To view this update as a Web page, copy this link into your browser: www.qtsnet.com/stayinformed/quiknews/quiknews_august2003.htm.

To subscribe or unsubscribe, please follow instructions at the bottom of this page.

In this issue:

• QTS News
• President's Corner
• Events
• Patches and Upgrades
• Special Offers & Featured Solutions
• Partner Spotlight

QTS NEWS

QTS IS HIRING!
QTS is recruiting for senior level technical personnel, as well as entry and senior level sales staff. If you know anyone who might be a good fit, please have them submit their resume to Liz Meechan, our Office Manager. Liz can be reached at lmeechan@QTSnet.com, or (973)984-7600 x223.

PRESIDENT'S CORNER

This is a continuation of the column from last month’s issue, in which we discussed spam and how to prevent it. After discussing some of the basic techniques, we now move on to some of the more sophisticated techniques to combat spam.

*******************************

Some of the more advanced features in today’s anti-spam solutions include:

Subject Line Blocking – some products support the ability to block messages based on specific text strings in the subject line – such as “ADV” for advertisements, or specific offensive words. To do this effectively, wildcard characters need to be supported. The problem here is that this needs to be planned in such as way as to avoid excessive false positives – the string ADV is used in many ADVertisement messages, but could also catch a legitimate message about the ADVantage of a particular service.

Dictionaries - Keywords can be listed and used to block email. However, this can have untended effects. For example, I had several copies of our last QuikAlarm bulletin bounced back as undeliverable because the text of the message describing the Bugbear worm listed filename extensions that a gateway was blocking – presumably, the gateway thought our email included the files themselves, and the recipients never got the useful technical information we were attempting to provide.

Lexical Analysis essentially means looking not just at words, but combinations of words, to classify a message. It is more sophisticated than simple keyword blocking. Some word combinations may indicate a message is legitimate, while the same word in other combinations may indicate spam (I’m avoiding particular words to avoid this email being caught in a basic spam filter!). Unfortunately, both of the above solutions can be time intensive to maintain, unless a vendor is doing this globally for you (as, for example, does SurfControl).

Heuristics essentially refers to applying a series of tests and accumulating a score based on results. This approach has been used to fight viruses, and is now popular to combat spam as well. Typically, a neural networks/artificial intelligence scanning engine applies rules and “learns” what you consider to be spam, and based on threshold levels you set it can classify messages and handle them a certain way (ranging from deletion, to appending the header, to quarantining them for further inspection).

Bayesian Filtering is a relatively new approach that holds much potential, but will take some time for the technology to take hold and be integrated with commercial products. Essentially, this approach looks at a body of email messages and determines spam based on the user’s classification of messages, applying artificial intelligence. One of the key elements here is that it is user-specific – what is spam to one user may be legitimate email to another user. Thus, this approach is most suitable to combat spam at a user/mailbox level, which has its own disadvantages. It will take some time before this approach is successfully integrated into gateway products but allows for user-level interaction, but the approach holds much potential if it is done right – the open source projects that have been developed thus far have a very high accuracy rate and an associated low rate of false positives.

Subject Line Tagging – many products that do heuristic scanning of email messages have the ability to insert a string (for example, “SPAM”) into the beginning or end of a subject line. This allows the messages to be classified for further handling, as opposed to simply being deleted. For example, identified spam messages might have “Might be SPAM:” added to the beginning of the header, and then client side rules might move the mail into a special folder on the client, where the mail might be left for 3 days (or more, or less) before it is automatically deleted. This approach has the advantage of putting ultimate control of the “questionable” mail with the user – they don’t get all the suspected spam in their main mailbox, but can check the spam folder for possible false positives when they’re expecting a message or whenever they want. The disadvantage is that this email is going into their client mail folders, consuming valuable server-side and local storage space until it is deleted.

A nice split is provided by the more advanced products, such as SurfControl Mail, which allow messages that are highly likely to be spam to be deleted before being forwarded, and others to be classified with the subject line header and passed along for the user to decide.

How is the industry reacting to spam? Of course, it varies by organization, but many in leadership roles have gotten into the fray. Both Novell GroupWise 6.5 and the upcoming release of Microsoft Exchange 2003 will include native support for RBLs and some levels of whitelisting/blacklisting (though we still strongly recommend a server to screen email before it gets to these servers!). A plethora of vendors have come out with for-sale products to address spam at the email gateway (QTS supports SurfControl and Symantec’s offerings), before getting to the gateway (Postini’s Active EMS being one of the better and well-known outsourced offerings) and at the client (McAfee’s SpamKiller being an example).

There is no perfect solution here to be had. By properly configuring multiple elements of the above, one can hope to cut off a significant percentage of spam, with limited risk of false positives, but this will take some tuning and ongoing management. Given time and improvement in artificially intelligent technologies, it is possible that gateway solutions will be delivered that will allow for user-specific classification but centralized management. In the interim, at least it’s possible to cut down on the time wasted deleting some of the junk emails from our inboxes…

As always, feel free to email me your comments or thoughts at nrosenberg@QTSnet.com. Thank you.

