How much is your time worth? You have no dedicated IT staff and should be spending your time working on your company's product.
Yes, open source Exchange alternatives are getting better, and I really like Google Apps. How much time would it take to tweak the integration? How much time to develop workarounds for features that "just work" in Exchange? For a small organization you'll never get that investment back in cost savings.
$60/mo for 10 people is well worth the service you receive. Even the $200/mo for the full Exchange/Office bundle may be worth it.
Exchange is a great candidate for virtualization if you are running a small shop, but then your better option may be one of the various hosted/cloud Exchange offerings. (And you'd better not tell MS about your virtual environment when you call for support)
In a large installation Exchange will use an incredible amount of I/O and cpu. I just don't see any value from running it on super-reliable hardware. You have to plan for Exchange breaking due to other problems.. corrupt databases, broken networks etc. which means a "hot spare" system ready to go.
So if you have Exchange with CCR with a 1-2 minute failover max, why bother with reliable hardware at all?
IronPort / Cisco are not the only ones doing this. TrustedSource (http://www.trustedsource.org/) has a similar database.
Having used IronPort in a large scale environment for 2 years, I would never go back to plain blacklist + content scanning. Unlike blacklists, reputation filtering can be tuned for your business. If the score is poor, block inbound mail before it even reaches your MTA. Low scores can be throttled or greylisted and senders with a good score can be allowed in with few limits.
In my environment, I block nearly 80% of inbound mail before it even reaches the cpu-intensive content scanners. My only real complaint about the above reputation systems is that while some of the information is publicly available, the scores themselves are reserved for customers only.
From what I can tell, this is still vulnerable to a replay attack. The examples shown would also be relatively easy to brute-force.
I agree with the parent post in that this is a good layer of defense against random port-scanning. My question is how much better is it than simply moving your services to non-standard ports?
A few months ago I worked for a local computer store doing builds and general repairs. 4 out of 5 systems that came through the door had enough spyware to justify my spending time fixing it. Between filling out paperwork, setting up systems on the bench, etc. We're talking a *minimum* of 1/2 hour for the following process:
-Boot. Wait up to 5 minutes for spyware to load. -Uninstall the obvious spyware, take mental note of the rest -Reboot to safe mode. -Install Spybot + updates from cd -Spybot scan + remove -Run HijackThis and look through registry keys for IE hijacks spybot didn't catch (becoming more common) -Reboot and verify system is now running 200% faster with no popups. -Reset IE security settings -Install latest Windows updates
Even systems that came in with hardware failures needed spyware cleaning once the parts were replaced.
It's an epidemic and unfortunately I don't see an end. Unlike viruses, there is financial incentive to develop spyware and nobody is being prosecuted for it.
Slashdot Mirror
Hosted Microsoft platform hands down.
How much is your time worth? You have no dedicated IT staff and should be spending your time working on your company's product.
Yes, open source Exchange alternatives are getting better, and I really like Google Apps. How much time would it take to tweak the integration? How much time to develop workarounds for features that "just work" in Exchange? For a small organization you'll never get that investment back in cost savings.
$60/mo for 10 people is well worth the service you receive. Even the $200/mo for the full Exchange/Office bundle may be worth it.
Exchange is a great candidate for virtualization if you are running a small shop, but then your better option may be one of the various hosted/cloud Exchange offerings. (And you'd better not tell MS about your virtual environment when you call for support)
In a large installation Exchange will use an incredible amount of I/O and cpu. I just don't see any value from running it on super-reliable hardware. You have to plan for Exchange breaking due to other problems.. corrupt databases, broken networks etc. which means a "hot spare" system ready to go.
So if you have Exchange with CCR with a 1-2 minute failover max, why bother with reliable hardware at all?
IronPort / Cisco are not the only ones doing this. TrustedSource (http://www.trustedsource.org/) has a similar database.
Having used IronPort in a large scale environment for 2 years, I would never go back to plain blacklist + content scanning. Unlike blacklists, reputation filtering can be tuned for your business. If the score is poor, block inbound mail before it even reaches your MTA. Low scores can be throttled or greylisted and senders with a good score can be allowed in with few limits.
In my environment, I block nearly 80% of inbound mail before it even reaches the cpu-intensive content scanners. My only real complaint about the above reputation systems is that while some of the information is publicly available, the scores themselves are reserved for customers only.
It appears that MS also describes a full-screen multi-desktop preview. Was anyone able to view the images associated with the application?
From what I can tell, this is still vulnerable to a replay attack. The examples shown would also be relatively easy to brute-force.
I agree with the parent post in that this is a good layer of defense against random port-scanning. My question is how much better is it than simply moving your services to non-standard ports?
I'm serious here...
A few months ago I worked for a local computer store doing builds and general repairs. 4 out of 5 systems that came through the door had enough spyware to justify my spending time fixing it. Between filling out paperwork, setting up systems on the bench, etc. We're talking a *minimum* of 1/2 hour for the following process:
-Boot. Wait up to 5 minutes for spyware to load.
-Uninstall the obvious spyware, take mental note of the rest
-Reboot to safe mode.
-Install Spybot + updates from cd
-Spybot scan + remove
-Run HijackThis and look through registry keys for IE hijacks spybot didn't catch (becoming more common)
-Reboot and verify system is now running 200% faster with no popups.
-Reset IE security settings
-Install latest Windows updates
Even systems that came in with hardware failures needed spyware cleaning once the parts were replaced.
It's an epidemic and unfortunately I don't see an end. Unlike viruses, there is financial incentive to develop spyware and nobody is being prosecuted for it.