نوشته شده توسط : jiajiasnow

Further integrating the ecosystem of tools finance professionals be based upon most, Host Analytics, the key innovator of cloud-based enterprise performance management (EPM) solutions, today extended its reporting capabilities for Microsoft Office. With Host Analytics Spotlight for Office, customers can seamlessly build management and financial reports directly within Microsoft Excel, Word and PowerPoint. With the push mouse button, data may very well be dynamically refreshed in your applications; ensuring it is often accurate and as much as date.

"Prepping data for presentations and reporting is definitely unavoidable and arduous task for finance teams. Quite often the information needed is rendered in Microsoft Office, making this time consuming and hard to manage," said Sanjay Vyas, chief product officer, Host Analytics. "Spotlight for Office was made to make this somewhat process painless for all our users, by enabling embed the information once, with minimal formatting, and be able to giving them a chance to quickly refresh with the correct, up-to-the-minute information."

With Spotlight for Office, customers can harness the power of Microsoft Office for presenting information while ensuring "one version of the truth" from the centralized, secure data store. Presentations and documents are built once with live links at the data and used equally as much as needed, saving energy and eliminating errors attributable to manual cutting and pasting. Every report is produced in Excel, PowerPoint or Word it may possibly be accessed anywhere and delivers data security, integrity, and confidence in your data by dependent upon the Host Analytics platform since it's foundation. While using the push of a mouse button, data can be dynamically refreshed; ensuring it's usually accurate and as much as date.

Besides delivering management and financial reporting from Word and PowerPoint, Host Analytics customers will build and analyze Spotlight XL and Spotlight Web reports completely from the Host Planning Finance cube, reducing the time and effort need to build and analyze financial statements in Spotlight.



:: بازدید از این مطلب : 657
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0
تاریخ انتشار : دو شنبه 1 مرداد 1397 | نظرات ()
نوشته شده توسط : jiajiasnow

Microsoft still struggles to exceed the 700 million active devices running Windows 10 mark, since adoption of the operating system has delayed.

This is mostly brought on by the Windows 7 exodus not reaching full speed, Microsoft says, together with the company expecting the transition to Windows 10 to accelerate inside the coming months approaching the January 2020 end-of-support date to make the 2009 computer.

Microsoft announced that Windows 10 was running on 600 million devices funding November 2017, while at Build this season the firm says that it's getting towards 700 million active installs.

But because it turns out, this really is where Windows 10 is still right now, with CEO Satya Nadella revealing during an analyst call following Microsoft's earnings report today that the OS is almost 700 million active installs.

"The Windows 7 problem"

In step with a report from Softwareonlinedeal, Windows 10 not reaching its full potential might be the result of people holding Windows 7. Microsoft is projected to drag the plug on Windows 7 in January 2020, and so the software giant expects perform properly devices upgraded to Windows 10 to generate as we get magnified this deadline.

At this moment, Windows 7 is most likely the world's number one desktop operating platform with a share over 43 percent, reported by third-party data, while Windows 10 relates to the runner-up with approximately 34 percent. Consequently , there still are plenty of devices that can be upgraded to Windows 10, decor we advance to qualify for the Windows 7 EOL date, the volume of systems switching should increase substantially.

On one hand, Microsoft is also afraid that Windows 7 can get the new Xp, with users refusing to convert despite the end of support.

Vista is still around in the world today with a share of nearly 4 percent, despite specifically getting security updates since April 2014.



:: بازدید از این مطلب : 726
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0
تاریخ انتشار : جمعه 29 تير 1397 | نظرات ()
نوشته شده توسط : jiajiasnow

Microsoft recently released the number one public preview of Windows 10 IoT Core Services, the company's new service that was announced at Computex the year 2010.

Windows 10 IoT Core Services is specially targeted at customers who would like to embrace Windows 10 IoT with regard to their devices, but together be sure that long-term support comes available. Microsoft promises updates for as many as ten years.

Furthermore, Windows 10 IoT Core Services goes along with device update control, plus rights to commercialize with Device Health Attestation.

