Business as usual for NetChk Protect

Hey All,

Well it has been an busy, but exciting week here.  We are now officially VMware Employees!  Whiles some of the names may change, it’s business as usual for NetChk Protect. In fact, we’re heads down developing the next version.

Let me tease you with some of the new features coming in our next release:

  • First, the new Operations page will allow you to launch straight into scheduling and executing operations.

  • New Context menus you can access from the Machine View and Scan View when you right click on a machine. From here you will be able to right click and RDP into a machine you have identified in your environment with credentials you have already entered. You can also specify a Machine Credential on a per machine basis that you can use to connect into a machine quickly and easily.
  • ITScripts is a new feature enabling you to execute scripts against target machines using PowerShell. This will work in many different ways. If PowerShell is not installed on the target machine, most ITScripts will be able to execute remotely. If PowerShell is installed, you can send ITScripts down using RM and execute locally or open a PS prompt directly on the target machine with just a few clicks. A set of free ITScripts will be included in the next release for all customers and those who want the full set can upgrade to the ITPro version of ITScripts.

  • The last feature I want to talk about is an enhancement to Credential Manager. I can’t show screenshots for security reasons, but you can create and manage your credentials from the Credential Manager by using the drop down menu to select the desired credential and you’re done. No need to re-enter credentials dozens of times. Also, when you need to reset your credentials every 30, 60, 90 days (due to those pesky, but necessary, security compliance requirements) you can reset your credentials once in Credential Manager and all usage of those credentials will update automatically.

These are but a few of the many enhancements coming in the next release. I will share more as we get closer to Beta, so stay tuned!

Chris Goettl
Customer-Product Owner

SaaS Gives SMBs a Global Competitive Advantage

No matter where in the world a small or mid-sized business is located, it’s probably safe to assume that one of the biggest headaches – and largest cost not associated with driving revenues – is associated with managing software and other IT needs. These businesses often don’t have the in-house expertise to manage the IT infrastructure, or they cannot afford to purchase the edgy, high-end, productivity enhancing solutions with which large companies have the luxury to experiment.

Enter software-as-a-service – or SaaS – which can level the proverbial “playing field” and enable SMBs to focus on their mission of growing revenue and building their businesses. SaaS offerings are ideal for SMBs because they are typically easy to deploy and use, minimizing the need for training. Since you only pay for what you need, costs are minimized. There’s minimal infrastructure require because the software is hosted at the vendor’s site. And SaaS solutions are continually maintained and kept up-to-date by the vendor, so they can evolve as the SMBs’ needs change.

Use of SaaS solutions is taking off in Europe. In a survey of more than 1,600 SMB decision makers in eight European countries conducted by VMware last month, 73 percent of respondents in continental Europe indicated they are using cloud computing or SaaS.  However, there is a disparity in the United Kingdom, where only 57 percent of SMBs have virtualized parts of their IT infrastructure. Despite the advantages of SaaS, SMBs in the United States are lagging even further behind their U.K. counterparts. More than two thirds of SMBs in the U.S. continue to use premise-based software, according to research from Access Markets International Partners.

But the tide appears to be turning.  According to a recent market assessment by In-Stat, small business spending on public cloud services in 2010 was roughly $3 billion, and this is expected to increase more than 100 percent between now and 2014.  In fact, the researchers noted that SOHO and small businesses will account for roughly 65 percent of the public cloud computing market in 2014.

“Web hosting and data storage are the most obvious IT needs that can be addressed by public cloud services,” Greg Potter, Research Analyst at In-Stat, said in an article that appeared in the Business Technology Roundtable Blog. “With the advent of [SaaS] offerings many businesses are realizing that much of their IT needs can be fulfilled without the need for expensive networking equipment and high-end computers.”

As SMBs in Europe – not to mention around the world – look to technology to give them a competitive edge, it’s clear that the move to SaaS offerings will allow them to focus on their core business and how to grow in today’s global economy.

