|
Vol. 15, #2 - Jan 18, 2010 - Issue #760
|
|
Security Without Strategy Is Chaos
|
| This issue of WServerNews is sponsored by |
|---|
 |
|---|
- Editor's Corner
- Security Without Strategy Is Chaos
- Good News: PC Shipments Up, IT Hiring Increases
- Your First 2010 SunPoll
- Quotes Of The Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Webinars & Seminars
- VIPRE Enterprise Product Demonstration: 01/19
- Sunbelt Exchange Archiver Product Demonstration: 01/26
- Tech Briefing
- More On Windows 7's Killer Feature: Windows On Multicore
- Hackers Used IE Zero-day, Not PDF, In China-Google Attacks
- Skype Supports HD Video Conferencing On PCs and HDTVs
- FTC To Examine Cloud Computing
- Top 10 Windows Desktop Security Tips Of 2009
- Windows Server News
- Virtual Server Resiliency Tips For High Availability
- What Not To Do When Implementing A Virtual Desktop Environment
- DirectAccess Pairs Win7 and WinServer 2008 R2
- Third Party News
- The Latest Crop Of Network Vulnerabilities
- WServerNews Fave Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- Product of the Week
- Get a free eBook on File Server Security when you Download Security Explorer
|
Get a free eBook on File Server Security when you Download Security Explorer
Take 2 minutes to download a free 30-day trial of ScriptLogic's Security
Explorer today and get a free copy of the eBook "The Fundamentals of Effective
File Server Security" by Greg Shields. Security Explorer is a powerful solution
for real-time, interactive management of access controls and Windows servers,
SharePoint, SQL Servers, Exchange and workstations across the enterprise.
In the eBook, written by industry veteran Greg Shields, you can learn how to
make your Windows enterprise more secure, and how to secure your file servers.
Click here to download!
http://www.wservernews.com/100118-Security-Explorer
|
|
 |
Editor's Corner |
|
Security Without Strategy Is Chaos
You all know that running antivirus on the endpoint is a necessary evil.
You need a specialized partner to help protect your network. But security
without strategy is chaos. Unfortunately, the security market far too often
goes after the latest, most visible threat or hottest technology. More over,
most security products have regular, large upgrades that sometimes are
incompatible with earlier versions. A lot of organizations simply cannot keep
up and run with older versions of their security software, but continue to
pay maintenance.
Unfortunately, that way you realize only part of the potential of your existing
IT budget. And I think most of you know that the cost of the product is often
only a fraction of the Total Cost of Ownership (TCO). One of the main 2010
goals for C-level IT execs will be to cut cost and reduce complexity. But will
that drive lead to better efficiency, or will it lead to vendor lock-in? Simply
reducing vendors has the risk of failing to balance cost, complexity and risk.
Here is one example of a way to get the most bang for your security budget dollar:
- Gartner's 2008 TCO findings for Business Desktop PC's vary from $3,413
to $5,876 per year. (Roaming laptops are even $7,030 to $9,923 per year!)
- The Tolly Group published in 2009 AV idle-resource usage numbers. (not
during a scan where usage goes up significantly) McAfee uses 12.3% CPU and
46MB in RAM. Symantec CPU is 3.8% and 124MB RAM. VIPRE Enterprise uses 1.3%
CPU and 19MB RAM.
- So, let's do the enterprise antivirus math for Annual TCO Allocation (*)
- McAfee CPU $293, Memory $23 = $316 yr
- Symantec CPU $90, Memory $62 = $152 yr
- VIPRE CPU $31, Memory $9 = $40 yr
So, if your mandate for this new 2010 is to do more with less, simplify, and
get the biggest bang for your security budget, you should look at VIPRE. It
competes with the big guys for a fraction of the cost, has a user friendly
admin console, easy deployment, AND WE WILL BUY OUT YOUR CURRENT CONTRACT.
Fill out the 'Request Info Tab' to get a quote fast:
http://www.wservernews.com/100118-VIPRE-Enterprise
(*) Gartner annual TCO range based on how locked-down the PC is, Tolly AV
product resource usage measured with real-time and email protection enabled,
annual TCO allocation calculated using lowest TCO cost of $3,413, 70% / 30%
CPU to memory cost weighting, and 2GB system memory assumption.
