'SQL Slammer' Lessons: Traditional Antivirus Is Not Enough 19 February 2003 Back To Security & Privacy Focus Area

	The staggering damage caused by "SQL Slammer" (also known as "Sapphire"), the fastest-spreading worm in computing history, shows that enterprises worldwide must re-evaluate their security processes and controls. Many enterprises, including some of the largest and most-prominent in the world, suffered crippling downtime that resulted in enormous costs to their businesses. Additionally, SQL Slammer exploited a security vulnerability — a buffer-overflow flaw that affects Microsoft's SQL Server and applications created with Microsoft Server 2000 Desktop Engine — for which a patch had been available for more than six months.   Read more		Arabella Hallawell Editor in Chief Security & Privacy

	'SQL Slammer' Lesson: Patch Management Is Not Enough 13 February 2003 Mark Nicolett  John Pescatore  The "SQL Slammer" worm exploited a security flaw that could, and should, have been patched. However, patch management alone will not sufficiently protect enterprise networks.		'SQL Slammer' Lesson: Just Say No to Desktop Servers 19 February 2003 John Pescatore  The rapid spread of the "SQL Slammer" worm showed that highly vulnerable desktop servers are everywhere. Here's how enterprises can shut them down for good.
	Patch Management Benefits, Challenges and Prerequisites 4 November 2002 Ronni J. Colville  Mark Nicolett  Ray Wagner  Patch management is critical to ensuring business availability. Environmental complexity and security exposures must be managed.		Update Your Internet Server Security 30 January 2003 John Pescatore  As the "Sapphire" worm proved, enterprises face critical security issues that include, but are not limited to, securing Web servers. Evolve your security strategies for Internet-exposed services by following our guidelines.
	Internet Security Metrics 31 October 2002 John Pescatore  Answer six simple questions to gauge your proactive and reactive Internet security service levels to help improve your Internet security readiness.		Network Security Platforms Will Transform Security Markets 7 November 2002 John Pescatore  Richard Stiennon  Matthew Easley  An integrated network security platform approach will increase network security and reduce the cost of ownership for perimeter security, while preserving best-of-breed options.
	Deep Packet Inspection: Next Phase of Firewall Evolution 21 November 2002 Richard Stiennon  Enterprises must ensure that their firewalls perform deep packet inspection at wire speeds, and apply security policies based on application content as well as source, destination and port, to effectively block cyberattacks.		Expect Turmoil in the Enterprise Antivirus Market 22 May 2002 Arabella Hallawell  Vendors may have grand ambitions for their enterprise antivirus products, but they should focus first on getting the basics right: product and service quality, and management functionality.