skip navigation
Home

P-Guide

What is a Productive P-Guide?
In an effort to provide the most relevant resources for our customers to use, Productive offers articles about pertinent issues in IT for mid-market companies.  These articles are designed to educate IT professionals about software as it relates to security, storage, infrastructure, volume licensing and other relevant topics. 
We welcome your feedback.  Please send comments or topic suggestions to info@productivecorp.com

P-Guide, Patch Management: An In-depth Look
Patch management is a challenging but crucial task in today's environment.  What options do you have at your disposal?
Receive the full Patch Management P-Guide here.
Date Published: November 17, 2008
Format: PDF
Length: 4 pages
Excerpt:
Patch Management is a critical task that can quickly drain away your time and resources.  What options do you have at your disposal?  By any measure, patch management is a crucial task. How crucial? Consider:

  • According to the CERT Coordination Center at Carnegie Mellon University, there were 417 known security holes in 1999. That figure jumped to 1,090 in 2000 and has risen steadily each year since. During the first three quarters of 2008 alone, the organization catalogued 6,058 different vulnerabilities.
  • A mid-2008 report from IBM's X-Force Threat Analysis Service offers similar numbers, and notes that the number of "high-severity" vulnerabilities (which it defines as "security issues that allow immediate remote or local access, or immediate execution of code or commands with unauthorized privileges") continues to rise.
  • The threats continue to evolve, and even desktop applications such as Adobe Reader are being targeted of late and the rise of cloud computing is offering new avenues of opportunity for cyber criminals.


In short, it pays to keep current with patches and updates. The trouble is that patch management can be a time- and resource-draining chore, particularly given the sheer volume of patches that are issued each year.

What Can You Do?
Given that manual patching is too costly and labor-intensive for all but the smallest companies, it pays to invest in a patch management system. There are numerous products at your disposal.

  • One option is Microsoft Windows Server Update Services (WSUS), which is available for free download. The software has some advantages: It does a fair job of streamlining the patch-management process, allowing users to manually or automatically download and distributes patches and updates. However, its reporting capabilities are limited, it only supports relatively current Microsoft-issued updates and patches, and needs its own dedicated server and a Microsoft 
    Server license.


Receive the full Patch Management P-Guide here.

P-Guide: Mid-market Software Licensing
Do SaaS and open source offer a solution to mid-market software challenges?  Or should you look to incumbent vendors for new alternatives?
Receive the Mid-market Software Licensing P-Guide here.
Date Published: September 23, 2008
Format: PDF
Length: 4 pages
Excerpts:

The case for Saas and Open Source
No one can deny the SaaS and open source have plenty of benefits.  Consider open source.  For starters, plenty of observers cite the software's security advantages over its commercial competitors.  It can be customized to fit a company's unique needs.  And it's designated as free to use (at least in its most basic versions), which makes it appealing to companies that either have limited cash on hand or which are leery of getting locked into using a single, proprietary software vendor... 

Four Reasons to Think Twice
Given the obvious benefits of open source and SaaS, is now the time to ditch the conventional software approach?  Maybe not.  As fast as both technologies are growing, both have quirks and drawbacks.  Here are four points to consider...

OVS: An Alternative to the Alternatives
What other options are out there?  Earlier this year, Microsoft unveiled the U.S. version of its Open Value Subscription (OVS) program, an offering that provides a comprehensive way for mid-market companies (with between five and 250 PC's) to manage software acquisition and licensing.  The program is notable for several reasons...

Receive P-Guide: Mid-market Software Licensing here.

P-Guide: CDP: A Closer Look 
Continuous Data Protection as an answer to mid-market data-protection needs.
Receive P-Guide: CDP: A Closer Look here 
Date Published: September 23, 2008
Format: PDF
Length: 4 pages
Excerpt:
In the last few years, an answer has emerged in the form of a new generation of disk-based backup technologies. Generally lumped together under the term “Continuous Data Protection” (CDP), these systems allow for faster backups and nearly instantaneous data recovery.

What exactly is CDP? There are numerous definitions floating around. For instance, the Storage Network Industry Association (SNIA) defines it as a “a methodology that continuously captures or tracks data modifications and stores changes independent of the primary data, enabling recovery points from any point in the past.” IDC has defined it like this: “Continuous data protection, also referred to as continuous backup, pertains to products that track and save data to disk so that information can be recovered from any point in time, even minutes ago.” 

In other words, CDP protects and captures data as it is written to disk and automatically saves every change made to any item of data on a company’s system. By doing so, it can restore data to their condition before a loss or interruption occurred—and often in a matter of minutes or even seconds. The result: less data loss, potentially less business downtime, and an effective to find a balance between RTO and RPO.

Read more and receive P-Guide: CDP: A Closer Look here 


 

P-Guide: Best Practices for Threat Management Implementation
7 key questions to ask.

Receive P-Guide: Best Practices for Threat Management Implementation here.
Date Published: May 27, 2008
Format: PDF
Length: 6 pages
Excerpt:All elements of an IT infrastructure need to be protected by layers of defense based on an encompassing, enforceable security policy:
The network perimeter. This first line of defense requires network firewalls, virtual private networks (VPNs), intrusion detection and prevention, and network access control. Content-level defenses—including anti-malware, Web filtering, and P2P and instant messaging firewalls—also need to be implemented on the perimeter. Unified and integrated threat management solutions can deliver synergy that eliminates perimeter security gaps.
The network core. The variety of applications now handled by networks means that some applications suffer performance degradation. When it comes to securing the core—with firewalls, VPNs, and intrusion prevention—it’s important to consider scalability, performance, and availability.
The data center(s). Protecting your business’s servers and application takes firewalls and intrusion detection/prevention as well as protection of application content (anti-malware). These defenses must be able to handle the throughput demands of realtime apps.

Remote offices and facilities. Both network- and content-level defenses are required here, very much like what’s needed at the enterprise network perimeter. And because these sites generally don’t have IT staff, centralized policy control and remote threat management capabilities are crucial.

Read more and receive the P-Guide: Best Practices for Threat Management Implementation here.