(1 votes, average: 7 out of 10)
Loading ...Symantec announces Backup Exec 12.5 and Windows Server 2008 support
Symantec released the latest version of Backup Exec for data and system recovery of virtual and physical systems, introduced Backup Exec Infrastructure Manager 12.5 and announced Windows Server 2008 support.
Backup Exec 12.5 provides “comprehensive data protection for VMware Infrastructure, Microsoft Windows Server 2008 Hyper-V and conventional systems from a single console,” says Symantec. The new version allows users to “backup an unlimited number of guest machines within a VMware ESX or Microsoft Hyper-V host environment to disk or tape from a single agent.”
Also new to the Backup Exec product family is Microsoft Windows Server 2008 portfolio support, including Windows Small Business Server 2008, Windows Essential Business Server 2008 and SQL Server 2008.
Symantec’s new Backup Exec Infrastructure Manager 12.5 “simplifies the upgrade process and patch management of Backup Exec installations and reduces total cost of ownership through centralized license discover, inventory and disk-capacity monitoring.” It features a web-based interface and provides a graphical map of the Backup Exec deployment.
Backup Exec 12.5 and Backup Exec System Recovery will be available worldwide October 6, 2008. Backup Exec Infrastructure Manager 12.5 is scheduled for release in the late fall of 2008.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(No Ratings Yet) Loading ...Undelete recovers files that Windows misses: Diskeeper
A Burbank, Calif.-based vendor of data protection and recovery technology released a product that it said captures those files commonly missed by the basic Windows recycle bin.
Diskeeper Corp.’s Undelete 2009 replaces that recycle bin with what the company called a “recovery bin”, which it said immediately restores files on desktops and servers, including those overwritten or deleted over a network.
The product runs on Diskeeper’s proprietary InvisiTasking technology.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(1 votes, average: 10 out of 10) Loading ...BitDefender launches 2009 security suite
Antivirus software and data security provider BitDefender released the latest version of its security software suite, BitDefender Total Security 2009, earlier today.
New enhancements to the 2009 package include an online backup service for preserving sensitive information and instant messaging encryption to protect Yahoo! Messenger and MSN Messengers users from eavesdroppers.
A new “Laptop mode” feature automatically detects when a laptop moves to battery power and postpones regularly scheduled scans, backups and tune-ups to prevent unnecessary battery drain.
Other changes include a locally stored File Vault, proactive security for online activities, increased home network management control and an improved Gamer mode.
BitDefender differs from the other security software suites that focus on pre-existing virus lists by using “proactive B-HAVE technology that identifies and blocks new and zero-day threats,” states the company release. According to BitDefender, Total Security 2009 will also keep PCs running “at optimal speed and protected from data loss.”
A yearly subscription is available for USD $69.95. The 3-PC license is priced at $79.95.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(No Ratings Yet) Loading ...Dan Swanson’s Security Resources: #3
There are several ongoing, long-term security efforts worth examining. The National Institute of Standards and Technology (NIST) has published hundreds of guidance documents relating to all aspects of information security over the years. Just as importantly, they consistenly maintain the currency of their guidance. The Center for Internet Security (CIS) has developed dozens of consensus-based security benchmark checklists that can be used for securing various technologies commonly in place, in most organizations. CIS tools have been a world wide standard in “hardening” various technologies. And the U.S. Department of Homeland Security Build-Security-In (BSI) initiative is truly amazing, its an endless source of advice and guidance and needs to be visited frequently as new items are added regularly.
As always, I have also included a few topic-specific resources.
Enjoy.
Good luck and have another great week.
Dan Swanson
Dswanson_2005@yahoo.com
1. Build Security In (BSI)
As part of the Software Assurance program, Build Security In (BSI) is a project of the Strategic Initiatives Branch of the National Cyber Security Division (NCSD) of the Department of Homeland Security (DHS). The Software Engineering Institute (SEI) was engaged by the NCSD to provide support in the Process and Technology focus areas of this initiative. The SEI team and other contributors develop and collect software assurance and software security information that helps software developers, architects, and security practitioners to create secure systems.
2. The Computer Security Division (CSD) of the National Institute of Standards and Technology (NIST), including the Federal Information Security Management Act (FISMA) library.
The mission of NIST’s Computer Security Division is to improve information systems security by:
• Raising awareness of IT risks, vulnerabilities and protection requirements, particularly for new and emerging technologies;
• Researching, studying, and advising agencies of IT vulnerabilities and devising techniques for the cost-effective security and privacy of sensitive Federal systems;
• Developing standards, metrics, tests and validation programs:
o to promote, measure, and validate security in systems and services
o to educate consumers and
o to establish minimum security requirements for Federal systems
• Developing guidance to increase secure IT planning, implementation, management and operation.