"This cloud-based service evaluates device health insurance and can integrate getting a device management system to increase the security of one's IoT solution. These features give our partners the premise to build sustainable business models by considering Windows 10 IoT Core," Microsoft explains.

Together with Windows 10 IoT Core, this product comes with a fee, and Microsoft is offering three more different options to customers who want to install it around the devices.
"Buying options"

Correct, businesses and solution integrators will usually get it through having an Azure subscription, and pricing begins at $0.30 per device each month. This price occurs into effect later this fall when Microsoft launches Windows 10 IoT Core Services officially, and through the preview period, meaning today, the price drops to $0.15 per device each month.

Additionally, Microsoft also is offering a different option to partners signed up for the Cloud Solution Provider (CSP) program to resell the service as being pay-as-you-go subscription that hopefully will become available later in 2012.

And conclusively, OEMs can also get Windows 10 IoT Core Services to acquire a device by pre-paying in the product, though full specifics should be announced another time when it welcomes in.

"Microsoft is devoted to offerings that will our partners provide compelling solutions and get their business goals. And additionally our recently announced support for NXP silicon platforms, long-term support, along with Windows AI Platform, Windows 10 IoT Core Services is really a step in meeting our partners' needs," Microsoft concludes.



:: بازدید از این مطلب : 784
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0
تاریخ انتشار : پنج شنبه 28 تير 1397 | نظرات ()
نوشته شده توسط : jiajiasnow

Windows Essentials (also called as Windows Live Essentials) was obviously a suite of desktop applications that included various Microsoft programs, like Messenger, Mail, Movie Maker, Photo Gallery, Writer, and OneDrive.

The end version of the suite was already released in 2012, on the final update in 2014, and reached end of support on January 10, 2017. Microsoft removed those from its site last season, and while it can be officially will no longer available for download, you can still get it -- know how. And good news is tools like Movie Maker work fine on Windows 10.

On Microsoft's Windows Essentials page, the software giant helpfully shows that:

Any websites offering free downloads of Windows Movie Maker are certainly not offering sanctioned Microsoft products. Take care as these products may contain viruses or hidden costs.

It is a valid point, you can download Microsoft Windows Live Essentials 2012 on the internet Archive, this is a very safe source.

The suite contains:

Photo Gallery
Movie Maker
Mail (support limited)
Messenger (do not functional)
Writer (newer version available, note: Newer version not anymore developed directly by Microsoft)
OneDrive (newer version available)

It will need you to be running Windows 7, or later, elegant . you might expect with a suite that hasn't been upgraded in 4 years, some programs -- Messenger essentially -- don't work anymore. However, Movie Maker and Windows Photo Viewer run without difficulty on Microsoft's newest OS.

You may download the suite from the web Archive here. It's a 131MB file, and you have got the choice of getting it directly from your website (slow) or as providing torrent file (faster).

While the different than install each one of Windows Essentials was the recommended choice planned to attend classes 2012, you'll choose to select 'Choose the programs you have to install' now and precisely pick the required tools.

Naturally, running old, unsupported software is very little great idea, in case you're serious about one of these programs, it is a safest way of getting it.

Note: If it throws up a miscalculation during installation, you'll probably find it has installed anyway. If it's not, make sure you're running English (Unites states) as your default language.



:: بازدید از این مطلب : 637
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0
تاریخ انتشار : سه شنبه 26 تير 1397 | نظرات ()
نوشته شده توسط : jiajiasnow

Microsoft is giving its Notepad app for Windows a surprising degree of new features. Whilst the software giant hasn't updated Notepad regarding, the next Windows 10 update will include some highly requested additions. Microsoft is clearly hearing and seeing Windows 10 users who use notepad for development, logs, or simple text manipulation.

You'll soon find it easy to do wrap around find and replace alongside being able to zoom into text by holding across the ctrl key as well as using the mouse wheel to zoom inside and out. Microsoft is also adding in extended line ending support making sure that Unix/Linux line endings (LF) and Macintosh line endings (CR) are supported in Notepad. The status bar will now be enabled by default in Notepad, yet it includes the wherewithall to display line and column numbers when word-wrap is enabled.

