In-Depth
Products You Love!
You're the ultimate authority for keeping your network up and running. You've carefully chosen tools that help you most and products you can't live without. Here are your choices for 2003's best of the best.
This fall, loyal Readers pored through hundreds of products in nearly three-dozen
categories, all to decide the 2003 “Products You Love” winners. Every
tool chosen by you is the hardest of the hardcore, designed to manage and secure
a Windows network, boost performance and recover from the horrors that often
plague IT. After eyeballing a series of gargantuan spreadsheets packed with
results, comments and suggestions, we derived several themes from this year’s
voting.
Migration to Windows Server 2003, with its enhanced security and the ability
to drastically cut the number of physical servers, is paramount.
Spam has reached crisis proportions, and IT is feeling the heat.
Viruses are out of control, often hidden within the hundreds of obnoxious
spam messages that flood individual mailboxes each week.
Open source and Novell tools are popular, if only to keep Microsoft development
teams honest.
IT is frustrated by the unrelenting tech downturn, but most people still
love their jobs and expect to see budgets improve this coming year.
And this budget crunch makes IT question each and every buying decision.
If a product does something already available from core Microsoft products
(disk defrag, migration, backup) or has an open-source alternative, that
vendor had better prove positive, quick ROI and solve problems the free
stuff can’t touch. “Due to budgeting constraints, I make do largely with
the built-in Microsoft tools or Resource Kit utilities,” said Mark Fuchs,
network administrator for Vista International. “If we could afford the
luxury of half the applications you list in this survey, my job would
be a lot easier. The reality is we budget for necessities like virus protection
and use whatever free tools are available for other tasks,” added another.
When it came to categorizing products, we took a unique approach. Instead
of breaking down products by technology, we defined them based on tasks—in
other words, what they help you do. To safeguard our results, we demanded
that all voters provide full disclosure: Names, titles, companies, e-mail
addresses and phone numbers. Also, we kept voting to a minimal amount
of time. We could have had far more voters by allowing anonymity or opening
up the vote for a longer period, but how many of those votes would have
come in from vendors themselves? Our rigorous methodology eliminated that
possibility.
Task: Drive Imaging
for Rolling Out Desktops
In wading through the write-in votes, we thought we saw a Ghost.
In fact, we saw an endless procession of them, as Symantec’s
Ghost walked away with the win. Ghost, which handles software distribution
and OS upgrades, as well as backup and recovery, had readers raving. “We
use it very inexpensively and successfully,” said Harold Winne,
IS Manager for Kable News.
Cool Feature: Client staging area holds disk
images, user profiles and hotfixes, and can be used for rollback.
Altiris, which has a range of migration and rollout tools, barely edged
out Acronis True Image for second-best desktop
drive-imaging product. Altiris Migration Suite
can capture images of PC hard drives, including user-defined personalities,
and uses scripts to roll them out automatically.
Task: Rolling Out Legacy
Applications
Anyone who’s ever installed a Windows app is familiar with InstallShield,
a tool that helps us forget what a pain old-style DOS installations were.
Enterprises have discovered the beauty of InstallShield
AdminStudio, too and chose it as the No. 1 way to package up corporate
applications.
Cool Feature: Before creating an installation
wrapper, InstallShield will check to make sure the software doesn’t
conflict with already installed programs, keeping angry calls to IT at
a minimum. (Don’t worry! Users will find plenty of other things
to complain about.)
Coming in second is Wise Solutions with Wise Package Studio.
One reader, however, slammed the whole notion of keeping legacy apps.
“Terminate all legacy apps with extreme prejudice,” argued
Michael Schroeter, an IT manager in Australia.
Task: Migrate Desktops
from One Operating System
to Another
Altiris took this category with its popular PC Transplant Pro, which is sold as a stand-alone product or as part of a suite. With PC Transplant, admins can move end-user settings (up to 100 for the OS alone) and personalities to a new operating system such as Windows XP quickly and easily—without disrupting network configurations and access to network resources.
Cool Feature: Based on the system profile, wizards create a self-executing package that handles the OS migration. PC Transplant need not be installed on the migrating PC.
