These have bothered me for a while... (but obviously not enough to ask ;-) 1) Cisco recommends making Windows Update requirements optional:
"The Windows Update requirement type is set to Optional (or "do not enforce") by default to optimize user experience by running the update process in the background. Cisco also recommends leaving this requirement as Optional if selecting the "Automatically download and install" option." I know that the Windows Update UI feedback is minimal and may confuse the user a bit...but doesn't this in, large degree, defeat a fundamental NAC goal--keeping unpatched PCs from beating on others and vice versa? Am I missing something? For the record, I make the WU requirement mandatory but put text in the description that encourages them to go to windowsupdate.com if they get antsy. 2) With vulnerabilities moving away from the OS and to apps, has anyone created a requirement to at least use the Microsoft Update agent rather than Windows Update (so Office gets patched, too)? 3) Firewall requirements? Cheers, Rand -- Rand P. Hall * Director, Network Services Merrimack College * SunGard Higher Education 315 Turnpike Street, North Andover MA 01845 * Tel 978-837-5000 Fax 978-837-5383 * [EMAIL PROTECTED] * www.sungardhe.com CONFIDENTIALITY: This e-mail (including any attachments) may contain confidential, proprietary and privileged information, and unauthorized disclosure or use is prohibited. If you received this e-mail in error, please notify the sender and delete this e-mail from your system.
