Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 13, #32 - Aug 4, 2008 - Issue #686
VIPRE Enterprise: Time To Ditch Your Old AV

This issue of WServerNews is sponsored by
  1. Editor's Corner
    • VIPRE Enterprise: Time To Ditch Your Old AV
    • WEBCAST: A First Look at VIPRE Enterprise
    • Upcoming Sunbelt/Double-Take Seminars
    • Quotes of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without:
  3. Tech Briefing
    • Your Server Is Wasting Your CPU
    • User Account Control In Windows Vista: Blessing Or Curse?
    • Take Control Of Sharepoint Security
    • Microsoft vs. VMware: What's The Next Move?
    • Email Archiving FAQs
    • Screencast: Installing Microsoft Hyper-V
    • Redmond Sees Vista 64 Finally Taking Off
  4. Windows Server News
    • Microsoft's Non-Windows Operating System Leaks Out
    • What Is Extra In VIPRE Enterprise?
  5. WServer Third Party News
    • Double-Take 5.1 Is Now Available
    • Latest Batch Of Vulnerabilities
  6. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • Get an E-Policy Best Practices Guide with Free Templates from St. Bernard
Get an E-Policy Best Practices Guide with Free Templates from St. Bernard

Whether you need to implement an Acceptable Use Policy (AUP) for Internet, email and network use, or have inherited one that needs to be updated, your AUP is critical in protecting your organization from Internet-based threats. This informative guide shows you how to quickly and effectively develop and deploy an AUP that specifically addresses the threats associated with non-work related surfing, spyware, anonymizers, IM and P2P applications. Other topics covered include Electronic Risk Management, managing P2P risks, and more. Get the e-Policy Best Practices Guide with free templates now!
http://www.wservernews.com/080804-Policy-Handbook

Editor's Corner

VIPRE Enterprise: Time To Ditch Your Old AV

And a week after the client was released, here is the Enterprise version! As you know, the VIPRE consumer version is the same platform as the Enterprise client.

Many of you have been running CounterSpy Enterprise and were patiently waiting for VIPRE to arrive. Thanks for your trust in us. Now you can get rid of your Symantec, McAfee and Trend dinosaurs. VIPRE Enterprise is already running in more than 100 sites with great results. End users simply don't notice it's there and stop complaining about slow PCs.

This week, Sunbelt got its second West Coast Labs Certification, this time for 100% disinfection of the WildList. We will get more Certifications in the coming months. Apart from being a full-fledged AV product you can trust to protect your networks, the performance benefits are significant.

And it's not us saying it. CNET just finished their benchmarks and saw the same thing. VIPRE was given a "Very Good' rating and they said: "The bottom line: Vipre combines antivirus and antispyware technology in a fast and light application that also includes a worthy set of security tools."

Specifically regarding performance, here are some quotes, with a link to the full review. "VIPRE scored well in both our CNET Labs' Windows XP performance tests...On our iTunes test, VIPRE was the leader of the pack at just 1 second above our test system. On our Microsoft Office test, VIPRE came in near the middle at 1,378.67 seconds. For scanning a single folder with multiple files, VIPRE came in first at 122 seconds. And in boot speed, VIPRE again came in first place, with a speedy 28.73 seconds." Just like we promised! Link to the review:
http://www.wservernews.com/080804-VIPRE-Review

However, THIS ZDNet review really shows it all. It starts out with: "Sunbelt Software's VIPRE - I've finally found an antivirus package that delivers the goods." and explains how their system performance improved by uninstalling old AV products and replace them with VIPRE. This is a must-read at:
http://www.wservernews.com/080804-VIPRE-ZDNet-Review

You can now get your hot little hands on the new VIPRE Enterprise, and run it on a your own network. Here is the 30-day eval, and if you need a key to run the agent on a bunch more workstations, your rep can get you one:
http://www.wservernews.com/080804-VIPRE-Enterprise


WEBCAST: A First Look at VIPRE Enterprise

As part of its ongoing efforts to address the rapidly evolving malware landscape facing enterprises, Sunbelt Software introduces VIPRE Enterprise - a completely new solution that combines antivirus, antispyware, anti-rootkit and other technologies into a seamless, tightly-integrated product.

Join Sunbelt Software on Tuesday, August 5, 2008 at 2:00pm EDT for a first look at VIPRE Enterprise and learn how Sunbelt started with a blank slate to design a new, next-generation antivirus and antispyware technology to deal with today's malware in the most comprehensive, highly efficient manner. The result is a clean, fast, and powerful anti-malware solution developed 'by admins for admins'.

