|
Vol. 14, #30 - Jul 20, 2009 - Issue #735
|
|
IT Performance and Cloud Trends Survey Results
|
| This issue of WServerNews is sponsored by |
|---|
 |
|---|
- Editors Corner
- IT Performance & Cloud Trends Survey Results
- Quotes Of The Week
- Webinars and Seminars
- VIPRE Enterprise Product Demonstration - July 21
- Affordable, Enterprise Email Archiving - July 28
- Windows Server 2008 New Log Management Training - July 23
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without:
- Tech Briefing
- Redmond Confirms Another Zero-day Vulnerability
- Zero-Day Bugs Killing You? Redmond Works On Quick-Fix Tool
- The Top 7 Vendor Tech Certifications End Users Love
- Powerful Free Performance Monitoring Tools You Should Be Using
- Quick Tips For Troubleshooting NTFS Permissions
- Cloud Computing Skepticism: IT Security And Compliance
- Windows Server News
- Microsoft File Server Migration Toolkit - Download
- Microsoft Sharepoint Server: A Look Under The Hood
- Hyper-V R2 Matches VMware With 64-processor Support
- Third Party News
- VIPRE Enterprise Replaces SEP11 - Results
- And The Most Recent List Of Network Holes
- WServerNews Fave Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - Product of the Week
- Everything Is Easy When You Know How To...
|
|
everything is easy when you know how to...
Extend the value of AD beyond network management. Create a web based Employee
Directory in less than 5 minutes. Eliminate help-desk password reset calls.
Delegate account creation and group management tasks without giving native
AD permissions. Enable employees to find, use and self-service information
on virtually any AD object. Define Role Based Access rules for managing IDm
Information. Standardize attribute editing with Data Integrity Controls
such as Picklists, Format Validators, & Required Fields. Save your company
time and money with a quick ROI. Discover the versatile power of rDirectory!
http://www.wservernews.com/090720-rDirectory
|
|
 |
Editors Corner |
|
IT Performance & Cloud Trends Survey Results
Thanks to the nearly 300 of you who participated in the Sunbelt/ITIC IT
Performance Trends Survey. As always, your responses were frank and
forthcoming and you pulled no punches in expressing your opinions in
the Essay Comments.
The responses to the multiple choice questions and essay comments showed
that the majority of businesses - regardless of whether it's an SMB with
25 end users or a large multinational enterprise with over 100,000 end
users - are being pragmatic as you try and navigate through the ongoing
economic downturn with fewer resources and less capital expenditure monies.
Cloud computing was one of the hottest survey topics.
An overwhelming 85% majority of you indicated your companies will not
implement a private or public cloud computing model in 2009 because of fears
that cloud providers may not be able to adequately secure sensitive corporate
data.
Concerns about how quickly cloud providers may or may not respond to technical
troubles top the list of reasons why companies are hesitant to embrace cloud
computing - at least within the next 12 months. However, about one-third
-- 31% -- of respondents said their firms are studying the issue but have
made no decision yet and another 7% are "Unsure".
Security topped the list of concerns and guarantees that companies would
demand from a cloud services provider, if and when their companies implement
a cloud model. An overwhelming 83% of respondents said they would need
specific guarantees to safeguard their sensitive mission critical data
before committing to a cloud model. Additionally, almost three-quarters
or 73% of respondents would require guaranteed fast response time for
technical service and support. Another 63% of respondents want minimum
acceptable latency/response times and 62% of those polled say they would
need multiple access paths to and from the cloud infrastructure.
The survey yielded several other surprising results as well. The responses
and subsequent first person customer interviews indicated that IT managers
are finding it difficult and challenging to track basic IT performance
metrics such as security; compliance with their SLA agreements and the
ability to quantify the hourly cost of downtime. These are pivotal issues
that have direct impact on daily network operations as well as strategic
goals like lowering total cost of ownership (TCO), managing risk and
achieving tangible return on investment (ROI).