Ed Peek
VP, Worldwide Sales

Maximize Your Investment in SCCM

As most of you have heard by now, Shavlik announced on Monday that we are being acquired by VMware. This announcement coincided with Microsoft’s TechEd conference in Atlanta and all week we’ve been inundated with questions about what this means for our SCUPdates™ product. The answer is yes: we will continue to sell and support SCUPdates.

SCUPdates delivers what Microsoft doesn’t: a way to leverage a single SCCM workflow for deploying updates for both Microsoft and, perhaps more importantly, non-Microsoft applications. SCUPdates allows you to leave researching and creating patch data to Shavlik – we’ve been doing it for years. With SCUPdates you can fully maximize your investment in SCCM and make your network more secure.

And, it’s not just SCUPdates. Across our entire product portfolio, we are fully committed to providing every customer with continuity and investment protection including smooth upgrade paths to greater functionality and access to high quality services for both packaged software and SaaS delivered software.

Click here to learn more about SCUPdates.

– Mike Bleakmore
Product Marketing Director
Shavlik Technologies

VMware to Acquire Shavlik Technologies

I am happy to announce that VMware has entered into a definitive agreement to acquire Shavlik Technologies. Our two companies have a long-term relationship built upon VMware GO™ (www.vmwarego.com), our joint SaaS based IT Management solution. VMware GO assists SMBs with rapid deployment and management of VMware vSphere, the VMware Hypervisor and general IT management of both physical and virtual computers. VMware GO has attracted over 200,000 registered users creating more than 20,000 VMware Hypervisors and 120,000 Virtual machines.

Shavlik and VMware share a vision of IT Management for now and the future. A vision of delivering solid, easy to use IT solutions to SMBs to enable customers to take full advantage of the efficiencies gained with the latest technologies. My team and I have been working to simplify IT for many years and we look forward to taking our experience and passion forward with VMware. We will be enabling our customers to work with new solutions in Cloud Computing, SaaS, Security, Virtualization, IT Management and other critical areas by driving VMware GO forward. We will also be entering global markets much faster by working with Managed Service Providers (MSPs) and Solution Providers. This enables more companies around the world to utilize our SaaS and On-Premise solutions.

Shavlik Technologies was founded in 1993 to offer a new approach to security application design and development that enabled us to take big steps in the simplification of computer security while at the same time creating a very trustworthy product. Since then, we have grown to help thousands of customers simplify their IT management. Becoming part of VMware is the next step for my company and me in this evolution. Our patch, compliance and end-point security and other expertise will of course continue to be a strong area of value for our customers and for market differentiation. We will continue to build on these areas as well as our on-premise solutions as we move forward in enabling SMBs to manage core IT functions through a single pane of glass, centralizing asset management, security, business continuity and data protection capabilities, in addition to other areas.

We are all committed to providing every customer with continuity and investment protection including smooth upgrade paths to greater functionality and access to high quality services for both packaged software and SaaS delivered software. We intend to accelerate innovation related to our critical offerings, and collaborate with customers, partners and the industry to continue to deliver great new solutions. Our current customers will continue to be supported by the Shavlik Technologies sales and support personnel as they are today.

I want to thank all Shavlik employees past and present as well as our partners. Because of your hard work and dedication, we were able to build a great company. I am proud of our accomplishments and look forward to working with you as we create the next chapter in IT management solutions.

I also want to thank our customers. It is with great appreciation and gratitude that we begin the next step in us working together. I look forward to joining VMware and together with my team, providing you easy-to-use and affordable solutions that help you manage, monitor and secure both physical and virtual environments.

Mark Shavlik

Don't blame the outsourcer… your gave them my information!

Let’s say for a moment that I was a hacker and I wanted to gain access to information about a large corporation’s customer base.  The path that lies in front of me is relatively clear, I want to find the easiest way to gain access to the information without arousing suspicion and try to penetrate the security around it in a manner that doesn’t implicate me if the breach should be identified.  Simple enough, isn’t it?

