Re: SBS 2008 Protection - Microsoft or Trend?

Tech-Archive recommends: Fix windows errors by optimizing your registry

Whilst your arguments are largely true it remains a real strange ethical
thing to pay the company that provided you windows (with some unchecked
boundaries which enable the stack overflow in the first place to give an
example) again to secure the same thing they should have secured already :).

Also, if this team researches the stuff the entire time, why not patch
it right away.

Unfortunately it's much more complicated as not all viri use stack
overflows. Many use social engineering or other things and the
discussion takes a whole other road then. It doesn't take away the
ethical issue on the first though :).

Cliff Galiher wrote:
Inline:

-Cliff


"Leythos" <spam999free@xxxxxxxxxx> wrote in message
news:MPG.24302feff3609314989a45@xxxxxxxxxxxxxxxxxxxxxxx
It's never a good idea to use a vendor, for protection, that creates the
need for the protection in the first place.

Bah, this is an old wives tale. :)

MS didn't "create the need" for security. Hackers did. And MS is a big
enough company that separate teams rarely interact, often operate
completely independently, and in many cases, have different goals in
mind. Saying "don't by security from Microsoft because windows isn't
secure" would be like saying "don't buy Bioshock for Windws (a Games
Windows branded game) because Xbox 360s fail a lot. MS can't do games.
Games for Windows and the XBox team are very different.

Or "Don't buy OCS Server 2007 because Response point sucks"
(ResponsePoint doesn't suck BTW, but it was a handy example I could
think of) "so MS can't do voice." Again, very different products,
different teams, different goals. The Exchange team is focused on
making a messaging server. Although they do security testing, sometimes
buffer overruns or unintended uses of the protocol slip through. The
sharepoint team is focused on making a collaberation product. The
windows team is focusing on making the next OS.

The forefront team is focused on security. They are intentionally
trying to break the OS, Exchange, Sharepoint, and they are getting paid
to put extra time into these tasks. They are doing things that the
sharepoint time doesn't have time to do, or is getting paid to do, and
so realistically, I say treat each MS product *as its own business.*
Don't think of Microsoft as one big company, but a bunch of little
ones. Just like Newscorp owns Myspace, fox, and DirecTV (or did that
sale finally go through), the MS teams really do operate as such. I'm
not saying that Forefront should inherently be trusted...but let its
security record stand on its own. Don't dismiss it just because it is
an MS product. Forefront for Exchange, for example, (or Antigen) I
like. Forefront Client Security....still needs some work. Forefront
for Sharepoint...haven't tried it yet.

I would suggest that you use Symantec End Point Protection over Trend or
any other solution.

Hmm. The last time I tried SEPP on SBS 2k8, it broke. Runs fine on
SBS2k3 and on Win2k8, but SBS 2k8...not so much. Haven't tried in over
a month though. Can you confirm you've used this exact setup? Just
curious.

Personally I've been using the Onecare trials for now, until more SBS
2k8 surfaces. I loathe Trend that much.

I would also suggest that you place your network behind a REAL firewall
and have the firewall also filter HTTP, FTP, POP3, SMTP sessions for
removal of content and spam.

Unchallenged. :)
.

Relevant Pages

  • Re: SBS 2008 Protection - Microsoft or Trend?
    ... When you build a new house, do you call a security company separately just to avoid the contractor who's building your house? ... Windows continues to improve its out-of-box security, but it needs help, just like you need help securing your house with the products I listed above. ... The forefront team is focused on security. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2008 Protection - Microsoft or Trend?
    ... Saying "don't by security from Microsoft because windows isn't secure" would be like saying "don't buy Bioshock for Windws (a Games Windows branded game) because Xbox 360s fail a lot. ... I'm not saying that Forefront should inherently be trusted...but let its security record stand on its own. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2008 Protection - Microsoft or Trend?
    ... Since my first post was fairly long and addressed the ethics of an OS company providing security products, I decided to break out my reply to your second question in its own reply....and this one is quite a bit shorter. ... The security team that is responsible for the forefront products never "patches" windows at all. ... MS can't do games. ...
    (microsoft.public.windows.server.sbs)
  • Re: Kids CDROM Games Need Admin Rights?
    ... Limited accounts are prevented in Windows XP from making changes to files on ... the hard drive as part of the security measures. ... Microsoft Windows MVP ... > Need some help in getting some of the kids CDROM games to play under their ...
    (microsoft.public.windowsxp.games)
  • [NT] Cumulative Security Update for Internet Explorer (MS04-025)
    ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ...
    (Securiteam)