Among the most stunning revelations was that 48% of IT departments - nearly
half - do not track security performance metrics. Only 43% of businesses
have SLA metrics with clients that are discussed and agreed upon yearly
and 51% of organizations are unable to quantify the cost of an hour of
unplanned downtime.
Based on the responses across a wide range of survey topics, it's obvious
that the chief focus of hard working, under-staffed and under-budgeted IT
departments is to keep their networks up and running..
Among the other survey highlights:
- Over four out of 10 organizations - 44% - indicate that management holds
IT responsible for meeting defined performance metrics; 31% say that upper
management only holds them accountable or voices displeasure when something
goes awry and 19% of respondents say their companies do not have formally
defined performance metrics.
- On the subject of how businesses track performance, 28% of respondents
indicated they do so by the amount of planned and unplanned downtime
experienced by IT; another 24% measure performance according to a specific
subset of IT operations and systems; 11% are reactive and monitor performance
by the time it takes to recover following a service outage; an additional
11% are proactive, monitoring performance in a continuous, programmed
fashion throughout the enterprise. Most alarming however is that more
than a fifth of the firms represented - 21% - revealed that they don't
keep track of performance.
- In another somewhat surprising disclosure, 46% of survey respondents
do not have service level agreements (SLAs) in place compared to 43% who
do; 11% of respondents were unsure. However, the ITIC survey responses
showed that an overwhelming 84% majority of large enterprises with over
3,000 end users do have SLAs in place. However even in those businesses,
collaboration and communication among C-level executives and IT
departments is poor. Only 16% of survey respondents noted any regular,
proactive communications between IT and upper management.
Laura DiDio, is Principal of ITIC, a primary research and consulting firm
in Boston.
If you would like to discuss the results of this survey, please visit the
WServerNews Blog and feel free to add a comment:
http://www.wservernews.com/090717-Discussion
Quotes Of The Week
"Beware the greedy hand of government, thrusting itself into every
corner and crevice of industry." -- Thomas Paine (1737-1809)
Integrity without knowledge is weak and useless, and knowledge without
integrity is dangerous and dreadful. -- Samuel Johnson (1709 - 1784)
Warm regards, and thank you for being a WServerNews subscriber. No trees
were killed in the sending of this message, but a large number of electrons
were terribly inconvenienced. Please tell your friends about us.
They can subscribe here:
http://www.wservernews.com/090720-Subscribe
PS: Did you know this newsletter has a sister publication for XP users
called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/090720-WXPNews
PPS: And of course we also have our weekly VistaNews. You can subscribe
here, and tell your friends too:
http://www.wservernews.com/090720-VistaNews
|
|
Automated Uninstall of Symantec AV
No more 2-day SEP V11 Migration Classes! Sunbelt built VIPRE Enterprise; a
completely new technology combining corporate antivirus plus an enterprise
antispyware solution for total endpoint security designed by admins for
admins. And that means EASY DEPLOYMENT. Save your IT budget and don't renew
products from Symantec, McAfee and Trend Micro, Learn how VIPRE Enterprise
takes much less resources than the competition! It's clearly time to kiss
your antivirus bloatware goodbye! Competitive Upgrade price: $10/seat:
http://www.wservernews.com/090720-VIPRE-Enterprise
|
|
|
Webinars and Seminars |
|
VIPRE Enterprise Product Demonstration - July 21
Want total malware protection without the bloat? Join us for a look at
VIPREŽ Enterprise and learn how Sunbelt started with a blank slate to
design a new, next-generation antivirus and antispyware technology to
deal with today's complex malware in the most comprehensive, highly
efficient manner. Tuesday, July 21, 2009, 2:00pm - 2:30pm EDT
Can't make the live event? Register anyway to get the recorded version.
http://www.wservernews.com/090720-VIPRE-Demo
Affordable, Enterprise Email Archiving - July 28
Exchange performance is suffering. Your users complain about email storage
and don't want any quotas. Your CEO requires legal compliance. Want a
high-end, feature-rich, admin-friendly product that solves all these issues
at a very affordable price? Then don't miss this Sunbelt Exchange Archiver?
