Folks,
I came across some nice Gartenr Group reports. Here are some highlights:
- SPA-03-1884 NT Server Security: Wehn 'Good ENough' Is Not Enough
For most server applications, the security of NT Server will not be an
inhibitor to its deployment, but we recommend that NT Server be avoided for
security-critical applications.
Eneterprises should not deploy NTS without assessing th elikelihood of a
sophisticated attack of the application deployes. For most enterprise
applications, NTS's ease of setup and configuration out of the box provides
a "secure enough" platform that minimizes the risk of a security exposure;
however, through year-end 2000, enterprisesd should avoid using NTS for
security-ceritical server deployments sucha s firewalls for high-threat
locations, as a focal point fo rsingle sign-on or for hosting Internet-based
electronic systems.
For security-critical deployments, NTS will remain less secure than other
mature midrange OSs through 2001 because of Microsoft's desire to target
vol�ume markets and increase revenue through continual product
ehnhancements.
[Long list of NT security lags and B-level OSs]
- C-03-5070 Sun. Pulling Together a Security Strategy?
We consider the firewall market to be composed of three different segments:
a high security segement, a midrange segment and a low end that is served by
firerwall appliances. Midsize enterprises should select firewalls on the
basis of familiarity with the platform used, ease of use and the quality of
securit yprovided by the vendior.
- KA-03-7212 Essential Components opf a PC Security Software Decision
[Lots of stuff on encryption]
Microsoft OS Security Highlights; Risk of HandheldsP-06-7364 HP's
VirtualVault: Running Ahead for a Secure Web
[Nice piece ob a B-level compliant OS including Netscape Webserver]
[Porting to NT difficult, as source code for B-level verification not
available]
Other vendors: Sun and Data General.
[I'd expect to see B-level AIX (IBM) sometime soon]
I recommend anyone with a GG subscription get teh CD and doe some research.
cu
-pete
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