Microsoft is typically finally adding in ctrl+backspace support to delete a previous word in Notepad, and performance improvements for large files. Now you may even discover words on Bing through Notepad by means of right exploring them to buy your new option. Microsoft's Notepad additions click through on the company updating its Windows Console to begin with in Over twenty years, and the surprise addition about the Linux command line to Windows 10.

These new Notepad features may in the update currently codenamed Redstone 5, that's expected to debut later this halloween season. Microsoft is now putting the finishing touches to the next major Windows 10 update, on the other hand won't include the popular tabs (Sets) feature for File Explorer among other apps.



:: بازدید از این مطلب : 693
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0
تاریخ انتشار : پنج شنبه 21 تير 1397 | نظرات ()
نوشته شده توسط : jiajiasnow

Proofpoint, Inc., (PFPT), a leading cybersecurity and compliance company, today announced the method of getting Proofpoint Cloud Account Defense (CAD) to detect and proactively protect Microsoft Office 365 accounts, preventing attackers from causing financial and data loss. Cybercriminals have pioneered a fabulous way to compromise corporate email systems, that time period by using brute force attacks to steal Microsoft Office 365 login credentials of corporate users following logging in as the imposter on the system. These new hacking techniques work the way in which company has deployed single sign on or multi-factor authentication (MFA) consist of their security system. As the hacker has logged in masquerading for a real employee, you will find there's wide spectrum of choices while operating very quickly corporation's email instance to cause financial harm and data loss. Available today, the recent Proofpoint CAD solution helps organizations detect, investigate, and remediate these Microsoft Office 365 compromises.

CAD provides comprehensive user-centric visibility important to detect and investigate compromised accounts and thwart email account compromise (EAC) credential theft tactics including credential reuse, brute force attacks, and credential-stealing malware. EAC tactics, when combined business email compromise (BEC) social engineering, are hallmarks of groups the same as the 70+ cybercriminals arrested within the recent Operation Wire Wire federal effort that recovered approximately $14 million in lost funds.

"It only takes one compromised Microsoft Office 365 account to unlock access for the virtual goldmine of confidential data and access-and we all have seen the increase in organizations losing both money and data to the attacks," said Ryan Kalember, senior vp of Cybersecurity Technique for Proofpoint. "Once an attacker compromises a good account, they'll read a user's email, check out their calendar, and launch internal phishing emails attempts with a trusted account. We've even seen these attackers stick to targets with multifactor authentication by exploiting interfaces that won't support strong authentication in every single deployments, such as Exchange Web Services and ActiveSync. Fortunately, CAD can detect these attacks simply by using our extensive intelligence, stopping them before they're cause damage."

Operating down the entire Microsoft Office 365 applications suite including email, SharePoint Online, and OneDrive, this new CAD solution protects users, data, and financial assets on any network or device. CAD empowers organizations to do a proactive approach when addressing risks involved with Office 365 that often evade other security detection methods. This is particularly critical on account of Microsoft Office 365's wide variety of integrated third-party applications. With CAD, security teams can:

Detect Compromised Accounts: CAD studies the attacker's footprint by combining contextual data like user location, device, and login time, with Proofpoint's rich threat intelligence to discover safe baseline behaviors, detect compromised accounts, and flag suspicious behavior.

Investigate Incidents with Granular Forensics: Organizations can investigate past activity and alerts through CAD's intuitive dashboard using granular transaction forensic data like for example user, date, time, IP, device, browser, location, threat, threat score, plus more !.

Defend Office 365 Accounts with Flexible Policies: With insights from CAD's detailed forensics, users can prioritize alerts in keeping with severity to prevent alert fatigue while building flexible policies dependent on multiple parameters including user, location, network, device, and suspicious activity.

Deploy Quickly in your Cloud: Proofpoint's cloud architecture and integration with Microsoft Office 365 APIs enable organizations to quickly deploy and derive value from CAD.

CAD builds upon Proofpoint's extensive cloud-enabled portfolio of solutions that let organizations to deploy and employ cloud applications with full confidence.