webinar. Tuesday, July 28, 2009, 2:00pm - 3:00pm EDT
Can't make the live event? Register anyway to get the recorded version.
http://www.wservernews.com/090720-Email-Archiving
Windows Server 2008 New Log Management Training - July 23
W2K8 features 4 new log management features that we've needed ever since
Windows NT Server came out so long ago. In Randy Smith's next 'real
training for free'? session he will show you how to use:
- Log archival - You can now configure Windows to create a new log file
whenever the current log file reaches its maximum size. Not only does
this prevent holes in your audit trail; used properly this can be the
beginning of a home grown log collection and archival scheme.
- Event forwarding allows you to configure one server to forward events
matching specific criteria to the security log of another server on the
network in near real-time or on a periodic basis. Combined with triggers
described below you have the building blocks of monitoring and alerting.
- Triggers - give you the ability to automatically execute specified tasks
whenever certain events occur. Tasks can be anything from sending an email
to running some other kind of script.
- Custom views - the new Event Viewer give you the ability to create much
more sophisticated event log queries than before both in terms of criteria
and the ability to query multiple logs at the same time. Moreover you can
re-use such queries by saving them as custom views. This makes it much
easier to perform log analysis. Please register for now this technical,
deep dive. Click here to register. Can't make the live event? Register
anyway to get the recorded version.
Training: Using Windows Server 2008's New Log Management Features: Archival,
Forwarding, Views and Triggers Date: Thursday, July 23, 2009 12:15:00 PM EDT
http://www.wservernews.com/090720-Log-Management
|
|
Tech Briefing |
|
Redmond Confirms Another Zero-day Vulnerability
They confirmed another zero-day vulnerability last Monday. The hole is in
a set of software components that ship in a wide variety of their products.
It's the Office Web Components, which are used for publishing spreadsheets,
charts and databases to the Web, among other things. They are working on a
patch but did not indicate when it would be released, according to an advisory:
http://www.wservernews.com/090720-Security-Advisory
Zero-Day Bugs Killing You? Redmond Works On Quick-Fix Tool
Under the dark cloud of recent zero-day attacks, Microsoft is quickly working
to update its enterprise patching tools to incorporate short-term, quick fix
technologies to thwart malware that is already actively exploiting
vulnerabilities. Microsoft's goal is to add its Fix-it technology, introduced
in January, into its overall patch management toolbox, which is anchored by
Patch Tuesday. The idea is to streamline blockers for zero-day attacks into
current patching best practices. More at InfoWorld:
http://www.wservernews.com/090720-IT-Patch-Tools
The Top 7 Vendor Tech Certifications End Users Love
Technical certifications are a major factor in end users' selection of
solution and service providers. Channel Insider and Amazon Consulting asked
more than 200 enterprise and midmarket purchases which vendor certifications
they value the most when selecting a solution provider. Here are the Top 7:
http://www.wservernews.com/090720-Tech-Certifications
Powerful Free Performance Monitoring Tools You Should Be Using
Solving computer performance issues can be one of the most difficult
challenges faced by an IT professional. They are very difficult to define
and even more difficult to analyze and solve. Performance often depends
on the perspective of the user doing the complaining. To a degree, we
all get used to computer performance because it's easier to adapt to it
than to have it fixed. Don't get complacent. This tip outlines free
performance monitoring tools you should be using:
http://www.wservernews.com/090720-Performance-Monitoring
Quick Tips For Troubleshooting NTFS Permissions
Most of the time, NTFS permissions are fairly straightforward. In large
organizations though, you may find it difficult to determine what permissions
apply to individual users, as they could potentially be members of many
different groups. Fortunately, Microsoft gives us the Effective Permissions
tool which makes the process of evaluating NTFS permissions a lot easier.
