Re: Thank You - 12 Companies 1 Server
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa_at_pacbell.net)
Date: 11/28/04
- Next message: Mariette Knap [SBS MVP]: "Re: SBS standard... can I host multiple websites?"
- Previous message: Merv Porter [SBS-MVP]: "Re: edb.log file error"
- In reply to: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Thank You - 12 Companies 1 Server"
- Next in thread: Bill: "Re: Thank You - 12 Companies 1 Server"
- Reply: Bill: "Re: Thank You - 12 Companies 1 Server"
- Reply: Joe: "Re: Thank You - 12 Companies 1 Server"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 28 Nov 2004 12:12:38 -0800
Do you consider regular maintenance on your car "normal".. fill it with
gas and oil?
That's what patches are. Maintenance.
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:
> Patches are not "extreme" cases. Patches are normal. We take an
> operating system built a year or so ago and face new security threats.
>
> You cannot have a static Operating system be prepared to face the
> security risks that change on a regular basis.
>
> Sign up for a security vuln listserve and we're not going to get rid of
> patching as long as humans want to constantly figure out some obscure
> way to screw stuff up and then post it to the full disclosure listserve.
>
> A year ago we never had SMTP auth attacks and reverse NDR attacks and
> yet we do now [mind you there's no patch for those as all mail servers
> stupidly follow the industry standard RFCs that say you must accept mail.
>
> When you have Shalvik or SUS [soon to be WUS] patches are no big deal.
>
> I consider it a reminder to inventory my network monthly.
>
> Patches are getting better. As a person who has seen the evolution over
> the last three years... we have a long way to go.. we have come a long
> long way.
>
> Bill wrote:
>
>> Patches should only be necessary in EXTREEM cases - you make it sound
>> like its a NORMAL thing to do with your examples!
>>
>> If you have 1 PC and its screwed up.... no big deal (unless you happen
>> to be
>> guy who owns it)
>> If you have 5 people or 10 or 20 or 30.... it does become a big deal.
>>
>> I guess we won't ever agree on that one :-)
>>
>> To the best of my knowledge I am not Anti-Microsoft or anyone for that
>> matter
>> *** LIVE & LET LIVE ***
>>
>> However, my adventure with Novell's Netware has only just started - I'll
>> report the negatives too!!
>> None so far - wait its only been a couple of weeks
>> I do however feel USB support on Netware is lousey
>> ...and writing to CDRW or DVDRW is not supported - both these are useful.
>>
>> Yes there are regular patchs - but all the signs are these not as
>> frequent
>> as MS
>>
>> I'm here again today because I've got DHCP problems with my SBS.
>>
>>
>> "Dave Nickason [SBS MVP]" <gwdibble@nospam.frontiernet.net> wrote in
>> message
>> news:OAvPXqX1EHA.3336@TK2MSFTNGP11.phx.gbl...
>>
>>> IMO patching is not the big deal it used to be when patches came out all
>>
>>
>> the
>>
>>> time, and we didn't have good sources for patching information. At this
>>> point, the need to patch would not be a factor in my decision to buy or
>>
>>
>> not
>>
>>> buy a product. It seems to me that I spend maybe a half hour per week
>>> reading about the topic, which I would have to do regardless of what
>>
>>
>> server
>>
>>> OS I was running. For desktops, I have SUS, which is free and easily
>>> installed. I spend 5-10 minutes per month on "patch day" approving
>>
>>
>> updates,
>>
>>> which are then deployed to the desktops without my further intervention.
>>
>>
>> I
>>
>>> also probably spend another minute or two occasionally checking SUS to
>>
>>
>> make
>>
>>> sure it hasn't found any mid-month updates that otherwise escaped my
>>> attention. For servers, I'm aware of the updates because of SUS, and I
>>> manually apply them to the servers at the end of the workday or on a
>>> Saturday - maybe an hour per month at most to patch the SBS and two
>>> other
>>> Windows servers.
>>>
>>> So I'm guessing I spend a total of 2 hours per month on patching.
>>> This is
>>
>>
>> a
>>
>>> far cry from the days of going from workstation to workstation
>>> logging in
>>
>>
>> as
>>
>>> admin and running WU or patching manually. I remember spending a day or
>>
>>
>> two
>>
>>> per month trying to keep two dozen workstations up to speed on
>>> patches, or
>>> having a "critical update" release just as I finished deploying the last
>>> one, but those days are well behind me now. At this point, I view
>>
>>
>> patching
>>
>>> as I do oiling the shredder or changing toner - every product in the
>>
>>
>> office
>>
>>> takes a certain amount of maintenance. Why should the computers be any
>>> different? And we get significantly more functionality from our
>>> well-patched and well-running SBS network than we do from our well-oiled
>>> shredder.
