QuikNews July 2005 E-Mail Newsletter

July 2005

Volume 5 Issue 7

July 29, 2005

To view this update as a Web page, copy this link into your browser: http://www.qtsnet.com/stayinformed/quiknews/quiknews july2005.htm.

To subscribe or unsubscribe, please follow instructions at the bottom of this page.

Welcome to the July edition of QTS QuikNews, our monthly e-mail newsletter. In this monthly e-mail, you will receive an update of what's new at QTS - new products we support, new patches and upgrades, solution ideas and promotions to save you money, and information about our company and our clients.

In this issue:

QTS and Partner News
Events
President's Corner
QuikSecure Tip of the Month
Patches and Upgrades
Product Support Lifecycle Watch
Solution Spotlight
Special Offers
Partner Spotlight

QTS AND PARTNER NEWS

WELCOME TO NEW CUSTOMERS
QTS offers a “welcome aboard” to the following new customers:

· C&M Landscaping

· CRT Capital LLC

· HealthSTAR Communications

· MVC Capital

QTS IS HIRING!
QTS is recruiting for senior level technical personnel, as well as an entry to mid-level sales/service support specialist. If you know anyone who might be a good fit, please have them submit their resume to Liz Meechan, our Office Manager. Liz can be reached at lmeechan@QTSnet.com, or (973)984-7600 x223.

FREE UPGRADES!
QTS customers with Symantec Gold Support and/or Veritas Support are entitled to free license upgrades, respectively, to Symantec Antivirus 10.0 and/or Veritas Backup Exec for Windows 10.0. The Symantec release includes anti-spyware capabilities, while the Veritas upgrade provides a variety of new features. QTS can install these upgrades quickly, helping keep your network current. For more information, contact Christine Bongard at cbongard@QTSnet.com, or (973)984-7600 x222.

PARTNER CHANGES
QTS software development and collaborative solutions partner Econium has merged into Vis.align, a larger organization with offices throughout the Northeast.

QTS document management, imaging and assembly partner Wertheim, Inc. has taken on a new name, Enterprise Information Management (EIM) International.

Both organizations will continue to maintain focus on their core competencies, and their QTS partnership.

2005 CSI/FBI COMPUTER CRIME WHITE PAPER AVAILABLE
The Computer Security Institute and the Federal Bureau of Investigation have released the 10^th annual CSI/FBI Computer Crime and Security Survey, an extremely informative survey of IT managers from across a broad spectrum of organizations. The 2005 study presents very useful information on security trends and patterns, and is available at no charge at GoCSI.com.

EVENTS

QTS and Symantec will be hosting a lunch seminar on Tuesday, August 2nd at the Highlawn Pavillion in West Orange to present Symantec’s SNS 7100 Network Intrusion Prevention System, and to discuss current security threats and best practices. For more information or to register, visit www.QTSnet.com/symantec or call Liz Meechan at (973)984-7600 x223.

PRESIDENT'S CORNER

It’s late July, and as usual for this time of year, I’ve returned from Microsoft’s Worldwide Partner Conference earlier this month. This is an important event for QTS, particularly this year since I had the opportunity via a video segment to introduce Andy Lees, Microsoft’s Worldwide Vice-President of Server & Tools Marketing, at the conference.

WWPC, as the Microsoft folks call it, is an important event for QTS, in that it allows us to align our business with Microsoft’s key focus areas and goals. Since Microsoft is by far our most strategic and important partner, this is critical to QTS’ success, and to our customers and other partners.

Interestingly, security continues to be clearly stated as Microsoft’s number one priority, but their position has subtlely shifted from a defensive “we have to catch up” position to a more aggressive position based on their accomplishments. Microsoft still acknowledges that it has a lot of work to do in this space, but now is coming at security from the perspective of taking an industry-leading position. Microsoft emphasized its accomplishments in reducing the security bulletins following release of the 2003 platforms, versus the greater number of security bulletins and vulnerabilities in Linux. Emphasis was also placed on Microsoft’s collaboration with law enforcement, and its use of “bounties,” in brining hackers and worm writers to justice.

SQL Server 2005, code-named “Yukon,” is the big push, and just as Windows XP SP2 was the major point of focus for Microsoft from a development perspective last year, this year it’s SQL Server. In addition to major improvements in security, reliability and performance, Microsoft has added considerable new features and functionality, particularly around data analysis, reporting, and business intelligence – clearly the focus is on helping businesses better analyze and use the data they have in their systems. The next release of Visual Studio, Microsoft’s lead development platform, will also come out at the same time, toward the end of this year. For more information on SQL Server 2005, visit http://www.microsoft.com/sql/2005/default.mspx.