The catch, however, is that the tool is sometimes wrong. But why? Get
troubleshooting best practices in this expert tip:
http://www.wservernews.com/090720-NTFS-Permissions
Cloud Computing Skepticism: IT Security And Compliance
Cloud computing may be the "hot" topic in IT right now, but the technology
is still very new and lacks a clear cut definition across the board. Also,
questions of IT security and compliance in the cloud remain to be answered
and many critics say these will be large issues for early adopters. If
you're considering a move to cloud computing, check out these security and
compliance concerns first: (Registration Required)
http://www.wservernews.com/090720-Cloud-Computing
|
|
Windows Server News |
|
Microsoft File Server Migration Toolkit - Download
Microsoft released the File Server Migration Toolkit version 1.2 (FSMT 1.2),
which will help you migrate file shares from computers running Windows
NT 4.0 Server, Windows 2000 Server, Windows 2003 Server, Windows Server
2008 and Windows Storage Server 2008 to computers running Windows 2003
Server, Windows Server 2008 and Windows Storage Server 2008. You can use
it to consolidate multiple file servers or simply to migrate files between
servers. Here is the download:
http://www.wservernews.com/090720-Server-Migration-Toolkit
Microsoft Sharepoint Server: A Look Under The Hood
As enterprises learn about SharePoint's capabilities, many are eager to learn
if SharePoint is right for their environment. In this webcast, dive into the
SharePoint ecosystem and get a review of the strengths and weaknesses of this
platform. Also, learn steps to take to avoid missteps during the implementation
process:
http://www.wservernews.com/090720-Under-The-Hood
Hyper-V R2 Matches VMware With 64-processor Support
Microsoft's Hyper-V R2 will support 64 logical processors - a big deal for
existing Hyper-V users, but not enough to win over VMware customers, say
experts. Support for 64 logical processors in Hyper-V R2 is a major
upgrade over the existing version of Hyper-V, which supports only 16
processors. Learn more about the new Hyper-V R2 and how it could help
close the gap between VMware and Microsoft in the virtualization market:
http://www.wservernews.com/090720-VMware
|
|
Third Party News |
|
VIPRE Enterprise Replaces SEP11 - Results
"I just have to say that I am very pleased with VIPRE so far. I just finished
deploying the agent across most of my desktops and I had the agent set to run
a scheduled quick scan nightly at 9:00PM. Within 12 minutes of the scan
starting I had 15 notification emails from VIPRE stating that it had found
numerous infections on machines (most of which were within 3 minutes of the
start time). Mind you, ALL of my PCs had Symantec Endpoint Protection 11 on
them before I deployed VIPRE, and they all ran scheduled scans, and none of
them turned up any of these infections. Also, know that I am excluding
cookies and some other items (like VNC), so these reported infections were
truly infections and not false positives. Again, I am very happy with VIPRE
performance and deployment thus far, and I hope to continue to receive this
level of performance for the remainder of our support contract and far beyond.
