The older hardware is, the more likely that a failure and loss of productivity will occur,” warns Donald Hess, senior systems engineer at Entre Computer Services, a systems integrator based in Rochester, N.Y. “In general, a company can avoid big expenses by updating its servers every three years. If it waits five years, then there’s a big risk of being compelled to upgrade many components simultaneously.” Ouch.
If your servers are more than three years old, odds are they’re using as much as 200% more power than newer models. Add in the cost of support for aging machines and an upgrade could be a smart and cost-effective choice.
The most compelling reason to upgrade to Windows 2008 sooner rather than later is really at least half a dozen reasons, but they all add up to one thing: improved security. And just as the most important factor in buying real estate is location, in today’s interconnected IT world, the most important factor for most of us in selecting an operating system is security.
Here are some of Windows Server 2008’s new or improved security mechanisms:
- Network Access Protection (NAP) provides a way for administrators to exert more control over which computers connect to the network by checking for compliance with security policies and isolating those that don’t have the proper service packs and updates installed, antivirus and firewall software installed and enabled, proper configuration settings, and so forth.
- Read-only Domain Controller gives you a way to restrict the replication of the complete Active Directory database when deploying AD. This is useful when you need to run additional applications on a DC or it’s in a place that’s not physically secure, because changes can’t be made to the AD database through it.
- Federated Rights Management Services allows for better protection of sensitive data by integrating RMS with AD FS so companies with federated relationships can exchange protected files.
- BitLocker full disk encryption (also supported by Vista Enterprise and Ultimate editions) enables you to prevent unauthorized persons from booting into the server even if they have physical access.
- Secure Sockets Tunneling Protocol (SSTP) remote access VPN allows you to create an SSL VPN with strong authentication and transport-level security that will pass through firewalls that block PPTP and L2TP traffic.
- Improved certificate services offer enhancements such as support for enrolling routers and other network devices for certificates, health monitoring of CAs with PKIView, support for Online Certificate Status Protocol for better management of revocation information, and improvements to Web enrollment.
- These are only a few of the specific security mechanisms in Server 2008, which also includes the new Windows firewall first introduced in Vista, Windows Defender, service hardening, User Account Control (UAC), and more
The network is the entry point to your application. It provides the first gatekeepers that control access to the various servers in your environment. Servers are protected with their own operating system gatekeepers, but it is important not to allow them to be deluged with attacks from the network layer. It is equally important to ensure that network gatekeepers cannot be replaced or reconfigured by imposters. In a nutshell, network security involves protecting network devices and the data that they forward.
The basic components of a network, which act as the front-line gatekeepers, are the router, the firewall, and the switch.
Any software that covertly gathers user information through the user’s Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.
Spyware is similar to a Trojan horse in that users unwittingly install the product when they install something else. A common way to become a victim of spyware is to download certain peer-to-peer file swapping products that are available today. Aside from the questions of ethics and privacy, spyware steals from the user by using the computer’s memory resources and also by eating bandwidth as it sends information back to the spyware’s home base via the user’s Internet connection. Because spyware is using memory and system resources, the applications running in the background can lead to system crashes or general system instability. Because spyware exists as independent executable programs, they have the ability to monitor keystrokes, scan files on the hard drive, snoop other applications, such as chat programs or word processors, install other spyware programs, read cookies, change the default home page on the Web browser, consistently relaying this information back to the spyware author who will either use it for advertising/marketing purposes or sell the information to another party.
There are a variety of antivirus software packages that operate in many different ways, depending on how the vendor chose to implement their software. What they have in common, though, is that they all look for patterns in the files or memory of your computer that indicate the possible presence of a known virus. Antivirus packages know what to look for through the use of virus profiles (sometimes called “signatures”) provided by the vendor.
New viruses are discovered daily. The effectiveness of antivirus software is dependent on having the latest virus profiles installed on your computer so that it can look for recently discovered viruses. It is important to keep these profiles up to date.
We proudly serve Maryland, Washington D.C and Northern Virginia area.
We are a true IT solutions provider-from assessment and design to implementation, management and support, we live and breathe our clients’ networks.