We are in the first year, the ~$8K included ~$2K in annual maintenance.
On Thu, Nov 8, 2012 at 12:22 PM, Jonathan Link <jonathan.l...@gmail.com>wrote: > Excellent. May I ask about your annual maintenance costs? > > > On Thu, Nov 8, 2012 at 11:53 AM, Robert Cato <cato.rob...@gmail.com>wrote: > >> CheckPoint has a full disk encryption solution that has those features. >> We purchased 100 seats for ~$80 a seat. >> >> >> On Thu, Nov 8, 2012 at 11:40 AM, Jonathan Link >> <jonathan.l...@gmail.com>wrote: >> >>> Do you have a suitable repalcement for PGP Whole Disk Encryption that >>> includes centralized management and SSO capabilities? >>> >>> >>> On Thu, Nov 8, 2012 at 11:32 AM, James Rankin <kz2...@googlemail.com>wrote: >>> >>>> No, the first rule of Symantec is you don't use any of their products >>>> :-) >>>> >>>> >>>> On 8 November 2012 16:23, Steven Peck <sep...@gmail.com> wrote: >>>> >>>>> The first rule of Symantec is you don't talk about symantec >>>>> >>>>> >>>>> On Thu, Nov 8, 2012 at 6:54 AM, Robert Cato <cato.rob...@gmail.com>wrote: >>>>> >>>>>> >>>>>> It is SEP12, I'm sorry I do not know the definition file, that is >>>>>> handled by the security group...and they don't really want to talk about >>>>>> Symantec right now. >>>>>> >>>>>> >>>>>> On Thu, Nov 8, 2012 at 9:05 AM, Erik Goldoff <egold...@gmail.com>wrote: >>>>>> >>>>>>> curious, SEP 11 or 12, and what definitions when this happened ? >>>>>>> >>>>>>> Thanks >>>>>>> >>>>>>> On Thu, Nov 8, 2012 at 8:57 AM, Robert Cato >>>>>>> <cato.rob...@gmail.com>wrote: >>>>>>> >>>>>>>> >>>>>>>> Yep, all on its own. Granted this was based on setting that were >>>>>>>> made during installation, based on recommendations from the onstie >>>>>>>> Symantec >>>>>>>> vendor/engineer. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Thu, Nov 8, 2012 at 8:48 AM, Kennedy, Jim < >>>>>>>> kennedy...@elyriaschools.org> wrote: >>>>>>>> >>>>>>>>> “SEP quarantined the files and then went to all machines on the >>>>>>>>> network and quarantined them on all machines…”**** >>>>>>>>> >>>>>>>>> ** ** >>>>>>>>> >>>>>>>>> Holy smokes, it decided to do that on it’s own? And quarantined >>>>>>>>> the machines that had NOT been updated yet?**** >>>>>>>>> >>>>>>>>> ** ** >>>>>>>>> >>>>>>>>> So glad I don’t run AV.**** >>>>>>>>> >>>>>>>>> ** ** >>>>>>>>> >>>>>>>>> ** ** >>>>>>>>> >>>>>>>>> *From:* Robert Cato [mailto:cato.rob...@gmail.com] >>>>>>>>> *Sent:* Thursday, November 08, 2012 8:45 AM >>>>>>>>> >>>>>>>>> *To:* NT System Admin Issues >>>>>>>>> *Subject:* Re: Symantec %@(*&OI:TNGF(P***** >>>>>>>>> >>>>>>>>> ** ** >>>>>>>>> >>>>>>>>> Ken**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> These two updates were only installed on a couple of Win7 machines >>>>>>>>> at most. They were approved during the day for install overnight, a >>>>>>>>> couple >>>>>>>>> of users saw the pop-up and installed. SEP quarantined the files and >>>>>>>>> then >>>>>>>>> went to all machines on the network and quarantined them on all >>>>>>>>> machines >>>>>>>>> (Win7, Vista, and XP).**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> It would be nice if we had a separate network, but I'm not sure >>>>>>>>> that will get approved.**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> Robert**** >>>>>>>>> >>>>>>>>> ** ** >>>>>>>>> >>>>>>>>> On Thu, Nov 8, 2012 at 6:41 AM, Ken Schaefer <k...@adopenstatic.com> >>>>>>>>> wrote:**** >>>>>>>>> >>>>>>>>> Even if you don’t have a separate network, you can create a >>>>>>>>> separate group in WSUS, and put a test machine(s) with your SOE image >>>>>>>>> in >>>>>>>>> that group. **** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> That would allow you to test patches prior to mass deployment. >>>>>>>>> Checking for AV issues would be just one thing – I’d recommend that >>>>>>>>> you >>>>>>>>> have some test cases for all your important apps as well.**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> Cheers**** >>>>>>>>> >>>>>>>>> Ken**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> *From:* Robert Cato [mailto:cato.rob...@gmail.com] >>>>>>>>> *Sent:* Thursday, 8 November 2012 9:48 PM >>>>>>>>> >>>>>>>>> *To:* NT System Admin Issues >>>>>>>>> *Subject:* Re: Symantec %@(*&OI:TNGF(P* >>>>>>>>> **** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> Ken,**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> That was my first question, but it is still unanswered. I am still >>>>>>>>> new at this %dayjob%. **** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> In this case, the testing would have had to be done in a separate >>>>>>>>> network, which I am fairly sure we don't have. I will take that >>>>>>>>> suggestion >>>>>>>>> to the table when we analyze the breakdowns of this incident.