Good News: PC Shipments Up, IT Hiring Increases
Good news. Fourth Quarter U.S. PC shipments were up a surprising 24%, with
Acer making a killing selling netbooks, reportedly being a whopping 20% of
the total sales. Acer is now #3 with 15.6% market share after HP with 30%
of the US market and Dell with 22.6%. Intel had a blowout Q4 as well, and
Computerworld reported that the IT labor market is showing signs of stability,
if not growth, according to separate indexes released by two firms that
analyze monthly U.S. employment reports to determine job gains and losses
in technical occupations. Most of the recent hiring was found to be in IT
services-related occupations, an indication that many firms are turning
first to contractors before adding internal staff. More:
http://www.wservernews.com/100118-IT-Hiring
Your First 2010 SunPoll
It's a repeat of the last few years, and we will see if anything has changed
over time! "For 2010, which do you expect to be the greatest security threat
to your networks?"
- Blended Malware
- Botnets
- Viruses
- Outside-in hacking attempts
- Internal security hacks
- Phishing attacks
- Other
Vote here, third column on the bottom right
http://www.wservernews.com/100118-Vote
Quotes Of The Week
"I count him braver who overcomes his desires than him who conquers his
enemies, for the hardest victory is over self." -- Aristotle
"Feeling gratitude and not expressing it is like wrapping a present and not
giving it." -- William Arthur Ward
Warm regards, and thank you for being a WServerNews subscriber. No trees
were killed in the sending of this message, but a large number of electrons
were terribly inconvenienced. Please tell your friends about us.
They can subscribe here:
http://www.wservernews.com/100118-Subscribe
PS: Did you know this newsletter has a sister publication for XP users
called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/100118-WXPNews
PPS: And now we have our new Win7News! You can subscribe here, and tell
your friends:
http://www.wservernews.com/100118-Win7News
|
 |
VIPRE Email Security Now VirusBulletin VBSPAM Verified
Need to secure your email ? VIPRE Email security for Exchange (Formerly
Ninja Email Security) features world-class antivirus, antispam, and a
powerful, granular attachment filter. Stop spam and viruses cold with
a 30-day free VIPRE for Exchange trial. The time required to manage Exchange
has become a highly important cost factor. VIPRE for Exchange takes HALF
the admin time compared to other products, and is truly a great solution
if you want your end-users to manage their own spam and quarantine inside
Outlook. Download now and try it free for 30 days in your own environment:
http://www.wservernews.com/100118-VIPRE-Email-Security
|
|
<
|
Webinars & Seminars |
|
VIPRE Enterprise Product Demonstration: 01/19
Want total malware protection without the bloat? Join us for a look at VIPRE
Enterprise and learn how Sunbelt started with a blank slate to design a new,
next-generation antivirus and antispyware technology to deal with today's
complex malware in the most comprehensive, highly efficient manner.
When: Tuesday, January 19, 2010, 11:00 AM (EST) Please register here:
http://www.wservernews.com/100118-VIPRE-Demo
Sunbelt Exchange Archiver Product Demonstration: 01/26
Exchange performance is suffering. Your users complain about email storage and
don't want any quotas. Your CEO requires legal compliance. Want a high-end,
feature-rich, admin-friendly product that solves all these issues at a very
affordable price? Then don't miss this Sunbelt Exchange Archiver demonstration.
When: Tuesday, January 26, 2010, 2:00 PM (EST) Please registered here:
http://www.wservernews.com/100118-SEA-Demo
|
|
Tech Briefing |
|
More On Windows 7's Killer Feature: Windows On Multicore
Running heavy multitasking workloads on advanced multicore hardware, Win7
finally surpasses leaner Windows XP. InfoWorld test center wiz Randall
Kennedy has done some very useful benchmarking for the three Win client
platforms: XP, Vista and Win7. He tested a year ago, and again this month:
"What a difference a year makes! After revisiting my earlier test scenarios
using a newer, Nehalem-based workstation (the HP Z800 with dual quad-core
Xeon 5500-series CPUs), I'm pleased to report that Windows 7 not only
closes the gap with Windows XP, but blows right past it, delivering results
that are 47 to 178 percent faster overall. Moreover, Windows 7 shows far
superior scalability -- by a factor of more than 3.5 -- when moving from
a single quad-core CPU (Core 2 Duo Extreme QX9300) to the dual quad-core,
Hyper-Threading Xeons in our newer Z800 test bed."