:: بازدید از این مطلب : 761
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0
تاریخ انتشار : چهار شنبه 20 تير 1397 | نظرات ()
نوشته شده توسط : jiajiasnow

Many organizations carry mix of new and old technologies that complicate the maintenance workload of your IT staff. Administrators should take stock in their systems and look a complete rundown pores and skin variables inside your server operating systems under their purview. While it might not be a possibility to use one utility to order the entire data center, administrators must assess which tool has the most value by weighing the capabilities of each one.

For these everyday tasks, administrators employ a choice of several Windows server management tools that could at no extra cost. Some have been established for years, while some recently emerged from development. Here guide helps IT workers fully grasp this certain tools be very effective in particular scenarios.
Choose a GUI or CLI tool?

Windows server management tools also come in two flavors: gui (GUI) and command-line interface (CLI).

Many administrators will admit it's much easier work with a GUI tool considering that the interface offers point-and-click management do not have need to memorize commands. A disadvantage to a GUI tool certainly is the amount of time it only takes to execute a command, for instance there are a lot of servers to look after.

Learning how to use and implement a CLI tool generally is a slow process the way it takes significant effort to grasp the language. Many downside is the majority of these CLI tools were unable designed to share data; the administrator must understand how pipe output within one CLI tool an additional to develop a workflow.

A GUI tool is great when there are not many servers to get through, or for one-time or infrequent tasks. A CLI tool superior for doing a series of actions on multiple servers.

Windows Admin Center: A good solid management contender

Windows Admin Center, formerly Project Honolulu, is a really GUI tool which combines local and remote server management tools per console for only a consolidated administrative experience.

Windows Admin Center is one kind of Microsoft's newer Windows server management tools thus easier to employ nondomain machines, particularly running Server Core.

Windows Admin Center could only manage Windows systems and lacks the functionality IT workers began to expect in the Remote Server Administration Tools application.

Administrators focused on using Windows Admin Center among their primary Windows server management tools should know potential security issues before implementing it with their data center.

A venerable offering expands to new platforms

Now through 10 years old, PowerShell is among key Windows server management tools because of its potent opportunity to manage multiple machines through scripting. Merely a Windows product, Microsoft converted the automation and configuration management tool into a source project. Microsoft initially called this new offering PowerShell Core, nowadays refers to it as a just PowerShell. The open source version of PowerShell runs on Linux and macOS platforms. Microsoft supports Windows PowerShell but won't plan to combine features on it.

Administrators can ever choose both PowerShell versions hand and hand, which might be meant for some shops. Currently, Windows PowerShell provides more functionality because certain features haven't yet been ported to PowerShell Core.



:: بازدید از این مطلب : 870
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0
تاریخ انتشار : چهار شنبه 13 تير 1397 | نظرات ()
نوشته شده توسط : jiajiasnow

Windows 10's security is getting beefed up as Microsoft brings features previously available for enterprise to all users.

Microsoft says regions of Windows 10's Enterprise edition's Attack Surface Reduction (ASR) feature, piece of Windows Defender Exploit Guard, could be made available to all of the versions of Windows 10.

The ASR-related feature was released to those testing early builds inside the OS included in the Windows Insider Program yesterday.

The hottest Insider build, 17704, allows users to toggle for a new Block suspicious programs feature, which is able to "prevent behavior by an app or file which can infect your device". Microsoft says the feature uses ASR technology, that can forbid an array of risky behaviors, for example , blocking executable content within the email or blocking Office applications from creating child processes. The feature can be obtained within the Virus & threat protection Settings page. Anyhow, the new feature doesn't sound as configurable as your ASR available to enterprise, there are still an array of protections only available to consumers Enterprise version of Windows 10.

The addition is part of a gradual bolstering of Windows 10's overall security, with last year's Fall Creators Update improving ransomware protections such types of the ability to designate certain folders and documents as protected, hence they would solely be accessible to trusted applications. User folders for example , Documents, Pictures and Downloads are safe by default.

Within this latest Insider build, apps that're automatically blocked from accessing user folders like Documents and photos, will also be capable to whitelisted using a menu under Virus & threat protection->Ransomware protection->Allow an application through Controlled folder access.

