Interested in a companion to Microsoft SCCM that improves the way you support your far-flung users and machines?
Windows Administrators use System Center Configuration Manager (SCCM, previously ConfigMgr or SMS) to manage dozens or hundreds of remote desktops, laptops, and servers far-throughout their network. In addition, SCCM offers some remote control, access, and support features above and beyond what's offered by simple RDP and command-line controls.
Like SCCM, SolarWinds' DameWare offers remote control, access, and support capabilities. However, DameWare adds functionality that helps SCCM users save time and do more with less.
Though built-in VNC capabilities, DameWare ALSO allows you to control your Linux and Mac machines from the same console you use to control Windows machines.
Tax day got you down? Here's a free offering that ought to cheer you up: after a short hiatus an all-new Free Edition of our popular Kiwi Syslog Server will be returning next week!
As in previous releases, the Free Edition will allow you to collect syslog messages and SNMP traps from multiple devices. It can write the collected logs to disk, split by priority or time of day, or display them in one of up to ten different viewers. Message statistics will be available in the management console and may be sent in a summary email once a day. A source limit of five devices will be placed on the Free Edition, but these five sources can be of any type that sends syslog messages via UDP or TCP, or emits SNMP traps.
The Commercial Edition will be an unlimited edition that will add monitoring, retention, automation and web administration functionality. It will improve log organization by allowing you to split up your logs by device, functional role or message contents, and then will help you implement your log retention policy with automatic grandfathering and clean-up rules.
The link below will take you to the all-new Free Edition. This link will go live by 5:00 PM (CDT) on April 23, 2013.
(Hint: click the link - may be a 404 - but then BOOKMARK it for next week!)
Need to transfer files securely from your Mac? All you really need is Safari and the web transfer interface on a Serv-U Server. That lets anyone sign on with a web browser to upload and download files. In addition, Serv-U supports non-Safari browsers, built-in file transfer utilities, and third-party FTP clients on Mac OS X. Read on to learn more!
Your favorite Mac OS X web browser can be used to transfer files as well as to work with and edit files and folders.
Using Mac OS X's FTP/S Finder Support
Using Mac OS X'x SFTP Command-Line Client
Download the Serv-U FTP Server free for 30 days with our free trial, or head over to our Serv-U online demonstrations server to try Serv-U's web, FTP, FTPS or SFTP interfaces without installing Serv-U.
Microsoft's official "end of support" date for Windows XP is coming up on April 8, 2014 - just one year from today. Meanwhile, the percentage of computers running Windows XP continues to drop, but is still about 20% of all desktops and laptops, according to StatCounter.
If you count yourself among the Windows administrators and help desk professionals responsible for supporting Windows XP computers or end users running Windows XP, you may want to take a quick look at SolarWinds's DameWare software. DameWare's Remote Support edition provides both unattended remote system access and end user screen sharing in a single package. It can use RDP, but also offers its own optional single-port protocol that is often useful if your environment runs firewalls between the computers and end users you need to support. Unlike native Remote Console capabilities which vary between operating systems, DameWare also behaves consistently on Windows XP, Windows 7 or any other Windows OS, providing universal support for multiple monitors, simultaneous sharing sessions and other "must have" features in a remote access package.
If you rely on a Huawei router or firewall configuration, you can use Kiwi Syslog Server to monitor and archive network activity. Read on to learn how.
Syslog is a standard used to log and route messages like router connection messages and firewall warnings in an IP network. The syslog standard promotes efficient management of enterprise systems by integrating log data of events occurring on computer systems like UNIX and Linux collected from a wide array of sources, including network devices, routers, and firewalls. Each computer involved will send small text-based messages known as syslog messages to a dedicated syslog server every time an event is generated. The syslog server then saves the received messages in a log file. Because syslog is supported by a wide variety of routers, firewalls, applications and operating systems, syslog servers are often used to collect, monitor and archive logs from many different machines - often the entire network!