Now that I’ve plotted my “how” I want to get the information and defined my “what” I want to get, I now turn my attention to “where” do I want to go after the information.  This is where the rubber meets the road when it comes to hacking as hackers will always trend towards the most vulnerable vectors.  On one hand, I can choose to attack the corporation head-on, but this path is extraordinarily risky.  Truth be told, all of the larger organizations have teams of security professionals trained to shut down attack vectors before they can be exploited.  On top of that, many of those organizations also deploy counter-cyberattack methodologies to go after people who attempt to exploit them even if they were not successful in breaching the perimeter security.  Why?  To send a message.  Simply put, “if you attack us, we’re coming after you.”

So you see, the approach above is risky, and the risk versus reward just doesn’t add up.  Let’s talk about a different and safer approach.  If all I want is information about the consumers inclusive of their email addresses and perhaps some marketing data about them, there is an easier approach.  Almost all of the larger organizations take their marketing information and share it with third-party organizations who provide activities such as lead nurturing or email marketing to their data base.  In most cases they have an exact copy of the information that I care about.  Enough information for me to identify the customers that they have, and further information which would allow me to impersonate the corporation in a giant phishing attack which would give me access in the least to the end customers passwords or perhaps if I pushed the boundaries,  even more than that.

What’s interesting is this approach is now becoming common-place.  After the Epsilon breach on March 30, 2011, I received about four emails from people apologizing, but acknowledging that I my information had been distributed.  From Best Buy, TiVo, and Brookstone, I received their corporate apologies and a reminder that they would never send me an email asking for credit card information or username and passwords.  An obvious attempt to thwart a potential phishing attack which probably looms in the months to come.

On to the concern…

Each of the emails I received from the corporations above specifically called out a breach in their marketing providers’ security.  It was predictable that they would pin the blame on someone else, but also regrettable.  For me, being in the business of securing devices and traffic, you have to understand that blaming Epsilon or organizations like that can only go so far.  Who chose to use them?  Who didn’t audit their security measures?  Who thought it was OK to send them their customer information?  The list of questions goes on and on, but seriously, to blame them exclusively for the breach is in poor form.

To give a corollary to this argument, back in April, we saw the largest wide-spread cloud outage with Amazon’s EC2 fabric failure.   The unthinkable happened, and by the way, it will likely happen again at some point in the future.  Most organizations did the same thing that we saw from marketing hacks, “it’s THEIR fault” rang out across the Internet.  Then, while searching the blogs, I saw the most honest post come from Heroku (acquired by Salesforce.com) where in their blog, Heroku went on to state that “Heroku takes 100% of the responsibility for the downtime affecting our customers last week.”  They even took the time to capitalize the entire sentence and bold it in white.  Hooray Heroku, let’s all follow in your example.  We all need to take responsibility.  We all need to own up for our service and data delivery regardless of our choices of platform.

So to that, I turn towards the corporations of the world that send their data off-premise.  It’s still your data and it’s still my personal data you are protecting.  I hold you at fault if it gets compromised.  It’s time for you to own the responsibility of the security of the information and it’s time for you to turn towards your team of experts and enable them in the IT management process of that information.  If you enable them, it’ll make sure you avoid being on the news some night.

Getting it right

What should organizations do that need to outsource that capability?  First off, take the time to know who you are using and involve your IT department.  I can tell you after consulting on many of these breaches after the incident happened, it was a game of “not-it” played out in the corporate world.  The IT department says the marketing department didn’t involve them in the choice of the vendor, and the marketing department saying the IT department didn’t want to be involved in the choice.  Okay, whatever the scenario is, getting the right people involved is key.

Secondly, organizations should engage their security professionals (or consult with some) to do an analysis of their partner.  In many cases, marketing organizations in particular do rapid customizations to their assets which leaves their pages more vulnerable to attacks.  Security professionals can use off-the-shelf tools to attempt vulnerability scans against a network and web-pages (if applicable) to test for vectors that can be exploited.  As a resource, I’d suggest an organization pay close and careful attention to the OWASP (Open Web Application Security Project) which categorizes and discusses many types of threats.  Organizations should pay careful and close attention to their top 10 threat lists.

