3852 appleinenterprise.
Upcoming SlideShare
Loading in...5
×
 

3852 appleinenterprise.

on

  • 310 views

 

Statistics

Views

Total Views
310
Slideshare-icon Views on SlideShare
310
Embed Views
0

Actions

Likes
0
Downloads
2
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    3852 appleinenterprise. 3852 appleinenterprise. Document Transcript

    • Applein theEnterprise ® an IT Management eBook
    • Contents… Apple in the Enterprise This content was adapted from Internet.com’s Small Business Computing, Enter- prise Networking Planet, ServerWatch, and Datamation Web sites. Contributors: Jamie Bsales, Charlie Schluting, Paul Rubens, Ryan Faas, and Drew Robb.2 2 Apple is Ripe for Business 4 A Network Survival Guide for Enterprise Macs4 6 6 Ward Off Mac Exploits 8 The Best Mac Security Software8 12 12 Consider Xserve Not a Cross-Out Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the Enterprise Apple is Ripe for Business By Jamie Bsales A re you in the market for a new PC? As you pon- Choose Your Operating System der whether to stick with the familiar Windows Software is the other hurdle that used to trip-up would-be operating system and think about Windows 7, converts. You may have needed a particular Windows appli- consider a more radical departure: jumping cation that didn’t have a Mac version, or you may have beenship altogether and buying a Mac. With improvements in the loath to abandon your investment in Windows software. Butlatest Mac OS X (called Leopard) and Apple’s other business- the Leopard operating system now includes Boot Camp (orig-friendly products, now may be the time. inally a separate utility released soon after the company made the move to Intel processors), which lets you launch eitherOver the past few years, the major reasons not to equip your Mac OS X or a version of Windows (that you’ve installed),business with a Mac have fallen by the wayside. While Apple depending on the task at hand.computers were once slower, more expensive, and incompat-ible with the Windows apps you Unlike past attempts at runningneeded to run, that’s no longer Windows applications on a Mac,the case with the latest genera- which relied on emulation soft-tion of hardware and software. ware that usually slowed the sys- tem to a crawl, Boot Camp runsTotal Cost of Ownership Windows XP or Vista nativelyWindows PCs held a perfor- (thanks to the machine’s under-mance advantage over the Pow- lying Intel processor). LeoparderPC-equipped Mac machines includes Boot Camp Assistant, afor years thanks to processor ad- wizard that walks you through thevancements from AMD and Intel. process of creating a separateNot anymore: Every mainstream Windows partition on your hardMac is now built around an In- drive and starts the Windows in-tel Core 2 Duo processor—the stallation process.same one that’s likely poweringthe Windows PC you’re consid- Once that’s done, holding downering. So speed is no longer a the keyboard’s Option key dur-sticking point. ing boot-up displays the Startup Manager, which lets you selectAs for price, spec for spec a Win- which operating system to launchdows-based PC will be a couple for that session. Launch Win-hundred dollars cheaper than dows, and you can load softwarea Mac. But when you add in the software components you and drivers just as you would with any Windows-equippedget in Apple’s iLife multimedia suite (preloaded on every new PC. Of course, you’ll need to budget for a copy of WindowsMac), that cost advantage disappears. And Apple contends (if you don’t already have one), which adds anywhere fromthat its machines, with their seamlessly integrated software $250 (for XP Pro or Vista Basic) to $400 (for Vista Ultimate)and utilities, actually make your employees more productive to your total bill.thanks to their ease of use and lower IT requirements. Thatbrings down the total cost of ownership even further. Office Options The main applications you are likely to need relate to produc-There is a downside, however. While the Apple hardware is tivity—namely those in Microsoft Office. If that’s the case, abeautifully designed and executed, your choices are still lim- Mac has you covered in several ways. For example, if you’llited compared to the huge pool of Windows PCs available. be loading Windows onto your Mac and you already have aThis is especially notable in laptops: Apple has just two lines copy of Office for Windows, you can simply load it onto theto choose from (the MacBook and MacBook Pro). Windows Windows partition.portables are much more varied in their sizes and specs. 