date:20100420

Group membership updates

2010-04-20 Thread James Rankin

I know that there's probably no way of doing this, but I thought I'd
askis there any way of updating a logged-on user's AD group memberships
without them logging out of the system? Everything I've read suggests that
there is no way to update an access token except by logging in again, so
short of launching an application with a RunAs command, I think I may be
pretty much snookered. I live in hope though.


TIA,



JRR

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Dell system reboots every other Monday at 6am

2010-04-20 Thread Chipshead

Out of curiosity , what are you running for anti-virus software on this? 
- Original Message - 
From: "Peter van Houten " < petervdh @ gmail .com> 
To: "NT System Admin Issues" < ntsysadmin @ lyris .sunbelt-software.com> 
Sent: Monday, April 19, 2010 1:05:29 PM GMT -05:00 US/Canada Eastern 
Subject: Re: Dell system reboots every other Monday at 6am 

Bambi, let autoruns have a look at your system and check the log 
*thoroughly* 

http :// technet . microsoft .com/en-us/ sysinternals /bb963902. aspx 

-- 
Peter van Houten 


Bambi J Saastad wrote the following: 
> Bios has everthing disabled. 
> Note I forgot to mention that the pc was disconnected from the network 
> the last 2 weeks, and it still rebooted. 
> B 
> 
> On Mon, Apr 19, 2010 at 11:29 AM, Bambi J Saastad 
> < bambi .j. saastad @ seagate .com < mailto : bambi .j. saastad @ seagate 
> .com>> wrote: 
> 
>     System downloads updates at 3am, but there were no updates to install. 
>     Nothing in tasks either. 
>     Thx 
>     B 
> 
>     On Mon, Apr 19, 2010 at 11:15 AM, Kennedy, Jim 
>     < kennedyjim @ elyriaschools .org < mailto : kennedyjim @ elyriaschools 
> .org>> 
>     wrote: 
> 
>         Automatically downloading and installing updates? Also check 
>         what is in scheduled tasks. 
>           
> 
>         *From:* Bambi J Saastad [ mailto : bambi .j. saastad @ seagate .com 
>         < mailto : bambi .j. saastad @ seagate .com>] 
>         *Sent:* Monday, April 19, 2010 12:20 PM 
>         *To:* NT System Admin Issues 
>         *Subject:* Dell system reboots every other Monday at 6am 
> 
>           
> 
>         I have a newer Dell Optiplex 760 
>         Windows XP SP3, patches up to date. 
>         McAfee Enterprise 
> 
>         Every other Monday for about the last 6 weeks, it reboots at 
>         approx 6am 
>         I've run Malawarebytes , and virusscan , and found nothing. 
>         I have 8 others just like it running the same software on the 
>         same equipment, and they have no issues. 
>         I've found nothing. 
>         Nothing obvious in the event logs. 
> 
>         Has anyone else had something similar happen? Or any suggestions 
>         as to what may be causing it? 
>         TIA 
>         B 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 
~ < http :// www . sunbeltsoftware .com/Business/VIPRE-Enterprise/>  ~ 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Group membership updates

2010-04-20 Thread Michael B. Smith

I think you've got that figured.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Tuesday, April 20, 2010 6:40 AM
To: NT System Admin Issues
Subject: Group membership updates

I know that there's probably no way of doing this, but I thought I'd askis 
there any way of updating a logged-on user's AD group memberships without them 
logging out of the system? Everything I've read suggests that there is no way 
to update an access token except by logging in again, so short of launching an 
application with a RunAs command, I think I may be pretty much snookered. I 
live in hope though.


TIA,



JRR

--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the 
machine wrong figures, will the right answers come out?' I am not able rightly 
to apprehend the kind of confusion of ideas that could provoke such a question."