VIPRE Enterprise is designed to optimize overall performance by melding antivirus and antispyware together into one, single, powerful engine. This combination of technologies gives you high-performance software that doesn't slow down users' PCs, is low on system resources, and makes it easy for you to protect your network.

Attend this webcast to learn about the following VIPRE Enterprise features:
  • High-performance threat protection with low impact on system resources
  • All-new technology delivers a unique single antivirus plus antispyware engine
  • Rock solid Management Console is your "Malware Command Center"
  • Real-time monitoring and advanced anti-rootkit technology
  • Integrated, full email protection with support for Outlook and Windows Mail
When: Tuesday, August 5, 2008 2:00 PM (EDT) Please register here:
http://www.wservernews.com/080804-VIPRE-Enterprise-Webcast


Upcoming Sunbelt/Double-Take Seminars

We'd like to invite you to attend the following seminars:

"Implementing an Effective Email Archiving Strategy for Exchange" - Join Sunbelt and Mike Osterman, president and founder of Osterman Research, Inc., one of the leading analyst firms in the messaging and collaboration space, for an engaging discussion on how an effective email archiving strategy can help you deal with the issues resulting from growth in email storage and new discovery and privacy requirements.

Hosted at Microsoft in Chicago, IL on Thursday, August 21st. Register here:
http://www.wservernews.com/080804-Exchange-Archiving-Seminar

"Recovery Made Easy for Exchange, SQL, and other Critical Applications" - Join Sunbelt and Double-Take Software as we discuss strategies for implementing high availability, remote availability and offsite disaster recovery solutions for SQL, Exchange and other mission critical applications using Double-Take. Learn about Double-Take v5.0 and Double-Take's NEW solutions that power your keys to recoverability.

Hosted at Sheraton Suites in Calgary, AB on Tuesday, August 12th. Register here:
http://www.wservernews.com/080804-DT-Seminar-Calgary

Hosted at Microsoft in Seattle, WA on Wednesday, August 13th. Register here:
http://www.wservernews.com/080804-DT-Seminar-Seattle

Hosted at Microsoft in Kansas City, KS on Friday, August 15th. Register here:
http://www.wservernews.com/080804-DT-Seminar-Kansas-City

Hosted at Microsoft in Hartford, CT on Thursday, September 25th. Register here: http://www.doubletake.com/invites/show_invite.aspx?E1=RB0308014

Quotes of the Week

"Intaxication: Euphoria at getting a tax refund, which lasts until you realize it was your money to start with." -- unknown

"Imagination is more important than knowledge." -- Albert Einstein

Thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/080804-Subscribe

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Next-generation AV that IS NOT a resource hog!

Antivirus software slowing down your PC? Save your family budget and ditch your old Antivirus software for high-performance protection that IS NOT a resource hog. VIPRE Antivirus + Antispyware gives you next-gen security that doesn't slow down your computer like older, traditional antivirus bloatware products. VIPRE combines antivirus, antispyware, anti-rootkit, anti-malware and other security technologies into a seamless, tightly-integrated security solution. VIPRE delivers comprehensive protection against today's highly complex spyware, viruses, and blended malware threats for superior PC and email security. Just $29.95. But the unlimited home site license is only $49.95 per year - a total no-brainer.
http://www.wservernews.com/080804-VIPRE

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without:

Protect Your Organization with a Strong, Relevant Acceptable Use Policy. Get the E-Policy Best Practices Guide with Free Templates from St. Bernard!
http://www.wservernews.com/080804-E-Policy-Guide

Customers call rDirectory "The perfect system; it does everything we need & more!" Leverage your AD investment & explore the potential of all editions.
http://www.wservernews.com/080804-rDirectory

Help Desk application now available for the rest of us. Learn more about BridgeTrak:
http://www.wservernews.com/080804-BridgeTrak


Tech Briefing

Your Server Is Wasting Your CPU

While using an AMD Barcelona (quad-core Opteron) server to create a portable benchmarking kit for InfoWorld's Test Center, I discovered something unexpected: I could incur variances in some benchmark tests ranging from 10 to 60 percent through combined manipulation of the server's BIOS settings, BIOS version, compiler flags, and OS release. The performance envelope of a CPU and chipset is cast in silicon, but sculpted in software. This is an interesting story by Tom Yager:
http://www.wservernews.com/080804-Wasting-CPU


User Account Control In Windows Vista: Blessing Or Curse?

