Proactive Monitoring
Introduction
Proactive monitoring is a term you get to hear more and more from system administrators. These days it's not enough to know how to troubleshoot problems when they occur. System administrators who know how to closely monitor servers and services when they are working fine are those who are able to prevent problems before they happen.
This article provides an overview of the Microsoft products and technologies you can use to help proactively monitor your IT environment.
Full article:
Microsoft TechNet
Trustworthy Administrators
by
Steve RileySr. Program Manager
Security Business and Technology Unit
Do you trust your administrators? That seemingly innocent question creates a serious dilemma in the minds of a lot of people. While we all know what we’d like the answer to be, the disappointing fact is that, increasingly, the true answer is the opposite. This became apparent in discussions I had with many attendees at TechEd US in May—there is genuine concern about the trustworthiness of administrators.
Consider the following example. A small high-tech organization based in southern California suddenly realizes that most of its intellectual property, stored on a SharePoint cluster, is gone. Not just erased: it’s as if the information had never existed. After some forensic analysis they discover that a logic bomb programmed to destroy data had been placed in the SharePoint cluster by none other than the disgruntled enterprise administrator. Why? This particular administrator learned, by reading confidential emails, that he was going to get laid off. So in retaliation he cobbled up the disastrous logic bomb, put it on the cluster, and walked out the front door (probably with a stupid grin on his face that no one gave a second thought about). The bomb dutifully followed its devastating instructions and began systematically wiping out disk clusters late at night on a Friday. And, of course, the victimized organization had no backups. It was only through recovering archived copies of documents in the email inboxes of several employees that the organization was able to reconstruct the bulk of its intellectual property—and avoid being driven completely out of business.
Do you trust your administrators?
Read full article:
Microsoft TechNet: Security Management columns
To make it as easy as possible for customers to maintain the security and stability of their Windows 2000 systems, Microsoft has released an Update Rollup for Windows 2000 Service Pack 4 (SP4). Windows 2000 SP4 customers are encouraged to install this update.
The Update Rollup contains:
- All security updates produced for Windows 2000 between the time SP4 was released and April 30, 2005, when the contents of the Update Rollup were finalized for testing by Microsoft.
- A number of updates that help increase system security and reliability, reduce support costs, and support the current generation of PC hardware.
No Future Service PacksMicrosoft believes the Update Rollup meets customer needs more effectively and with less disruption than a new service pack, and there will be no Service Pack 5 (SP5) for Windows 2000. SP4 becomes the final service pack for Windows 2000.
Related Links:
MBSA is an easy-to-use tool designed for the IT professional that helps small and medium businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems.
New Features found in MBSA 2.0:
- Severity Ratings
- Locally and remotely scan for Office XP or later security updates
- Added guidance for locating updates and necessary actions
- CVE-IDs for supported updates
- Improved help content
- Windows Server Update Services compatibility
- Automatic Microsoft Update registration and agent update
- Support for detection of updates on 64bit Windows and Windows XP Embedded
Source: Microsoft Baseline Security Analyzer 2.0More information: Microsoft TechNet