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: label printer

2010-04-20 Thread paul d

Yes, it turns out it was a driver issue.  We changed all the Kyocera drivers to 
HP Universal and that appears to have fixed the label printer issue.  Thanks 
all for your replies and help. 
From: michealespin...@gmail.com
Date: Fri, 16 Apr 2010 12:08:43 -0700
Subject: Re: label printer
To: ntsysadmin@lyris.sunbelt-software.com

Ditto.  Sometimes it takes removing all the drivers manually (to be sure to get 
any uninstall remnants) to properly fix a printer driver issue.
--
ME2

On Fri, Apr 16, 2010 at 7:41 AM, Miller Bonnie L. 
 wrote:

I'd agree with Ben about drivers, and this kind of problem can be a pain to 
troubleshoot.

I'd start by looking at all of the drivers you've updated recently (back to 
when the problem started).  On the WS03 print server, look for the files 
associated with each driver.  For some, you can see these names on the "About" 
tab of the print driver, but you might have to go straight to searching the 
registry.  What can happen is if you have any files in common between drivers 
they may have been updated when you installed the latest printer, which can 
sometimes break an older driver.

Then, look at your problem printers and do the same thing (get the file names). 
 Try to find if there are any files in common and narrow in on those.  The 
files are usually stored under %systemroot%\system32\spool, but you can usually 
find the path in the registry for specific printers.

Then, you might need another WS03 test server that hasn't had any of these 
printer drivers installed yet.  Install just the older drivers, so you can see 
what the files looked like before the latest drivers were updated to figure out 
what changed.  If you have a backup, that might also be an easier way to find 
them--you need to be able to confirm the file is different.

Then, you test by replacing the file back to the older version.  In some cases, 
I've found I can stop the spooler and replace the file with an older version as 
"updating" the printer driver again with the older one does not generally 
overwrite any newer files (and it doesn't warn you).  But, I've also found 
where that doesn't always work or the newer printer driver will break after 
replacing the file with the old one.  You'll have to test all printers that 
share whatever file you had to replace.  In one case, we had such a bad 
conflict that we ended up using a different type of driver (PS vs PCL) for one 
of them, but I don't know if you will have that kind of option here.

-Bonnie

-Original Message-

From: Ben Scott [mailto:mailvor...@gmail.com]

Sent: Thursday, April 15, 2010 2:39 PM

To: NT System Admin Issues

Subject: Re: label printer

On Thu, Apr 15, 2010 at 3:24 PM, paul d  wrote:

> We entered into a contract to have all our non-label printers to be leased

> from a company (we used to just buy them) and have been replacing the

> current printers with these new printers.  That, of course, means changing

> the drivers on the print server.

  I'd start looking there, then.  You changed printer drivers, and now

you have some new printer problems.  I doubt that's coincidence.

  I've seen all manner of weird problems come about due to printer

drivers.  A buggy printer driver can affect other printers using other

drivers on the same computer.  (HP's drivers started doing this to us.

 It's one of the main reasons we're not buying HP printers anymore.)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~   ~

_
Hotmail is redefining busy with tools for the New Busy. Get more from your 
inbox.
http://www.windowslive.com/campaign/thenewbusy?ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_2
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: OT: HP/Compaq NC6120 laptop noise

2010-04-20 Thread Peter van Houten


Thanks Daniel. The nc6120 does not have an internal mic but the noise is
produced whether an external mic is plugged in or not. This is verified
by using the sound recorder or running Skype. It is beginning to look
like oscillation produced in the mic preamp section. I was hoping that
someone else had seen something on this and could point me to a quick
fix but it is looking like a laptop strip :-(

--
Peter van Houten


Daniel Rodriguez wrote the following:
Is this happening with the internal mic or an external mic when it is 
plugged in?


On Mon, Apr 19, 2010 at 7:00 PM, Peter van Houten > wrote:


Hello all,

We have recently upgraded several of these laptops at a client. The
machines are old but not too badly specified, so it was decided
to upgrade to the max. The RAM to 2GB, the disks to 320GB and the O/S to
Windows 7. The users were delighted and all was well...except for an
audio problem.

It occurs when recording sound from the mic input. Skype can trigger the
situation and is the application that uncovered the problem. It is a
continuous, low-level, [approx.] 500Hz whine (groan?) It is not a
feedback problem :-) The user couldn't hear the noise but the
people on the other end of the conversation were complaining. The
problem doesn't occur when simply playing audio, so it hadn't been
noticed previously.