This is an interesting article, especially if you have users that need
multitasking workloads:
http://www.wservernews.com/100118-Killer-Feature
Hackers Used IE Zero-day, Not PDF, In China-Google Attacks
Hackers exploited an unpatched vulnerability in Microsoft's Internet Explorer
(IE) browser to break into some of the firms targeted in a widespread attack
that compromised Google's and Adobe's networks, McAfee said today. More:
http://www.wservernews.com/100118-China-Google-Attacks
Skype Supports HD Video Conferencing On PCs and HDTVs
Skype announced at the Consumer Electronics Show in Las Vegas that it will
support video calls on PCs in 720p high definition, as well as Skype software
embedded into Internet-connected widescreen television sets. Skype has been
delivering video conferencing to the desktop as a free service since 2005,
so the HD-quality upgrade is a logical evolution of its existing PC to PC
service. You can pretty much count on being asked to support this in the
near future so here are the specs at NetworkWorld:
http://www.wservernews.com/100118-Skype
FTC To Examine Cloud Computing
The Federal Trade Commission (FTC) is investigating the privacy and security
implications of cloud computing, according to a recent filing with the Federal
Communications Commission. The FTC, which shares jurisdiction over broadband
issues, says it recognizes the potential cost-savings cloud computing can
provide. "However, the storage of data on remote computers may also raise
privacy and security concerns for consumers," wrote David Vladeck, who helms
the FTC's Consumer Protection Bureau. "For example, the ability of cloud
computing services to collect and centrally store increasing amounts of
consumer data, combined with the ease with which such centrally stored data
may be shared with others, create a risk that larger amounts of data may
be used by entities not originally intended or understood by consumers,"
the filing says. More at:
http://www.wservernews.com/100118-Cloud-Computing
Top 10 Windows Desktop Security Tips Of 2009
Although Windows 7 and its security were huge topics this year, they weren't
the only concerns in the Windows enterprise. Check out the 10 best - and
most popular - Windows security tips of 2009, including a guide to
Sysinternals tools, information on password protection and the top registry
keys for Windows XP and more:
http://www.wservernews.com/100118-Security-Tips
|
|
Windows Server News |
|
Virtual Server Resiliency Tips For High Availability
Virtual servers are far more susceptible to availability issues than
traditional ones. Learn to keep your servers resilient with these key
considerations and best practices. Here are the points. Read the article
to get the details for each point. There is no registration and this is
really good data:
- Apply resiliency that's appropriate for the workload.
- Use fault tolerant or high-availability tools to simplify clustering.
(By the way, Double-Take is a great product for this)
- Tailor the architecture to mitigate risks.
- Monitor performance levels and balance workloads.
- Understand failover and failback behavior.
- Test restoration plans.
- Manage VM sprawl.
http://www.wservernews.com/100118-Resiliency-Tips
What Not To Do When Implementing A Virtual Desktop Environment
Desktop virtualization can bring many benefits to your enterprise and as
adoption of this technology becomes more common, benchmarks and best practices
for deployment have been well documented. This article from VDI expert,
Brian Madden, discusses what not to do when implementing a virtual desktop
strategy. Learn five ways to avoid pitfalls or angering your users:
http://www.wservernews.com/100118-Virtual-Desktop-Implementation
DirectAccess Pairs Win7 and WinServer 2008 R2
Keith Schultz at InfoWorld wrote: "DirectAccess, Microsoft's pairing of
Windows 7 and Windows Server 2008 R2 for connect-anywhere access, is
possibly the best thing Redmond has produced in a long time. Unfortunately
for many, it just may be about five years too early. For those just getting
up to speed on some of Windows 7's new features, DirectAccess is a way for
Windows 7 clients to securely connect to the corporate network from any
location without any type of traditional VPN. It provides an encrypted
bidirectional connection between the enterprise domain and the client
device prior to the user logging on to the system, allowing admins to
manage the remote machine via Group Policy and the like, just as if it
were physically connected to the network. The connection is always on,
so users don't have to remember to manually launch a VPN client, and
their applications, such as Microsoft Outlook and instant messaging,
are always in communication with the corporate network. More:
http://www.wservernews.com/100118-DirectAccess
|
|
Third Party News |
|
The Latest Crop Of Network Vulnerabilities
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of
computer incidents. It also contains the latest SANS/FBI top 20 vulnerability
list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department
of Homeland Security) advisories.