All joking aside, the scenario I painted today is real and a big threat to organizational data world-wide.  Unfortunately, I can attest to the fact that some of the biggest exploits that went public were only the tip of the iceberg for what lies ahead.   More have been breached than made the news, and I’m sure that more will unfortunately garner just as much, if not more, media attention in the future.

– Rob Juncker

May 2011 Patch Tuesday Overview

Microsoft has released two new security bulletins in the May 2011 edition of Patch Tuesday.  These two bulletins address three vulnerabilities where none of the vulnerabilities are publicly known.

The security bulletin that administrators should look at patching first is MS11-035.  This security bulletin affects the WINS service on all supported Microsoft server products (Windows 2003 and 2008).  An attacker sending specially crafted to a Windows Server running WINS could result in remote code execution.

The second bulletin (MS11-036) affects older versions of the Microsoft PowerPoint product. Opening a malicious PowerPoint document could lead to remote code execution.

With this being a lighter patch month, administrators should take this chance to catch up from last month’s massive Patch Tuesday.  In addition, there were multiple vendors releasing critical security bulletins.

Earlier this month, Adobe released updates to their Adobe Reader, Acrobat, Flash and Air products.  The security update addressed a critical vulnerability that had reports of being exploited in the wild.  Apple also updated their Apple iTunes addressing two vulnerabilities.

I will be going over the May 2011 patch Tuesday in depth with our monthly patch Tuesday webinar.  You can register to attend it here.

– Jason Miller

Visit Shavlik @ Microsoft TechEd (May 16th-19th) in Atlanta

As a Microsoft Gold Certified Partner, Shavlik’s solutions enhance the Microsoft platform to simplify IT management. One of the biggest threats and challenges that we are seeing today in our customers’ environment is managing non-Microsoft (third party) patches.  Microsoft’s products are not the only ones at risk.  In fact, third party applications such as Adobe, Apple, and Google are now the leading cause of most vulnerabilities on the network.

If you are attending Microsoft TechEd in Atlanta next week, please stop by and say hello at the Shavlik booth #1910 and enter your name for a chance to win an Xbox 360 with Kinect.  We’ll be demonstrating the latest releases of our Shavlik NetChk Protect, Shavlik SCUPdates and IT.Shavlik.com at the booth.

About Shavlik’s solutions for IT management:

Shavlik NetChk Protect v7.8 introduces some exciting new virtualization patching capabilities, expanded third party application coverage and a variety of agent upgrades to better cover all your remote employees and frequently disconnected machines.  Click here to learn more about Shavlik NetChk Protect v7.8.

Shavlik SCUPdates is our new third party patching solution that plugs into Microsoft’s System Center Configuration Manager (SCCM).  It’s a simple data service for SCCM that requires no additional agents, console or management to learn.  Just import the third party patch catalog for Adobe, Java, Firefox, iTunes, etc in to SCCM and you’ll be patching vulnerabilities on your servers and workstation in literally minutes.  Click here to learn more about Shavlik SCUPdates.

Want to check your network for missing third party patches and see what WSUS is missing?  IT.Shavlik.com continues to take the industry by storm with the first comprehensive SaaS solution for patch & asset management.  The latest release now allows unlimited, FREE scans so check it out at http://it.shavlik.com.

Hope to see you in Atlanta next week, and don’t forget to enter your name to win an Xbox 360 with Kinect at booth #1910.

-Andrew Stevens
Director, Product Management
Shavlik Technologies

Visit Shavlik at TechEd 2011 in Atlanta, GA

Are there really still doubts that 3rd party patching is necessary?

One thing that I am continually surprised to hear are arguments that patching just Microsoft’s products is good enough.  In my seven years at Shavlik that is typically the hurdle we face when we deal with prospects that use Microsoft’s solutions for patch management (WSUS, SMS, SCCM, etc.).  Today, instead of telling you 3rd party products are a concern, why don’t we show you.  On top of that, let’s do it for free with our new Shavlik Security Advisor Scan tool.

