ToolboxNew Products for IT Pros
How do you know what is taking up all the space on your client's machine? You may have a disk space monitor in place to let you know when the machine is nearing capacity, but determining how to clean up the disk to regain a healthy ratio of free space can sometimes be an arduous task. One utility that can help you identify what is taking up space is FolderSizes from Key Metric Software.
When you launch this application for the first time, it gives you a quick walkthrough of the application's UI to help you get going (though the application is very straightforward). To analyze a drive or folder, you simply double-click it in the hierarchical Folder Browser panel. Once FolderSizes has scanned the target, the program provides a graph of disk usage and a folder view that shows you how much space the contents of each parent folder takes up. And with just one click, you can change the visualization of your folders between a pie chart and a bar chart to get a handle on where the space is being used. Personally, I find the bar chart more useful when dealing with numerous sibling directories.
Double-clicking on a bar, pie slice, or folder drills down into the sub-folder. This navigation makes it quick and easy to zoom in on potential problem points, such as a "hidden" directory of mp3s your user named Sales Presentations. Or, if you have a user who is a document hound and just likes to keep anything and everything on his machine, you can sort by last modified date to see which files haven't been accessed in a very long time. This makes for a good argument to the user that the files can probably be archived to a CD or deleted forever without causing problems.
Another cool feature is how FolderSizes lets you customize the number of levels you want presented in the chart. For example, you could view a chart of every folder on the drive, sorted from largest to smallest all at once, letting you isolate problem spots. Once you do find a trouble spot, you can right-click to access the "command prompt from here" and "explore this folder" actions. This lets you run any other utilities or checks you may need.
FolderSizes also includes a built-in Report Generator that gives you yet another set of views of your target file system's contents. You can, for example, find the largest files of a specific type or the oldest files on the system; you can find temporary or duplicate files; you can locate all read-only files; and you can determine all files that have a specific owner on your file server. The list goes on. And once you have generated your report, you can filter the view, print it, or even export it to XML, HTML, or CSV.
In addition to all this, FolderSizes also offers a great way to streamline your backups, ensuring you only grab the files you really need to archive. You could also use the command-line interface of the application to script and automate checks of your client or server systems. So if you are looking for a quick way to isolate what is hogging the disk space on your servers or client machines, consider giving FolderSizes a shot.
Price: Starts at $50 (single user license).
FolderSizes offers chart visualization of system folders (Click the image for a larger view)
Inactive Users Tracker
The bigger your organization, the easier it is to lose track of inactive user accounts. And in terms of security, it is always a good idea to have a process in place to make sure you can easily track down those inactive user accounts and disable or remove them, eliminating a potential security hole. Inactive Users Tracker, a freeware utility from NetWrix Corporation, provides a simple way to do that.
The tool periodically scans your Active Directory® domains for inactive users and e-mails the list of inactive accounts to the administrative e-mail address of your choice. You can specify which domain you would like to manage as well as which account has permission to scan Active Directory for inactive accounts. In addition, you can set the number of days that an account must be inactive for it to be "labeled" as inactive and included in the e-mail notification. And, of course, you can schedule when the process will kick off.
Other than that, you simply configure your SMTP server to relay the notification e-mail to the administrative address and specify whether or not you want the utility to filter the inactive user accounts using a name filter—for example, you might have all your consultant accounts start with "c_".
There is also a commercial version available (price quotes are tailored to the customer purchasing the product). This version lets you customize the e-mail messages sent to your users, supports automatically disabling inactive user accounts, and includes technical support.
Inactive Users Tracker notifies you about inactive users
Exclaimer Mail Utilities 2007
On one hand, with today's ever-increasingly litigious and regulated world, it is very important that your organization protect its e-mail communications. At the same time, consistent communication and brand recognition help your organization build a better relationship between itself and those with which it communicates. Exclaimer Mail Utilities 2007, which is designed to work with Exchange Server 2007 deployments, can help you on both fronts.
The application has three base features, which help to unify and protect your organization's e-mail commutations: disclaimers, branding, and signing. In addition, you have the ability to add modules that can help fight spam and viruses.
In terms of disclaimers, Exclaimer Mail Utilities helps you reduce your exposure to litigation and increase your compliance with regulations, such as Health Insurance Portability and Accountability Act (HIPAA) and Circular 230, by adding a customized message (that appears either after or before the e-mail text) to every message that leaves your organization. As for branding, you can easily add an image and brand tag to every message you send to ensure that communications with your client base have a consistent feel. And for signatures, you can ensure that an automatic signature is applied to every message, whether it is sent from a smart device, Microsoft® Outlook® Web Access, or a standard Outlook client. The signature is dynamically generated from data that you probably already store in your Active Directory tree. And you can configure the tool to customize those signatures based on a number of factors, including whether the e-mail is sent to an internal or external person, who the sender is, who the recipient is, and what the subject of the message contains.
Pricing for Exclaimer Mail Utilities 2007 is user-based and starts at $245 for 25 users with discounts as you go up in count. In addition, the anti-spam module, the antivirus module, and technical support also increase the base cost. Support is mandatory for the first year and starts at $55 for 25 users. For performance reasons, you need a computer running 64-bit Windows Server® 2003 or Windows Server 2008 to run Mail Utilities. If this sounds good, but you are still running Exchange Server 2003, there is another version available.
Price: Starts at $245 for 25 users.
How to Cheat at Securing SQL Server 2005
As IT professionals, we all know that security should be a top concern for our infrastructure implementations. Just consider how interconnected environments are today and how much sensitive information is retained on your systems. This is especially true for your SQL Server® instances, as they tend to be centralized sources of sensitive information. In addition, the regulations now in place to protect people's privacy, such as Sarbanes-Oxley and HIPAA, can cause you significant legal and financial headaches if something were to happen and this data were to be compromised.
When securing your SQL Server 2005 instances, you might want to take a look at How to Cheat at Securing SQL Server 2005. The title is somewhat misleading—the book doesn't provide "cheats" but instead offers a step-by-step reference to locking down your SQL Server 2005 deployments. The strategy follows the basic principle of "least access," where you only allow what you need to serve the business needs and then turn off the rest.
After the introduction, the book starts out by exploring how to reduce the surface area of your SQL Server 2005 instance using the Surface Area Configuration Tool. You get useful information, such as the default services with their default startup (manual, automatic, or disabled) options when you install SQL Server 2005. In the next chapter, you learn about SQL Server roles and how they can greatly simplify administration tasks. For example, the book shows you how to tie a role to a Windows® group. That way, if you add a new user to the group, he is automatically granted access to the resources available to that role.
The chapter on authentication and granular access discusses Windows and SQL Server logins and the benefits and drawbacks of each. It also explores the Microsoft best practices regarding authentication. The book then flows into authorization, covering the options available to you for fine-tuning what your users will be able to do on the instance (or, in database-speak, your principles' permissions for securables). You learn about things like the dedicated administrator connection (DAC), which provides a local, administrator-only connection that lets you get onto an instance when a query or process eats up all the resources, making the server unresponsive. This is a handy feature that was lacking before SQL Server 2005.
In SQL Server 2005, schemas and users are separated into distinct entities. There is a chapter on defining, updating, and deleting schemas via T-SQL and the SQL Server Management Studio. In this section, you will also find some good tips, such as learning not to use the sp_adduser stored procedure to create new users in SQL Server 2005 unless you want to create a new schema. Instead, use the CREATE USER T-SQL statement to create the user and nothing else.
Passwords are, of course, another important part of securing your setup, and the next chapter discusses password policies at length to help you obtain a uniform level of security across accounts. The author explores different scenarios of implementation to guide you in choosing the best policy and policy type for your environment. Then you move on into Data Definition Language (DDL) triggers and how they can help protect against unintended structural changes and provide audit trails for changes to server logins.
In the next chapter, you discover the many ways SQL Server 2005 can encrypt your data and schemas to protect sensitive information. Finally, the book gives an overview of SQL Reporting Services, SQL Analysis Services, and SQL Server Integration Services (SSIS), including security-related best practices guidelines. The two appendices are also very useful, providing insight into how to secure and implement group policy and Active Directory as it relates to SQL Server 2005.
I found two particularly useful constructs used throughout the book. First, each chapter features a "Solutions Fast Track" section, which gives you a bullet-point rundown of features, facts, and best practices for the elements covered in the chapter. The second is a "Frequently Asked Questions" section, which provides quick answers to questions about administering your SQL Server 2005 instance. If you are looking for a quick way to get up to speed on SQL Server 2005 administration from a security perspective, you might want to consider adding How to Cheat at Securing SQL Server 2005 to your reference shelf.
Price: $19.98 for e-book, $49.95 for paper book
(Click the image for a larger view)
ScreenHunter 5 Pro
Screen captures offer a great way to document step-by-step user instructions, illustrate error messages that occur in applications, or put together a quick feature presentation. Of course, Windows has its own built-in screen capture functionality (PrtScr for a full screen capture, Alt-PrtScr for just the active window). However, the capabilities built into the OS are limited. If you want more granular control over what gets captured and when it gets captured, or if you want to capture a screen from movie playback, you'll need to check out one of the many third-party screen capture utilities available to help you do so. One such tool is ScreenHunter Pro from Wisdom Software. This inexpensive utility has a number of useful features that let you tailor your screen captures to meet your specific needs better.
The UI is straightforward. You simply pick where your screen capture should come from and then direct it to where the capture should go using the aptly named From and To tabs. In terms of what you can capture, the application lets you grab an adjustable or fixed rectangular area, a specific object or window, the active window, a specific portion of the active window, the whole screen, a DirectX® or screensaver source, movie playback, or a more complex shape (a freehand, elliptical, or polygon area that you define). You can also capture multiple window objects or message boxes at the same time (which is great for snagging only the active application along with its dialog or other windows interfaces). You can then dump the screen capture to the clipboard, a specified viewer or editor, a printer, or a file. You can even choose to have it sent to an e-mail address.
Captured images can be saved as BMP, PNG, JPEG, or TIFF files of various image qualities. In addition, you can have the application auto-scale your capture to a specific size, add a border, or add a watermark on the capture, reducing the amount of "post-production" work you need to do to the image. You can even set the application to automatically capture the screen at a specified interval, in effect recording activities on the machine.
Another nice feature is how ScreenHunter Pro supports auto-scroll functionality, allowing you to capture, for example, a long Web page with a viewable region that extends beyond the viewable area on your screen. Like many IT pros, I have multiple monitors, and therefore I like the multiple-monitor capture support, which allows you to grab all the information on your screens with one capture.
This utility even includes a built-in image editor, letting you tailor your images within the same application context. If you don't need some of the more advanced functionality—such as automatic e-mailing, scheduled capture, watermarks, and multi-monitor captures—you might be interested in the slightly cheaper ScreenHunter Plus version. A stripped-down version is also available for free.
Price: $29.95 for ScreenHunter Pro
Greg Steen© 2008 Microsoft Corporation and CMP Media, LLC. All rights reserved; reproduction in part or in whole without permission is prohibited
ScreenHunter Pro lets you specify when and what you capture (Click the image for a larger view)