Looking further out into next year, Longhorn (which has recently been renamed “Windows Vista”) was a point of important discussion. The client release of Longhorn/Windows Vista, which will supercede Windows XP, is targeted for release in the second half of 2006, roughly coinciding with the release dates for the next major releases of Exchange Server and Office. This will obviously be a major point of focus for QTS, as we ramp up and get ready to help early-adopting customers benefit from these technologies. We saw demos of Longhorn, which emphasizes continued improvement in security, reliability and performance (faster boot-up time, improved hibernation and notebook functionality). New technologies to improve document management and search and retrieval will also be particularly important for this release, and will tie into SharePoint and Microsoft’s collaborative strategy. Clear emphasis was placed on using SMS and Microsoft’s management tools to deploy the next release of Windows, so the work many of our customers have done deploying SMS will be important here. For more information on Windows Vista, visit http://www.microsoft.com/windowsvista/basics/default.mspx.

Microsoft System Center Data Protection Manager was also a point of focus, and is due to be released very shortly. Data Protection Manager brings Microsoft into the field of disk to disk backup – allowing for data to be backed up to a DPM Server. Since backup is to disk rather than to tape, it is much faster, addressing common “backup window” concerns. Also, tools are available for users to initiate their own file restores. DPM is not intended to replace tape backup, but rather to complement it, with tape as the offsite component in a disk-to-disk-to-tape hierarchy. The System Center branding ties DPM into SMS and MOM as part of Microsoft’s family of network and systems management tools. For more information, visit http://www.microsoft.com/windowsserversystem/ dpm/default.mspx.

Mobility was also a major theme, with the upcoming release of Exchange Server 2003 Service Pack 2 and the Messaging and Security Feature Pack for Windows Mobile 5.0. Essentially, Microsoft’s vision is that mobile devices (and optimally devices running Windows Mobile, from their perspective) will become ubiquitous in the very near future – and clearly that is becoming the case now. Microsoft is focused on improving the tools to connect those devices to data on Microsoft servers – particularly Exchange – and to having the ability to properly manage and secure those devices. The Windows Mobile 5.0 feature pack provides the ability for push-based email to Microsoft devices – similar to the Good and Blackberry solutions on the market today, and includes the ability to secure those devices through policy, as well as to lock and erase lost devices. For more information, visit http://www.microsoft.com/windowsmobile/5/default.mspx.

To me, the coolest technology was Microsoft Office Business Scorecard Manager 2005, code-named “Maestro.” Essentially, it is a tool to link business data to an easy to use, graphical front-end. By defining Key Performance Indicators (“KPIs”), which are often OLAP cubes on SQL Server and then defining how you want them presented, you can build executive “dashboards” to provide real-time reporting on the health of the business. This product will be released toward the end of this year, and you can expect to see QTS and its partners come to market with service offerings to accelerate deployment of this high-impact technology. For more information, visit http://www.microsoft.com/presspass/newsroom/ office/factsheets/07-19BSM2005FS.mspx.

On the server side, the combination of 64-Bit, Dual Core server technology and virtualization were important points of focus. Microsoft expects that 50% of all new server shipments will be 64-Bit/Dual Core, and the 64-Bit version of Windows Server 2003 provides Microsoft with important pricing and performance advantages competitively. Virtual Server 2005 will have a service pack later this year providing improved manageability and begin support for running Linux Virtual Machines within Virtual Server. The Service Pack will improve manageability and cluster support, making the technology much more robust and ready for broader scale deployment. For more information on Virtual Server, visit http://www.microsoft.com/windowsserversystem/ virtualserver/default.mspx. For more information on Windows Server 2003 x64, visit http://www.microsoft.com/windowsserver2003/ 64bit/x64/default.mspx.

The Knowledge Worker team put a lot of focus on the upcoming release of Office and how it provides tools to sharply change the way people work with data, both by itself and through integration with the rest of the Microsoft platform. This looks to be the most significant new release of Office in some time. Tight integration with SQL Server, Exchange, SharePoint, Live Communication Server and other components will be very powerful. And as for LCS, the new Office Communicator client (formerly code-named “Istanbul”) provides a range of new collaborative capabilities. LCS was emphasized extensively in several of the breakout sessions. For more information on LCS, visit http://www.microsoft.com/office/livecomm/prodinfo/default.mspx.

It was a busy conference, and a fun one, giving us the chance to reinforce many of our key relationships within Microsoft and our key partner companies. Now, over the next 12 months, you’ll be seeing us work with Microsoft and our partners to bring these technologies to our customers so they can provide benefits to your businesses.