Other security improvements available in this latest release include displaying all threats somewhere that need action from the Virus & threat protection section.

Users will be able to view many of the security software and services running along the device within the new Security providers->Manage providers section from your Settings app. The page gives links to relevant apps now to more information on resolving any troubles with those apps.

Privacy improvements

Microsoft also continuously improve transparency in Windows 10, utilizing ths latest build including a new version of Windows 10's Diagnostic Data Viewer, the earlier tool for viewing what information Windows 10 collects from users.

The revolutionary version also reveals what stats are collected by Microsoft when an app crashes or possesses a problem. Users is to try to view which apps triggered the crash report, gets hotter was sent and particulars on what information was collected. The feeling shown can always not be intelligible onto the average user, however.

Sets disappears from view

The very best Insider build also removes a true new feature called Sets, on the promise it should return soon in an improved form. Sets will mark a big departure for Windows , introducing the industry of tabbed windows. The feature will permit users to group together related apps, documents, files and websites into separate tabs within one desktop window. This way, users can easily group together everything linked to a specific task inside one window, even when that submissions are an Office document or maybe a website.

Its removal among the build coincides with sources telling TechRepublic's sister site Softwareonlinedeal your feature may now not be released to all Windows 10 users where the next major feature update is released later this christmas.

Microsoft Edge browser also gets tweaks, with users willing to block all autoplaying videos as well introduction of the Edge "Beta" icon so users can convince if they're finding a test build of Edge.

Microsoft also revealed its adding another Windows image towards the Windows Server container collection. This new image is addition for the existing Nano Server and Windows Server Core images. The Windows image can be purchased to try regarding running a container host on Windows Insider build 17704.

These the latest features are expected to remain rolled out everybody Windows 10 users at absolutely no cost later the year of 2010, with the launch of the Redstone 5 feature update.

Microsoft revealed that it will not dispose of existing Snipping Tool with Redstone 5, and tend to replace it, along with the currently under development Screen Sketch app, with just one different cut-off date.



:: بازدید از این مطلب : 808
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0
تاریخ انتشار : پنج شنبه 7 تير 1397 | نظرات ()
نوشته شده توسط : jiajiasnow

No more life of Microsoft's Windows 7 operating software is nearly upon us, while using the company saying its updates and patches to the widely used interface will cease after January 14, 2020. Such circumstances, nearly everybody would think that critical plant control system operators should be in a mad scramble to upgrade to your latest version.

Yet astonishingly, key U.S. coal and oil infrastructure facilities use plant control systems underpinned by Or windows 7, an even earlier legacy operating software that Microsoft stopped providing patches and upgrades for funding 2014.

Your correspondent found 10 facilities, of varying throughput scale, in three U.S. Gulf Coast states including Texas still operating their plant control systems underpinned by outdated Microsoft operating software. Confidentiality and security clauses of site visits prevent mentioning the facilities directly, yet the issue is a serious and widespread concern stateside, depending on feedback from plant automation solutions providers similar to General Electric Automation and Controls, Emerson and Honeywell.

Aggregation of U.S. industry data suggests around a fourth of oil and gas downstream customers of one's world's big five plant automation vendors stateside continue being on Microsoft windows, despite the recent WannaCry virus ransomware attack, coupled with other high-profile cyber intrusions, that exposed the vulnerability of legacy software recently.

But what might shock the particular hardly may come as a surprise to industry insiders. Brendan Sheehan, Senior Director of promoting at Honeywell Process Solution, the multinational company's automation division, says upgrading dilemmas for conservative industries like for example petrochemicals and refining ordinarily are not new and revisit almost 40 years.

"That's when plant control systems started gradually migrating from proprietary software the vendors conjured up to largely MS Windows-underpinned operating software owing to cost savings. In short, refining and petrochemical plant operators will buy a control system from us and expect it to run 25 to 3 decades, and they will often ask us to be certain of supporting it for ones period as soon as we do.

"Before the turn of the 1990s, as soon as had proprietary software, such systems were secure and bespoke but admittedly reasonably dear. Then MS Windows platforms started bringing volume, scalability decrease costs, that are visible even today. We initially thought let's not let go for Linux, that's been more secure and attuned to industrial usage, and others robust than Windows NT right at that moment. But it wasn't so many things familiar to customers and users, so Windows won."