More than a few admins have had issues with Windows Vista's User Account Control feature. This tip provides the basics of how UAC works, and why disabling it might not be the best idea. (registration required)
http://www.wservernews.com/080804-Vista-UAC


Take Control Of Sharepoint Security

SharePoint's ease of installation and high-level configuration can sometimes mask its underlying complexity, especially when dealing with security. Learn how to grant users access to functions and content through SharePoint security authorization with this tip from SearchWinIT.com. (registration required)
http://www.wservernews.com/080804-Sharepoint-Security


Microsoft vs. VMware: What's The Next Move?

With their hypervisors finally slugging it out in the marketplace, Microsoft and VMware will now advance their battle for virtual world dominance. Find out who has the edge and what to look forward to in this exclusive article.
http://www.wservernews.com/080804-Microsoft-vs-WMware


Email Archiving FAQs

Email archiving -- if done properly -- frees up storage, allows for speedier retrieval of archived messages, and meets compliance regulations. This collection of FAQs provides troubleshooting advice on Exchange, Outlook and OWA email archiving issues. You'll also discover third-party tools, journaling event sinks and other methods for achieving effective corporate email archiving and data retention.
http://www.wservernews.com/080804-Email-Archiving-FAQs

And if you need a tool that will make sure your email is properly archived, and even have the court agree it is, check out Sunbelt Exchange Archiver, soon with 'Legal Hold' feature included:
http://www.wservernews.com/080804-Sunbelt-Exchange-Archiver


Screencast: Installing Microsoft Hyper-V

Watch this screencast for a step-by-step guide to installing Microsoft Hyper-V. The demonstration will use the release version of Windows Server 2008, which includes a beta of Hyper-V. Learn about prerequisites, system requirements and using Server Manager to install and verify the Hyper-V server role.
http://www.wservernews.com/080804-Microsoft-Hyper-V


Redmond Sees Vista 64 Finally Taking Off

Chris Flores, a member of the Windows Vista team, wrote on their Blog that the installed base of 64-bit Vista PCs as a percentage of all Vista systems has more than tripled in the United States in the past three months. More over, worldwide adoption has more than doubled in the same time frame. "Put more simply, usage of 64-bit Windows Vista is growing much more rapidly than 32-bit," Flores wrote. Here is the full blog:
http://www.wservernews.com/080804-64-bit-Vista


Windows Server News

Microsoft's Non-Windows Operating System Leaks Out

Hints about the modular, ambitious potential replacement for Windows have been leaking for months, but a batch of internal documents make up the most comprehensive picture yet. Somebody at Microsoft is seeing red over Midori, which is Japanese for green. More at Microsoft Watch:
http://www.wservernews.com/080804-Midori


What Is Extra In VIPRE Enterprise?

Question: Since the consumer product and the enterprise agent are the same software, what do I get extra in VIPRE Enterprise over consumer?

Answer: Well, first off, you get a stable, production quality 'Malware Command Center' console that was originally the CounterSpy Enterprise console, but significantly expanded. Running on one server, this can support thousands of clients with ease. One customer is running it with 14,000 agents on one server. But for the enterprise, we have added more threat categories in the database:
  • Commercial Remote Control Tool
    A Commercial Remote Control Tool is a network application that allows administrators to manage and control PCs or networks from a remote location. Typically used in an enterprise environment, Commercial Remote Control Tools have legitimate uses for I.T. administration and are not harmful unless installed and used without the knowledge of the computer user or network administrator. This category currently has 136 threats.
  • Potentially Dangerous Tool
    A Potentially Dangerous Tool is an application that is not necessarily harmful if properly installed by the user or administrator of the PC, but which could be harmful or disruptive to the user, PC, or network if deployed by unauthorized parties for potentially malicious purposes. This category currently has 439 threats.
  • Unauthorized Program
    An Unauthorized Program in an I.T. environment could be any software program installed by users on the network that is not compliant with the I.T. and security policies of the network owner or administrator. This category currently has 0 threats, as this is site-dependent and gets entered by the administrator.
  • Password Recovery
    Password Recovery software is used to uncover and display lost or forgotten passwords on a computer or network. While Password Recovery programs have legitimate uses, they may also be used to again unauthorized access to a computer and to a user's data. Unlike password crackers and stealers, Password Recovery programs typically cannot be executed and used without the knowledge of the computer user. This category currently has 169 threats.
You can now get your hot little hands on the new VIPRE Enterprise, and run it on a your own network. Here is the 30-day eval, and if you need a key to run the agent on a bunch more workstations, your rep can get you one:
http://www.wservernews.com/080804-Get-VIPRE-Enterprise


WServer Third Party News

Double-Take 5.1 Is Now Available

This version is a unified release of Double-Take for Windows, Application Manager, Reporting Center, Enterprise Install Console, and the new Dashboard.