As always, feel free to email me your comments or thoughts at nrosenberg@QTSnet.com. Thank you.

Neil Rosenberg
President & CEO
Quality Technology Solutions

PARTNER SPOTLIGHT

This month QTS is spotlighting its network security and penetration test partner, Razorpoint Security Technologies, Inc. Based in New York City, Razorpoint Security specializes in researching and analyzing security vulnerabilities and conducting comprehensive security testing. Razorpoint Security’s testing goes well beyond the average “port scan” or “vulnerability scan” exercises. They look at your network through the eyes of those looking to do you harm. As Razorpoint Security’s president Gary Morse says, “We know what they know, we know what they see, and we know what they do.”

Razorpoint Security’s assessments provide business leaders and corporate clients the necessary security services and solutions that help keep corporate networks secure. They have exceptional expertise in network security, attack/penetration testing and identifying security vulnerabilities especially as they relate to Internet solutions and web applications. They provide security services that focus the view of your operating environment. Razorpoint Security offers all sectors of business the services to maintain a firm grasp on the evolving state of network security.

Razorpoint Security’s attack/penetration tests identify potentially disastrous security vulnerabilities and help ensure the protection of network infrastructures and e-business ventures. While many security firms provide singular penetration tests with limited documentation, Razorpoint Security offers a year-round assessment schedule, customized documentation deliverables, and monthly security advisories that help keep clients up to date.

As Razorpoint Security Technologies approaches the start of its fourth year in business, they have clearly become a leading force in the network security industry. In addition to providing comprehensive security services to its clients, Razorpoint Security has become a prime media source on information security. News outlets such as The New York Times Magazine, ABC/CourtTV, CBS News, Crain’s NY Business, Entrepreneur Magazine, CSO (Chief Security Officer) Magazine, CRN Magazine and Wired News are among those that have tapped Razorpoint Security for their expertise.

As local leaders in the security field, QTS and Razorpoint Security have worked together to develop a Penetration & Attack Testing offering that fits into QTS’ QuikSecure methodology and is a logical progression for customers who have completed QTS’ QuikSecure Security and Vulnerability Assessment offerings. This QuikSecure PAT offering has been scaled, and priced, appropriate for the Medium Business market space.

For more information on Razorpoint Security Technologies, please view their web site at www.razorpointsecurity.com, email them at sales@razorpointsecurity.com, or call 212.744.6900. Or, contact your QTS Account Manager.

Visit www.QTSnet.com for company information.

QUIKSECURE TIP OF THE MONTH

Each month, we now provide a security recommendation to our QuikNews readers based on content from our recent QuikSecure Security Assessments. One of these reports typically includes 100-200 specific recommendations such as this, but we’re providing some “free advice” here to our readers.

ISSUE – Is scripting (ASP, Perl, etc.) enabled on your web servers?

IMPACT – Server-side scripting can expose a web server to a range of vulnerabilities, as scripts can potentially be modified and the server caused to perform unintended tasks. Script vulnerabilities can be exploited.

RECOMMENDATION – Disable scripting unless is it necessary for your specific application(s). Make the scripts directory read-only if scripts are necessary.

PATCHES & UPGRADES

Call the Customer Support Center to have us apply QTS-standard patches and keep your systems current. The following patches have been recently released and are generally recommended by QTS:

* Microsoft Windows Small Business Server 2003 Service Pack One;
* New Security Updates are available in July for Symantec ESM, Symantec Gateway Security, Symantec Network Security, Manhunt, Intruder Alert, Host IDS, and Vulnerability Assessment.

Also, please click here for applicability of Microsoft Security Bulletins to the products in use at your environment. Contact your QTS Account Manager if you would like our Customer Support Center to monitor these bulletins for you and advise with recommendations for your environment upon release of new bulletins.

Note that Microsoft has moved to releasing security patches on the second Tuesday of each month, starting last November. New Security Updates to Windows and Office are available, and recommended.

Symantec (formerly Norton) Antivirus Corporate Edition signature files are currently at version 70728p (7/28/2005). CA eTrust Antivirus 6.x/7.x signature files are currently at version 23.69.101 (7/28/2005). McAfee VirusScan / NetShield signature files are currently at version 4545 (7/28/2005). Trend Micro signature files are currently at version 2.749.00 (7/27/2005). Please keep your antivirus signatures, and your scan engines, current! If you do not have your system set up to automatically distribute updates from your server to your PCs, please call your QTS Account Manager or the Customer Support Center.

Some patches can cause problems, especially in combination with other software programs or patch levels. Please talk to us to verify whether we see any possible problems in your environment before patching your systems independently. We make best efforts to test patch combinations but cannot guarantee compatibility between software and hardware manufacturers’ products.