2 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the EnterpriseIf you won’t be loading Windows along with Leopard, you can automated backup utility built into the operating system. Justpurchase Microsoft Office for Mac. And since Office for Mac plug in an external drive, and Time Machine will archive youruses the same file formats as Office for Windows, you can files and system settings, and (as the name implies) let yoube sure that clients and colleagues will be able to open your restore a changed or deleted file or roll back your machine todocuments. an earlier state.But to avoid a knee-jerk purchase of Office, consider Apple’s Leopard also supports screen sharing over a network, so youown productivity suite, iWork ‘09. Priced at just $79 (you can allow someone at a different location see what’s on yourcan download and try it free for 30 days), the suite includes screen (ideal for collaboration as well as IT purposes). Forthe Pages word processor/page layout program, Numbers larger businesses, Apple offers its Mac OS X Server plat-spreadsheet program and Keynote presentation application. form, which lets you host your Web site, provide group e-mail and calendaring applications, and even serve up pod casts toThe big draw with iWork (aside from the price compared to customers.Microsoft Office) is its 250 templates offered among the apps.When you launch one of the components, you are presented And as you make the transition to the Apple platform, you’llwith a host of beautifully designed templates to use as your find many third-party utilities to make the coexistence of Macsstarting point. Simply choose one, then insert your own text and Windows PCs more harmonious. For example, Cisco’sand images and tweak as needed. Network Magic for Mac lets you share folders on a network between Macs and Windows machines, share printers,Apple reports that many of the templates were designed and more.specifically for small businesses, such as the range of news-letter styles pre-built in Pages and the budget spreadsheet To make the switch easier, Detto Technologies offers itsready to go in Numbers. The goal was to make a one- or Move2Mac utility for migrating files to your new Mac fromtwo-person shop look like they have an art staff, and Apple your old Windows PC. Another product Data Drive Thru’shas succeeded. iTornado, which will let you connect via USB and automati- cally transfer files from one to the other without loading anyAs for compatibility, you can open Office documents in iWork, software.but Office users can’t open native iWork files. But Apple letsyou export your iWork documents to a number of different file If you wanted to be that slick Mac guy and not the frumpy Win-formats, so you can be sure others can see your work. Pages dows guy, but thought making the change entailed too muchexports to Word, PDF, RTF, and plain text formats. Numbers work (not to mention dieting and cosmetic surgery), the timeexports to Excel, PDF, and CSV files. And you can save Key- is right to make your move. You may be surprised at what younote presentations as PowerPoint files, PDFs, QuickTime vid- gain in the bargain.eos, Flash files, HTML, and even iPod-friendly video.Other Parts of the PuzzleMacs deliver other business-friendly utilities to keep your of-fice humming. For instance, Leopard’s Time Machine is an 3 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the Enterprise A Network Survival Guide for Enterprise Macs By Charlie SchlutingW hat do you, the passionate OS X user, do when from. They can right-click the drive in My Computer and select faced with an IT environment that only caters to properties. It should then tell you what server (and path) that Windows computers? Apple promises compat- drive is associated with. ibility with nearly every Microsoft technology, butthe learning curve can be pretty steep. We’re going to cover Then in Finder you hit cmd-K to bring up the Connect to Serv-some common issues OS X users face in a Windows-only IT er dialog. Enter smb://SERVER/SHARE and hit enter, and itworld, and offer some survival tips. should ask for your Windows domain password. Don’t forget to click the “+” button and save that server name in the list,Asking your Windows compatri- else you will need to ask a Win-ots for help does not usually end dows person “what server is thatwell, often because they don’t on?” again.know how something is actuallyworking. In Windows, as with Printingmany things in OS X, things will Printing is much the same prob-“just work” and then people never lem as accessing Windows net-think about it again. When Active work shares. Printers shared offDirectory manages the Windows a Windows server need to first bemachines, the mysteries get even found, and then you get to figuredeeper as more things happen out how to add the printer. Thisseamlessly for the users. In addi- has admittedly gotten much bet-tion, since you, the OS X alien, do ter in Leopard. The Add Printernot get automatic things from the sequence used to make it veryWindows domain, you must figure difficult to find “Windows Net-these things out. work Printer.”You can do it. Do not let your IT Hopefully, though, you can findguys tell you not to buy an Apple the printer share (or the printer it-because they won’t support it: self) automatically. New in Leop-You can support it. ard, when you go to add a printer it will show you a list of available“Drive Map” Woes network printers. If the printer is on the same subnet, you canProbably the most common issue is the drive dilemma. just connect directly to it and chances are very good that OSAll of the Windows users likely have a few mapped drive X will have the driver you need. Otherwise, you can hopefullyletters set up, and they have no clue where they actually come just connect to the one shared via the Windows server. If allfrom. They will tell you to access a file they have saved on else fails, then just like the mapped drives issue, you will needthe “K drive” for example. This, of course, does not mean to figure out from which server the printer shares are actuallyanything at all. shared.If, perchance, you are on the same subnet as the file server, VPNsyou can probably find it by just browsing around in Finder Shimo can simplify multiple VPN connections and replace theand connecting to all the Windows machines you find. That Cisco VPN client nightmare. Shimo can connect to any VPNis time-consuming, however, so the preferred way is to ask server known to man, and do so in a convenient way. We haveyour Windows friends to tell you what server their K drive is no VPN complaints now, except for the fact that you have to 4 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the Enterprisebuy Shimo because OS X VPN support is lacking. Resort to a Virtual Machine? What about that pesky application that just won’t run in OSOffice Software X? Well, these are getting less and less common, but you willMicrosoft provides Office software for OS X a year behind still encounter them. This should also be part of the buyingthe release schedule for regular Office. Office 2004 works decision: does it support OS X or have a Web interface? Butwell, and Office 2008 works if you don’t use Spaces in OS likely as not, you have a few of these programs lingering aboutX. With Spaces enabled, Word and Excel will constantly be the office already.confused about which window they belong to. You click onthe Word document and the window changes, but the docu- About the only time we’d recommend using a virtual machinement was left behind. Microsoft claims that Spaces didn’t ex- (VM) to run Windows is when you’re in that situation. Mostist when they started developing Office 2008, and that they other problems can be worked around without resorting toare working on a fix. using a Windows install. You may have to buy a piece of soft- ware or find an open source alternative, but you will be able toEntourage is a mail client that’s very much like Outlook, but find something that accomplishes the task.it isn’t really necessary. Apple Mail and iCal work well, andwhen you get a meeting notice via e-mail you can easily import If you are stuck needing to work with proprietary file formatsit to iCal. and strange client applications for connecting to archaic da- tabases, then a VM is going to be the only option. Thankfully,The best option is probably to get iWork (see the previous there are quite a few options available now, including VMWarearticle). Pages, Number, and Keynote all come with iWork, and Parallels.and are much better than the alternatives from Microsoft. Youpresentations from your MacBook with Keynote will amazeyour Windows-using friends. 5 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the Enterprise Ward Off Mac Exploits By Paul RubensW indows Server 2008 and Vista systems use Ad- The important point here is that all modern operating sys- dress Space Layout Randomization (ASLR) to tems — whether UNIX, Windows, or Linux based — can say make it hard write to shellcode that can success- that they have “built-in technologies that provide protection fully exploit buffer overflow errors in applications. against malicious software,” of some type or another. That’sYou could say ASLR is a built-in technology in these operating precisely what ASLR is, for example. But computers runningsystems that provides some protection against certain types these operating systems are still all vulnerable to attack. Andof malicious software and security threats right out of the box. not just from viruses: Take a look at the list of exploits thatHold on to that thought if you will. come bundled with the Metasploit security/hacking frame- work. You’ll find plenty of exploitsIn late 2008, it was widely report- for Windows servers and desk-ed that the following appeared on top machines, but you’ll also findApple’s support site: “Apple en- exploits for Linux, UNIX, and OScourages the widespread use of X-based machines. Some exploitmultiple anti-virus utilities so that weaknesses in the operating sys-virus programmers have more tems themselves, some exploitthan one application to circum- third-party drivers, and some usevent, thus making the whole virus weaknesses in the code of appli-writing process more difficult.” cations that run on them — either supplied by the operating systemWhile using more than one anti- makers, or third-party vendors.virus product on a system cancause problems, getting some Hackers are after “pickings,” andvirus protection for a Mac is a wherever the pickings are rich-sensible thing to do. That’s be- est is where they will target. Thecause Mac viruses do exist, and math behind some of this wasalthough the chance of a Mac get- memorably explored in an articleting infected is very small — far called When Malware Attackssmaller than a PC — the time to (Anything But Windows). Theset up some protection is