Feature Highlights:
  • Blackberry Enterprise Server for Exchange protection in Application Manager
  • Target Data Verification for Microsoft SQL Server
  • Double-Take Dashboard for Real-Time Monitoring of All Connections from One Screen
  • Double-Take Virtual Recovery Assistant Integrated into core Double-Take
  • Improved Mirror Performance for File Servers
  • Double-Take for Virtual Systems support for XEN and Virtual Iron
  • Enhanced Application Manager Restore Options
Customers with active maintenance agreements desiring to upgrade can log into the Double-Take Software support website and download the new version: Double-Take 5.1 does not require a new activation code.
http://www.wservernews.com/080804-Double-Take-5-1


Latest Batch Of Vulnerabilities

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks

H106 SAM NFS Access Control Vulnerability - HP-UX 11
L818 ClamAV petite.c out-of-bounds read error - FC
L862 Seamonkey multiple security vulnerabilities - RHE
L922 Cairo-dock Mozilla related vulnerabilities - FC
L923 Mantis multiple code vulnerabilities - FC
L924 Asterisk CPU consumption and firmware flaw - FC
L925 ISC BIND DNS server insufficient randomness flaw - SciLinux
L926 Bluez SDP parser string length flaw - SciLinux
L927 Mozilla Applications critical vulnerabilities - SciLinux
L928 PHP escapeshellcmd() & other function flaws - RHE5 RHE3
L929 PHP escapeshellcmd() & other function flaws - RHE4
L930 CoreUtils su locked or expired account bypass flaw - RHE
L931 MySQL Create Table MyISAM bypass flaw - RHE
L932 Rdesktop iso_recv_msg underf flaw - RHE4
L933 Nss_ldap race condition request answer flaw - RHE
L934 VSFTPd PAM session memory leak - RHE4
L935 VSFTPd PAM session memory leak - RHE3
L936 Rdesktop iso_recv_msg underf flaw - RHE3
L937 Php escapeshellcmd and htmlentitites errors - RHE2.1
L938 Rdesktop iso_recv_msg underf flaw - RHE2.1
L939 CoreUtils su locked or expired account bypass flaw - SciLinux
L940 MySQL Create Table MyISAM bypass flaw - SciLinux
L941 Nss_ldap race condition request answer flaw - SciLinux
L942 OpenLDAP iblber/io.c datagram assertion error - SciLinux
L943 PHP escapeshellcmd() & other function flaws - SciLinux 3/5
L944 Pidgin msn_slplink_process malformed message flaw - SciLinux

Updated Checks L17 Epiphany-extensions related Mozilla vulnerabilities - FC L211 OpenVRML Mozilla related vulnerabilities - FC L306 Ruby-Gnome2 Mozilla based vulnerabilities - FC L307 Kazehakase Mozilla based vulnerabilities - FC L309 Gnome-web-photo Mozilla based vulnerabilities - FC L310 Miro Mozilla based vulnerabilities - FC L1473 Wireshark multiple vulnerabilities - FC L1512 Mozilla Firefox multiple vulnerabilities - FC L1513 Mozilla SeaMonkey multiple vulnerabilities - FC L1514 Epiphany Mozilla based package vulnerabilities - FC L1515 Mozilla Yelp package vulnerabilities - FC L1516 Mozilla Devhelp package vulnerabilities - FC L1528 Mozilla Thunderbird multiple vulnerabilities - RHE L1613 Mozilla Galeon package vulnerabilities - FC L1679 BLAM Mozilla flaws - FC L1681 Liferea Mozilla flaws - FC W1142 Anti-virus Signature Outdated - McAfee W1986 Anti-virus Signature Outdated - Symantec W1999 Anti-virus Signature Outdated - Trend Micro W2067 Anti-virus Signature Outdated - F-Secure W2070 Anti-virus Signature Outdated - CA eTrust
Sunbelt Network Security Inspector version 1.6.110.0 was released July 31, 2008. Sunbelt Software recommends you download the new SNSI version 1.6.110.0, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/080804-SNSI


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Get an E-Policy Best Practices Guide with Free Templates from St. Bernard

Whether you need to implement an Acceptable Use Policy (AUP) for Internet, email and network use, or have inherited one that needs to be updated, your AUP is critical in protecting your organization from Internet-based threats. This informative guide shows you how to quickly and effectively develop and deploy an AUP that specifically addresses the threats associated with non-work related surfing, spyware, anonymizers, IM and P2P applications. Other topics covered include Electronic Risk Management, managing P2P risks, and more. Get the e-Policy Best Practices Guide with free templates now!
http://www.wservernews.com/080804-E-Policy-Handbook