To be the refining complex, and of manufacturing actually, has moved towards MS Windows world, plant operators now feel on a platform that progresses so much more quickly than they would like.

The business has to accept upgrades much more, and vendors, whose plant control systems use MS Windows, have little choice but to acquiesce each and every upgrade, and press buyers to do likewise. That is all they are able to do.

"We are telling customers you should move; we cannot support you when you are on Windows XP. But you can't force the criminals to move. Zero cost consultation . you have instances of cybersecurity breaches, most of which don't get through to the public domain. By a few measures, Honeywell counts 30,000 intrusions or attempts at intrusions everyday. An outdated system makes protecting customers really hard, though possible," Sheehan says.

Gavin Mead, Principal in KPMG's Cybersecurity Services, also deems the findings to be really unsurprising, as upgrading a plant control system in a conservative publication rack not as simple as installing and rebooting your laptop or desktop. It carries major cost and downtime implications towards the refinery or petrochemical plant accessing.

"Unlike in the [administrative or back-office] IT environment, more often than not the plant IT hardware applied to an industrial setting is tightly plus the physical equipment it manages or monitors. Upgrading the IT components could require replacing of the entire module (i.e., IT equipment plus the physical components), and maybe even of the whole line, based mostly control system architecture.

"Furthermore, several of these legacy IT systems support 'disconnected assets,' meaning physical devices which do not communicate more than a network - to provide an example, very expensive mass spectrometers."

It creates massive challenges for operators, reliable willingness to upgrade seriously isn't lacking. Although not belittling the concerns over cyber attacks on plant control systems, Mead reckons their segregation from conventional IT for plant operations does offer some modicum of safety.

"These systems are known to have un-fixable vulnerabilities in most cases [that vendors can't help with and Microsoft won't provide upgrades for a longer], but as opposed to the conventional IT environment where everything is highly connected and users are getting together with unknown Internet services continually, the industrial environment must really be much more segregated, static and controlled, enabling a greater tolerance for aged IT systems."

Be that as it can, another issue Sheehan flags would be that bespoke apps written for specific customers raise further complexities. Being "bespoke," they are definitely designed solely for your personal operating system they really are written on. This will likely cause issues after the plant eventually attempts to upgrade the operating software, given that the apps might require changes too. Considerable time, including the setting up headline patches, requires careful planning.

"In fact, incorporating patching is the one other challenge altogether. We write patched software for purchasers and make it available as deemed necessary. But normally you want to be in a controlled environment when running those patches, terrible on a running plant, and of course not during something critical.

"And the issuance of patches happens to be more frequent. You are required to remain constantly attuned to updates and patches. For that reason the Human Machine Interface (HMI) had to be made separate from the control system, equip upgrades with out upgrade the particular control system - that is how in the end we handle some of the processes and challenges. But admittedly, for a HMI you really are susceptible to Microsoft."

Meanwhile, since the usage of Windows 7 is far from over despite repeated warnings on your industry, Honeywell, Yokogawa Electric, GE, ABB and Emerson possess the applicable acknowledged they may be well while alerting their end customers, both within and right after oil and gas sector, about get yourself ready for the end of use of Windows 7.

Quite simple pretty onerous exercise byby itself, as global research firm Gartner reckons Windows 7 is among one of Microsoft's hottest Windows operating software, well on the usage penetration of even Microsoft windows. All the vendors will do is alert end customers, but whether the plant controllers pay heed is a matter.

There is certainly no disputing that a breach found in a plant control system can have devastating consequences. Within a refining and petrochemical landscape, obvious reputational damage, downtime and financial costs aside, risks could extend to environmental damage, passing away, fail-safe shutdowns and system destruction. At some point soon, those on outdated systems truly ask themselves: Might it be really worth a possibility? Ignoring it could actually have devastating consequences.



