I'd like to see Symantec acquire Adobe, if only for the belief that they couldn't possibly make Adobe Reader any worse
On 8 November 2012 17:28, Jonathan Link <jonathan.l...@gmail.com> wrote: > What wasn't? :P > > > On Thu, Nov 8, 2012 at 11:57 AM, Rankin, James R > <kz2...@googlemail.com>wrote: > >> ** >> No, but I bet it was better before Symantec got hold of it >> ---Blackberried >> ------------------------------ >> *From: *Jonathan Link <jonathan.l...@gmail.com> >> *Date: *Thu, 8 Nov 2012 11:40:59 -0500 >> *To: *NT System Admin Issues<ntsysadmin@lyris.sunbelt-software.com> >> *ReplyTo: *"NT System Admin Issues" < >> ntsysadmin@lyris.sunbelt-software.com> >> *Subject: *Re: Symantec %@(*&OI:TNGF(P* >> >> Do you have a suitable repalcement for PGP Whole Disk Encryption that >> includes centralized management and SSO capabilities? >> >> >> On Thu, Nov 8, 2012 at 11:32 AM, James Rankin <kz2...@googlemail.com>wrote: >> >>> No, the first rule of Symantec is you don't use any of their products >>> :-) >>> >>> >>> On 8 November 2012 16:23, Steven Peck <sep...@gmail.com> wrote: >>> >>>> The first rule of Symantec is you don't talk about symantec >>>> >>>> >>>> On Thu, Nov 8, 2012 at 6:54 AM, Robert Cato <cato.rob...@gmail.com>wrote: >>>> >>>>> >>>>> It is SEP12, I'm sorry I do not know the definition file, that is >>>>> handled by the security group...and they don't really want to talk about >>>>> Symantec right now. >>>>> >>>>> >>>>> On Thu, Nov 8, 2012 at 9:05 AM, Erik Goldoff <egold...@gmail.com>wrote: >>>>> >>>>>> curious, SEP 11 or 12, and what definitions when this happened ? >>>>>> >>>>>> Thanks >>>>>> >>>>>> On Thu, Nov 8, 2012 at 8:57 AM, Robert Cato >>>>>> <cato.rob...@gmail.com>wrote: >>>>>> >>>>>>> >>>>>>> Yep, all on its own. Granted this was based on setting that were >>>>>>> made during installation, based on recommendations from the onstie >>>>>>> Symantec >>>>>>> vendor/engineer. >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Thu, Nov 8, 2012 at 8:48 AM, Kennedy, Jim < >>>>>>> kennedy...@elyriaschools.org> wrote: >>>>>>> >>>>>>>> “SEP quarantined the files and then went to all machines on the >>>>>>>> network and quarantined them on all machines…”**** >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> Holy smokes, it decided to do that on it’s own? And quarantined the >>>>>>>> machines that had NOT been updated yet?**** >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> So glad I don’t run AV.**** >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> *From:* Robert Cato [mailto:cato.rob...@gmail.com] >>>>>>>> *Sent:* Thursday, November 08, 2012 8:45 AM >>>>>>>> >>>>>>>> *To:* NT System Admin Issues >>>>>>>> *Subject:* Re: Symantec %@(*&OI:TNGF(P***** >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> Ken**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> These two updates were only installed on a couple of Win7 machines >>>>>>>> at most. They were approved during the day for install overnight, a >>>>>>>> couple >>>>>>>> of users saw the pop-up and installed. SEP quarantined the files and >>>>>>>> then >>>>>>>> went to all machines on the network and quarantined them on all >>>>>>>> machines >>>>>>>> (Win7, Vista, and XP).**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> It would be nice if we had a separate network, but I'm not sure >>>>>>>> that will get approved.**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> Robert**** >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> On Thu, Nov 8, 2012 at 6:41 AM, Ken Schaefer <k...@adopenstatic.com> >>>>>>>> wrote:**** >>>>>>>> >>>>>>>> Even if you don’t have a separate network, you can create a >>>>>>>> separate group in WSUS, and put a test machine(s) with your SOE image >>>>>>>> in >>>>>>>> that group. **** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> That would allow you to test patches prior to mass deployment. >>>>>>>> Checking for AV issues would be just one thing – I’d recommend that you >>>>>>>> have some test cases for all your important apps as well.**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> Cheers**** >>>>>>>> >>>>>>>> Ken**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> *From:* Robert Cato [mailto:cato.rob...