before author uses game theory to ad-the machine gets infected, not af- vance the notion that in a worldter. Talk to any home security alarm installer, and they’ll tell consisting of two operating systems, what triggers hackersyou that the vast majority of their business comes from people to start targeting the minority platform is a combination of thewho have just been burglarized. Presumably, they felt they market share of the smaller platform and the effectiveness ofdidn’t need an intruder alarm before because they had never security mechanisms for the majority platform — if the secu-been burglarized. rity of the minority system stays the same.Apple’s anti-virus advice was removed shortly after it report- Of course, the real world is not the same as this model — notedly appeared on the grounds that it was old and inaccurate, least because there are more than two operating systems tobut the company seemingly contradicted itself in a statement consider. But it does provide food for thought when it comesto Symantec’s Security Focus Web site: to system security. Windows systems come under sustained continued attack because there are a lot of them out there, and they haveThe Mac is designed with built-in technologies that provide plenty of vulnerabilities. The theory suggests, however, thatprotection against malicious software and security threats every time a piece of Windows security software is installed,right out of the box. However, since no system can be 100 and every time a switch from Windows to Linux, OS X, orpercent immune from every threat, running antivirus software UNIX is made (and that’s the trend it seems), the more likely itmay offer additional protection. 6 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the Enterpriseis that a non-Windows system will be attacked and, ultimately, mising their machines, which isn’t very practical. The other, tocompromised. continually beef up security measures that protect their ma- Continued from Page 6 chine, probably is: Plenty of security vendors would be onlyIt’s ironic that one of the reasons Mac’s market share has too happy to help.risen in the past year or two is probably because of Apple’scommercials reminding consumers how many PC viruses Apple is absolutely right to recommend its customers lookthere are. But as the number of Mac users swell, it becomes for additional security software. Patting itself on the backincreasingly worthwhile for malware writers to target the plat- for picking an operating system (of any flavor) because it isform. “designed with built-in technologies that provide protection against malicious software and security threats right out of theTo fight back, minority operating system users can do several box,” doesn’t do anyone any favors. Being seen to endorsethings. One is to reduce the value to an attacker of compro- security measures certainly does. 7 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the Enterprise The Best Mac Security Software By Ryan Faas A pple’s Get-a-Mac ads (and many longtime Mac Often these attacks fall into the categories of Trojan horses users and fans) love to imply that Mac OS X that masquerade as some innocuous application or video is a far safer and more secure platform than codec that gets installed by the average user. The most recent Windows. And there is a ring of truth to that Mac threats started in this form as components included inimplication. There are far more instances of malware and real software packages pirated over the Internet.viruses bogging down Windows PCs than afflict Macs. Being vigilant about what your install and where it comesBut that doesn’t mean Macs are perfectly safe and secure from is one way to combat this threat. But for the averagecomputers -- after all, no computer is completely safe and Mac user who installs a file to view content on a Web site,secure on the Internet. the threat still exists.New malware threats (including Another major virus threat is thatthe discovery of the first botnet of macro viruses – most oftenoperating on infected Mac OS X associated with Microsoft Of-machines) are cropping up this fice. While Macs are typicallyyear. It’s likely just a sign of things not as likely to experience severeto come as Apple gains market damage if they open an infectedshare and visibility. Office document, they are still capable of experiencing someSo Mac users need to understand problems – and of passing thetheir options for protecting their virus on to others.systems from malware, networkattacks, and other threats. So every Mac should have some form of anti-virus software. HereIn this article, I’ll break down are the major options:three potential areas of danger– 1) viruses and malware, 2) net- ClamXavwork attacks, and 3) spam – and ClamXav is a simple open sourcedetails some of best the tools to anti-virus tool that is availablecombat them. for free. It is based on the open source Unix clamav, but sports aAnti-Virus Tools Mac-like graphical interface.Let’s start with the classic specter of computer security – thevirus or malware. The word virus is almost a misnomer these ClamXav works pretty well, though its