Neil Rosenberg
President & CEO
Quality Technology Solutions

PARTNER SPOTLIGHT

This month QTS is spotlighting its business solutions partner, AKA Enterprise Solutions. AKA is a highly focused solution provider that provides services around Microsoft Business Solutions – currently, the Dynamics (formerly Great Plains) accounting systems, and Microsoft CRM. These solutions are a great fit for most of QTS’ mid-market customers.

For more than a decade, AKA Enterprise Solutions has been a leading partner dedicated to the sales, consulting, service and support of Microsoft Business Solutions. AKA Enterprise Solutions provides solutions that address Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), e-Commerce and Business Process Consulting and Custom Application Development.

AKA’s dedication and focus on the Microsoft Great Plains and Microsoft CRM products benefits their clients by providing increased access to knowledge and dedicated resources for all areas of customer care. As a certified Microsoft Business Solutions partner, AKA shares Microsoft's commitment to long lasting customer relationships exemplified by a 93% client customer retention rate and consistently high satisfaction ratings.

AKA Enterprise Solutions has been the recipient of numerous industry awards and national honors that serve to reflect the combined talents, innovation, and enthusiasm of the team members. AKA was the 2001 recipient of the Eagle Award, the highest award given to Microsoft Business Solutions partner organizations recognizing strong leadership, a commitment to excellence and extreme dedication to customers and partners. Of the 4,000 Microsoft Business Solutions partners worldwide, AKA is routinely ranked within the top fifteen companies in the world. As part of their dedication to Microsoft Business Solutions, AKA has maintained the only North East certified Microsoft Great Plains Education Center for the past three years.

As an InterDyn company, AKA Enterprise Solutions offers clients the advantage of specialized talents and industry expertise of each of our locations to maintain the highest quality of customer care services. With more than 500 certified professionals in locations around the world, InterDyn supports over 3,500 customers- making us the largest, most comprehensive, and most experienced Microsoft Business Solutions partner worldwide. For more information about AKA Enterprise Solutions visit http://www.akaes.com, or contact your QTS Account Manager.

QTS and AKA Enterprise Solutions work together for our customers to build new solutions that create competitive advantage, reduce costs or create opportunity - with QTS providing the infrastructure and AKA the software solutions, in a highly integrated fashion.

Visit www.QTSnet.com for company information.

EVENTS

Fall event schedule coming soon.

PATCHES & UPGRADES

Call the Customer Support Center to have us apply QTS-standard patches and keep your systems current. The following patches have been recently released and are generally recommended by QTS:

* No new patches. However, there has been a significant level of virus and worm activity recently, with the Blaster Worm, new variants of the Sobig worm, and others. It is critical that you keep antivirus definitions and scan engines current on all systems, including remote VPN users, and that you ensure minimum patch levels are current on all Windows systems.

Also, please click here for applicability of Microsoft Security Bulletins to the products in use at your environment. Contact your QTS Account Manager if you would like our Customer Support Center to monitor these bulletins for you and advise with recommendations for your environment upon release of new bulletins.

Symantec (formerly Norton) Antivirus Corporate Edition signature files are currently at version 50825f (8/25/2003). CA InoculateIT 4.x signature files are currently at version 44.31 (8/25/2003) and 6.x signature files are currently at version 23.62.31 (8/25/2003). McAfee VirusScan / NetShield signature files are currently at version 4288 (8/20/2003). Please keep your antivirus signatures, and your scan engines, current! If you do not have your system set up to automatically distribute updates from your server to your PCs, please call your QTS Account Manager or the Customer Support Center.

Some patches can cause problems, especially in combination with other software programs or patch levels. Please talk to us to verify whether we see any possible problems in your environment before patching your systems independently. We make best efforts to test patch combinations but cannot guarantee compatibility between software and hardware manufacturers’ products.

SPECIAL OFFERS & FEATURED SOLUTIONS

RSA STRONG AUTHENTICATION BUNDLE
RSA Security is offering a special promotion on 25-user starter systems of RSA’s ACE/Server software and SecurID tokens, at what amounts to 50% off the standard price. The price of $3,099 for the package includes 25 tokens, a 25 user ACE/Server license and one year RSA maintenance contract. Contact your QTS Account Manager for more information.

SYMANTEC SECURITY SOFTWARE
Symantec is offering a 10% discount on many of its security software programs (Intrusion Detection, Vulnerability Management, etc.) to customers who purchase a Vulnerability Assessment utilizing Symantec’s NetRecon software, from QTS. Contact your QTS Account Manager or more details.

QUIKNEWS ARCHIVES
For access to past issues of QTS QuikNews dating back to January 2001, click here.