Forwarded with permission from: Security UPDATE <Security_UPDATE (at) list.windowsitpro.com> PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE: SQL Server Optimization and Data Protection with Intelligent ISCSI SANs http://list.windowsitpro.com/t?ctl=6976B:57B62BBB09A6927986DB49C5ECE0C8C8 St. Bernard Managed Protection Services http://list.windowsitpro.com/t?ctl=69768:57B62BBB09A6927986DB49C5ECE0C8C8 Ensuring User Continuity http://list.windowsitpro.com/t?ctl=69769:57B62BBB09A6927986DB49C5ECE0C8C8 === CONTENTS =================================================== IN FOCUS: Keeping Up with Gadgets NEWS AND FEATURES - Aegenis Group's New Regulatory Monitoring Service - October Set of Fixes Available for Vista - Eye of NEWT Is on Malicious Web Sites - Recent Security Vulnerabilities GIVE AND TAKE - Security Matters Blog: Surveillance for Physical Security - FAQ: Enabling WS-Management through Group Policy - From the Forum: Granting a Specific Computer Access to a Folder - Share Your Security Tips PRODUCTS - New Data Leak Prevention Appliance - Wanted: Your Reviews of Products RESOURCES AND EVENTS FEATURED WHITE PAPER ANNOUNCEMENTS === SPONSOR: EqualLogic ======================================== SQL Server Optimization and Data Protection with Intelligent ISCSI SANs More and more companies are deploying storage area networks or SANs as storage needs continue to proliferate. SANs offer many unique capabilities that improve data protection, storage performance and scaling, and reduction in storage management time. This web seminar reviews best practices in deploying SQL Server in an intelligent iSCSI SAN, and shows how this provides dramatic improvements in deploying, optimizing, backing up, and recovering SQL. http://list.windowsitpro.com/t?ctl=6976B:57B62BBB09A6927986DB49C5ECE0C8C8 === IN FOCUS: Keeping Up with Gadgets ========================== by Mark Joseph Edwards, News Editor, mark at ntsecurity / net Last week, I wrote about the need to follow industry trends to discover new services, devices, and gadgets that might have an impact on the information security of your business environment (see article at URL below). This week, I'll tell you about some of the more specialized sites that I use to make the work of following trends much easier. http://list.windowsitpro.com/t?ctl=69775:57B62BBB09A6927986DB49C5ECE0C8C8 First on the list is blogs. There are so many bloggers out there talking about the latest and greatest technology that it's mind boggling. Two big advantages that some bloggers have is access to inside information and an insatiable attraction to nearly any new technology. Therefore, they're excellent sources of information that can help you identify new risks. Finding such bloggers is a matter of time, effort, and patience. Fortunately, blogging has a noticeable parrot effect such that when one blogger writes about something, very quickly dozens, if not hundreds of other bloggers begin covering the same topic by simply referring back to the original blog or by writing about the topic themselves. Two blog sites--Engadget.com and Gizmodo.com--often pick up on gadgets and gizmos that other bloggers have written about. The sites also produce their own stories. Consequently, the sites cover nearly all the latest devices and sometimes cover software-based tools too. So regularly visiting these sites or picking up their RSS feeds is a really good way to find out about new potential risks and to get a better perspective on overall trends. Because blogging has become so hot, a natural evolution is blog aggregation. There are many aggregate sites that help people find content they might be interested in. One of the more popular aggregate sites right now is Technorati. You can use Technorati's topic feature to go directly to a list of stories related to technology, as seen via the URL below. Granted, there isn't an easy way to drill down into subtopics, but even so, you'll come across a lot of stories that might help you do your job better. http://list.windowsitpro.com/t?ctl=6977F:57B62BBB09A6927986DB49C5ECE0C8C8 Another excellent site to check in on is Digg.com, which has become a hugely popular hub for all things related to technology. If you've never visited Digg, it's similar to Slashdot.org (another excellent source that I'm sure you're already familiar with). Digg users post links to content on the Internet along with short summaries. The content in the Technology section is often about the latest and greatest services and devices. Definitely put Digg on your list of reading material, and try not to lose track of time when using it. You could easily spend all day following the stories! A site that's similar to Digg is Reddit.com. Reddit isn't as extensive as Digg, but nevertheless it's popular and widely used by both bloggers and readers around the world. Check the "gadgets" and "programming" communities to learn about plenty of new services, devices, and other potential