interface is a littledays. There are still some classic versions of viruses that clunky and it is generally slow at performing scans. Its bigspread from disk to disk, wreaking havoc and deleting files – downside is that it offers less automation options than othermany from a kid who created a virus because he could. tools, meaning users must be more proactive about updating virus definitions (the files anti-virus tools use continued to detect mal-In truth, however, the bigger threats today are from forms of ware) as well as performing scans. It also doesn’t allow you tomalware that compromise open network connections to serv- scan your entire startup drive, meaning you’ll manually need toers over the Internet. These servers can then record personal select folders to scan.information (user passwords, keystrokes) and take over a ma-chine in the background. 8 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the EnterpriseMcAfee VirusScan MacScanMcAfee has a long history of developing anti-virus tools and MacScan is an anti-spyware rather than an anti-virus tool. Thethis was at one time bundled with Apple’s .Mac service (the software is designed for detecting spyware processes andprecursor of Mobile Me). McAfee is a decent if not stellar applications (keylogging, remote access, and DNS poisoningproduct. It tends to be slower than some of its competition tools) that may not fall into the typical categories of viruses.and does show itself to be a product produced from a largelyPC-oriented company. It also focuses on Internet cookies and similar data gather- ing tools that are not directly classified as malware. TheNorton AntiVirus software compares cookies (small bits of data stored by WebLike McAfee, Norton develops security and utility tools for browsers to keep track of user data when moving from oneboth the Windows and the Mac. Awhile back, Norton’s Mac Web page to another) against a blacklist of known maliciousofferings in both anti-virus and disk utilities were among the Web services.best products on the market. MacScan is a great complement to other anti-virus andBut times change. Norton still produces a compelling product security tools and is especially helpful for Macs commonlyand I’d probably pick it over VirusScan. However, it too suf- used by large numbers of individuals (who might place keylog-fers from being very obviously a Mac product designed by a gers and other malicious tools directly on a Mac rather thanpredominantly PC-focused company. For businesses that are remotely).already invested in other Norton products for managing their One final tip, regardless of your anti-virus choice: if you’rePCs, however, it can be an easy addition to an already com- running Windows on a Mac (either using boot camp orplete suite (most likely with volume licensing discounts). virtualization tools like Parallels, VMWare Fusion, or Virtual Box) don’t forget that you’ll need anti-virus software on thatSophos Anti-Virus SBE front too. Norton and Intego both offer Mac/PC protectionSophos also suffers a bit from being a PC-oriented company, suites to fill this need in a single product (though in Intego’sbut less than McAfee or Norton do. They produce a simple case the Windows software is provided by partnering withand lightweight solution for Mac OS X that can be centrally BitDefender AntiVirus for Windows).managed very easily.The downside to Sophos, in my opinion, is less their PC-cen- Firewallstric nature than their business-oriented nature and licensing. If Firewalls come in all shapes and sizes. Some are physicalyou’re a business that has multiple Macs and PCs to protect, devices that sit between a computer or network and the Inter-Sophos is a great choice (particularly if you’ve got a Windows net while others are software installed on individual machines.server – even one in virtualization) to use for central manage- Regardless of their form, firewalls are designed to protectment of both scanning and updating. In fact, for small busi- your computer from unauthorized access via its network/In-nesses and/or cross platform businesses that need a simple ternet connection.and effective centralized management option, Sophos is a While hardware firewalls are great for protecting all the com-very good choice. puting devices in your home or office, they don’t offer protec- tion for mobile computers that use a variety of public and pri-Intego VirusBarrier vate wireless networks. For this, software firewalls installed onHands down, the best choice for consumers and for fully those computers are needed – particularly on public networksMac-based businesses has to be Intego’s VirusBarrier. The where any computer connected to the same Wi-Fi hotspotcompany is entirely Mac focused, provides a solution that is can easily see and potentially access any other.simple, lightweight, and has a very Mac-like feel to it that makeit a natural choice for many Mac users. Mac OS X’s Built-in FirewallIt also offers centralized management (and integration with Mac OS X has shipped with a built-in firewall based on theIntego’s other security tools) for businesses and schools – UNIX ipfw firewall for several