Ah... Yes - a Microsoft EA, so that you have Win7 Enterprise with Bitlocker on your workstations, and DA/UAG as well...
Kurt On Thu, Nov 8, 2012 at 8:40 AM, Jonathan Link <jonathan.l...@gmail.com>wrote: > Do you have a suitable repalcement for PGP Whole Disk Encryption that > includes centralized management and SSO capabilities? > > > On Thu, Nov 8, 2012 at 11:32 AM, James Rankin <kz2...@googlemail.com>wrote: > >> No, the first rule of Symantec is you don't use any of their products :-) >> >> >> On 8 November 2012 16:23, Steven Peck <sep...@gmail.com> wrote: >> >>> The first rule of Symantec is you don't talk about symantec >>> >>> >>> On Thu, Nov 8, 2012 at 6:54 AM, Robert Cato <cato.rob...@gmail.com>wrote: >>> >>>> >>>> It is SEP12, I'm sorry I do not know the definition file, that is >>>> handled by the security group...and they don't really want to talk about >>>> Symantec right now. >>>> >>>> >>>> On Thu, Nov 8, 2012 at 9:05 AM, Erik Goldoff <egold...@gmail.com>wrote: >>>> >>>>> curious, SEP 11 or 12, and what definitions when this happened ? >>>>> >>>>> Thanks >>>>> >>>>> On Thu, Nov 8, 2012 at 8:57 AM, Robert Cato <cato.rob...@gmail.com>wrote: >>>>> >>>>>> >>>>>> Yep, all on its own. Granted this was based on setting that were made >>>>>> during installation, based on recommendations from the onstie Symantec >>>>>> vendor/engineer. >>>>>> >>>>>> >>>>>> >>>>>> On Thu, Nov 8, 2012 at 8:48 AM, Kennedy, Jim < >>>>>> kennedy...@elyriaschools.org> wrote: >>>>>> >>>>>>> “SEP quarantined the files and then went to all machines on the >>>>>>> network and quarantined them on all machines…”**** >>>>>>> >>>>>>> ** ** >>>>>>> >>>>>>> Holy smokes, it decided to do that on it’s own? And quarantined the >>>>>>> machines that had NOT been updated yet?**** >>>>>>> >>>>>>> ** ** >>>>>>> >>>>>>> So glad I don’t run AV.**** >>>>>>> >>>>>>> ** ** >>>>>>> >>>>>>> ** ** >>>>>>> >>>>>>> *From:* Robert Cato [mailto:cato.rob...@gmail.com] >>>>>>> *Sent:* Thursday, November 08, 2012 8:45 AM >>>>>>> >>>>>>> *To:* NT System Admin Issues >>>>>>> *Subject:* Re: Symantec %@(*&OI:TNGF(P***** >>>>>>> >>>>>>> ** ** >>>>>>> >>>>>>> Ken**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> These two updates were only installed on a couple of Win7 machines >>>>>>> at most. They were approved during the day for install overnight, a >>>>>>> couple >>>>>>> of users saw the pop-up and installed. SEP quarantined the files and >>>>>>> then >>>>>>> went to all machines on the network and quarantined them on all machines >>>>>>> (Win7, Vista, and XP).**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> It would be nice if we had a separate network, but I'm not sure that >>>>>>> will get approved.**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> Robert**** >>>>>>> >>>>>>> ** ** >>>>>>> >>>>>>> On Thu, Nov 8, 2012 at 6:41 AM, Ken Schaefer <k...@adopenstatic.com> >>>>>>> wrote:**** >>>>>>> >>>>>>> Even if you don’t have a separate network, you can create a separate >>>>>>> group in WSUS, and put a test machine(s) with your SOE image in that >>>>>>> group. >>>>>>> **** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> That would allow you to test patches prior to mass deployment. >>>>>>> Checking for AV issues would be just one thing – I’d recommend that you >>>>>>> have some test cases for all your important apps as well.**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> Cheers**** >>>>>>> >>>>>>> Ken**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> *From:* Robert Cato [mailto:cato.rob...@gmail.com] >>>>>>> *Sent:* Thursday, 8 November 2012 9:48 PM >>>>>>> >>>>>>> *To:* NT System Admin Issues >>>>>>> *Subject:* Re: Symantec %@(*&OI:TNGF(P* >>>>>>> **** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> Ken,**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> That was my first question, but it is still unanswered. I am still >>>>>>> new at this %dayjob%. **** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> In this case, the testing would have had to be done in a separate >>>>>>> network, which I am fairly sure we don't have. I will take that >>>>>>> suggestion >>>>>>> to the table when we analyze the breakdowns of this incident.**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> Robert**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> On Wed, Nov 7, 2012 at 9:37 PM, Ken Schaefer <k...@adopenstatic.com> >>>>>>> wrote:**** >>>>>>> >>>>>>> No matter who you migrate to, you’ll also run into issues (false >>>>>>> positives seem to occur all the time, with all vendors).**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> Did you test the patches before releasing to Production? Might be >>>>>>> worth beefing up the testing regime.**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> *From:* Robert Cato [mailto:cato.rob...@gmail.com] >>>>>>> *Sent:* Thursday, 8 November 2012 5:22 AM >>>>>>> >>>>>>> *To:* NT System Admin Issues >>>>>>> *Subject:* Symantec %@(*&OI:TNGF(P***** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> FYI**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> We approved two MS patches yesterday (KB2574819 KB2592687) in WSUS. >>>>>>> One user installed the two updates in the afternoon and Symantec >>>>>>> Endpoint >>>>>>> Protection 12 with several advanced features enabled (threat protection, >>>>>>> hurestics, SONAR, etc). SEP quarrantined 15 system files, run32.dll >>>>>>> among >>>>>>> them. The real problems started when SEP decided to quarantine the files >>>>>>> across all ~600 workstations taking us completely offline.**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> The fix was to boot each workstation into safe mode and removing SEP. >>>>>>> **** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> It was a long night.**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> The good news:**** >>>>>>> >>>>>>> None of the advanced features were enabled on the servers.**** >>>>>>> >>>>>>> We are migrating away from SEP as of this morning.**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> Robert**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>> >>>>>>> --- >>>>>>> To manage subscriptions click here: >>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>> >>>>>>> **** >>>>>>> >>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>> >>>>>>> --- >>>>>>> To manage subscriptions click here: >>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>> >>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>> >>>>>>> --- >>>>>>> To manage subscriptions click here: >>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>> >>>>>>> ** ** >>>>>>> >>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>> >>>>>>> --- >>>>>>> To manage subscriptions click here: >>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>> >>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource >>>>>>> hog! ~ >>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>> >>>>>>> --- >>>>>>> To manage subscriptions click here: >>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>> with the body: unsubscribe ntsysadmin >>>>>>> >>>>>> >>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>> >>>>>> --- >>>>>> To manage subscriptions click here: >>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>> with the body: unsubscribe ntsysadmin >>>>>> >>>>> >>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>> >>>>> --- >>>>> To manage subscriptions click here: >>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>> with the body: unsubscribe ntsysadmin >>>>> >>>> >>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> >>>> --- >>>> To manage subscriptions click here: >>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>> with the body: unsubscribe ntsysadmin >>>> >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to listmana...@lyris.sunbeltsoftware.com >>> with the body: unsubscribe ntsysadmin >>> >> >> >> >> -- >> *James Rankin* >> Technical Consultant (ACA, CCA, MCTS) >> http://appsensebigot.blogspot.co.uk >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin