| 4A Scientific Comparison of AIX, HPUX, Solaris, Linux & Windows Server Security Vulnerabilities 3
4.1Windows Platform in Comparison to UNIX Security - Reality 3
4.1.1In summary the number of security patches for Windows Server is equal to or less than the number of security patches for UNIX and considerably less than Linux. When appropriate hardening and security policies are implemented the patching requirement for Windows Server running SAP on SQL Server should be the same or less than UNIX platforms. When appropriate hardening is done on Windows, UNIX or Linux it is possible to create a very secure SAP Platform. Microsoft’s Active Directory is the IT industry’s leading identity management security layer. It is considerably easier to secure Windows servers because Active Directory can be used to centrally control and enforce policies and configuration for both SAP and all access management requirements throughout a company’s IT assets. Security Threats – Internal versus External 3
4.1.1.1CIOs, IT Managers and Security Administrators are sometimes unaware of the relative risk profiles from external threats versus internal sources. There are three main security threats to most companies. Customers are highly recommended to ensure appropriate resources are deployed in addressing security threats from Internal vs. External threats. External Threats 3
4.1.1.2 Internal Threats 3
4.1.1.3“Accidental” data access is an increasingly troublesome topic in some industries where employees unintentionally breach compliance and regulatory standards. Example: breach of privacy caused by an employee losing a laptop containing confidential data3rd Party Threats 3
4.1.2Desktop versus Server – Server Patching versus Desktop Patching 3
4.1.3National Institute for Standards & Technology – CVE Database Comparisons 3
4.1.4How to Assess the Impact of a Security Vulnerability? 3
4.1.4.1Example: Integer overflow in cdd.dll in the Canonical Display Driver (CDD) 3
4.1.5UNIX Patching vs. Windows Patching: Reboot Requirement 3
| 