problems. Other sites that might seem rather obvious but are sometimes overlooked for regular reading are CNET.com and Wired.com. Both sites, particularly CNET, cover a lot of information directly related to the computer industry, so you're bound to find information that helps you learn about risks well in advance. Those are only a few of the many available sites on the 'net that you can use to help stay ahead of intruders. By reading these sources, you'll undoubtedly find numerous other sources that you might want to check in on regularly. Fortunately, many sites offer RSS feeds that you can subscribe to, which can make the work a bit easier. Finally, at the risk of pointing out the obvious, remember to think like an intruder while surfing around for news and information. === SPONSOR: St. Bernard Software ============================== St. Bernard Managed Protection Services Are you familiar with new government regulations affecting email? Learn about the dozens of issues surrounding the security of email in business today and make sure that your company is in compliance. Download your copy of this must-have whitepaper today! http://list.windowsitpro.com/t?ctl=69768:57B62BBB09A6927986DB49C5ECE0C8C8 === SECURITY NEWS AND FEATURES ================================= Aegenis Group's New Regulatory Monitoring Service The Aegenis Group recently introduced the Aegenis Regulatory Intelligence Service (ARIS), which will offer news alerts and weekly summaries to help companies monitor and analyze legislative trends and industry requirements that affect information security. http://list.windowsitpro.com/t?ctl=69777:57B62BBB09A6927986DB49C5ECE0C8C8 October Set of Fixes Available for Vista Microsoft released Vista patches last week that include fixes for Vista's core USB components, Media Center, and Windows Media Center 11. A fourth fix generally addresses "compatibility, reliability, and stability" issues with the new OS. http://list.windowsitpro.com/t?ctl=69779:57B62BBB09A6927986DB49C5ECE0C8C8 Eye of NEWT Is on Malicious Web Sites You can sign up to beta test Neutralize E-mail-Web Threats (NEWT), a plug-in to email gateways that stops new malicious attacks launched through spam email messages. NEWT's creator, Avinti, is limiting the number of participants in the public beta but plans to make the finished service available for free to the general public. http://list.windowsitpro.com/t?ctl=69774:57B62BBB09A6927986DB49C5ECE0C8C8 Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://list.windowsitpro.com/t?ctl=6976C:57B62BBB09A6927986DB49C5ECE0C8C8 === SPONSOR: Neverfail ======================================== Ensuring User Continuity When your systems go down, your users' productivity grinds to a halt. User downtime is one of the fastest growing concerns among businesses. This free Web seminar teaches you how to keep your users continuously connected and your business up and running. View the On- Demand Web seminar now! http://list.windowsitpro.com/t?ctl=69769:57B62BBB09A6927986DB49C5ECE0C8C8 === GIVE AND TAKE ============================================== SECURITY MATTERS BLOG: Surveillance for Physical Security by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=6977E:57B62BBB09A6927986DB49C5ECE0C8C8 Got cameras in your data centers? If not, then do you need some? I found a company that has a wide range of different video cameras and DVRs--even some that can be hidden in inconspicuous places. http://list.windowsitpro.com/t?ctl=69776:57B62BBB09A6927986DB49C5ECE0C8C8 FAQ: Enabling WS-Management through Group Policy by John Savill, http://list.windowsitpro.com/t?ctl=6977B:57B62BBB09A6927986DB49C5ECE0C8C8 Q: How can I enable WS-Management through Group Policy? Find the answer at http://list.windowsitpro.com/t?ctl=69778:57B62BBB09A6927986DB49C5ECE0C8C8 FROM THE FORUM: Granting a Specific Computer Access to a Folder A forum participant wonders whether he can grant access to specific computers to read/write, etc. a folder on a server by using the computer MAC address to grant or deny the access. Join the discussion at http://list.windowsitpro.com/t?ctl=69767:57B62BBB09A6927986DB49C5ECE0C8C8 SHARE YOUR SECURITY TIPS AND GET $100 Share your security-related tips, comments, or problems and solutions in Security Pro VIP's Reader to Reader column. Email your contributions to r2r@private If we print your submission, you'll get $100. We edit submissions for style, grammar, and length. === PRODUCTS =================================================== by Renee Munshi, products@private New Data Leak Prevention Appliance Code Green Networks announced the release of the CI-750 content inspection appliance for small businesses and branch offices. The appliance helps prevent leakage of sensitive data to blogs, wikis, Web forums, and Web-based mail services such as Gmail, Hotmail, Windows Live Mail, AOL Mail, and Yahoo! Mail over a variety of network protocols, including SMTP, HTTP, HTTPS, and FTP. The