:: بازدید از این مطلب : 748
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0
تاریخ انتشار : سه شنبه 5 تير 1397 | نظرات ()
نوشته شده توسط : jiajiasnow

So, you'll want to enable FIPS 140-2 cryptography…

You can work in a market that requires you tp utilize FIPS-compliant encryption, or your work in government and are required to stick to the Defense Computer Agency (DISA) Security Technical Implementation Guidelines (STIGs,) maybe boss heard somewhere that FIPS is a popular thing to have. Regardless, you'll have questions like following:

What is FIPS 140-2?
How need to enable it in SQL Server?
How will it really impact my SQL Servers functioning, will I need to re-write things?
Will it break anything from my SQL Server environment?

This short article try to answer those questions and in some cases providing facts on where to find more updates.
FIPS 140-2

First up, precisely what FIPS 140-2? FIPS stands for "Federal Information Processing Standard". 140-2 is usually a statement released specifying which encryption and hashing algorithms should be considered if a item of software such as an operating system or database application desires to be listed to "FIPS 140-2 certified" or "FIPS 140-2 compliant." SQL Server can be viewed as compliant Should the operating system as to what it runs is certified and configured to enforce FIPS 140-2 compliance. Per Microsoft, this involves Windows turn out to be Windows Server 2003 or newer, or Microsoft windows or newer (about the desktop.)
Enable FIPS

How would you enable FIPS in SQL Server? Be thought of as the easiest question. You don't. Instead, it's essential to enable FIPS in your operating system. You are able to accomplish this through the "Local Security Policy" MMC during the "Local Policies -> Security Options" section. Choose the option "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing." Set this to Enabled and reboot. Or, if you're within domain environment, this setting might well be controlled through Group Policy Objects, in which case you'll need to chat to your Domain Administrator team about setting it up changed.

Per Microsoft, when you enable that above setting, SQL Server will become operating in FIPS compliant mode without the need of changes to begin the process up parameters required. The wide ranging impacts on SQL Server are minimal. You have a small performance hit in many processes which enable less strong encryption. If you use service broker with RC4 encryption, the service will not likely start while you configure it to create use of AES instead. Any areas in SQL that permit you to choose the encryption procedure to use, in case non-FIPS algorithm is selected, SQL Server will not use encryption the least bit.

As for other features you may be using in SQL, like the SSIS or SSRS, there are numerous potential impacts to look out for. If you are using the SSIS option "UseEncryption" and offer it set to True, you can find errors stating that the "available encryption is incompatible with FIPS compliance." This tends to result in no encryption among the message process. You might even get a "System.InvalidOperationException" error an internet to execute an SSIS package. This is often resolved by installing the most current Service Pack for SQL Server 2012, SQL Server 2014, or SQL Server 2016.

By using SSRS, now things get interesting. Once you enable FIPS as well as have an SSRS instance (or instances,) SSRS might start throwing errors through the Report Manager screen or when calling a survey from the Reports URL. The error may be an HTTP 500, a "System.InvalidOperationException," or even just a blank screen. Resolving this implies modifying the internet.config file for the SSRS instance. The online world.config file are located in "<system-drive>\Program Files\Microsoft SQL Server\MSRS<version>.<instance>\Reporting Services\ReportManager\" Obviously, before editing the file it is very important make a copy of this. The .config file is unquestionably an XML document which happens to be edited inside text editor of. Look for the section <system.web> and add the following in comparison with section (I add it even on a new line shortly after the <system.web> to protect yourself from potentially adding it for the wrong place)

<machineKey validationKey="AutoGenerate,IsolateApps" decryptionKey="AutoGenerate,IsolateApps" validation="3DES" decryption="3DES"/>

Inside of my testing for this on an up-to-date SQL Server 2014 SSRS instance, I found I also had to add this to the web.config in the ReportServer folder ("<system-drive>\Program Files\Microsoft SQL Server\MSRS<version>.<instance>\Reporting Services\ ReportServer \") or reports called there would fail by way of an error. After making adjustments above, stay away from the SSRS instance and restart it. If this happens, your reports should function normally.



:: بازدید از این مطلب : 854
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0
تاریخ انتشار : دو شنبه 4 تير 1397 | نظرات ()