years. Leopard introduced anthough if you have a mix of both Macs and PCs to centrally adaptive firewall interface that is extremely easy for users tomanage, you might want to opt for Norton or Sophos because configure and work with. It doesn’t offer the option to directlyof their cross-platform management capabilities (and poten- configure complex rules (just the ability to allow or deny incom-tially better pricing due to larger volume purchases). ing connections – though you can modify the list of allowed or blocked applications making those connections fairly easily). Advanced users familiar with UNIX will also find that ipfw’s full 9 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the Enterprisesuite of options available from the command line. The downside is that DoorStop X is not as easy as NetBarrier or Norton to configure for novice computer users. For con-While Apple did a good job in crafting a very easy-to-use fire- sumers looking for a very simple solution, this probably makeswall and one that is generally decent, its limitations do show, it a less desirable choice. For power users and techniciansparticularly if you need to a firewall for any professional situ- wanting something that allows easy configuration of the coreation. At the very least, however, every Mac user should be features of a firewall without a lot of bells and whistles, thisusing it. can actually make DoorStopX somewhat more appealing.Intego’s NetBarrier IPNetSentryXIntego, again, gets my props for its NetBarrier firewall. Net- IPNetSentryX is a fourth firewall option for Mac OS X. It is aBarrier is designed to be easy to use (like Leopard’s built- robust tool that operates slightly different from a traditionalin firewall), but is also designed to offer easy configuration firewall. Typically, firewalls rely on a fixed set of rules to al-of more complex rules from a Mac-like GUI. It also offers a low or deny connections (the default rule being to deny ev-number of pre-configured settings that can applicable to both erything). IPNetSentryX does offer this, but it’s designed tohome and education/business environments, including rules run in an adaptive fashion, monitoring your network/Internetto block specific types of applications (such as peer-to-peer traffic but not blocking connections unless there is somefile sharing sites) and specific types of known threats (such as suspicious activity (either defined by its default settings or bythose posed by spyware). your custom rules).In addition to being highly configurable and yet very easy to Although its approach makes for a lightweight and adaptiveuse, NetBarrier is a powerful tool for protecting a Mac. It of- product (and one which can be used for anything from simplefers a number of extra features beyond basic filtering of in- protection to complex bandwidth management), IPNetSen-coming and outgoing connections, including the ability to de- tryX’s interface is probably the least user friendly of the fire-fine specific sets of rules for different locations (home, office, walls available for Mac OS X. This can be off-putting to manypublic Wi-Fi, etc), and it shows you how much bandwidth is users. However, if you’re a power user or technician and wantbeing used for various types of network access (Web, e-mail, to leverage a number of complex firewall options, it’s worthiTunes file sharing, etc). checking out.Norton Internet Security Suite Who’s There?Norton Internet Security is Symantec’s firewall product for A companion product to DoorStop X, Who’s There? isn’t aboth the Mac and Windows. The suite offers a solid solution firewall itself, but rather an application that reads firewall logsand integrates with Symantec’s Deepsight blacklist, a global and provides information and advice about the entries it finds.list of Internet addresses associated with various forms of net- This can help you fine-tune your firewall settings and betterwork attack and malware distribution. Like NetBarrier, it also understand how your firewall is protecting (or not protecting)allows you to define different settings based on location. your Mac.Like NetBarrier, Norton Internet Security strives to offer Little Snitchpowerful firewall rules and protection options in a simple Like Who’s There?, Little Snitch isn’t a firewall but a usefulmanner that all users can comprehend and manage. The inter- companion to one. But while Who’s There? and your firewallface isn’t quite as intuitive in my opinion, and it lacks some of logs can often inform you easily about incoming connectionsthe extra features that Intego built into NetBarrier. That said, it to your Mac, Little Snitch is focused on the opposite – tellingis still a powerful solution and offers a few features of its own, you what applications and services (such as file sharing orincluding a file guard technology for securing access to files iTunes Music Sharing) your Mac is attempting to connect withon your hard drive. on network resources or the Internet.DoorStop X Since some malicious tools (or even legitimate software) in-DoorStop X from Open Door Networks is a firewall that of- stalled on your Mac are typically allowed to make outgoingfers a more stripped down interface than either NetBarrier or connections through a firewall, being aware of exactly whatNorton Internet Security. Instead of being focused on con- the software on your Mac is trying to do and who it’s trying tosumer-friendly interface elements and extra features, Door- contact can be a great security aid.Stop X focuses on simply being a good firewall. It allows adecent set of rules and enables you to easily configure pro- Armed with the information that Little Snitch provides, you cantection for common Mac services (such as Web access and craft better firewall rules if needed. You can also use it to turnfile sharing). 