appliance, which is designed for 250 or fewer users and is priced starting at $10,000, can monitor and record sensitive information transmission, block such transmissions using third-party proxy server solutions, or automatically encrypt such transmissions. http://list.windowsitpro.com/t?ctl=6976E:57B62BBB09A6927986DB49C5ECE0C8C8 WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to whatshot@private and get a Best Buy gift certificate. === RESOURCES AND EVENTS ======================================= For more security-related resources, visit http://list.windowsitpro.com/t?ctl=6977A:57B62BBB09A6927986DB49C5ECE0C8C8 Protecting Mobile Users' Data In this Web seminar, David Chernicoff discusses protection and backup of data used and generated by mobile and casually connected users, providing ideas, suggestions, and solutions to associated problems. http://list.windowsitpro.com/t?ctl=6976A:57B62BBB09A6927986DB49C5ECE0C8C8 Get the facts about Microsoft Unified Communications and Exchange Server 2007 at one of six day-long workshops starting in mid-October. Don't miss out on your chance to attend in one of the following cities: Portland, Oregon; San Diego; Denver; Philadelphia; Atlanta; or Chicago. Visit our Web site for dates and details. http://list.windowsitpro.com/t?ctl=6977C:57B62BBB09A6927986DB49C5ECE0C8C8 Instant Messaging, VoIP, peer-to-peer file sharing, and games in the workplace: How to take back control The emergence of Web 2.0 is not only redefining how individuals interact with the Internet but also introducing new threats. This white paper discusses approaches to controlling Web 2.0 applications and explains how integrating that control into malware protection and infrastructure management gives IT administrators a simple solution that also lowers overhead. http://list.windowsitpro.com/t?ctl=6976F:57B62BBB09A6927986DB49C5ECE0C8C8 === FEATURED WHITE PAPER ======================================= Compliance Mythbusters: The Truth About Common Myths and Misconceptions of Email Archiving Learn from other people's mistakes, not your own! This Web seminar features an interactive discussion that reveals today's common mistakes and misconceptions about message archiving, regulations, and e- discovery. You'll learn why these misconceptions came about, how to avoid common mistakes, and what to do to meet today's email archiving and e-discovery needs. http://list.windowsitpro.com/t?ctl=6976D:57B62BBB09A6927986DB49C5ECE0C8C8 === ANNOUNCEMENTS ============================================== Discover the New SQL Server Magazine Don't miss the relaunched SQL Server Magazine, coming this month! Besides a new look, we have even more coverage of administration and performance, development and Web apps, BI and Reporting Services, and SQL Server fundamentals. Subscribe now and save 58% off the cover price. http://list.windowsitpro.com/t?ctl=69770:57B62BBB09A6927986DB49C5ECE0C8C8 Got a Tough Exchange or Outlook Question? Rely on Exchange & Outlook Pro VIP, the new online resource with in- depth articles on administration, migration, security, and performance. Subscribers get direct access to our top-flight editors, so subscribe and receive personalized solutions to your toughest technical questions. It beats a support call to Microsoft! http://list.windowsitpro.com/t?ctl=69771:57B62BBB09A6927986DB49C5ECE0C8C8 ================================================================ Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and Security Pro VIP (second URL below). http://list.windowsitpro.com/t?ctl=6977D:57B62BBB09A6927986DB49C5ECE0C8C8 http://list.windowsitpro.com/t?ctl=69781:57B62BBB09A6927986DB49C5ECE0C8C8 Subscribe to Security UPDATE at http://list.windowsitpro.com/t?ctl=69773:57B62BBB09A6927986DB49C5ECE0C8C8 Be sure to add Security_UPDATE@private to your antispam software's list of allowed senders. To contact us: About Security UPDATE content -- letters@private About technical questions -- http://list.windowsitpro.com/t?ctl=69780:57B62BBB09A6927986DB49C5ECE0C8C8 About your product news -- products@private About your subscription -- windowsitproupdate@private About sponsoring Security UPDATE -- salesopps@private View the Windows IT Pro privacy policy at http://list.windowsitpro.com/t?ctl=69772:57B62BBB09A6927986DB49C5ECE0C8C8 Windows IT Pro, a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538 Attention: Customer Service Department Copyright 2007, Penton Media, Inc. All rights reserved. __________________________________________________________________ CSI 2007 is the only conference that delivers a business-focused overview of enterprise security. It will convene 1,500+ delegates, 80 exhibitors and features 100+ sessions/seminars providing a roadmap for integrating policies and procedures with new tools and techniques. Register now for savings on conference fees and/or free exhibits admission. - www.csiannual.com
This archive was generated by hypermail 2.1.3 : Wed Oct 10 2007 - 22:43:00 PDT