New Checks
L359 PyXML update position function flaw - Oracle Linux
W3795 Embedded OpenType (EOT) Font Engine compression flaw - W2K/XP/W2K3
L342 ISC BIND DNSSEC response validation caching error - SuSE
L343 Kernel multiple vulnerabilities Dec 2009 - SuSE
L344 Kernel multiple vulnerabilities Dec 2009 - SuSE 10 SP3
L345 Firefox multiple security vulnerabilities Dec 2009 - SuSE
L346 Adobe Flash Player SWF overflow weakness - SuSE
L347 Kernel multiple vulnerabilities Jan 2010 - SuSE
L348 Kernel multiple vulnerabilities Jan 2010 - RHE
L349 Dbus validate_signature_with_reason error - RHE
L350 Dbus validate_signature_with_reason error - Sci Linux
L351 Kernel multiple vulnerabilities Jan 2010 - RHE
L352 Kernel multiple vulnerabilities Jan 2010 - Sci Linux
L353 Kernel multiple vulnerabilities Jan 2010 - Sci Linux
L354 Dbus validate_signature_with_reason error - CentOS
L355 Kernel multiple vulnerabilities Jan 2010 - CentOS
L356 Kernel multiple vulnerabilities Jan 2010 - Oracle Linux
L357 Kernel multiple vulnerabilities Jan 2010 - Oracle Linux
L358 Dbus validate_signature_with_reason error - Oracle Linux
L360 GD GetColors colorsTotal structure verification flaw - Oracle Linux
M127 Adobe Illustrator CS4/CS3 .eps file handling - Mac OS X
S230 Hald/CUPS Vulnerabilities - OpenSolaris
S346 Java System Products TLS Renegotiation Vulnerability - Solaris
W2600 Adobe Acrobat / Reader JavaScript Blacklist Framework Vulnerability
W3796 Embedded OpenType (EOT) Font Engine compression flaw - Vista/W2K8/W7
Updated Checks
H163 IPv6 Neighbor Discovery Protocol Vulnerability - HP-UX 11
W1142 Anti-virus signature outdated - McAfee
W1986 Anti-virus signature outdated - Symantec
W1999 Anti-virus signature outdated - Trend Micro
W2067 Anti-virus signature outdated - F-Secure
W2070 Anti-virus signature outdated - CA eTrust
W2493 Microsoft Windows Malicious Software Tool Not Updated
H159 Kerberos client vulnerabilities - HP-UX 11
M76 ClamXav / ClamAV signatures not the latest - Mac OS X
M80 Virex signature file out of date - Mac OS X
M103 Adobe Acrobat / Reader JavaScript Blacklist Framework Vulnerability
S33 ClamAV signatures not updated - Solaris
W2012 Anti-virus signature outdated - Avast! 4
W2013 Anti-virus signature outdated - AVG 8 - W2K/XP/W2K3
W2056 Anti-virus signature outdated - Norman
W3213 Adobe Illustrator CS4/CS3 .eps file handling
Sunbelt Network Security Inspector version 2.0.2670.0 Definition Set 211
was released January 13, 2010. Sunbelt Software recommends you download
the new SNSI Vulnerability Update Definitions 211, scan, and patch your
machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/100118-SNSI
|
|
WServerNews Fave Links |
|
This Week's Links We Like. Tips, Hints And Fun Stuff.
|
|
Product of the Week |
|
Get a free eBook on File Server Security when you Download Security Explorer
Take 2 minutes to download a free 30-day trial of ScriptLogic's Security
Explorer today and get a free copy of the eBook "The Fundamentals of Effective
File Server Security" by Greg Shields. Security Explorer is a powerful solution
for real-time, interactive management of access controls and Windows servers,
SharePoint, SQL Servers, Exchange and workstations across the enterprise.
In the eBook, written by industry veteran Greg Shields, you can learn how to
make your Windows enterprise more secure, and how to secure your file servers.
Click here to download!
http://www.wservernews.com/100118-SecurityExplorer
|
|
|
|
|
Email me: 