10 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the Enterpriseoff unused services (such as file sharing, screen sharing, or Overall, SpamSweep is pretty good at making good choiceseven iTunes) that could make your Mac more vulnerable to at- and you can define some overrides to its basic features. Ontack. It even provides a way of simply being aware how people the downside, it does need to sit as a separate program ratherusing your Mac are accessing the Internet. All of these make than being integrated into your e-mail client and it’s a little dis-Little Snitch a great Mac security aid. concerting to have a separate program deleting messages for you. Also, it doesn’t provide any real customized rulemakingAnti-Spam Tools options other than training its filters over time.Most people tend to think of spam as an annoyance that clogsup their inbox and keeps them from getting to really important SpamSievee-mails – and that’s certainly true. But spam isn’t just a pro- SpamSieve may be the best of the anti-spam additions forductivity killer, it can pose a real security threat. Junk e-mails Mac OS X. While it uses the same filtering techniques asoften load Web content that has the potential to impact your SpamSweep, it does so by integrating with your e-mail clientcomputer whether or not you click on a Web site referenced and Mac OS X’s Address Book. It supports a wide range ofin the message. clients, including the most common Mail, Entourage, Eudora, and Thunderbird.And often clicking a link in a message will deliver you tosome form of malicious Web site designed to either install So you don’t need to launch a separate application to confirmmalware or use a phishing scheme intended to mine personal the software’s spam/not spam decisions. It also means yourinformation. e-mail is still managed by your e-mail application. The support for Address Book (and contacts in Entourage) is a nice way ofThe fight against spam can and should take place on mul- ensuring anyone you actually know will be able to reach you.tiple levels. Ideally, your mail server will have its own junk mailfiltering. Public services like Apple’s Mobile Me, GMail, Ya- SpamSieve does offer its own separate application as well.hooMail, and Hotmail offer some of the best spam filtering This is used to configure filters (and quite a bit of configu-because they handle mail accounts for so many people. But ration is supported) and training process. It also allows youprivate servers (those run by an Internet provider or private to configure mail notifications and other points of integrationcompany) may not have such extensive or fine-tuned spam with your e-mail client. Perhaps most importantly, SpamSievefiltering. does an impressive job of accurately filtering spam.Beyond the server level, filtering can take place on your com- Intego Antispamputer. Almost all e-mail applications, including Apple’s Mail Intego’s offering in antispam category, appropriately namedand Microsoft’s Entourage (the two most common Mac e-mail Personal Antispam, is another good choice. It integrates withclients) include some junk mail filtering options. But you can either Mail or Entourage and can integrate with Address Bookextend those capabilities with additional anti-spam software, for trusting contacts. Although this is a more limited set of e-including the following: mail clients than other tools, it does cover most Mac users.SpamSweep As with their other tools, Intego has put an effort into makingSpamSweep is an application that acts as a middleman be- Antispam very user friendly. Beyond just being user-friendly,tween your e-mail client. SpamSweep connects to your mail it offers the ability to customize filtering and offers filteringserver, downloads the first 100K of each message, scans options beyond just blacklist/whitelist and Bayesian filteringthem, and then deletes the spam while it’s still on the server options in other tools. You can also filter based on types of(you can control confirmation of what is and isn’t spam). When attachments or portions of Web site addresses noted in an e-your mail application connects, it downloads the remaining mail. This provides additional capabilities. A particularly nice(good) messages. feature is that not only can you configure each type of filter; you can also opt to use all or only some of them.SpamSweep uses a combination of blacklist (bad) andwhitelist (good) e-mail senders as well as a technique called Personal Antispam enables you to export spam rules as filesBayesian filtering, which analyzes the content of each mes- for installation directly on other Macs running the software.sage to determine how to mark messages. These filters and It also offers usage reports and graphs, helping you see thelists can be trained by marking mail as spam (or not spam) and percentage of spam being filtered as well as the types. Over-grows more accurate over time as you use the software. all, this is another great product from Intego. 