First test was to check a laptop that had not been upgraded. That
returned exactly the same fault. After that, we booted from an Ubuntu CD
to rule out the O/S and drivers and the same problem occurred. So, it is
hardware related and before we open one and start testing for bad caps,
ground loops and crispy spiders, has anyone else seen this?

I have searched endlessly and found one *similar* problem on the HP
forum with no resolution. I am an electrical engineer and equipped for
(and comfortable with) all manner of hardware down to smt but I am
getting too old for this!

TIA
--
Peter van Houten



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Dell system reboots every other Monday at 6am

2010-04-20 Thread Bambi Saastad

 McAfee Enterprise
Sent from my Blackberry
Bambi

--
 *From*: chipsh...@comcast.net 
*To*: NT System Admin Issues 
*Sent*: Tue Apr 20 05:42:46 2010
*Subject*: Re: Dell system reboots every other Monday at 6am

Out of curiosity, what are you running for anti-virus software on this?
- Original Message -
From: "Peter van Houten" 
To: "NT System Admin Issues" 
Sent: Monday, April 19, 2010 1:05:29 PM GMT -05:00 US/Canada Eastern
Subject: Re: Dell system reboots every other Monday at 6am

Bambi, let autoruns have a look at your system and check the log
*thoroughly*

http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

--
Peter van Houten


Bambi J Saastad wrote the following:
> Bios has everthing disabled.
> Note I forgot to mention that the pc was disconnected from the network
> the last 2 weeks, and it still rebooted.
> B
>
> On Mon, Apr 19, 2010 at 11:29 AM, Bambi J Saastad
> mailto:bambi.j.saas...@seagate.com>> wrote:
>
> System downloads updates at 3am, but there were no updates to install.
> Nothing in tasks either.
> Thx
> B
>
> On Mon, Apr 19, 2010 at 11:15 AM, Kennedy, Jim
> mailto:kennedy...@elyriaschools.org>>
> wrote:
>
> Automatically downloading and installing updates? Also check
> what is in scheduled tasks.
>
>
> *From:* Bambi J Saastad [mailto:bambi.j.saas...@seagate.com
> ]
> *Sent:* Monday, April 19, 2010 12:20 PM
> *To:* NT System Admin Issues
> *Subject:* Dell system reboots every other Monday at 6am
>
>
>
> I have a newer Dell Optiplex 760
> Windows XP SP3, patches up to date.
> McAfee Enterprise
>
> Every other Monday for about the last 6 weeks, it reboots at
> approx 6am
> I've run Malawarebytes, and virusscan, and found nothing.
> I have 8 others just like it running the same software on the
> same equipment, and they have no issues.
> I've found nothing.
> Nothing obvious in the event logs.
>
> Has anyone else had something similar happen? Or any suggestions
> as to what may be causing it?
> TIA
> B

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: OT: HP/Compaq NC6120 laptop noise

2010-04-20 Thread John Aldrich

Just out of curiosity, have you tried a USB mic? That might bypass whatever
is causing the hum.



-Original Message-
From: Peter van Houten [mailto:peter...@gmail.com] 
Sent: Tuesday, April 20, 2010 8:02 AM
To: NT System Admin Issues
Subject: Re: OT: HP/Compaq NC6120 laptop noise

Thanks Daniel. The nc6120 does not have an internal mic but the noise is
produced whether an external mic is plugged in or not. This is verified
by using the sound recorder or running Skype. It is beginning to look
like oscillation produced in the mic preamp section. I was hoping that
someone else had seen something on this and could point me to a quick
fix but it is looking like a laptop strip :-(

