Seeing as how a security guy from Microsoft is coming next week, you might want to check out a new white paper I wrote and released this week. It's the results of a 2 year field test of Windows as a security appliance. In two years of using Windows as a platform for RealSecure Guard, none of the systems we deployed were hacked, crashed, or compromised. The big soundbyte from this test is the famous "337-day Windows Server." Anitian was able to successfully run an Internet-exposed Windows system hosting RealSecure Guard without fail, fault, hack, crash, or reboot for 337 days non-stop. A remarkable feat...for a Windows machine. ISS told me today they have a customer with a Guard unit that has been running non-stop for OVER 337 days. Incidentally, the 337 day Guard unit was rebooted only because it had to be moved. Not because it had finally died or anything like that. This isn't proof that Windows is perfect, but it shows that with good system administration, monitoring, and configuration - Windows can be stable and secure. Check out the white paper at: http://www.anitian.com/Corp/papers/337days.pdf Lastly, none of the firms mentioned here, specifically ISS or Microsoft, endorsed, sanctioned, or compensated me in any way for this paper. This was based on independent testing. Also some of the details of these systems cannot be revealed since they are customers of Anitian and guarding mission critical business systems. As always, comments and edits are welcome. ___________________________________ Andrew Plato, CISSP President / Principal Consultant Anitian Corporation Enterprise Security & Infrastructure Solutions 503-644-5656 Office 503-644-8574 Fax 503-201-0821 Mobile www.anitian.com ___________________________________
This archive was generated by hypermail 2b30 : Fri Apr 04 2003 - 18:07:50 PST