[The preceding paragraphs were revised as of publication.—Editors.]
There was quite a bit of controversy surrounding the whole notion of desktop
migration. Many steadfastly refuse to move on, no matter how hard Microsoft
pushes. Money is one issue; messing with machines that work just fine
is another. One shop has the bulk of its workstations, more than 1,000
PCs, still on Windows 95 and 98, and has no complaints. “We never
migrate…brings too much baggage from the old OS along for the ride,”
said John Straffin, systems administrator for Duke University. “We
do not migrate desktops. We replace them,” stated Thomas Staight,
IT Manager for Nemcomed Inc.
Task: Migrate Servers
I thought there was something strange in the water upon learning that Altiris
and Aelita tied for best desktop migration tool. Say both names fast (or drunk)
and you’d be hard pressed to tell the difference. And the products themselves,
Altiris Migration Suite and Aelita Enterprise Migration
Manager have an awful lot in common. Both are mature, solid, well-rounded
tools with intimate knowledge of Windows and Active Directory. Both companies
also sell suite components separately, and these products garnered considerable
votes as well.
Cool Feature: Altris Migration Suite handles remote
and mobile computers.
Cool Feature: Aelita allows users to access all network
resources and applications during the migration.
As with desktop migration, many readers simply don’t see the point in moving
servers to a new OS. “We don’t migrate servers. We are still successfully on
NetWare and NT 4, with some Win2K,” commented Kable’s Winne. “You’ve got to
be kidding. I’d never upgrade. Always a clean install for a server,” added Rob
Rees, a consultant with Zaxsoft.
 |
| NetIQ Group Policy Guardian |
Task: Manage Group Policies
NetIQ Group Policy Guardian hit the nail on the head, as far
as MCP Magazine readers are concerned. Using a central console, administrators
can troubleshoot, manage, analyze, plan and configure. You can audit policies
and backup and restore.Cool Feature: Audits policies
and tracks changes to help pinpoint security issues.
NetIQ also nabbed second with its Security
Administration Suite.
But not all have the spare cash to buy GPO management tools. “We
do it the hard way—using Microsoft,” lamented one reader.
Task: Make Sure Your
Network Is in License Compliance
Microsoft Systems Management Server (SMS) may have endured
its share of criticism over the years, but for the vast majority of voters,
it gets the job done. SMS can handle software distribution, including
the never-ending stream of patches, as well as track software assets across
the network, and make sure that IT is in compliance with software licenses.
 |
| Microsoft Systems Management Server |
Cool Feature: SMS can remotely troubleshoot
common application problems.
Altiris Compliance Suite came in second.
Task: Monitor and Analyze
Network Bandwidth
This was a close one, with Network Instruments’ Observer
barely edging out Websense’s Lightspeed Total Traffic Control.
Observer, a protocol analyzer and network monitor, can track Ethernet,
Token Ring, FDDI and wireless LANs. Observer customers can start out small
and grow from there. A software tool that runs on Windows, Observer can
monitor a single wireless or hardwired LAN or be upgraded to handle multi-segment
LANs and even WANs.
 |
| Network Instruments' Observer |
Cool Feature: Can turn nearly any
laptop into a full protocol analyzer.
Websense’s tool offers Web-based reports of network traffic and
bandwidth management, and can block traffic including spam, porn and MP3s.
Task: General Network Monitoring
The big guns dominated this category, with Microsoft Operations
Manager 2000 taking the top prize, and HP OpenView Operations
for Windows coming in a fairly close second.
Old-timers remember MOM standing for Microsoft Office Manager, a little
front end for accessing Word, Excel, and so on. While that utility is
still kicking around, Microsoft gave the exact same acronym to its event
management, alerting and monitoring, trend analysis and reporting tool.
 |
| Microsoft Operations Manager 2000 |
Cool Feature: MOM’s Management Pack is a knowledge
base with solutions to common problems.
HP nabbed another kudo with a second place for OpenView Operations for
Windows.
A common theme however, doing more with less (money), reoccurred in this category.
“We successfully use a mix of free or inexpensive systems to do all of this,”
Kable’s Winne explained. “I may be loyal to Microsoft, but I also hate paying
for things, so I use open source a lot,” added Phillip Long, systems analyst
with FusionTech Consulting.
Task: Monitor Employee
Web Usage
To some vendors and IT pros, the Web is evil. Surfing wastes valuable employee
time, introduces seamy content, hogs bandwidth and paves a perfect path for
viruses.
SurfControl makes money on just such an attitude, offering the SurfControl
Web Filter as an answer to all these complaints. Web filter can block
traffic based on IT-determined rules, and report on what employees are doing
on the Internet.
 |
| SurfControl Web Filter |
Cool Feature: Neural network techniques can block
sites not yet classified as bad.
Websense Enterprise came in a close second. This tool, used
by more than 19,400 organizations, reports on individuals’ Web travels, as well
as application use, network activity and bandwidth utilization.
| 10
Most Over-Hyped Products and Technologies |
|
Tablet PCs
Windows Server 2003
WiFi
Wireless LANs
Bluetooth
Grid Computing
Weblogs
WordPerfect 11
Segway
Ford F-150
|
|
|
A number of readers took issue with this entire category of product, not just
questioning the need, but in a couple of cases, acting downright hostile. “OK
big brother, you all stink by definition,” blasted John Lanka, a consultant
with Big Tree. Another won’t use such software because, “The Web is one of the
tools which are MORE than GOOD to use frequently,” said Pekka Paavolainen, a
consultant with TietoEnator in Finland. Another reader believes you simply have
to trust your people, while a final commentator concluded, “If your company
needs this, there’s other problems.”
Task: Simulate Multiple
Environments for Testing
A quick survey reveals that some form of VMware is loaded on nearly
every MCP Magazine contributing editors’ laptop, so it’s
no surprise that VMware’s GSX Server took that
cake for best virtual machine software. This tool takes VMware for PCs
and applies it to today’s high-powered servers. With inexpensive
machines boasting multiprocessors, huge disks and ungodly amounts of RAM,
the time is ripe for getting rid of that sea of wimpy old servers and
replacing them with a smaller number of true beasts. GSX Server can help
in this consolidation by treating one massive machine as if it were up
to 64 separate computing devices.
 |
| VMware GSX Server |
Cool Feature: Can run Windows Server
2003, NT, Windows Me, Windows 3.1, Linux and NetWare all on one box.
Microsoft’s Connectix, which it acquired in February,
came in second. Microsoft is working on upgrades to its virtual PC, Mac
and server tools.
Task: Manage a Thin-Client
Environment
For years, IT pros serious about thin-client computing tossed aside Microsoft’s
built-in Terminal Services and opted for the richer and far speedier
MetaFrame from Citrix, the company that sold Microsoft the
technology behind Terminal Services in the first place. Now the shoe’s on the
other foot, and the technology Citrix helped build is biting the company back.
Microsoft has slowly and steadily improved Terminal Services and
as a result, outpolled Citrix by a slight margin. But even though Terminal Services
is free, MetaFrame is still quite compelling for many, many shops.
Cool Feature: Delivers Windows application services
to devices that can’t even run Windows.
Readers, though still not thrilled with Microsoft’s thin-client licensing scheme,
see much technical progress. “As Microsoft is allowed to put more features into
Terminal Services, Citrix becomes less relevant,” said Dave Noice, an executive
with Ohio Networking Experts. But others love their MetaFrame. “Citrix is hands
down the winner here in terms of features, scalability, security, performance,
etc.” boasted one reader.
| Best
of the Best |
Best
Multi-Purpose Server Company
1. HP/Compaq
2. Dell
3. IBM
Best Blade
Server Company
1. HP/Compaq
2. Dell
3. IBM
Best Support
1. Dell
2. Microsoft
3. HP/Compaq
4. IBM
5. Cisco |
|
|
Task: Find Out Exactly
What’s on Your Network
It was a dogfight, but in the end, Altiris’ Inventory Solution
barely beat back NetCracker’s Network Inventory Management
Solution. Altiris can find out what’s installed on computers
running Windows, Unix, Linux and Mac, and handheld OSs and tell you about
the hardware, as well.
 |
| Altiris' Inventory Solutions |
Cool Feature: Pre-packaged reports
include details of products, such as exact version numbers.