@gmail.com] >>>>>>>> *Sent:* Thursday, 8 November 2012 9:48 PM >>>>>>>> >>>>>>>> *To:* NT System Admin Issues >>>>>>>> *Subject:* Re: Symantec %@(*&OI:TNGF(P* >>>>>>>> **** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> Ken,**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> That was my first question, but it is still unanswered. I am still >>>>>>>> new at this %dayjob%. **** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> In this case, the testing would have had to be done in a separate >>>>>>>> network, which I am fairly sure we don't have. I will take that >>>>>>>> suggestion >>>>>>>> to the table when we analyze the breakdowns of this incident.**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> Robert**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> On Wed, Nov 7, 2012 at 9:37 PM, Ken Schaefer <k...@adopenstatic.com> >>>>>>>> wrote:**** >>>>>>>> >>>>>>>> No matter who you migrate to, you’ll also run into issues (false >>>>>>>> positives seem to occur all the time, with all vendors).**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> Did you test the patches before releasing to Production? Might be >>>>>>>> worth beefing up the testing regime.**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> *From:* Robert Cato [mailto:cato.rob...@gmail.com] >>>>>>>> *Sent:* Thursday, 8 November 2012 5:22 AM >>>>>>>> >>>>>>>> *To:* NT System Admin Issues >>>>>>>> *Subject:* Symantec %@(*&OI:TNGF(P***** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> FYI**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> We approved two MS patches yesterday (KB2574819 KB2592687) in WSUS. >>>>>>>> One user installed the two updates in the afternoon and Symantec >>>>>>>> Endpoint >>>>>>>> Protection 12 with several advanced features enabled (threat >>>>>>>> protection, >>>>>>>> hurestics, SONAR, etc). SEP quarrantined 15 system files, run32.dll >>>>>>>> among >>>>>>>> them. The real problems started when SEP decided to quarantine the >>>>>>>> files >>>>>>>> across all ~600 workstations taking us completely offline.**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> The fix was to boot each workstation into safe mode and removing >>>>>>>> SEP.**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> It was a long night.**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> The good news:**** >>>>>>>> >>>>>>>> None of the advanced features were enabled on the servers.**** >>>>>>>> >>>>>>>> We are migrating away from SEP as of this morning.**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> Robert**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! >>>>>>>> ~ >>>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>>> >>>>>>>> --- >>>>>>>> To manage subscriptions click here: >>>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>>> >>>>>>>> **** >>>>>>>> >>>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>>> >>>>>>>> --- >>>>>>>> To manage subscriptions click here: >>>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>>> >>>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! >>>>>>>> ~ >>>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>>> >>>>>>>> --- >>>>>>>> To manage subscriptions click here: >>>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>>> >>>>>>>> --- >>>>>>>> To manage subscriptions click here: >>>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>>> >>>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource >>>>>>>> hog! ~ >>>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>>> >>>>>>>> --- >>>>>>>> To manage subscriptions click here: >>>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>>> with the body: unsubscribe ntsysadmin >>>>>>>> >>>>>>> >>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>> >>>>>>> --- >>>>>>> To manage subscriptions click here: >>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>> with the body: unsubscribe ntsysadmin >>>>>>> >>>>>> >>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>> >>>>>> --- >>>>>> To manage subscriptions click here: >>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>> with the body: unsubscribe ntsysadmin >>>>>> >>>>> >>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>> >>>>> --- >>>>> To manage subscriptions click here: >>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>> with the body: unsubscribe ntsysadmin >>>>> >>>> >>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> >>>> --- >>>> To manage subscriptions click here: >>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>> with the body: unsubscribe ntsysadmin >>>> >>> >>> >>> >>> -- >>> *James Rankin* >>> Technical Consultant (ACA, CCA, MCTS) >>> http://appsensebigot.blogspot.co.uk >>> >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to listmana...@lyris.sunbeltsoftware.com >>> with the body: unsubscribe ntsysadmin >>> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin