NETWORK WORLD NEWSLETTER: DAVE KEARNS ON WINDOWS NETWORKING TIPS
06/08/05
Today's focus: FullArmor aims to enforce security without
compromising ease of use
Dear networking.world@gmail.com,
In this issue:
* FullArmor releases IntelliPolicy for Clients 1.5
* Links related to Windows Networking Tips
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Hewlett Packard
Choosing the Best Architecture
Learn how controller-based architecture for tape libraries best
meets reliability and interoperability requirements in
enterprise storage area networks. Details include how the
introduction of the HP StorageWorks Extended Tape Library
Architecture defines the next generation of tape libraries in
enterprise SAN environments. Download the white paper now!
http://www.fattail.com/redir/redirect.asp?CID=106219
_______________________________________________________________
SANs, NAS, VIRTUALIZATION AND MORE
NW's Research Center on Storage allows you to quickly find the
enterprise storage information you need. Whether your quest is
for information on Storage Management, Storage Compliance, SANs,
NAS, Virtualization or the latest enterprise storage trends -
find breaking news, case studies, white papers, commentary,
reviews and more on NW's Research Center on Storage. Click here:
http://www.fattail.com/redir/redirect.asp?CID=106050
_______________________________________________________________
Today's focus: FullArmor aims to enforce security without
compromising ease of use
By Dave Kearns
FullArmor last week announced the latest version of its policy
management product IntelliPolicy for Clients 1.5. The release
addresses one of the thorniest security issues for Windows
administrators: how to create secure desktop configurations that
reduce vulnerabilities without impacting end-user productivity.
A new feature of IntelliPolicy allows you to control privileges
on an application-by-application basis by extending Microsoft's
Group Policy infrastructure. As we all know, a machine with
administrator privileges can bring down an entire network.
However, most legacy applications need administrator rights to
function. That's the dilemma many organizations are facing
today.
IntelliPolicy allows IT departments to assign appropriate
privilege levels to individual applications on a user-by-user
basis. It can also throttle back rights for applications like
Outlook and Internet Explorer that should never have elevated
privileges. IntelliPolicy also automates policy configuration
and enforcement for Outlook e-mail clients and administrator
password management. For all I know it might even sweep the
floor and wash the dishes.
Security and ease of use have always battled, with users and
management who clamor for easier to use networks and
applications - until something bad happens. Then it's your fault
because you were too lax in enforcing security.
<aside> For an entertaining, yet informative and even
frightening look at security issues, see "Why Your Security
Investigation Is Going To Fail" (
<http://www.networkworld.com/nlwnt2430> ). I especially like
reason No. 4 - "Your support from management can be summed up as
'we need better coffee in the breakroom - can we let another
security staffer go?' " </aside>
As FullArmor explains it, "Microsoft Windows provides three
categories for assigning user privileges: local administrator,
power user, and user. Since local administrator accounts have
complete control to modify configurations and install software,
a machine with these powerful capabilities could quickly bring
down a network in the event of a malware or worm infection.
"To reduce security vulnerabilities associated with applications
that require local administrator privilege to operate on Windows
clients, IntelliPolicy for Clients allows IT departments to
assign elevated rights to an application, but not to its users.
This enables the application to function properly without
exposing local administrator rights and management powers to
business users."
To ensure that these settings remain the way you set them, and
to meet audit and policy compliance requirements, IntelliPolicy
for Clients can automatically change the local administrator
password on all the machines in an enterprise at user-defined
intervals, and it does this while never exposing administrator
passwords in clear text. This unattended reset mechanism keeps
local administrator password settings in compliance with policy
without any user intervention.
Looks like we may be able to get a handle on this whole security
thing while still allowing users the ease-of-use they think they
need.
______________________________________________________________
To contact: Dave Kearns
Dave Kearns is a writer and consultant in Silicon Valley. He's
written a number of books including the (sadly) now out of print
"Peter Norton's Complete Guide to Networks." His musings can be
found at Virtual Quill <http://www.vquill.com/>.
Kearns is the author of three Network World Newsletters: Windows
Networking Tips, Novell NetWare Tips, and Identity Management.
Comments about these newsletters should be sent to him at these
respective addresses: <mailto:windows@vquill.com>,
<mailto:netware@vquill.com>, <mailto:identity@vquill.com>.
Kearns provides content services to network vendors: books,
manuals, white papers, lectures and seminars, marketing,
technical marketing and support documents. Virtual Quill
provides "words to sell by..." Find out more by e-mail at
<mailto:info@vquill.com>
_______________________________________________________________
This newsletter is sponsored by Hewlett Packard
Choosing the Best Architecture
Learn how controller-based architecture for tape libraries best
meets reliability and interoperability requirements in
enterprise storage area networks. Details include how the
introduction of the HP StorageWorks Extended Tape Library
Architecture defines the next generation of tape libraries in
enterprise SAN environments. Download the white paper now!
http://www.fattail.com/redir/redirect.asp?CID=106218
_______________________________________________________________
ARCHIVE LINKS
Breaking Windows networking news from Network World, updated
daily: http://www.networkworld.com/topics/windows.html
Operating Systems Research Center:
http://www.networkworld.com/topics/operating-systems.html
Archive of the Windows Networking Tips newsletter:
http://www.networkworld.com/newsletters/nt/index.html
_______________________________________________________________
FEATURED READER RESOURCE
CALL FOR ENTRIES: 2005 ENTERPRISE ALL-STAR AWARDS
Network World is looking for entries for its inaugural
Enterprise All-Star Awards program. The Enterprise All-Star
Awards will honor user organizations that demonstrate
exceptional use of network technology to further business
objectives. Network World will honor dozens of user
organizations from a wide variety of industries, based on a
technology category. Deadline: July 8. Enter today:
<http://www.networkworld.com/survey/easform.html?net>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2
International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES
To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>
To unsubscribe from promotional e-mail go to:
<http://www.nwwsubscribe.com/Preferences.aspx>
To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>
Subscription questions? Contact Customer Service by replying to
this message.
This message was sent to: networking.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________
Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>
Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772
For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>
Copyright Network World, Inc., 2005
No comments:
Post a Comment