Keeping Up with Gadgets

Keeping Up with Gadgets
Keeping Up with Gadgets

Forwarded with permission from: Security UPDATE 


SQL Server Optimization and Data Protection with Intelligent ISCSI SANs 

St. Bernard Managed Protection Services 

Ensuring User Continuity 

=== CONTENTS ==================================================
IN FOCUS: Keeping Up with Gadgets

   - Aegenis Group's New Regulatory Monitoring Service
   - October Set of Fixes Available for Vista
   - Eye of NEWT Is on Malicious Web Sites
   - Recent Security Vulnerabilities

   - Security Matters Blog: Surveillance for Physical Security
   - FAQ: Enabling WS-Management through Group Policy
   - From the Forum: Granting a Specific Computer Access to a Folder
   - Share Your Security Tips

   - New Data Leak Prevention Appliance
   - Wanted: Your Reviews of Products 




=== SPONSOR: EqualLogic =======================================
SQL Server Optimization and Data Protection with Intelligent ISCSI SANs
   More and more companies are deploying storage area networks or SANs 
as storage needs continue to proliferate. SANs offer many unique 
capabilities that improve data protection, storage performance and 
scaling, and reduction in storage management time. This web seminar 
reviews best practices in deploying SQL Server in an intelligent iSCSI 
SAN, and shows how this provides dramatic improvements in deploying, 
optimizing, backing up, and recovering SQL. 

=== IN FOCUS: Keeping Up with Gadgets =========================   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Last week, I wrote about the need to follow industry trends to discover 
new services, devices, and gadgets that might have an impact on the 
information security of your business environment (see article at URL 
below). This week, I'll tell you about some of the more specialized 
sites that I use to make the work of following trends much easier. 

First on the list is blogs. There are so many bloggers out there 
talking about the latest and greatest technology that it's mind 
boggling. Two big advantages that some bloggers have is access to 
inside information and an insatiable attraction to nearly any new 
technology. Therefore, they're excellent sources of information that 
can help you identify new risks. 

Finding such bloggers is a matter of time, effort, and patience. 
Fortunately, blogging has a noticeable parrot effect such that when one 
blogger writes about something, very quickly dozens, if not hundreds of 
other bloggers begin covering the same topic by simply referring back 
to the original blog or by writing about the topic themselves.

Two blog and pick up on gadgets 
and gizmos that other bloggers have written about. The sites also 
produce their own stories. Consequently, the sites cover nearly all the 
latest devices and sometimes cover software-based tools too. So 
regularly visiting these sites or picking up their RSS feeds is a 
really good way to find out about new potential risks and to get a 
better perspective on overall trends. 

Because blogging has become so hot, a natural evolution is blog 
aggregation. There are many aggregate sites that help people find 
content they might be interested in. One of the more popular aggregate 
sites right now is Technorati. You can use Technorati's topic feature 
to go directly to a list of stories related to technology, as seen via 
the URL below. Granted, there isn't an easy way to drill down into 
subtopics, but even so, you'll come across a lot of stories that might 
help you do your job better. 

Another excellent site to check in on is, which has become a 
hugely popular hub for all things related to technology. If you've 
never visited Digg, it's similar to (another excellent 
source that I'm sure you're already familiar with). Digg users post 
links to content on the Internet along with short summaries. The 
content in the Technology section is often about the latest and 
greatest services and devices. Definitely put Digg on your list of 
reading material, and try not to lose track of time when using it. You 
could easily spend all day following the stories!

A site that's similar to Digg is Reddit isn't as extensive 
as Digg, but nevertheless it's popular and widely used by both bloggers 
and readers around the world. Check the "gadgets" and "programming" 
communities to learn about plenty of new services, devices, and other 
potential problems. 

Other sites that might seem rather obvious but are sometimes overlooked 
for regular reading are and Both sites, 
particularly CNET, cover a lot of information directly related to the 
computer industry, so you're bound to find information that helps you 
learn about risks well in advance. 

Those are only a few of the many available sites on the 'net that you 
can use to help stay ahead of intruders. By reading these sources, 
you'll undoubtedly find numerous other sources that you might want to 
check in on regularly. Fortunately, many sites offer RSS feeds that you 
can subscribe to, which can make the work a bit easier. Finally, at the 
risk of pointing out the obvious, remember to think like an intruder 
while surfing around for news and information. 

=== SPONSOR: St. Bernard Software =============================
St. Bernard Managed Protection Services
   Are you familiar with new government regulations affecting email? 
Learn about the dozens of issues surrounding the security of email in 
business today and make sure that your company is in compliance. 
Download your copy of this must-have whitepaper today! 

=== SECURITY NEWS AND FEATURES ================================
Aegenis Group's New Regulatory Monitoring Service
   The Aegenis Group recently introduced the Aegenis Regulatory 
Intelligence Service (ARIS), which will offer news alerts and weekly 
summaries to help companies monitor and analyze legislative trends and 
industry requirements that affect information security. 

October Set of Fixes Available for Vista
   Microsoft released Vista patches last week that include fixes for 
Vista's core USB components, Media Center, and Windows Media Center 11. 
A fourth fix generally addresses "compatibility, reliability, and 
stability" issues with the new OS. 