--
Peter van Houten


Daniel Rodriguez wrote the following:
> Is this happening with the internal mic or an external mic when it is 
> plugged in?
> 
> On Mon, Apr 19, 2010 at 7:00 PM, Peter van Houten  > wrote:
> 
> Hello all,
> 
> We have recently upgraded several of these laptops at a client. The
> machines are old but not too badly specified, so it was decided
> to upgrade to the max. The RAM to 2GB, the disks to 320GB and the O/S
to
> Windows 7. The users were delighted and all was well...except for an
> audio problem.
> 
> It occurs when recording sound from the mic input. Skype can trigger
the
> situation and is the application that uncovered the problem. It is a
> continuous, low-level, [approx.] 500Hz whine (groan?) It is not a
> feedback problem :-) The user couldn't hear the noise but the
> people on the other end of the conversation were complaining. The
> problem doesn't occur when simply playing audio, so it hadn't been
> noticed previously.
> 
> First test was to check a laptop that had not been upgraded. That
> returned exactly the same fault. After that, we booted from an Ubuntu
CD
> to rule out the O/S and drivers and the same problem occurred. So, it
is
> hardware related and before we open one and start testing for bad
caps,
> ground loops and crispy spiders, has anyone else seen this?
> 
> I have searched endlessly and found one *similar* problem on the HP
> forum with no resolution. I am an electrical engineer and equipped for
> (and comfortable with) all manner of hardware down to smt but I am
> getting too old for this!
> 
> TIA
> --
> Peter van Houten


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: OT: HP/Compaq NC6120 laptop noise

2010-04-20 Thread Peter van Houten


Heh ~ we are presently looking at USB sound cards as the client has
already invested in some fancy headsets.

Still concerned at future fingerpoken which would re-enable the mic but I'm
sure we can lock it down.

--
Peter van Houten


John Aldrich wrote the following:

Just out of curiosity, have you tried a USB mic? That might bypass whatever
is causing the hum.



-Original Message-
From: Peter van Houten [mailto:peter...@gmail.com] 
Sent: Tuesday, April 20, 2010 8:02 AM

To: NT System Admin Issues
Subject: Re: OT: HP/Compaq NC6120 laptop noise

Thanks Daniel. The nc6120 does not have an internal mic but the noise is
produced whether an external mic is plugged in or not. This is verified
by using the sound recorder or running Skype. It is beginning to look
like oscillation produced in the mic preamp section. I was hoping that
someone else had seen something on this and could point me to a quick
fix but it is looking like a laptop strip :-(

--
Peter van Houten


Daniel Rodriguez wrote the following:
Is this happening with the internal mic or an external mic when it is 
plugged in?


On Mon, Apr 19, 2010 at 7:00 PM, Peter van Houten > wrote:


Hello all,

We have recently upgraded several of these laptops at a client. The
machines are old but not too badly specified, so it was decided
to upgrade to the max. The RAM to 2GB, the disks to 320GB and the O/S

to

Windows 7. The users were delighted and all was well...except for an
audio problem.

It occurs when recording sound from the mic input. Skype can trigger

the

situation and is the application that uncovered the problem. It is a
continuous, low-level, [approx.] 500Hz whine (groan?) It is not a
feedback problem :-) The user couldn't hear the noise but the
people on the other end of the conversation were complaining. The
problem doesn't occur when simply playing audio, so it hadn't been
noticed previously.

First test was to check a laptop that had not been upgraded. That
returned exactly the same fault. After that, we booted from an Ubuntu

CD

to rule out the O/S and drivers and the same problem occurred. So, it

is

hardware related and before we open one and start testing for bad

caps,

ground loops and crispy spiders, has anyone else seen this?

I have searched endlessly and found one *similar* problem on the HP
forum with no resolution. I am an electrical engineer and equipped for
(and comfortable with) all manner of hardware down to smt but I am
getting too old for this!

TIA
--
Peter van Houten


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: OT: HP/Compaq NC6120 laptop noise

2010-04-20 Thread Steven M. Caesare

While not recommended you can also consider removing the ground
connection to the pre-amp to test and see if you have a ground loop
somewhere  if it uses a standard IEC cord, the easiest way is to
just break off the round ground contact on the cord.. they are a dime a
dozen.

