Category: Product

Amidst the typical collection of bug and security fixes, a new feature in SP1 is the Security Configuration Wizard, designed to help administrators define or redefine a specific role for a server, or a collection of servers that all do the same thing. “This utility can allow you to go in on a policy basis and turn off protocols, services, and features at a much more granular level than you can today,” a manager of Microsoft’s Windows Server products, said. “The cool thing about the wizard is once you have configured a very specific role for a server, you can take that XML-based configuration and use policy or another distribution method to do it to hundreds of servers that fit that same role.”

The other bug and security fixes in SP1 addressed many of the same problems that were addressed in the mammoth Windows XP Service Pack 2, although some of the security fixes in SP1 were tailored to address server-specific functions, DiStasio said.

In the preliminary testing Microsoft has done on SP1, DiStasio and other company officials said there had been marked performance gains including a 50 per cent performance improvement in SSL workloads and a 17 per cent gain in running 32-bit data base applications.

As part of the announcement Microsoft also said it remained on track to deliver Windows Update Services by the end of the first half of 2005, the first beta for which is expected in November, along with a version of Windows Server 2003 with 64-bit support. And still on track for delivery by the end of 2005 was the High Performance Computing edition of Windows Server 2003, Release 2 of the Windows Storage Server, and the first solid beta of the server version of Longhorn.

Taking out its marketing drum, Microsoft said that sales of Windows Server 2003 had now surpassed those of its Windows NT4 server base, and that new deployments of the server had grown by 375 per cent.

Company officials quoted market researcher IDC as predicting that Windows Server 2003 would overtake all other versions of Windows by the end of 2005.

http://www.arnnet.com.au/index.php/id;1773627278;fp;2;fpid;1

Officials at Addamark Technologies Inc. are delving deeper into the security information management arena with a revamped product and a new name, SenSage Inc.

Before refocusing, SenSage served as a repository for forensic analysis instead of gathering data in real-time like most security information management products, said Jim Pflaging, the company’s chief executive officer. For instance, someone within an agency who has valid access might be performing suspicious activities, or the systems administrator with privileges to many systems might create bogus accounts.

Meanwhile, officials at netForensics Inc. have released the nFX Open Security Platform, which supports the nFX framework, to help agency officials quickly identify and prioritize security issues to reduce threats and risks. Enhancements to the platform include greater fault-tolerance capability, custom agent software development and policy compliance integration.

New advanced threat visualization and analytics capabilities combine the visual tools with reporting and analytics so a security team can identify threats faster.

http://www.fcw.com/fcw/articles/2004/1018/web-secure-10-19-04.asp

Most of the fixes in this group blocked possible denial-of-service problems that are, to date, theoretical. For example, one addresses vulnerability in a Unix printing system that might expose passwords to hackers, in uncommon situations.

Since the last Mac OS X security update was the third in a month, and because some of the holes looked ripe for exploiting, I have to wonder whether the Mac is now attracting more unwanted attention from hackers.

According to Tim Bajarin, principal analyst with research firm Creative Strategies and a longtime Apple watcher, “The vulnerabilities unfortunately are inherent in the Unix world, and Apple’s choice to build OS X on a Unix foundation brings with it this risk. In that sense, they have gone to school on Microsoft’s problems in this space and are making sure they leave no stone unturned in their quest to keep the OS as secure as possible.”

“At the same time,” Bajarin continues, “the media attention about Apple’s OS being secure has clearly tweaked the interest of hackers, but as of now we have not seen any serious effort by the hacking community to deliberately expose any holes or attack the OS. The vast majority of the fixes in Mac OS X security updates are in response to potential exploits, not actual exploits.”

“And many of the fixes in typical Mac OS X security updates aren’t Mac-specific,” Gruber says, “but rather are updates to open-source components and tools.

