SerNets Samba team just released the EnterpriseSAMBA packages in version 4.1.19 They are available for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu.
Please note that you no longer need to register to be able to access the packages. To access the download server you just need to login with your username and accesskey or the new public user shown at the portal.
A new set of SerNets EnterpriseSAMBA 4.2.2 packages has just been released. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at:
- Download the EnterpriseSAMBA 4.2.2 packages
The new packages are also available for Debian 8 Jessie, now.
In addition to the last SerNet Samba 4.2.2 release these packages address issues listed in the News section at EnterpriseSAMBA.org.
Please note that you no longer need to register at the EnterpriseSAMBA-Portal to be able to access the packages. To access the download server you just need to login with your username and accesskey or the new public user as shown.
The verinice.TEAM at SerNet GmbH has published verinice 1.10. The new version of the open source tool to support an information security management system (ISMS) brings along some innovations. These include the IT Baseline Protection Manual of the BSI in English and the new edition of the VDA IS-Assessment in version 2.x. The server version verinice.PRO received some new features, too: Single sign-on with Active Directory, an improved import of persons from the AD in verinice and an optimized task view for a better distribution of work in teams. All new features are described in the release notes.
With version 1.10 the full text of the IT Baseline Protection Catalogs of the Federal Office for Security in Information Technology (BSI) in English is included in verinice for the first time. This simplifies working with the IT Baseline Protection in international teams. Advantages also arise for users applying ISO 27001:2013. "For them, the comprehensive compilation of risks and controls is of significant benefit," says Alexander Koderman, verinice team lead at SerNet. The (English) Baseline Protection Catalogs could be considered as a supplementary database on specific topics like Windows or SAP and could be used in a risk assessment or risk treatment. All risks can be implemented as scenarios in an individual risk analysis. Simply drag-n-drop any or all components into the risk model. Koderman: "Modeling specific scenario may be easier for everyone operating mainly in English, from small businesses up to multinational corporations." In addition the more than 1,500 basic controls can be put to use for risk treatment. As specific controls, they supplement the generic requirements of ISO / IEC 27002:2013. The controls are easy to drag-n-drop in the ISM-risk model as well.
The English IT Baseline Protection Catalogs correspond to the 13th catalog update version from the BSI. Koderman: "Special thanks go out to our verinice.PARTNER Alexander von Ossowski for assistance with including more than 4,200 pages or 240,000 comprehensive lines into verinice." This cooperation illustrates how the verinice partner program enriches the project in the long term.
verinice 1.10 also supports the new edition of the IS-assessment catalog of the German Association of the Automotive Industry (VDA) in its version 2.x - thus the novelty of last year will be continued systematically. Among other things, the method of calculating the averages and the "Total Security Figure" was adjusted. The consolidator for the transition to the new version has been improved again. Daniel Murygin, verinice development manager, promises: "This allows data and results that were established by the Standard 1.x, to be easily transferred." The questionnaire is interesting for users outside of the automotive sector, as it allows a guided self-assessment of the state of information security within the company and thus a first insight into the subject of information security management.
Other major changes include the server and multi-user version verinice.PRO. On Windows clients, it now supports single sign-on: the logged-in system user is automatically used to log on to the verinice.PRO Server. It is not required to re-enter the username and password anymore. At the same time, the import from an Active Directory to verinice has been improved. The optimized task view also simplifies working in teams: Tasks are now loaded not only faster - a new search form enables you to find specific tasks that can be sorted by group, person, process, task type, start and end date.
The next version - verinice 1.11 - is likely to appear in two months already. The major new feature to be expected: An indexed full text search of all the elements in the database. "We'd like to make this feature available to all users as soon as possible," concludes Murygin.
SerNets Enterprise Samba 4.2.2 is available for download. Packages for various SUSE and RedHat platforms as well as for Debian GNU/Linux and Ubuntu are available at:
- Download the SerNet SAMBA 4.2.2 packages
These packages address a lot of issues, which are listed here.
Please note that you need to register on the EnterpriseSAMBA-Portal to be able to access the packages. To visit the URL mentioned above directly, you need to login with your username and accesskey (not password).
From May 19th to 21st 2015 100 users and developers met in Goettingen for the 14th Samba eXPerience (sambaXP) - they turned the conference into a meeting place for the international Samba scene. The sambaXP gathered a variety of 28 sessions, including SMB3 classics as well as topics on cloud infrastructures and self testing. Microsoft, IBM, Google and Zentyal sponsored the event; attendees from Amazon, RedHat and Suse also followed SerNets invitation to this years sambaXP.
Exchange is what marks the essential part of sambaXP, SerNet CEO Johannes Loxen emphasizes. "Despite numerous communication channels, it is still important for the developers to meet in person. That is why we created the conference in 2002. And that hasn't changed since then." Only the Storage Developer Conference (SDC) presents a similar possibility and is held annually in autumn in Santa Clara, California.
The presentations and live demos provided participants with an insight into the current work and research of Samba colleagues. And thus also in what others are planning with or for Samba. "This likewise calibration is important for the further development of Samba", says Loxen. It is equally important for a company like Microsoft to drive this adjustment ahead and thus to ensure that - in their own interest - different operating systems and server infrastructures will be working together even better.
Highlights on the schedule certainly were the advancement of the SMB3 protocol from Microsoft and the challenges entailing from this for Samba. Among others speaking on SMB3 topics was Tom Talpey (Architect at Microsoft). Jeremy Allison (Google, representative for Chairman John Terpstra) and Volker Lendecke (SerNet co-founder and member of the international Samba Team) also hit some serious tones regarding the future of the Samba: For example, the question how young developers could be attracted to the project. On the other side Marc Muehlfeld presented the results to his Samba user survey: he drew attention to what companies as users of Samba expect and how the software could be made more attractive for them.
SerNet, founded here itself 18 years ago, chose Goettingen for the conference since the start in 2002. Loxen: "Not only are our headquarters situated in here." Also with the university and numerous spin-offs Goettingen proves to be a big player in the open source area; an event like the sambaXP stresses this even more.
Recordings and presentation slides of the 14th samba eXPerience will be available soon at www.sambaXP.org. The Call for Papers for the 15th sambaXP traditionally will start right before Christmas.