Please pass along my thanks and appreciation to the development staff and
everyone who makes the VIPRE software possible. Thanks again. -- D.S. Senior
Systems Engineer. Get a 30-day eval here and see how easy it is to deploy:
http://www.wservernews.com/090720-VIPREEnterprise
And The Most Recent List Of Network Holes
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list
of computer incidents. It also contains the latest SANS/FBI top 20
vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and
FedCIRC (Department of Homeland Security) advisories.New Checks
L2597 Coccinelle result file overwrite via symlink vulnerability - FC
L2598 Mutt SSL certificate chain verification with one TLS flaw - FC
L2599 Libpng 1-bit image interlace weakness in PNG files - FC
L2600 Moin ACL hierarchic set to true enforcement failure - FC
L2601 Giflib GIF image loading & memory corruption errors - FC
L2602 PC/SC Lite world writable permissions on pcscd.events - FC
L2603 OpenSSL multiple DTLS fragment errors - FC
L2604 GIT infinite loop in GIT daemon due to unrecognized arguments - FC
L2607 RT3 privilege to edit RT at a Glance weakness - FC
L2608 Pam_krb5 password prompt account knowledge error - FC
L2609 Rb_libtorrent src/torrent_info.cpp traversal weakness - FC
L2610 Deluge src/torrent_info.cpp traversal weakness - FC
L2611 Poppler multiple JBIG2 security issues - FC
L2612 Mumbles Firefox plugin uses insecure os.system - FC
L2613 Openswan PSK issue with NSS vulnerability - FC
L2614 WebKitGTK+ SVGList negative index data structure flaw - FC
L2615 PhpMyAdmin SQL bookmark injection vulnerability - FC
L2616 Libtiff LZW decoding crash problem via TIFF image - FC
L2617 Pidgin Oscar protocol ICQWebMessage misrepresentation - FC
L2618 Drupal password/signature & argument handling weaknesses - FC
W3636 Msvidctl.dll/MPEG2TunnelRequest ActiveX - W2K/XP/W2K3/W2K8/Vista
W3639 Microsoft Office Publisher file handling errors - W2K3/Vista/XP
L2605 Apr-util variable list processing error on big-endian platforms - FC
L2606 Kernel e1000_clean & large packet handling flaw - FC
S52 Tomcat JSP/Servlet Container Multiple Vulnerabilities - Solaris 9-10
W2037 Office Web Components ActiveX Control - W2K/W2K3/XP/W2K8/Vista
W3637 Microsoft DirectShow parsing & validation flaws - W2K/W2K3 XP
W3638 Embedded OpenType Font Engine parsing flaws - W2K/W2K3/W2K8/Vista/XP
W3640 ISA Server 2006 authentication error - W2K3
W3641 ISA Server 2006 authentication error - W2K3
W3642 Microsoft Virtual PC & Virtual Server privilege validation flaw - W2K/W2K3/W2K8/Vista/XP
Updated Checks
H56 Calloc Memory Size Miscalculations - HP-UX 11
W1142 Anti-virus Signature Outdated - McAfee
W1986 Anti-virus Signature Outdated - Symantec
W1999 Anti-virus Signature Outdated - Trend Micro
W2067 Anti-virus Signature Outdated - F-Secure
W2070 Anti-virus Signature Outdated - CA eTrust
W2493 Microsoft Windows Malicious Software Tool Not Updated
M76 ClamXav / ClamAV signatures not the latest - Mac OS X
M80 Virex signature file out of date - Mac OS X
S33 ClamAV signatures not updated - Solaris
S165 Nfs_portmon Tunable Vulnerability - Solaris 10
S171 NFS Server Vulnerabilities - Solaris 10
S307 NFSv4 clients may lose data in file moves - Solaris 9
S494 Net-SNMP GETBULK Request Handling - Solaris 10
W2012 Anti-virus signature outdated - Avast! 4
W2013 Anti-virus signature outdated - AVG 8 - W2K/XP/W2K3
Sunbelt Network Security Inspector version 2.0.2670.0 Definition Set 186
was released July 15, 2009. Sunbelt Software recommends you download the
new SNSI Vulnerability Update Definitions 186, scan, and patch your
machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/090720-SNSI
|
|
WServerNews Fave Links |
|
This Week's Links We Like. Tips, Hints And Fun Stuff.
|
|
WServerNews - Product of the Week |
|
Everything Is Easy When You Know How To...
Extend the value of AD beyond network management. Create a web based Employee
Directory in less than 5 minutes. Eliminate help-desk password reset calls.
Delegate account creation and group management tasks without giving native
AD permissions. Enable employees to find, use and self-service information
on virtually any AD object. Define Role Based Access rules for managing IDm
Information. Standardize attribute editing with Data Integrity Controls
such as Picklists, Format Validators, & Required Fields. Save your company
time and money with a quick ROI. Discover the versatile power of rDirectory!
http://www.wservernews.com/090720-r-Directory
|
|
|
|
|
Email me: 