3. The SANS (SysAdmin, Audit, Network, Security) Institute
SANS is one of the most trusted and by far the largest source for information security training and certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet’s early warning system, Internet Storm Center.
4. CERT’s Resiliency Engineering Research
The cornerstone of their research is the development of the CERT® Resiliency Engineering Framework. The framework is the foundation for a process improvement approach to security and business continuity. It establishes an organization’s resiliency engineering process: a collection of essential capabilities that an organization performs to ensure that its important assets—people, information, technology, and facilities—stay productive in supporting business processes and services. The framework serves as a foundation from which an organization can measure its current competency, set improvement targets, and establish plans and actions to close any identified gaps. As a result, the organization repositions and repurposes its security and business continuity activities and takes on a process improvement mindset that helps to keep these activities productive in the long run.
5. The Center for Internet Security (CIS) is a non-profit enterprise whose mission is to help Organizations reduce the risk of business and e-commerce disruptions resulting from inadequate technical security controls. CIS members develop and encourage the widespread use of security configuration benchmarks through a global consensus process involving participants from the public and private sectors. The practical CIS Benchmarks support available high level standards that deal with the “Why, Who, When, and Where” aspects of IT security by detailing “How” to secure an ever widening array of workstations, servers, network devices, and software applications in terms of technology specific controls. CIS Scoring Tools analyze and report system compliance with the technical control settings in the Benchmarks. The CIS Benchmarks and Scoring Tools are available for download free of charge.
6. Microsoft releases guidelines for customer privacy
A 49-page document previously kept internally by Microsoft was released at an international privacy professionals’ conference in Toronto. The company hopes its Privacy Guidelines for Developing Software Products and Services will spur further industry discussions.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(3 votes, average: 7 out of 10) Loading ...Payment card security standards are a joke
The user experience doesn’t get much better than credit or debit cards. You hand over the card, you swipe, you sign or punch in a PIN, and you go. Compared to a lot of other transactions we make through technology, that’s pretty fast. Most people outside the industry probably have no idea the snail’s crawl at which the industry behind those cards is moving to protect them.
Read the rest of this entry »
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(3 votes, average: 10 out of 10) Loading ...When servers go down, everyone becomes a pirate
The problem when you appoint yourself chief of police over software theft is that people will hold you much more accountable for the mistakes you make. That’s what Microsoft has discovered after a server problem with its Windows Genuine Advantage service caused some innocent users to be targeted as pirates. If the criticism is bad now, it’s only going to get worse.
Read the rest of this entry »
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(1 votes, average: 10 out of 10) Loading ...Novell gets in on endpoint market, buys Senforce
It’ll be interesting to see in a year from now how many standalone endpoint security firms are left. Novell’s acquisition of Senforce on Monday shouldn’t come as a surprise, nor should the acquistion of any other company that helps customers protect networks from data that gets exposed on handheld devices.
Novell isn’t really known as a security firm, but it is a systems management firm, and endpoint security and systems management are really starting to go hand in hand. If the introduction of iPhones or other devices in the enterprise becomes really problematic IT managers may want to rely more on Symantec and its Hamlet project, but if you’re already a Novell shop it’s pretty handy to have some security tools rolled in.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(1 votes, average: 10 out of 10) Loading ...A 10-day patch: I triple-dare you
Although officials were quick to dismiss the idea, I loved the image of Mozilla executives discussing their strategy to patch Firefox flaws during a late-night pajama party. Until I actually pictured Mozilla executives in pajamas.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(3 votes, average: 6.67 out of 10) Loading ...Advantage Apple – Saves face with timely iPhone patch
By Joaquim P. Menezes -
Whew! That was a close one…for Apple.
But the company has certainly pulled off a coup, releasing fixes for serious iPhone “vulnerabilities” days after they were first detected.
That’s not just significant from a security perspective, but from a “corporate reputation” standpoint as well.
Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati
(1 votes, average: 10 out of 10) Loading ...Wireless LAN security vs. convenience - walking the tightrope
By Joaquim P. Menezes -
“Security vs. ease of use” – is a conundrum a lot of network managers face when it comes to wireless LANs.
In some companies, IT managers have refused to deploy wireless LANs because of the risks they pose.
Others have allowed their (legitimate) concerns for security to obscure other equally important requirements.
There are many deployments today that exemplify the notion of: “more security, less usability.”
One commentator, for instance, has vividly described his frustrating experience at an event where wireless LAN access was provided - but with complete disregard for user convenience.
And yet, as wireless LANs become ubiquitous – partly due the proliferation of wireless “hotspots” – the very real “security” risks inherent in this technology cannot be overstated.
For one, users cannot determine whether they’re connecting to legitimate or “rogue” access points. Read the rest of this entry »