Kiwi Syslog Server provides an easy-to-install, easy-to-maintain solution for collecting, monitoring and archiving syslog messages, SNMP Traps and Windows event log messages. It installs on a Windows machine and runs as a service for unattended 24/7 operation. It can listen to almost all types of syslog traffic from basic UDP messages to secure TCP streams. Upon receiving messages, it can display them to a local GUI or (in the commercial version) to a Web console. It can also read incoming messages and react to them. Finally, it can write incoming messages to disk and will then automatically manage (i.e., "age" or "grandfather") the resulting log files.
More to the point, Kiwi is often installed by sysadmins who need to "just store the logs" for auditors or corporate requirements, and who then want to get notified of certain events or when certain routers make noise.
Huawei offers two different router series: AR and NE routers. The AR router series is designed to meet the demands of a wide variety of industries, with high flexibility, agility, security and reliability. These are lower network cost routers that are easy to maintain. The NE series routers are high-end solutions meant for telecom data communication networks, and can be deployed as a P/PE router in IP core and metro networks.
After authenticating to a typical Huawei NE router, just two commands are generally needed to start logging to a remote syslog server. The first turns logging on. The second tells the router where to send the logs, which "facility" to use, and which language to use.
info-center loghost 10.16.1.100 facility local4 language english
You should plan to change the IP address - set that to the machine running Kiwi Syslog. You may also want to change your "facility" value, shown as "local4" above. (It's common for firewalls to use "local4" and routers to use "local7," but you may set these values as you wish.)
After you download and install Kiwi Syslog, its default settings will begin looking for syslog messages that are sent to UDP port 514. As long as you entered the IP or hostname of your Kiwi Syslog server in your Huawei router, you should be able to receive Syslog messages immediately. (If you cannot see any messages, make sure there are no firewalls, routers or OS-level firewalls blocking Syslog access between your Huawei router and your Kiwi Syslog server.)
The Kiwi Syslog server features advanced collection options and specific security options such as TCP. The server also provides advanced options for monitoring and archiving, including the ability to write each router's logs to their own files and implement automatic clean-up after a period of X days.
Get even more specific Kiwi Syslog tips in the Kiwi Syslog Space on thwack, SolarWinds' community and forum.
End users' attraction to Google Drive is built on one key concept: "I can access my files from anywhere." End users who have been paying attention in your security training also like the fact that all connections to Google Drive are secured with HTTPS.
However, Google Drive, er, drives IT administrators nuts because it encourages people to send critical business documents to an untrusted provider. This isn't just paranoia - it's actually baked into Google's terms of service (TOS).
According to the TOS, Google will not take away any "intellectual property rights" your business claims on its own files. However, the same TOS permits Google to "use...reproduce, modify, create derivative works, communicate, publish, publicly perform, publicly display and distribute such content." $100 says that's not the same policy you offer on your SAN storage.
1) Install Serv-U MFT in your data center, private cloud, or other system under IT's control. (Did we mention it can run on Windows or Linux?)
2) Point Serv-U MFT to your Active Directory. This allows your employees and contractors to authenticate using their existing credentials and saves you the trouble of having to duplicate their accounts on Serv-U. (You can also create additional Serv-U accounts for customers and partners without accounts on Serv-U.)
3) Point Serv-U MFT to your primary NAS or other shared storage (often, wherever you keep your users' home folders or corporate documents). This allows people to securely access the same material they would in the office from anywhere in the world.
4) Instruct your users to connect to "https://yourserver/" using the browser, tablet or mobile device of their choice. After they sign on with their usual credentials, your users will be able to work with the same files they use in the office.
In yesterday's Dark Reading, security researcher Bruce Schneier took a swipe at security training:
"If four-fifths of company employees learn to choose better passwords, or not to click on dodgy links, one-fifth still get it wrong and the bad guys still get in."
It's not every day that I disagree with the author of Blowfish, but this is one of those days.
The result of a security lapse is often a mass send to an address book, the installation of a "crapware" toolbar, or another annoying but non-fatal result. Several factors help explain why this is.
What do end users complain about constantly? "My desktop/Internet/laptop/network is S-L-O-W!" My suggestion? The next time you remote in and "fix the slowness" by undoing their security mistakes, show them how keeping their computer free of crapware and toolbars (which they get from questionable sites and emails) will keep things running well.