-sc

> -Original Message-
> From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
> Sent: Tuesday, April 20, 2010 9:01 AM
> To: NT System Admin Issues
> Subject: RE: OT: HP/Compaq NC6120 laptop noise
> 
> Just out of curiosity, have you tried a USB mic? That might bypass
whatever is
> causing the hum.
> 
> 
> 
> -Original Message-
> From: Peter van Houten [mailto:peter...@gmail.com]
> Sent: Tuesday, April 20, 2010 8:02 AM
> To: NT System Admin Issues
> Subject: Re: OT: HP/Compaq NC6120 laptop noise
> 
> Thanks Daniel. The nc6120 does not have an internal mic but the noise
is
> produced whether an external mic is plugged in or not. This is
verified by
> using the sound recorder or running Skype. It is beginning to look
like
> oscillation produced in the mic preamp section. I was hoping that
someone
> else had seen something on this and could point me to a quick fix but
it is
> looking like a laptop strip :-(
> 
> --
> Peter van Houten
> 
> 
> Daniel Rodriguez wrote the following:
> > Is this happening with the internal mic or an external mic when it
is
> > plugged in?
> >
> > On Mon, Apr 19, 2010 at 7:00 PM, Peter van Houten
 > > wrote:
> >
> > Hello all,
> >
> > We have recently upgraded several of these laptops at a client.
The
> > machines are old but not too badly specified, so it was decided
> > to upgrade to the max. The RAM to 2GB, the disks to 320GB and
the
> > O/S
> to
> > Windows 7. The users were delighted and all was well...except
for an
> > audio problem.
> >
> > It occurs when recording sound from the mic input. Skype can
> > trigger
> the
> > situation and is the application that uncovered the problem. It
is a
> > continuous, low-level, [approx.] 500Hz whine (groan?) It is not
a
> > feedback problem :-) The user couldn't hear the noise but the
> > people on the other end of the conversation were complaining.
The
> > problem doesn't occur when simply playing audio, so it hadn't
been
> > noticed previously.
> >
> > First test was to check a laptop that had not been upgraded.
That
> > returned exactly the same fault. After that, we booted from an
> > Ubuntu
> CD
> > to rule out the O/S and drivers and the same problem occurred.
So,
> > it
> is
> > hardware related and before we open one and start testing for
bad
> caps,
> > ground loops and crispy spiders, has anyone else seen this?
> >
> > I have searched endlessly and found one *similar* problem on the
HP
> > forum with no resolution. I am an electrical engineer and
equipped for
> > (and comfortable with) all manner of hardware down to smt but I
am
> > getting too old for this!
> >
> > TIA
> > --
> > Peter van Houten
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

VSS users?

2010-04-20 Thread Jim Holmgren

Any VSS users out there that can answer a fairly simple (I hope)
question for me?  

I'm trying to help a group of users help themselves and I need a little
info from someone who knows this product.

Q:  Is there a way to force files to be saved as text as opposed to
binary?  I suspect a setting in the ss.ini file may hold the key.

Thanks!
Jim

Jim Holmgren
Manager of Server Engineering
XLHealth Corporation
The Warehouse at Camden Yards
351 West Camden Street, Suite 100
Baltimore, MD 21201 
410.625.2200 (main)
443.524.8573 (direct)
443-506.2400 (cell)
www.xlhealth.com




CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use 
of the intended recipient(s) and may contain confidential and/or protected 
health information. Under the Federal Law (HIPAA), the intended recipient is 
obligated to keep this information secure and confidential. Any disclosure to 
third parties without authorization from the member of as permitted by law is 
prohibited and punishable under Federal Law. If you are not the intended 
recipient, please contact the sender by reply e-mail and destroy all copies of 
the original message.

NOTA DE CONFIDENCIALIDAD: Este facsímile, incluyendo lo adjunto, es para el uso 
exclusivo del destinatario(s) y puede contener información confidencial y/o 
información protegida de salud. En virtud de la Ley Federal (HIPAA), el 
destinatario tiene la obligación de mantener esta información segura y 
confidencial. Cualquier divulgación a terceros sin la autorización de los 
miembros de lo permitido por la ley está prohibido y penado en virtud de la Ley 
Federal. Si usted no es el destinatario, por favor, póngase en contacto con el 
remitente por teléfono y destruir todas las copias del mensaje original
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

VIPRE Enterprise Console 4.0.4283 Firewall Issues

2010-04-20 Thread Dennis Krebs

We installed VIPRE Enterprise Console 4.0.4283 on a local workstation and 
attempted to create a site connection to a SQL database that resides on our 
VIPRE server. Initially we were only able to get this to work by disabling the 
firewall on the server.  Using TCPView we determined that the client was trying 
to establish a remote TCP connection via port 55167. We created a firewall rule 
on the server to allow this traffic through, turned the firewall back on and, 
much to our dismay, the client still didn't work.