>>>
>>> We're lucky in our SBS-sized networks that patching does not have to
>>> be a
>>> big deal. It's not like we're supporting thousands of desktops, or
>>> (most
>>
>>
>> of
>>
>>> us) custom business apps that require weeks of testing before a patch
>>> can
>>
>>
>> be
>>
>>> deployed. We have resources available to us at little or no cost, that
>>
>>
>> take
>>
>>> most of the work out of patching.
>>>
>>> It seems to me that most of the groaning about patches comes from
>>> someone
>>> with an anti-Microsoft or anti-<whatever product> agenda, rather than
>>> from
>>> any real burden of patching one product over another. I take my
>>> vitamins,
>>> get my oil changed, change the furnace filters, patch the network -
>>> no big
>>> deal.
>>>
>>>
>>>
>>> "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@pacbell.net>
>>> wrote in message news:%235VVmVX1EHA.1192@tk2msftngp13.phx.gbl...
>>>
>>>> Guys/Folks.. the reduced need for patching?
>>>>
>>>> Apache?
>>>> MySQL?
>>>>
>>>> Look at the stuff on that box and it's needing as much patching as the
>>>> next operating system.
>>>>
>>>> Guys... if you think that you will need to patch less on an Apache web
>>>> site, I'm sorry to say that you are not seeing the vulnerability lists
>>
>>
>> out
>>
>>>> here.
>>>>
>>>> All that I ask is that everyone understands that ALL OS's need patching
>>>> and maintenance.
>>>>
>>>> Richard Throup wrote:
>>>>
>>>>> I would like to say Thank you ChriS / Bill for the Posts
>>>>>
>>>>> This post caught my eye and decided to do my own investigation.
>>>>>
>>>>> I was interested by several comments made:
>>>>>
>>>>> (1) Ease of installation
>>>>> (2) Reduced need for patching
>>>>> (3) Easy Multi-Server deployment (ie. the ability to split included
>>>>> applications to multiple boxes)
>>>>> The included 5 server licenses are just a BONUS
>>>>>
>>>>> I am glad I followed up this and did as Chris suggested get an eval
>>
>>
>> copy
>>
>>>>> Almost everything Chris said was true BUT he forgot to mention one or
>>
>>
>> two
>>
>>>>> important things
>>>>>
>>>>> (1) Novell uses INDUSTRY standards and makes them work on Windows
>>>>> Microsoft modifyies and Basterdises these for its own gain
>>>>> I vote for INDUSTRY STANDARDS
>>>>
>>>>
>>>> SMTP RFCs includes some industry standards that are pretty insecure.
>>
>>
>> RFCs
>>
>>>> are the "be-all -end all"
>>>>
>>>>
>>>>> (2) iFolder - this is included as part of Novell Server software (not
>>>>> just
>>>>> SBS)
>>>>> Its a very useful technology enabling Files to co-exist in multiple
>>>>> locations
>>>>> We have 60+ users with Notebooks - I'm considering a Novell Server to
>>>>> "backup" data
>>>>> automatically for these users will be my first practical use of Novell
>>>>> Server. (I have notebooks
>>>>> configured already - takes 2-3 mins each!!!)
>>>>>
>>>>
>>>> It's called roaming profiles in MS.
>>>>
>>>>
>>>>> (3) BranchOffice Appliance - (we have 4 small branch offices)
>>>>> with this I can turn a simple PC into a "local server" linked to our
>>
>>
>> main
>>
>>>>> site for Mail, Backup
>>>>> The BranchOffice appliance hosts files locally (and synchronises these
>>>>> files
>>>>> to the main server),
>>>>> it also hosts the local PostOffice for mail again linked to the main
>>
>>
>> site
>>
>>>>> I've not fully deployed this yet, but looks excellent.
>>>>> The applience CD does its stuff almost automatically with only a
>>>>> couple
>>>>> of
>>>>> prompts.
>>>>>
>>>>> again Thanks Chris for giving me the courage and idea to look at this
>>>>> Novell
>>>>> stuff.
>>>>>
>>>>>
>>>>
>>>> --
>>>> http://www.sbslinks.com/really.htm
>>>> http://www.msmvps.com/bradley
>>>> https://www.ecora.com/ecora/jump/pm99.asp
>>>
>>>
>>>
>>
>>
>
-- http://www.sbslinks.com/really.htm http://www.msmvps.com/bradley https://www.ecora.com/ecora/jump/pm99.asp
- Next message: Mariette Knap [SBS MVP]: "Re: SBS standard... can I host multiple websites?"
- Previous message: Merv Porter [SBS-MVP]: "Re: edb.log file error"
- In reply to: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: Thank You - 12 Companies 1 Server"
- Next in thread: Bill: "Re: Thank You - 12 Companies 1 Server"
- Reply: Bill: "Re: Thank You - 12 Companies 1 Server"
- Reply: Joe: "Re: Thank You - 12 Companies 1 Server"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