**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> Robert**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> On Wed, Nov 7, 2012 at 9:37 PM, Ken Schaefer <k...@adopenstatic.com> >>>>>>>>> wrote:**** >>>>>>>>> >>>>>>>>> No matter who you migrate to, you’ll also run into issues (false >>>>>>>>> positives seem to occur all the time, with all vendors).**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> Did you test the patches before releasing to Production? Might be >>>>>>>>> worth beefing up the testing regime.**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> *From:* Robert Cato [mailto:cato.rob...@gmail.com] >>>>>>>>> *Sent:* Thursday, 8 November 2012 5:22 AM >>>>>>>>> >>>>>>>>> *To:* NT System Admin Issues >>>>>>>>> *Subject:* Symantec %@(*&OI:TNGF(P***** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> FYI**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> We approved two MS patches yesterday (KB2574819 KB2592687) in >>>>>>>>> WSUS. One user installed the two updates in the afternoon and Symantec >>>>>>>>> Endpoint Protection 12 with several advanced features enabled (threat >>>>>>>>> protection, hurestics, SONAR, etc). SEP quarrantined 15 system files, >>>>>>>>> run32.dll among them. The real problems started when SEP decided to >>>>>>>>> quarantine the files across all ~600 workstations taking us completely >>>>>>>>> offline.**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> The fix was to boot each workstation into safe mode and removing >>>>>>>>> SEP.**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> It was a long night.**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> The good news:**** >>>>>>>>> >>>>>>>>> None of the advanced features were enabled on the servers.**** >>>>>>>>> >>>>>>>>> We are migrating away from SEP as of this morning.**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> Robert**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! >>>>>>>>> ~ >>>>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>>>> >>>>>>>>> --- >>>>>>>>> To manage subscriptions click here: >>>>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>>>> >>>>>>>>> **** >>>>>>>>> >>>>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>>>> >>>>>>>>> --- >>>>>>>>> To manage subscriptions click here: >>>>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>>>> >>>>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! >>>>>>>>> ~ >>>>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>>>> >>>>>>>>> --- >>>>>>>>> To manage subscriptions click here: >>>>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>>>> >>>>>>>>> ** ** >>>>>>>>> >>>>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>>>> >>>>>>>>> --- >>>>>>>>> To manage subscriptions click here: >>>>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>>>> with the body: unsubscribe ntsysadmin**** >>>>>>>>> >>>>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource >>>>>>>>> hog! ~ >>>>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>>>> >>>>>>>>> --- >>>>>>>>> To manage subscriptions click here: >>>>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>>>> with the body: unsubscribe ntsysadmin >>>>>>>>> >>>>>>>> >>>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>>> >>>>>>>> --- >>>>>>>> To manage subscriptions click here: >>>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>>> with the body: unsubscribe ntsysadmin >>>>>>>> >>>>>>> >>>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>>> >>>>>>> --- >>>>>>> To manage subscriptions click here: >>>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>>> with the body: unsubscribe ntsysadmin >>>>>>> >>>>>> >>>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>>> >>>>>> --- >>>>>> To manage subscriptions click here: >>>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>>> with the body: unsubscribe ntsysadmin >>>>>> >>>>> >>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>> >>>>> --- >>>>> To manage subscriptions click here: >>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>> with the body: unsubscribe ntsysadmin >>>>> >>>> >>>> >>>> >>>> -- >>>> *James Rankin* >>>> Technical Consultant (ACA, CCA, MCTS) >>>> http://appsensebigot.blogspot.co.uk >>>> >>>> >>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> >>>> --- >>>> To manage subscriptions click here: >>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>> with the body: unsubscribe ntsysadmin >>>> >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to listmana...@lyris.sunbeltsoftware.com >>> with the body: unsubscribe ntsysadmin >>> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