Again, using TCPView, we determined that the client initially tries to 
establish a UDP connection of some sort. Unfortunately, because TCPView only 
samples in 1 second increments, we haven't been able to determine the remote 
port number it's actually using. If we create a rule on the server to allow all 
UDP traffic the client works as expected.

Does anyone know the remote port number VIPRE Enterprise Console uses to 
establish a UDP connection with the server? I contacted Sunbelt support for 
this. Unfortunately, their response has been very, VERY disappointing. They 
basically sent me a couple of tech documents via email (neither of which 
contained the term UDP) and continue to read from some sort of standard 
troubleshooting script without actually listening to what I've already done.

Any help would be appreciated.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: VIPRE Enterprise Console 4.0.4283 Firewall Issues

2010-04-20 Thread kstephenson04

Hello Mr. Krebs,
I'm new (today) to the Lyris form so this information may or may not be
beneficial.
 
If by opening ALL ports on the FW resolves the problem, possible use the
"netstat" syntax to determine which ports are active, addressing "VIPRE
Enterprise Console uses to establish a UDP connection with the server"
 
Note: The NETSTAT command will show you whatever ports are open or in use,
but it is NOT a port
scanning tool.
 
Open Command Prompt and type:
C:'WINDOWS>netstat -an |find /i "listening"
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1084 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2094 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING
 
You can redirect it to a text file by adding >c:'openports.txt to the
command, if you want to:
netstat -an |find /i "listening" > c:'openports.txt
 

netstat -an |find /i "listening" > c:'openports.txt
 
You can also change "listening" to "established" to see what ports your
computer actually communicates
with:
C:'WINDOWS>netstat -an |find /i "established"
TCP 192.168.0.100:1084 192.168.0.200:1026 ESTABLISHED
TCP 192.168.0.100:2094 192.168.0.200:1166 ESTABLISHED
TCP 192.168.0.100:2305 209.211.250.3:80 ESTABLISHED
TCP 192.168.0.100:2316 212.179.112.230:80 ESTABLISHED

This may help tract down which exact ports need to be configured through the
FW.
 
Hope this helps.
Ken
 

  _  

From: Dennis Krebs [mailto:dennis.kr...@advancedav.com] 
Sent: Tuesday, April 20, 2010 10:57 AM
To: NT System Admin Issues
Subject: VIPRE Enterprise Console 4.0.4283 Firewall Issues



We installed VIPRE Enterprise Console 4.0.4283 on a local workstation and
attempted to create a site connection to a SQL database that resides on our
VIPRE server. Initially we were only able to get this to work by disabling
the firewall on the server.  Using TCPView we determined that the client was
trying to establish a remote TCP connection via port 55167. We created a
firewall rule on the server to allow this traffic through, turned the
firewall back on and, much to our dismay, the client still didn't work.

 

Again, using TCPView, we determined that the client initially tries to
establish a UDP connection of some sort. Unfortunately, because TCPView only
samples in 1 second increments, we haven't been able to determine the remote
port number it's actually using. If we create a rule on the server to allow
all UDP traffic the client works as expected.

 

Does anyone know the remote port number VIPRE Enterprise Console uses to
establish a UDP connection with the server? I contacted Sunbelt support for
this. Unfortunately, their response has been very, VERY disappointing. They
basically sent me a couple of tech documents via email (neither of which
contained the term UDP) and continue to read from some sort of standard
troubleshooting script without actually listening to what I've already done.

 

Any help would be appreciated.

 


 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

A Little OT: Rack Space Exchange Hosting Services

2010-04-20 Thread Don Guyer

Greetings,

 

We are entertaining the idea of having the Rack Space
company host our Exchange environment. If anyone has any experience with
them, good or bad, I would appreciate the feedback tremendously. I know
they host more than just Exchange, so if you have any input at all
regarding their services, that is most welcome as well.