In a classroom setting, advice like this may go in one ear and out the other. But a one-on-one while you're fixing a relatively minor problem may keep that user from being "that guy" who clicks on the link that introduces a virus or trojan down the line.
Let's face it: no one wants to be "that guy," and a great way to become "that guy" is to have your email used for a spam campaign, have a NSFW toolbar added to your browser, or lose control of your home page. If someone in your department/floor/team becomes "that guy", office gossip alone alone encourages self-education (e.g., "how can I avoid what was he doing?") because no one else wants to be "the next guy." This means that if you've trained ANY percentage of your users, you'll already have local experts on teams working to train their fearful coworkers whenever a local (and usually non-fatal) security lapse occurs.
In the binary world of bits and bytes, it's tempting to strive for zero-tolerance policies like "train them all or nothing is safe." But the whole concept of risk-based security is based on the simple fact that an organization can never be completely secure. Like AV, regular patching, and network monitoring, user training remains one of the best practices organizations can use to mitigate risk. More training is better, but failing to reach a handful of users should not be fatal as long as you've implemented additional security controls.
What do you think - is security training worthless if you only reach 4 out of 5 people? (Tell us in the comments below!)
Just in case you missed it, March was a busy, busy month at SolarWinds. We released two new products: Alert Central to coordinate the handling of notifications from your many systems, and Network Topology Mapper to help you see what's on your network. (And maybe find a few things you didn't expect!)
On top of that, we also released a new version of Kiwi CatTools, our reliable router configuration management tool. Like other releases, CatTools version 3.9 fixes a number of bugs and adds device support (especially for MicroTik). This release also updates CatTools with SolarWinds licensing so you can manage your CatTools licenses using the same portals and procedures as you use to manage all your other SolarWinds licenses.
Even as we continue to develop Kiwi CatTools, work continues on Kiwi Syslog Server as well. Expect some additional announcements about this popular log collection, monitor, and archive utility product in April.
A recent survey asked one hundred IT administrators what "lunch out" meant. The top three answers were:
OK, the survey's a fake, but too many of us still think that leaving the building during working hours is dangerous. Fortunately, there is a new generation of "mobile ready" (if not "mobile first") applications to help us with that.
One of those applications is SolarWinds' Serv-U MFT Server, which ships with an iPad-optimized administrative interface. This Web console launches using iPad's built-in Safari Web browser and lets us:
...All on your secure file transfer server from anywhere, at any time. (And did I mention it uses firewall-friendly, secure HTTPS?)
Two interesting "DameWare on Windows 8" events happened recently so we thought we'd share.
#1: Windows 8 Downloads "Editor's Pick" Award
Yes, ANOTHER DameWare award. Right after our fourth consecutive win as WindowsNetworking.com's best remote control software, we learned that Windows8Downloads.com checked our Windows 8 compatibility, and then awarded us their "Editor's Pick" award in the "Network & Internet > Remote Computing" category.
#2: YouTube of DameWare on Microsoft Surface Pro (Running Windows 8)
Last week mobile device enthusiast "jimmyyen101" put together a two-minute YouTube video showing DameWare in action on a Microsoft Surface Pro running Windows 8.
Your Experiences with DameWare on Windows 8
Have you worked with DameWare on Windows 8 yet? If so, please tell us how it's going in the comments below. If not, give it a try today.
The PCI Security Standard Council finally released its PCI DSS Cloud Computing Guidelines this month, and the Guidelines are not kind to Platform as a Service (PaaS) solutions, or to Software as a Service (SaaS) solutions that behave like PaaS. In the document, the Council stuck to the usual definition of IaaS (Infrastructure as a Service), PaaS and SaaS, but it opened its dreaded "in scope" umbrella widest over PaaS.
The following chart, adapted from the Guidelines, uses three colors to indicate whether it is the client's responsibility, the cloud service provider's responsibility, or both parties' responsibility to prove compliance to each of the twelve PCI DSS requirements.
Shared responsibility for PCI DSS compliance (i.e., "Both") extends across 11 of the 12 possible requirements for PaaS, 9 of 12 for IaaS and 4 of 12 for SaaS.
