sambaXP 2018 – sponsored by Google, Microsoft and redhat – brought together the international Samba team again. People from all around the globe gathered in Goettingen and talked shop about current samba topics for several days. The annual success is an incentive for organiser SerNet to create another great SAMBA eXPerience in 2019. Therefore we are pleased to announce the date for sambaXP 2019 already: The conference will take place June 4-6, 2019 at Hotel Freizeit In in Goettingen.
The Call for Papers for sambaXP 2019 has started as well. Talks should be submitted until February 28, 2019. The program committee will decide shortly after that and notifications of acceptance will be send out until March 8, 2019. SerNet and the Samba team are looking forward to submissions about SAMBA and the broader challenges of data management. Technical talks, user reports and presentations about future projects are welcome. The conference language is English, although proposals (in English) for talks in other languages will be considered gladly. Paper registration and paper submission can be done online only via the registration form on https://sambaxp.org.
As for the sambaXP 2018: Slides and audio recordings are online now. All of them can be downloaded individually or as a package from the conference page https://sambaxp.org.
How ownCloud and SerNet worked together to improve the SMB protocol, is described in a new blog post from ownCloud. Read about it in the article "Windows Network Drive integration benefits from Samba contributions".
The text emphasizes, how Open Source Collaboration can prove to be an important and stimulatory factor for projects. In this case, ownCloud engineers worked together with longtime Samba expert Volker Lendecke at SerNet. This resulted in notifications for smb-client implemented in the SMB2 and SMB3 protocol, subsequently boosting performance and bringing more reliability to the windows network drive integration. So – to quote ownCloud: "the professionals at SerNet have your back".
In light of last week's sambaXP, SerNet announced two novelties to its Samba portfolio: SAMBA+ LTS and SAMBA+ support budgets. While SAMBA+ LTS prolongs security updates for SAMBA+ packages, support budgets grant easy access to professional Samba services.
SAMBA+ Long Term Support (LTS) packages provide the well-known SAMBA+ packages, but with 36 month security updates instead of 18. This extends the lifecycle significantly and leads to reduced costs, especially for OEMs.
SerNet will provide the security updates pretty soon after the upstream Samba releases to ensure that systems are protected against the known defects as soon as possible. We will start with SAMBA+ 4.3, 4.4 and 4.5. SAMBA+LTS is already available in the SAMBA+ shop.
SAMBA+ support budgets
To make services even more accessible, SerNet is adding support budgets to its regular support contracts with Service Level Agreements. Support budgets can be purchased directly from the SAMBA+ shop and are ready for immediate redemption. This guarantees customers even faster access to the know-how of our experienced SAMBA+ team. In short: You buy the support budget, we start working on your requests.
The support budget not only covers services around SAMBA+ but rather requests regarding overall CIFS/SMB (Samba, Microsoft Windows), AFP/Netatalk, Linux (Debian, Ubuntu, RHEL, Fedora, SLES, Leap), Unix (AIX, Solaris, HP-UX), Directory Services (Active Directory, LDAP), Printing (CUPS), Infrastructure
(DNS, DHCP, SSL). Another advantage: Within the SAMBA+ support budget, the billing rate is identical for all types of services.
A SAMBA+ support budget includes 10 service hours, invoiced in time units of at least 15 minutes. Once purchased, budgets can be redeemed for 24 months. A total of 4 budgets can be purchased at once and used for a project of up to 40 hours. More details on our SAMBA+ Support page or directly in the SAMBA+ shop.
SerNet colleague Björn Baumbach has been appointed as official member of the Samba Core Team. The independent team consists of 40 people from all over the world who contribute regularly to Samba and have direct write access to the repository.
Baumbach recently contributed to the extensions of the "samba-tool" command. In addition, he has been supporting the Core Team for several years maintaining the server infrastructure, actively participates in discussions on the further development of Samba and contributes bugfixes. As a trained application developer Björn Baumbach joined SerNet 8 years ago. He works in the IT Security department as well as in
SerNet's own SAMBA+ team.
Six SerNet employees are now members of the Samba Core Team. Besides Baumbach these are Karolin Seeger, Ralph Böhme, Björn Jacke, Volker Lendecke and Stefan Metzmacher.
SerNet has released the open source ISMS tool verinice in version 1.16. With this release, the team focuses on data protection and especially the GDPR. The combination of verinice and the Data Protection Module now makes it possible to comfortably document processing activities and to implement contracted data processing in compliance with EU law.
Data protection with verinice
The Data Protection Module supports the documentation of contracted data processing, contracting parties and services in accordance with Article 28 GDPR. Corresponding contracts can be integrated directly. Data protection expert Sirin Torun, who designed the Data Protection module, also draws attention to the ADV controls that she developed herself: "They form a catalogue of measures that supports the verification and documentation of order processing. The ADV controls can also be used for initial or follow-up audits."
For the list of processing activities according to the GDPR, the Data Protection Module provides an example catalogue with samples of procedures including exemplary solutions for typical data protection problems - easily adaptable to the respective company, enterprise and authorities and can be extended as required. Torun emphasizes: "A special feature is that the technical and organizational measures (TOMs) can be selected from the ISO 27001 controls or the German BSI IT Baseline Protection measures and are assigned to the data protection objectives of Article 32 GDPR". This enables users to find their way quickly and work efficiently. The resulting interface between data protection and information security management means a considerable value for users. Especially if the ISMS is documented with verinice, costs can be reduced and the documentation effort can be reduced.
All data from the Data Protection Module can also be aggregated in reports. A total of 12 reports summarize the necessary information on a special area or on an overview topic.
The Data Protection Module is currently only available in German. Also it requires a verinice subscription. SerNet is planning further updates for the data protection module in the near future. The next topics on the roadmap are data protection risk management and risk analysis as well as data protection impact assessment. Users of the current data protection module should have access to these new features.
Modernized IT Baseline Protection
verinice 1.16 also has some innovations to show for the implementation of the new BSI IT Baseline Protection. The Baseline Protection Compendium has been revised, an implementation status for requirements and measures has been added, an identifier marks links clearer and new object types represent the diverse documentation tasks of the modernized IT Baseline Protection. As well as the Data Protection Module, the new IT Baseline Protection is only available in German.
Details about verinice 1.16 can be found in the release notes and about the Data Protection Module on the product page in the verinice.SHOP (German only) – interested parties can also participate in one of our webinars and get a first impression.