and lets you scan unlimited machines! SNSI won't make a hole in your budget, so you can afford to be proactive without compromises.
- SPECIAL OFFER: Run the Beta and get your own black "Hack My Network and Die" T-shirt. Specs and beta at the link below.
So, How Does iHateSpam Server Do In Real Sites?
One of our large installations, (University of Wisconsin - Stevens
Point) posted a graph of their recent months of spam since August
this year. It's been skyrocketing. There is an area chart and
also a tab at the bottom of the page with more specifics and
percentages per month. The numbers are staggering. The graphs
are interesting to check out:
iHateSpam Server is doing great. You are going to love the
new V1.5 that is in beta now. It's got practically everything
that our well over 1,700 customers have asked for. Want to test
a late beta of Version 1.5? Email [email protected]
and please specify if you want the server version or gateway and
which Exchange Platform you are running. Check out the new 1.5
Double-Take 4.3 Service 2 Pack Available
With the availability of Service Pack 2 for Double-Take 4.3 comes
a number of fixes and enhancements. Among the changes in this
release are numerous fixes as well as performance enhancements.
In addition to new fixes, a number of existing hotfixes have been
rolled into this release as well. Building existing hotfixes into
this release simplifies the installation process as fewer
hotfixes need to be applied after the product is installed.
Changes have been incorporated in this release which improve the
performance and efficiency at which DT uses available resources.
In some instances the throughput has improved greater than 3x
Business benefits of these changes include:
It's a download on the Double-Take page:
- The ability to run on smaller networks
- Improved target write speeds for improved data protection
- Reduced server overhead on source and lower CPU utilization puts
less strain on production servers and applications.
This Week's Links We Like. Tips, Hints And Fun Stuff
WorldWide War Drive is an effort by security professionals to
generate awareness of the need by both companies and individual
users to secure their wireless access points. The stats are ugly:
Sony's new little walking robot called QRIO. Pretty cool. Turn on
Flash though, otherwise you will not see it move. Tip: hover your
mouse over the empty spaces.
Posters from a variety of xrayed technical items. Interesting.
Ever wondered how much power your computers used? find out with a
neat little tool called a Kill A Watt.
SpamCop advises on their home page that production sites should
NOT use the service. And there are good reasons for this!
Project a (BIG) message on a building: HelloWorld Project.
Breaking the Gigapixel Barrier: one of the highest resolution,
most detailed stitched digital images ever created: Bryce Canyon.
PRODUCT OF THE WEEK
NEW: Sunbelt Network Security Inspector
Introducing: The Sunbelt Network Security Inspector (SNSI, say
"snizzy"). A brand new security scanner for everyone that cannot
afford the high-end scanners that force you to license by IP-range. SNSI is a low-cost security scanner for your Windows
networks, licensed by admin, with a killer database of
vulnerabilities. Sunbelt is talking orders for SNSI since some
companies after looking at the Betas insisted on buying before
the end of the year. The price is astounding if you look at what
you get: $949.00 which is the competitive upgrade price. You can
upgrade from any currently available vulnerability scanner. Even
freeware. Regular price: $1,495 per admin. Scan unlimited
machines per seat, but multiple SNSI copies in the same
organization require multiple licenses.