Thanks, Craig. My director were discussing the security issue, too. With HIPAA's security rules soon to be published, this is another "stick" we can hold over administration's head.
Paul Chinnery Network Administrator Mem Med Ctr -----Original Message----- From: Dupler, Craig [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 03, 2002 3:07 PM To: Exchange Discussions Subject: RE: life cycle of Exchange There are multiple reasons. All of the best ones (i.e. most compelling) revolve around security. It's getting to the point where it is difficult to find a way to penetrate a company's defenses attacking things in layer 6 and below. Wireless is a temporary exception, but most attacks are now launched in the application layer, and most of those are focused on e-mail. The reason that people use e-mail should be obvious: - you willingly accept bits from outside, so long as they meet certain criteria. - mail clients are supplied as a part of every version of Windows and have enough similarity to make a virus type of attack easier to proliferate. - because of the variability of attachments, the level of complexity and thus the chances that an undefended hole can be found are both very high. There are lots of way to envision attacking via e-mail. Most will be client-centric, but attacking the servers is not an unimaginable scenario. What a messaging product that is "currently supported by the vendor" buys you is a rapid response to security issues that are frankly guaranteed to arise. Just to protect yourself, it is an absolute necessity of life on the net to keep your product in a "currently supported by the vendor" state. That only leaves one question, what is the best strategy for moving it forward? There is no one right answer. If you are a large enterprise that is guaranteed to be hit by every virus that comes along, then you need to keep current with every hot fix that comes along, and you need to rev through each version so make sure that you are getting the most rapid response to hot fix requirements that might arise. If you are smaller, then this is probably unnecessary. However, there is another issue. Generally speaking, and this is a very broad and unspecific generality, the migration tools are easier to use and the chance of a "system administration induced data loss event" are minimized if you make routine small incremental steps that are a part of your regular activities. The more infrequently you do something, and the more rev levels that you skip, the greater the chance is that you will make a mess of it. What you want are consistent processes, not irregular fire drills. Fire drills will cost you more than you will save by not having a routine. Long ago I stopped believing in using backup tools as a means of recovering from data losses. In my experience, there are really only two common causes of data loss: 1. the deliberate actions of users that are not well thought out 2. sys admin mistakes in performing a fire drill restoration This is not to say that you should not be familiar with backup tools, nor that you should not use them at all, but you should recognize that they have a limited value, and tend to be more useful for hardware upgrades than almost anything else. What, you might ask, has this digression on backup have to do with keeping a mail system current? Let's say you are now two versions behind, quickly on the back of an envelope list all of the steps that you are going to perform when you do get around to your next upgrade. I think the point of my digression will become obvious . . . -----Original Message----- From: Chinnery Paul [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 03, 2002 9:38 AM To: Exchange Discussions Subject: life cycle of Exchange We all know that Microsoft has announced the planned end of support for NT 4.0. I know they had a link which listed life-cycles of various products but I can't seem to find it anymore. I've search under "life-cycle," "product life-cycle," etc, etc. Does anybody have a link or can tell me any planned end for support for Exchange 5.5? We're trying to convince administration to replace our servers and move 100% to Windows 2000. They, of course, ar balking at it so we're coming up with every, stinkin' little bit of reason we can. For some reason, just saying "...cause we believe it's a good idea..." just doesn't seem to be an acceptable argument. Thanks, Paul Chinnery Network Administrator Mem Med Ctr _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]