Shavlik Security Advisor is a new offering from Shavlik using our industry leading Patch Assessment engine to agentlessly assess your environment.  This also utilizes our SaaS architecture to deliver the components needed within minutes so you can click and scan (really, when I say minutes I mean minutes on the first time out).  Also, this is entirely ANONYMOUS*.  You will get to the Security Advisor report without giving us your personal information.

* Disclaimer: If you want to download the scan report you will be required to submit your email address.

I hear the arguments quite often from IT admins who believe that patching Microsoft products is good enough.  Objections include “I know exactly what is installed in my environment. Nobody can run those apps” and “I only worry about the servers and those don’t have 3rd party apps.” Well, I challenge that in the majority of cases.  I have visited many customer sites and find that most have Adobe Java, Citrix, and several other non-Microsoft applications on the server side.  And the presence of 3rd party applications on their workstations it is even more prevalent.

Even in the tightest organizations that lock down user’s admin rights to keep unapproved software off of workstations, exceptions are often made.  For example, the Marketing team may need RealPlayer and QuickTime, or certain executives are allowed to download iTunes for their iPhone and iPod.  How many products do your users download  that have their documentation in PDF format and package a Adobe Reader with their install so it can be viewed  conveniently?  How about the simple fact that the server admin should be worried about the machines that can get access to those servers?  If such a workstation is compromised then anything it can see is at risk.  That machine has already helped the attack to bypass many of your security measures by getting compromised due to not being fully patched and protected.

Don’t just think you are immune to the 3rd party product risks.   Verify that you are.

Get your free Shavlik Security Advisor Scan today.

Note: Shavlik NetChk Protect users are encouraged to try this out as well.  Just be aware that the scan we are doing in Security Advisor is the equivalent of the WUScan template in NetChk Protect.  If you are using the Security Patch Scan template you may catch some non-security patches you are not updating regularly if it is not part of your patch mandate.

Chris Goettl
Product Owner
Shavlik Technologies

May 2011 Patch Tuesday Advanced Notification

Microsoft has released their advanced notification for the May 2011 edition of Patch Tuesday.  This Patch Tuesday marks a "light" Patch Tuesday as expected.  Microsoft’s release cadence for security bulletins are typically heavy months followed by light months.  With this month’s release, administrators can take a big sigh of relief after a record-breaking April Patch Tuesday.  In April, Microsoft released 17 bulletins addressing 64 vulnerabilities.  Both numbers were a record for a single Microsoft release.

For the May 2011 Patch Tuesday, Microsoft is planning to release 2 security bulletins addressing 3 vulnerabilities.

Security Bulletin Breakdown:

  • 2 Security Bulletins
  • 1 Security Bulletin rated Critical
  • 1 Security Bulletin rated Important
  • Both Security Bulletins fix vulnerabilities that can lead to Remote Code Execution

Affected Products:

  • 1 bulletin affects the Windows OS (only Windows server based products)
  • Windows 2003, 2008, 2008 R2
  • 1 bulletin affects the Microsoft Office product
  • PowerPoint XP, 2003, 2007
  • Office Compatibility Pack

Take advantage of this lighter Patch Tuesday to catch up with the massive patch day last month and all of the other 3rd party security releases since then.

  • Adobe Flash Player
  • Adobe Air
  • Apple iTunes
  • Apple Safari

– Jason Miller

Shavlik's Antivirus Surpasses Competitors in Detecting Nasty Malware

Shavlik’s VIPRE antivirus engine has surpassed competitors in recent tests with Antivirus.org and the Malware Research Group. Today we add another to the list. Virustotal is a service that measures the detection of viruses, worms, trojan and other malware and reports how well antivirus engines perform. Virustotal reported today that VIPRE was one of only three engines (out of 41 measured) that caught “VideoPlugin_v43.exe,” a new piece of nasty malware making its way around the Internet.

Click here to learn more about Shavlik’s VIPRE engine. Also, read our latest white paper on layered security “Patch and AV: Better Together.”

– Mike Bleakmore
Product Marketing Director
Shavlik Technologies