PaaS solutions are particularly thorny from a security auditor's perspective because both the CSP and client contribute code, scripts or workflows that govern the movement and processing of data. For example, a PaaS solution could have a base SaaS application that handles contact information plus a PaaS layer (e.g., Web services) that allows clients to integrate into their backend systems.
IaaS solutions have several shared areas of responsibility, but the lines of delineation between client and cloud service provider are clear from a security auditors' perspective. For example, requirement #1 (firewall) could be broken up into a "Do you have a secure firewall?" question posed to the CSP, and a "Do you have a secure set of firewall rules?" question posed to the client.
SaaS solutions have the fewest number of shared areas of responsibility, but almost any degree of integration,such as centralized authentication or automated data transfer, threatens to convert a SaaS solution into a PaaS solution in the eyes of a security auditor. In fact, the Guidelines include special discussion of "Hybrid Clouds" and other common deployment models that blur the lines between SaaS and PaaS.
SolarWinds® software, including Log & Event Manager, Firewall Security Manager, DameWare® Remote Support, and Serv-U® Managed File Transfer (MFT), is frequently deployed on top of IaaS to provide PCI DSS compliant solutions. SolarWinds software is also often used to power, monitor or manage industry- and workflow-specific SaaS solutions from leading vendors and on-premises installations around the world. Additional information about how SolarWinds helps organizations of all sizes achieve PCI DSS compliance can be found below.
My favorite customer quote of the week:
"DameWare is RDP on steroids."
A conversation with a new remote support user yielded this gem as the three-person IT team leader described how he could do more faster with DameWare than he ever could with Windows RDP alone. Other quotes I found myself jotting down:
How would you would answer this? "DameWare is..."
Let us know in the comments below!
Apparently, security is not your job after all.
In a recent security survey we asked more than a hundred IT administrators and other professionals about their roles and attitudes toward computer and network security. Not surprisingly, almost all IT pros (86%) said that they are responsible for securing IT. However, only about one in fifteen (7%) said that security was their full time job!
Q) What's the main conclusion?
A) Most of the people companies depend on to enforce IT security policies have conflicting priorities and resources, not the least of which is the length of the average IT day.
Q) What else can we conclude?
A) When offered the choice between "secure and hard" and "secure and easy," IT pros will pick "whatever checks the box and gets me out the door by dinnertime" almost every time.
Fortunately, SolarWinds has a number of easy-to-use products that secure networks, secure computers, and avoid the hassles and meetings that keep everyone working too late. Three of them are:
Are you one of the 79% of IT pros responsible for computer security as part of your overall job (but not your full time job)? Are you part of a small shop where security is no one's full time job? We'd love to hear from you in the comments below!
Fortunately, the scope of the Lucky 13 attack appears to be limited to TLS cipher suites that include CBC-mode encryption. Unfortunately, those suites are very common and usually on by default.
In this case, just look for the SSL ciphers that include "CBC" and uncheck them.
If you check Serv-U's "Enable FIPS 140-2 mode" checkbox, the "Advanced SSL Options" panel disappears. Behind the scenes, Serv-U disables all ciphers except SHA ciphers using AES (AES256-SHA and AES128-SHA) and Triple DES (DES-CBC-3SHA). Note that the Triple DES cipher uses CBC. In other words, if you want to retain fine control over your data in motion ciphers, you will need to leave the "Enable FIPS 140-2 mode" box unchecked.
Today we were thrilled to learn that DameWare Remote Support earned a 5-out-of-5 star rating from Soft82.com. The award comes just two week after DameWare was first listed on the site, and one month after DameWare was recognized as the top remote control application in WindowsNetworking.com's Reader's Choice Awards.
"As a system admin, I cannot imagine life without DameWare," wrote Dave from Kansas in a recent online review. "I found it 10 years ago and it never leaves my side. I've bought a copy for every employer I've ever been with. For as much multi-tasking as I do, it really helps not having to get up and physically touch each machine I have to work on."
To report YOUR experiences with DameWare (or other awards we may have missed), please let us know in the comments below. Or, if you are new to our award-winning remote control software, download DameWare and start your free trial today.