I read in Ryan Naraine’s Zero Day blog that hackers are using Microsoft Security Response Center pre-patch advisories to create exploits prior to the patch release.
Microsoft claims that keeping users informed (and yet not disclosing too much information) is a balancing act, and it’s obvious that they don’t always get it right.
As a VAR or consultant, you can help your customers prepare for patches with our Patch Management Project Guide, but how can you really protect them from pre-patch exploits?
The answer might be host-based intrusion prevention systems (HIPS) and network access control (NAC). See Kevin Fogarty’s Channel Marker blog post for one vendor’s take.
If the hackers have Microsoft’s number, you can make sure that’s all they have. We’ve got your circus high wire balancing pole on SearchSecurityChannel.com, so keep checking our network access control and network intrusion management topic centers for the latest news and advice for resellers.
On April 29 the company plans to announce a Host-Based Intrusion Prevention System (HIPS) that will plug into the administration console and function as a part of its overall Security Suite.
The system relies on fairly heavy duty software that sits on each client machine, tracking the activity and requests of each piece of software on it.
The client software (which LANDesk refers to as the host) stores in a local database comprehensive data about the activity of the software on the machine – when it asked for Internet access and whether it had permission; what new applications showed up and what they did; what activities forbidden by security policy the software attempted.
IT administrators create the policies from a central console, assigning individual end users to either profile that defines the applications they can run and what those applications can do, or create a custom set of permissions for one or more users.
The client software itself identifies “normal” activity for each application by sitting on the machine for enough time (LANDesk recommends two weeks) to establish normal activity for each application.
LANDesk execs, who emphasize that the company sells 100% of its products through the channel, said behavior-based analysis is a more reliable way to identify malicious code than by virus signatures that have to be updated frequently; they also said that storing the security profiles and analysis engine on laptops and PCs protects the machines even when they’re disconnected from the network, and doesn’t require a period of quarantine when they reconnect.
“Host-based protection is the last line of defense for the enterprise,” according to an estimation Dan Blum, a security analyst at The Burton Group, based in Midvale,
Utah provided to IT administrator site SearchWinIT.com.
LANDesk’s product will be released May 9; pricing was unavailable.
Symantec today launched a Software as a Service (SaaS) security platform that it will sell both directly and through the channel.
The platform, called the Symantec Protection Network, is designed for small- and medium-sized businesses (SMBs). The first offering is a browser-based data backup and restoration service, which debuted in a beta version today and will become available later this year.
Value-added resellers (VARs) will be able to customize the service and manage it for customers, while clients who buy direct from Symantec can manage it themselves online. Symantec developed that process with its channel partners over the course of the last year to show they will not be competing against each other, said Jeffrey Housman, the senior director of product management for managed and online services.
Symantec hopes its SaaS will afford SMBs the same “high levels of service reliability and data security” as enterprise businesses, said Arthur Wong, vice president of security response and managed security services, in a statement.
Microsoft has given the channel a reprieve: an extra year to switch to Windows Vista.
The company is ending its Windows XP availability to OEMs and retailers Jan. 31, 2008, but the channel will be able to buy that operating system through January 2009, according to Microsoft’s license availability roadmap.
Microsoft launched XP in late 2001. This year’s Vista launch marked the company’s longest gap between new operating systems.
IDC Channel Panel reports modest gains for first quarter of 2007 Most sectors of the channel business showed modest gains during the first quarter, according to IDC’s Channel Panel. Servers enjoyed the most notable gains, followed by storage software. Voice showed constant increases quarter over quarter; security and PC sales slightly improved, hardcopy, networking, and storage hardware experienced little change. [Tekrati]
Intel says new chips about 40% faster Intel Corp. said a new line of computer processors due out later this year will be about 40 percent faster than current chips when running computer games, videos and other heavy workloads. [Reuters]
Intel launches first quad-core storage server The chip maker says it plans to work exclusively through OEMs and channel partners to try to increase its presence in the SMB storage server market.[eWEEK] Continued »
You might think your customers would have to be living in a cave these days to avoid news of high-profile data breaches and privacy regulations. But do they understand the need for data security as a business issue that impacts their business? According to SearchSecurity.com contributors Craig Norris and Tom Cadle, data privacy laws are commonly ignored by private companies:
There is a huge misconception among information security professionals today that data privacy laws are not applicable to private companies, but are only designed for publicly traded companies, government organizations or financial institutions. This is not the case. Whether your company is public or private, large or small, today’s information privacy regulations may affect you and your organization on many different levels, not just financially and legally.
The article goes on to illustrate the value of private information and the laws that affect the use of this information — all valuable selling points when presenting a data protection strategy to your customer. You’ll also find a series of questions that you can ask to catalog their data collection practices.
As your customers’ trusted adviser, you play a key role in keeping them informed of security threats and how they apply to their business. It can be easy to tune out issues we like to think don’t apply to us. It’s your job to make your customers listen and understand why they should care.
Two interesting new tools for the enterprise are getting some press today. Big Blue’s OmniFind Yahoo edition enterprise search tool allows companies to search their stored information. From the sound of it, it seems like companies will be able to search their data portfolios to track down stored information. Not a bad idea for storage VARs who specialize in compliance to take a look at this. Instead of having to search file by file for old information that wasn’t properly tagged and archived, the tool allows for customizable searches that will reduce time spent tracking down information and allow VARs to devote more time to meeting regulatory compliance rules.
The other tool that caught my eye is a loss calculator that estimates the cost of lost data in an enterprise. This could be another useful tool for VARs who are trying to a professional service contract locking down data. Imagine the power of being able to put a dollar and cent value to a data breach. Seems like it could be a powerful sales tool.
WiMax — a microwave-based technology defined by the IEEE 802.16e standard for broadband wireless access – has the potential to provide wireless-network access across distances as great as 30 miles. Sprint is working on a WiMax network that will reach two miles, which is still vastly better than the few hundred feet most WLAN methods provide.
Intel to build WiMAX into laptops in 2008 IDF ‘Montevina’ Centrino details revealed. [TheReg]
Ex-Executive Agrees to Pay $800 Million in Restitution The former chief executive of Computer Associates will pay $800 million to investors who lost money because of the company’s accounting fraud. [NYT]
IBM sells energy-efficient Intel and AMD rack and BladeCenter servers IBM is offering more energy-efficient rack and blade servers that use reduced watt processors from AMD and Intel.
Certain politicos may not take Global Warming seriously, but the IT industry certainly does.
Last April, our sister site SearchDataCenter.com reported that IT heavyweights IBM, Hewlitt-Packard and Sun Microsystems sponsored a “new initiative called the Green Grid” who were to focus on data center power management and cooling.
The non-profit environmental consortium was launched early this year. Last week I posted a boiled down version of Green Grid’s energy saving guidelines. On April 10th they announced their inaugural technical summit, to be held April 18-19 in Denver Colo. The release also welcomed Brocade Communications, Cisco and Novell; these industry giants join Hewlett-Packard, IBM, Microsoft, Sun Microsystems, VMware and Dell.
SearchDataCenter.com recently posted Dell pushes green computing initiative; the company is introducing two low power AMD Opteron-based servers, PowerEdge 2970 and PowerEdge Energy Smart 2970D. Dell claims that these servers draw up to 34% less power than a Dell Power Edge and can deliver up to 105% greater performance per watt over the previous generation of Dell servers featuring dual-core processors.
Are we seeing an environmental trend in the IT industry? It looks that way to me, given whose involved. What do you think?