11 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the Enterprise Consider Xserve Not a Cross-Out By Eddy PetersdW ith the success of iTunes and iPods, not to men- $2,999; or one with the same basic specs except for two 2.26 tion MacBook, you’d think Apple wouldn’t be that GHz Nehalems for a price of $3,599. interested in the Xserve — an item that contrib- utes a relatively minuscule amount to the com- The current operating system in the Xserve is known as Leop-pany coffers. ard, version 10.5 of the Apple server software. It took over from the Tiger OS (10.4). Compared to its predecessor, Leop-Yet Apple has been working hard on its server platform. In the ard provides a streamlined interface that makes it easier forpast year or so, it updated its server OS and has added Intel those who lack server administration experience to set up theNehalem processors to Xserve. In server. Further, it comes with lotsaddition, it has made its Mac Pro of collaboration software (suchdesktop hardware available as as a Wiki server), and a mediaa tower server. Finally, the com- processing engine to automatepany has continued to invest in the capture of content and itsimproved storage systems for its publication.user base. This will be supplanted by ver-Xserve sion 10.6 in September that isAt the end of 2006, Apple intro- codenamed Snow Leopard. Thisduced the first Intel Xeon proces- takes many of the features of Ti-sor-based Xserve model. Since ger and Leopard a stage further.that time, it has continued to add The Mac OS X Snow Leopardthe latest and greatest from Intel. Server will include Podcast Pro-The newest Xserve, for example, ducer 2 for automating the cre-comes with Xeon 5500 series ation and publishing of podcasts,processors. and Mobile Access Server for se- cure access to firewall-protected“Our most recent release has a network services for iPhone andlot of new technology which pro- Mac. Version 10.6 extends thevides a big boost in performance 64-bit features of the OS all theand more memory bandwidth,” way into the core to take full ad-said Doug Brooks, the Xserve product manager at Apple. vantage of multi-core processors. Other features include Wiki“Customers include education, science, research, federal Server 2, a new Address Book Server, iCal Server 2, (Web-government and creative customers in printing, graphics, me- based calendar access) and a Mail Server engine. Accordingdia, video and post production.” to Brooks, it will be up to twice as fast as Leopard.Apple positions this 1U machine as a complete package — Apple Storageeverything you need in one box. The company web site push- Apple has also been working hard on storage support. On thees two basic versions: Xserve side, the company released a 128 GB solid state drive (SSD) option. As it comes on an internal RAID card, it doesn’tA server with one 2.26 GHz quad-core Nehalem processor take up a hard drive bay. This SSD, though, isn’t intended forwith 3 GB of memory, one 160 GB 7200 rpm SATA drive, primary storage. Rather, it operates as a fast, low-power bootMac OS X server software and unlimited client licenses for drive with the OS loaded onto it. It costs $500. 12 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.
    • Apple in the Enterprise“The SSD gives 100 MB a second-read performance, and Mac Prorandom access performance is up to 20 times faster than a As well as the Xserve, Apple has one other server hardwareSAS drive,” said Brooks. offering. Its Mac Pro desktop is now being offered as a server (i.e., it comes loaded with the Mac OS X Server software).Additionally, the company has updated its SAN file system According to Brooks, this has been available for some timewith the release of Xsan 2. This is clustered file system but the company is now putting more of a spotlight on it. Macsoftware that helps to create shared storage environments Pro pricing starts at $2,499.used in IT and video editing. XSan 2 requires a FibreChannel (FC) SAN network and a metadata controller that “Xserve is a rack-mounted product, and some SMBs prefer atypically runs on Xserve. tower model,” said Brooks. “We support our server software on the Mac Pro and the Mac Mini. The Mac Pro has all of theWhile Apple continues to provide storage software, it is no horsepower of the Xserve and most of its features except alonger in the storage hardware business. The web site adver- redundant power supply and lights out management.”tises the Promise VTRAK RAID storage system, which is fullycompatible with Xserve and Xsan 2. 13 Back to Contents Apple in the Enterprise, an Internet.com IT Management eBook. © 2009, WebMediaBrands Inc.