Back to Top

PRODUCT SUPPORT LIFECYCLE WATCH

The following products are pending “end of life” status by their manufacturers, and therefore customers should be planning for system upgrades or replacement.

* Windows NT Server 4.0 reached the end of its supported lifespan on 12/31/04.
* Novell ZENworks for Desktops 3.2 support ended on 5/31/05.
* Novell NetWare 4.2 reached end of life on 6/1/05.
* Novell NetWare 6 will reach end of life on 11/1/05.
* Citrix MetaFrame 1.8 reached end of maintenance on 6/30/05 and will reach end of support on 12/31/05.
* Microsoft Exchange Server 5.5 support ends on 12/31/05.

Please remember that end of life for a product does not only impact that product, but also other products that interact with it. For example, end of life status for an operating system means that no new software products that are released will run on that operating system, as the manufacturers will no longer receive support from the operating system vendor.

SOLUTION SPOTLIGHT:
Microsoft SharePoint Portal Server 2003

Microsoft Sharepoint Portal Server is a robust collaborative technology to help organizations work better together. Whereas Windows Sharepoint Services (which is free) provides businesses running Windows Server 2003 with a pre-built, basic collaborative website for sharing documents, schedules and other collaborative information, Sharepoint Portal Server (a pay-for product) extends this functionality significantly.

Sharepoint Portal Server acts as a portal, providing users with a customizable point of access for network resources. Because Sharepoint leverages Microsoft's Web Part technology, it is very easy to "snap in" additional Web Parts from Microsoft and third party vendors, or to build your own. Sharepoint Portal Server also provides robust full text search capabilities across selected resources - Windows Server shares (including PDF files), Exchange and Lotus Notes databases, and SQL Server databases (while maintaining security within these systems). Finally, Sharepoint incorporates document management, leveraging a publishing metaphor, to facilitate the document production and approval cycle (and Sharepoint can be integrated with Content Management Server for even more robust functionality).

Sharepoint Portal Server can be implemented in an Intranet context, or as an Extranet to facilitate sharing of data with outside parties.

*For more information, click here.

Back to Top

SPECIAL OFFERS

MICROSOFT MID-MARKET NETWARE MIGRATION PROMOTION – EXTENDED!
Microsoft is offering medium business customers who purchase Windows Server 2003 to migrate from NetWare a rebate of $600 toward partner services for every Server + 50 CALs purchased, to a maximum of 25 redemptions. Contact your QTS Account Manager for more details.

SYMANTEC COMPETITIVE TRADE-UP
Symantec is offering customers who “trade in” qualifying competitive firewall/IDS products a credit toward the purchase of Symantec Gateway Security (SGS) firewall appliance or Symantec Network Security (SNS) Intrusion Protection System. Contact your QTS Account Manager for more details.

CISCO ACCESS ROUTING TECHNOLOGY MIGRATION PROGRAM
Cisco is offering customers who “trade in” their old Cisco routers credits toward the purchase of newer Integrated Services Routers and Multiservice Access Routers. This promotion ends on July 31^st, 2005. Contact your QTS Account Manager for more details.

CISCO IP COMMUNICATION COMPETITIVE MIGRATION PROGRAM
Cisco is offering customers who “trade in” competitive IP telephony and PBX phone systems credit toward the purchase of Cisco IPT gear. This promotion ends on July 31^st, 2005. Contact your QTS Account Manager for more details.

QUIKNEWS ARCHIVES
For access to past issues of QTS QuikNews dating back to January 2001, click here.

SUBSCRIPTION INFO

This newsletter is distributed to QTS clients, recent contacts, and "friends of QTS." We respect your privacy and never share your contact information with others.

To Comment on this newsletter, send an email to QuikNews@QTSnet.com.

To Remove yourself from this mailing list please send a reply to this message with the word UNSUBSCRIBE in the subject field, or contact your QTS Account Manager.

To Subscribe to this Newsletter, go to http://www.qtsnet.com/contact/QuikNews.htm.

To View an archive of QTS QuikNews newsletters, please visit http://www.QTSnet.com/stayinformed/QuikNews/QuikNews_Index.htm.

Quality Technology Solutions, Inc.
201 Littleton Road, 2^nd Floor
Morris Plains, NJ 07950

Tel: (973)984-7600
Email: QuikNews@QTSnet.com
Web: www.QTSnet.com

This site last updated 07/29/05
© 1999 Quality Technology Solutions, Inc.
201 Littleton Road, Morris Plains, New Jersey 07950
telephone: 973.984.7600 fax: 973.984.7650
email: info@qtsnet.com