Eye of NEWT Is on Malicious Web Sites
   You can sign up to beta test Neutralize E-mail-Web Threats (NEWT), a 
plug-in to email gateways that stops new malicious attacks launched 
through spam email messages. NEWT's creator, Avinti, is limiting the 
number of participants in the public beta but plans to make the 
finished service available for free to the general public. 

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at 

=== SPONSOR: Neverfail =======================================
Ensuring User Continuity
   When your systems go down, your users' productivity grinds to a 
halt. User downtime is one of the fastest growing concerns among 
businesses. This free Web seminar teaches you how to keep your users 
continuously connected and your business up and running. View the On-
Demand Web seminar now! 

=== GIVE AND TAKE =============================================
SECURITY MATTERS BLOG: Surveillance for Physical Security
by Mark Joseph Edwards, 
   Got cameras in your data centers? If not, then do you need some? I 
found a company that has a wide range of different video cameras and 
DVRs--even some that can be hidden in inconspicuous places. 

FAQ: Enabling WS-Management through Group Policy
by John Savill, 

Q: How can I enable WS-Management through Group Policy?

Find the answer at 

FROM THE FORUM: Granting a Specific Computer Access to a Folder
   A forum participant wonders whether he can grant access to specific 
computers to read/write, etc. a folder on a server by using the 
computer MAC address to grant or deny the access. Join the discussion 

   Share your security-related tips, comments, or problems and 
solutions in Security Pro VIP's Reader to Reader column. Email your 
contributions to If we print your submission, 
you'll get $100. We edit submissions for style, grammar, and length.

=== PRODUCTS ================================================== by Renee Munshi, 

New Data Leak Prevention Appliance
   Code Green Networks announced the release of the CI-750 content 
inspection appliance for small businesses and branch offices. The 
appliance helps prevent leakage of sensitive data to blogs, wikis, Web 
forums, and Web-based mail services such as Gmail, Hotmail, Windows 
Live Mail, AOL Mail, and Yahoo! Mail over a variety of network 
protocols, including SMTP, HTTP, HTTPS, and FTP. The appliance, which 
is designed for 250 or fewer users and is priced starting at $10,000, 
can monitor and record sensitive information transmission, block such 
transmissions using third-party proxy server solutions, or 
automatically encrypt such transmissions. 

WANTED: your reviews of products you've tested and used in 
production. Send your experiences and ratings of products to and get a Best Buy gift certificate. 

=== RESOURCES AND EVENTS ======================================   For more security-related resources, visit 

Protecting Mobile Users' Data
   In this Web seminar, David Chernicoff discusses protection and 
backup of data used and generated by mobile and casually connected 
users, providing ideas, suggestions, and solutions to associated 

Get the facts about Microsoft Unified Communications and Exchange 
Server 2007 at one of six day-long workshops starting in mid-October. 
Don't miss out on your chance to attend in one of the following cities: 
Portland, Oregon; San Diego; Denver; Philadelphia; Atlanta; or Chicago. 
Visit our Web site for dates and details. 

Instant Messaging, VoIP, peer-to-peer file sharing, and games in the 
workplace: How to take back control
   The emergence of Web 2.0 is not only redefining how individuals 
interact with the Internet but also introducing new threats. This white 
paper discusses approaches to controlling Web 2.0 applications and 
explains how integrating that control into malware protection and 
infrastructure management gives IT administrators a simple solution 
that also lowers overhead. 

=== FEATURED WHITE PAPER ======================================
Compliance Mythbusters: The Truth About Common Myths and Misconceptions 
of Email Archiving 
   Learn from other people's mistakes, not your own! This Web seminar 
features an interactive discussion that reveals today's common mistakes 
and misconceptions about message archiving, regulations, and e-
discovery. You'll learn why these misconceptions came about, how to 
avoid common mistakes, and what to do to meet today's email archiving 
and e-discovery needs. 

=== ANNOUNCEMENTS =============================================
Discover the New SQL Server Magazine 
   Don't miss the relaunched SQL Server Magazine, coming this month! 
Besides a new look, we have even more coverage of administration and 
performance, development and Web apps, BI and Reporting Services, and 
SQL Server fundamentals. Subscribe now and save 58% off the cover 

Got a Tough Exchange or Outlook Question? 
   Rely on Exchange & Outlook Pro VIP, the new online resource with in-
depth articles on administration, migration, security, and performance. 
Subscribers get direct access to our top-flight editors, so subscribe 
and receive personalized solutions to your toughest technical 
questions. It beats a support call to Microsoft! 

Security UDPATE is brought to you by the Windows IT Pro Web site's 
Security page (first URL below) and Security Pro VIP (second URL 

Subscribe to Security UPDATE at 

Be sure to add 
to your antispam software's list of allowed senders.

To contact us: 
About Security UPDATE content -- 
About technical questions -- 
About your product news -- 
About your subscription -- 
About sponsoring Security UPDATE -- 

View the Windows IT Pro privacy policy at 

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2007, Penton Media, Inc. All rights reserved.

CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - 

Site design & layout copyright © 1986-2014 CodeGods