 

Thx,

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: A Little OT: Rack Space Exchange Hosting Services

2010-04-20 Thread Charlie Kaiser

Rackspace is excellent. We had a bunch of hosted servers with them and their
uptime and support was stellar. But you pay for it... They are very
pricey...
I've used intermedia for hosted exchange with good results, too, and less
money (at least a year or so ago).

***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***  

> -Original Message-
> From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
> Sent: Tuesday, April 20, 2010 8:35 AM
> To: NT System Admin Issues
> Subject: A Little OT: Rack Space Exchange Hosting Services
> 
> Greetings,
> 
>  
> 
> We are entertaining the idea of having the 
> Rack Space company host our Exchange environment. If anyone 
> has any experience with them, good or bad, I would appreciate 
> the feedback tremendously. I know they host more than just 
> Exchange, so if you have any input at all regarding their 
> services, that is most welcome as well.
> 
>  
> 
> Thx,
> 
>  
> 
> Don Guyer


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Group membership updates

2010-04-20 Thread Free, Bob

Is the issue around Kerberos tickets? Is it that YOU want to update
Their memberships or you want Them to be able to do it to themselves?
You could have them purge their tickets with klist if they are somewhat
savvy...

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Tuesday, April 20, 2010 3:40 AM
To: NT System Admin Issues
Subject: Group membership updates

I know that there's probably no way of doing this, but I thought I'd
askis there any way of updating a logged-on user's AD group
memberships without them logging out of the system? Everything I've read
suggests that there is no way to update an access token except by
logging in again, so short of launching an application with a RunAs
command, I think I may be pretty much snookered. I live in hope
though.

TIA,

JRR

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Group membership updates

2010-04-20 Thread James Rankin

We tend to deploy applications to users via group membership. The shortcuts
to applications are held in a single shared desktop folder, with NTFS
permissions on each shortcut linking to the application group. It is quick
and dirty and saves writing new entries to the relevant GPOs every time you
want to push out a new app. However, some of our more PITA users are
complaining that they have to log off and back on when a new app is
deployed, so we were trying to give them a way to update their group
memberships dynamically by running some sort of shortcut on their desktop.

I considered klist, but does that not just purge the Kerberos token and you
have to reacquire a new one at login time? I've never used it before - that
was just what I read in a couple of forums.

Cheers,

On 20 April 2010 16:40, Free, Bob  wrote:

>  Is the issue around Kerberos tickets? Is it that YOU want to update Their
> memberships or you want Them to be able to do it to themselves? You could
> have them purge their tickets with klist if they are somewhat savvy…
>
>
>
> *From:* James Rankin [mailto:kz2...@googlemail.com]
> *Sent:* Tuesday, April 20, 2010 3:40 AM
> *To:* NT System Admin Issues
> *Subject:* Group membership updates
>
>
>
> I know that there's probably no way of doing this, but I thought I'd
> askis there any way of updating a logged-on user's AD group memberships
> without them logging out of the system? Everything I've read suggests that
> there is no way to update an access token except by logging in again, so
> short of launching an application with a RunAs command, I think I may be
> pretty much snookered. I live in hope though.
>
>
> TIA,
>
>
>
> JRR
>
> --
> "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
> the machine wrong figures, will the right answers come out?' I am not able
> rightly to apprehend the kind of confusion of ideas that could provoke such
> a question."
>
>
>
>
>
>
>
>
>
>

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Server monitoring solution recommendations?

2010-04-20 Thread Stringham, Steven

+1 Nagios - yes a bit to setup - but it just runs.

+1 also for Cacti - if you want the historical graphs. Very nice.

-Original Message-
From: Michael Leone [mailto:oozerd...@gmail.com] 
Sent: Friday, April 16, 2010 6:07 AM
To: NT System Admin Issues
Subject: Server monitoring solution recommendations?

I'm investigating server monitoring solutions for my enterprise. What
I'm interested in is real world experiences and recommendations, not
just sales pitches and product sheets that I can get from Google.