Most typical Mac users still have little to fear from the miscreants we Windows users have to vigilantly guard against.

http://www.pcworld.com/news/article/0,aid,118128,00.asp

The vendor will expand its data backup-and-recovery play with a line of disk-to-disk products called Symantec LiveState Recovery.

Updated and rebranded, Symantec’s LiveState Recovery line will be available in October in three versions: Advanced Server 3.0 ($1,194 per server), Standard Server 3.0 ($835 per server), and Desktop 3.0 ($70).

Backup and recovery is a “natural fit” for Symantec, says Rob Enderle, principal with the Enderle Group, an IT consulting firm. “We see security, network and systems management, and storage all coming closer together,” says Enrique Salem, senior VP of Symantec’s network and security gateway products and former CEO of Brightmail.

Symantec is also beefing up its service and consulting capabilities, which accounted for just 2% of overall revenue in its most recent quarter.

http://www.informationweek.com/story/showArticle.jhtml?articleID=49400240&tid=6004

The two companies announced that they have integrated IBM’s Tivoli network management software with Cisco’s networking products to help businesses protect their networks from worms and viruses before employees get on the network. The combined offering sets criteria for users and devices logging on to the network. IBM and Cisco first announced their partnership in February.

When someone tries to log on to the network, IBM’s Tivoli software scans the machine to ensure that it has all the required security patches, antivirus updates and other software running on it. The update is sent to Cisco’s Access Control Server through the Cisco Trust Agent, software that is pre-installed on every user’s machine. If the device connecting to the network complies with all the security policies that have been previously set, the person is allowed to log on. If it doesn’t, the device is quarantined on a separate virtual LAN (local area network) link and the Tivoli software prompts the person to download the necessary software.

Cisco has similar partnerships with makers of antivirus software through its Network Admission Control (NAC) program. Network Associates, Symantec and Trend Micro have been working with Cisco since NAC was announced last year. Earlier this week, Cisco announced that Computer Associates also joined the NAC alliance.

Cisco’s NAC initiative is part of a broader effort to help protect networks from worms and viruses before they propagate throughout the network. As the work force becomes more mobile, many workers are inadvertently exposing their companies to security threats. For example, employees who take their laptops with them when they travel may pick up viruses and worms while they are connected to another network on the road. When they return to headquarters and plug into the corporate network, they can infect the entire company.

Cisco is not the only company that has developed a strategy to address this issue. Microsoft also has proposed a plan it calls Network Access Protection, or NAP. Both architectures work in similar ways, but they are not interoperable.

Other networking vendors also have developed similar security strategies, including Enterasys and Alcatel. A consortium of vendors called the Trusted Computing Group is already working on an architecture that will use open standards.

So far, Cisco’s NAC architecture is only supported on its IP routers. The company plans to add the functionality to its Ethernet switches sometime next year.

The integrated Cisco and IBM offering will be available in December.

http://news.zdnet.com/2100-1009_22-5409537.html?tag=default

Mandrakesoft, joined by Bertin Technologies, Surlog, Jaluna and Oppida, will boost Linux so it meets the Evaluation Assurance Level 5 (EAL5) of an internationally used security certification called Common Criteria, the companies said onThursday. The certification is particularly important among military and government customers; the French Ministry of Defence is funding the project.

The EAL5 certification level is significantly higher than what current versions of Linux have attained. Red Hat reached EAL2 in April and EAL3+ in August, while Novell’s SuSE Linux reached EAL3+ in January. Those companies, which dominate the commercial market for the open-source operating system, are working on higher certifications in conjunction with IBM and Oracle.

Mandrakesoft will release the fruits of the work as open-source software when the project is done, the company said.

Microsoft’s Windows, Sun Microsystems’ Solaris, Hewlett-Packard’s HP-UX and IBM’s AIX all have EAL4 certification.

EAL5 certification is rarer; one company to attain it is IBM, with the technology that lets its z900 and z990 mainframes be divided into independent, isolated partitions.

http://news.zdnet.co.uk/0,39020330,39167716,00.htm