NetCracker, meanwhile, is focused heavily on physical aspects of the networks.
Task: Make Sure Apps
Don’t Conflict with Each Other
As with our second category, tools to roll out applications, InstallShield
AdminStudio won for best conflict tester over Wise Package
Studio. AdminStudio comes with an Application Catalog, which tracks
all programs on the network, and lets you run new software against these applications
to test for problems.
 |
| InstallShield AdminStudio |
Cool Feature: Supports VMware Workstation,
letting IT fiddle with apps on several virtual PCs at the same time.
For some, though, conflict testing software is an option, not a necessity.
"I don’t trust software to tell me whether an app will work
or not. I run the test myself," said FusionTech’s Long.
Task: Manage Passwords
and Allow Users to Self-Reset
The days when passwords could be “password” or “administrator”
for years on end are long gone. Nowadays, passwords must be complex and
changed frequently. And that’s true for every password for every
important service or application throughout the enterprise. BMC
Software Control-SA/PassPort fits that bill. It offers a single
password for multiple services that can be controlled—subject to
IT policies, of course—by the user.
Cool Feature: Users that forget their password
can self-authenticate by providing information only they should know.
IS Decisions UserLock, which tracks and secures log-ons
and log-offs, came in second.
Task: Make Sure Servers
and Desktops are Patched
Arguably the most important product category of the hour, Microsoft
cleaned up in patch management with its free Software Update Services
(SUS). Microsoft partner Shavlik came in with
a respectable showing for the non-intuitively named but much-loved HFNetChkPro.
SUS can drive service packs and patches, and early next year, SUS 2.0
will support a broader range of Microsoft operating systems and applications.
Cool Feature: IT can test patches from Microsoft
Update before releasing them on the network.
Shavlik has many fans, particularly of the product’s breadth, a strength Microsoft
is working feverishly to match. “It can update everything, including SQL Server
and Office,” remarked an MCP Magazine reader.
Task: Determine Who’s
Accessing What
GFI LANguard Security Event Log Monitor beat out software
from the multi-billion dollar behemoth Computer Associates to win the
security auditing category. LANguard protects networks from creeps inside,
rather than outside, the firewall—you know, the hacker-wanna-be
in the mailroom or the disgruntled IT employee who’ll stop at nothing
to get revenge. And LANguard reports intrusions in real time, before it’s
too late.
 |
| GFI LANguard Security Event Log Monitor |
Cool Feature: Detects users trying
to open confidential information and secured shares.
Computer Associates e-Trust Access Management came in second,
with Tripwire for Servers in a close third.
Task: Automate Tasks
in Network Management
If you’ve never heard of HP OpenView, then you’re
either new to IT or have taken a few too many whacks to the head. This
tool has been around since Bill Gates was poor, but for many shops, its
sheer complexity and cost have kept it away. Windows-focused networks,
however, have really taken a shine to HP OpenView Operations for
Windows, which offers performance monitoring, event management,
alerts and reporting.
Cool Feature: Can auto deploy management policies and rules.
Coming in second is Hyena from SystemTools, followed
by ScriptLogic Desktop Authority.
Task: Keep Hard Drives
Healthy Through Monitoring
and Defragmentation
Diskeeper from Executive Software worked over the competition
with its line of desktop and server defraggers. Diskeeper does its work
in the background. All IT has to do is set it up, and from then on the
disk is continually and automatically defragged.
Cool Feature: Can defrag volumes of up to four
terabytes.
Winternals Software garnered second place votes for its popular Defrag
Manager, which works based on schedules set by IT, or can simply “defrag
on demand."
Readers were torn on this category, with some believing there’s
no need to “buy what I already have (built into Windows),”
said FusionTech’s Long, while Caleb Coggins from Bridgestone Firestone
said that defrag software, “saved two NT 4 servers I inherited that
were more than 60 percent fragmented.”
