IT control metrics that matter

* High performance organizations are defined in 'IT Process Institute (ITPI) IT Controls Performance' study done in April 2006. These organizations are characterized by two factors:

1) Actively monitor systems for changes
2) Defined consequences for unauthorized intentional changes

* Metrics that matter in ITSM:
Mean time to repair: 80% of outages are due to a change and lot of mean time to repair gets spent in figuring out what exactly changed.

First fix rate
Incidents that get fixed in first fix attempt. Microsoft Operations Framework (MOF) study shows that high-performing IT organizations reboot servers 20 times less than average and have fewer blue screens of death.

Change success rate
Changes implemented without causing incidents, service impairment or disruption. In addition a change that didn't well as per plan is also a process exception. Variance (consistently achieving targets) is a factor in successful changes

Server to system administration ratio
High performance organizations have 1 system admin for more than 100 systems. Normally, this ratio is related with %age of time spent on unplanned work.

80/20 rule applies in this case as well. 20% of set of IT controls results in 80% of realized benefits.

Symantec Enterprise Messaging Features

* IP reputation database maintains IP addresses, number of clean and spam messages from them and is used by SMTP Traffic Shaping. SMTP traffic shaping restricts or denies bandwidth used by suspicious addresses, whereby allowing unrestricted bandwidth to known clean sources. Traffic shaping decisions are not applied until the appliance has collected 50,000 messages and gathered and recorded in the local database. For best results this feature should only be enabled on email gateway devices. although it can work downstream by analyzing 'received' headers. Symantec maintains local and global reputation databases. Traffic shaping works at TCP/IP network layers.

* Bad message handling. A malformed message can cause filter hub to fail. Symantec identifies the problematic message, an alert is sent and places it in bad message queue. Bad message queue is managed by the standard mta-control command. Administrator can then take action to deliver the bad message normally, forward to a system admin's address, delete message or view and list it.

* Antivirus and antispam updates are provided from Symantec Global Intelligence Network. Antispam engine employs over 20 antispam technologies. It is 97% effective against spam emails. Symantec also has a probe network of over 2.5 million decoy accounts.

* Symantec Brightmail Gateway is available as a VMware-certified virtual appliance.

* Symantec Brightmail Gateway prevents data loss and supports incident management. Pre-built templates and dictionaries are available.

* Symantec Brightmail Gateway supports per-domain and policy based TLS encryption.