Task: Block the Flood
of Spam
Monty Python might have liked Spam, but users, IT, and any one with a
shred of commonsense hates the dad-blamed stuff! We’ll do nearly
anything to get rid of all the bogus offers to make us larger, smaller,
richer or less lonely. Winning out in a highly competitive category was
Trend Micro with its Spam Prevention Service,
which integrates with anti-virus and content filtering software and doesn’t
require separate hardware to run on Windows.
 |
| Trend Micro's Spam Prevention Service |
Cool Feature: Trend can define different
sensitivities for different spam categories.
The runner-up was NetIQ MailMarshal, a tool that blocks spam,
can reject attachments and runs a variety of anti-virus engines to keep users
from falling for the “Microsoft cumulative patch” trick.
Close behind were SurfControl E-Mail filter, which
also sifts through Web content, and GFIMailEssentials for Exchange,
which targets spam at the server level.
Task: Enforce Strong
Network Authentication
Sometimes the most obvious solutions offer the most power. And when it
comes to network security, ensuring that users are who they say they are
is strong medicine, indeed. Datakey Axis, a smart-card-based
tool, allows a user to sign on once and access all the resources he or
she has a right to.
 |
| Datakey Axis |
Cool Feature: Can enforce corporate
password policies, such as complexity and update frequency.
Protocom Development Systems’ SecureLogin came
in second with a tool that administrators use to define exactly what Web
sites and applications users can access via a single password.
7
Most Obscure
Voting Countries |
Albania
American Samoa
Andorra
Bahrain
Kazahkstan
Mauritius
Trinidad and Tobago |
|
|
Task: Find Out Who’s Trying
to Get In
Intrusion detection tools have come under fire recently, with many critics claiming
that learning of a break-in after the fact is about as useful as plugging a
boat after it sinks. And the reams and reams of IDS information, most of it
useless, can overwhelm all but the most under-loaded IT pros. But enterprises
still largely prefer to know who’s peeking at their networks and detect attack
patterns and areas of weakness using IDS data.
And if it’s IDS you need, then Cisco’s Secure Intrusion
Detection System should be on the short list. It’s built to eliminate
false alarms, allowing IT to focus on the real bad apples. And it uses multiple
methods to detect intrusions.
Cool Feature: Cisco’s product can detect and then, in many cases, thwart
an attack, much like the new breed of devices called Intrusion Prevention Systems.
Snort, a popular open-source tool designed by Jim Forster,
outclasses the rest of the field with a strong second place showing. The flexible
Snort can be used as an IDS, a packet logger or a packet sniffer.
Task: Keep Viruses at Bay
Spam, viruses, hackers: The IT Axis of Evil. And in this long, hard slog against
computer terror, our best weapons are smart policies, education and great software.
Ask MCP Magazine readers what they turn to to battle viruses,
and most will tell you Symantec AntiVirus. Symantec has terrific
anti-virus scanning and a host of tools that detect unprotected systems within
the enterprise.
 |
| Symantec AntiVirus |
Cool Feature: Can feed updates to
corporate laptops.
Coming in second was Network Associates’ McAfee GroupShield.
It takes the popular McAfee anti-virus engine and puts it to work protecting
Exchange. Besides virus detection and eradication, GroupShield can filter
and block content.
Task: Back Up Your Data
If you’re not a fan of Veritas, then feel free to skip the next four sections.
Veritas took first and second place in this category with
Backup Exec and NetBackup.
Backup Exec can scale down to a single server or all the way up
to a complex fibre channel SAN. Using a browser-based interface, BackUp Exec
for Windows Servers has special hooks for Exchange and can automatically recreate
user accounts and mailboxes during recovery.
Cool Feature: Backup and restore can be isolated to a dedicated sub-network
to boost performance, and reduce network traffic.
Second place NetBackup, meanwhile, works with a range of architectures and reportedly
has unlimited scalability.
Task: Manage Your Storage
Environment
Again, Veritas took the top two spots, with Veritas Volume Manager
and Storage Central claiming top honors. Volume Manager
lets IT manage storage—back it all up, configure it and optimize
it, without affecting availability. Recovery is handled by “on-disk
split-mirror snapshots” that can restore a system to the precise
state of the last snapshot, which was, one hopes, close to the time the
computer died.
Cool Feature: Hot relocation can move data off
a dying disk to a designated hot spare.
Task: Enhance Reliability
with Clustering and Failover
Veritas made a clean sweep of the clustering and failover
category, with Cluster Server and Global Cluster
Manager taking first and second places, respectively. Cluster
Server spots application, server, or database faults, and automatically
cuts over to a failover server.
 |
| Veritas Cluster Server |
Cool Feature: Starts and stops applications
based on external events.
Global Cluster Manager is a Web-based tool that can centrally manage distributed
computing resources. It handles multiple cluster servers and schedules
and controls replication.
Task: Recover from a
Disaster with Minimal Damage
Veritas Backup Exec also snagged the award for disaster
recovery. The software automatically makes a second copy of backed-up
data for off-site storage. Actual backup is all wizard-based, and systems
can be restored without first installing the OS.
Cool Feature: Restoration can be based on an
incremental, full or working set backup.
Winternals broke the Veritas stranglehold on storage
software with a second place finish for Recovery Manager,
which focuses on fast recovery to the most recent state possible.
| Top
16 Reasons to Stay in IT* |
|
Beats selling insurance.
Beats working at Wal-Mart.
Beats prison.
Beats flipping burgers.
McDonald’s doesn’t pay as well...yet.
The job prospects elsewhere are even worse.
I link, therefore I am!
No jobs in other sectors, either.
"I got nowhere else to go!"—Lt. Zach Mayo, An
Officer and a Gentleman
Invested too much into it to quit now.
When you find out, let me know please.
If you love long hours, knuckle scraping, body
contorting, mind wracking, endless workload, unforgiving users,
no time to eat and nerve-wracking network problems that require
using the most up-to-date protocol analyzer and some copper
or fiber tester, then stay in IT.
If you can’t handle it, move to accounting or
marketing where you can keep your 8 to 5 wussie hours!
My pension.
Can’t think of a good reason.
I still have a job until it’s shipped overseas.
The chicks ;-)
*Submitted by actual readers
|
|
|
Task: Troubleshoot Problems
Remotely
NetSupport Manager takes basic remote control capabilities
and adds a splash of centralized desktop management. It can be used to diagnose
PC problems and view network resources remotely.
The software can also launch applications on the remote system,
and its console holds configurations and security profiles.
 |
| NetSupport Manager |
Cool Feature: Supports two-way chat with
users and text messages.
Altiris’ Carbon Copy, a name grizzled vets will recognize from
bygone days, is still alive and kicking fiercely. Unlike versions of old, today’s
Carbon Copy views remote PCs through a Web browser.
There was a surprise write-in for this category, with dozens of
votes for Virtual Network Computing, an open-source Java applet
that can remotely view and control Windows, Mac, Unix and Linux systems.
Task: Prepare for Certification
Exams
Eleven-year-old Transcender was conceived right after
the birth of Microsoft’s certification program, and the exam-prep
company has been going strong ever since. Over the last decade, the company’s
technology has grown more and more realistic, and its offerings have expanded
to include other vendors, including Oracle, Sun and Novell.
 |
| Transcender Exam Prep |
Cool Feature: TranscenderFlash for
PDA is a flash card-style prep tool that runs on Palm OS (not to be used
during actual exams!).
Sybex and SelfTest came in second and third,
respectively.
Task: Train Employees
on the Latest Technology
In the eight years since its founding, Global Knowledge
has grown to offer more than 700 courses in 13 languages. The company
works with vendors to gather content and add its own and then teaches
using an array of techniques, including classroom instruction and e-learning,
that has become known in the biz as “blended learning.”
 |
| Global Knowledge Training |
Cool Feature: Live Labs lets IT
pros learn the ropes on real network gear and applications via a simple
Telnet session.
The two closest runners up, Measure Up and Cisco
Press, don’t offer the classroom experience. And that probably
reflects the overwhelming preference (and necessity) that network professionals
have for self-study.