The way I see it, I need 2 basic functions: I need to be able to monitor
various aspects of a server (CPU usage, free disk space, is a service
running, does the web service return a web page in a timely manner, is
the switch at that site being overloaded, etc - the usual things you'd
want to know from a server, I think) and then alert me when certain
triggers or thresholds are crossed; and also to provide historical
reports, showing trends over time. At a previous job, I used to
ServersAlive!, which suited my needs there. But now I am at a place that
has over 100 servers and switches, across multiple sites.
And so I think I'd need something with more heft, perhaps.

We're an HP shop, and I am looking at HP's SIM (Insight Manager)
software, but that doesn't seem to monitor all the sorts of functions I
want, nor does it seem to present it in a timely manner.

I'm also looking at PacketTraps PT 360 tool suite (which is free), and
that seems to show me some of what I need, but doesn't seem to have a
lot in the way of reporting, nor have I found a way (yet) for it to
alert me to configurable settings.

I've also downloaded SpiceWorks, on the recommendation of a colleague,
but haven't had a chance to investigate it yet.

We're a gov't agency, so I don't have a whole lot of money. But I have a
need, and at the moment, nothing in place to fill it. Getting an alert
email that tells me that my mail server CPU has been up over 80% for
more than xx seconds would be a good thing, so I don't have to get phone
calls from users, asking why mail is so slow, and that's the first I've
heard of it. I'm sure you get the idea. And the boss wants reports over
time, for capacity planning and the like.

So any recommendations would be welcome, as would anything I've
forgotten. We're almost exclusively a Windows shop, but with 10 VMware
ESX hosts, a number of MS SQL servers (2000, 2005), and a number of
Cisco switches (and a couple Nortel ones scattered here and there). No
Exchange (we're a Notes shop).

TIA

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

For more information about Lewis and Roca LLP, please go to
www.lewisandroca.com.
Phoenix (602) 262-5311
Tucson (520) 622-2090
Las Vegas (702) 949-8200
Reno (775) 823-2900
Minden (775) 586-9500
Albuquerque (505) 764-5400
Silicon Valley (650) 391-1380

This message is intended only for the use of the individual or entity to which 
it is addressed. If the reader of this message is not the intended recipient, 
or the employee or agent responsible for delivering the message to the intended 
recipient, you are hereby notified that any dissemination, distribution or 
copying of this message is strictly prohibited. If you have received this 
communication in error, please notify us immediately by replying to the sender 
of this E-Mail by return E-Mail or by telephone. 

In accordance with Internal Revenue Service Circular 230, we advise you that if 
this email contains any tax advice, such tax advice was not intended or written 
to be used, and it cannot be used, by any taxpayer for the purpose of avoiding 
penalties that may be imposed on the taxpayer.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: A Little OT: Rack Space Exchange Hosting Services

2010-04-20 Thread John Cook

You might check out ISON group, they host all kinds of services.

- Original Message -
From: Charlie Kaiser 
To: NT System Admin Issues 
Sent: Tue Apr 20 11:40:02 2010
Subject: RE: A Little OT: Rack Space Exchange Hosting Services

Rackspace is excellent. We had a bunch of hosted servers with them and their
uptime and support was stellar. But you pay for it... They are very
pricey...
I've used intermedia for hosted exchange with good results, too, and less
money (at least a year or so ago).

***
Charlie Kaiser
charl...@golden-eagle.org
Kingman, AZ
***

> -Original Message-
> From: Don Guyer [mailto:don.gu...@prufoxroach.com]
> Sent: Tuesday, April 20, 2010 8:35 AM
> To: NT System Admin Issues
> Subject: A Little OT: Rack Space Exchange Hosting Services
>
> Greetings,
>
>
>
> We are entertaining the idea of having the
> Rack Space company host our Exchange environment. If anyone
> has any experience with them, good or bad, I would appreciate
> the feedback tremendously. I know they host more than just
> Exchange, so if you have any input at all regarding their
> services, that is most welcome as well.
>
>
>
> Thx,
>
>
>
> Don Guyer

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
 Consider the environment. Please don't print this e-mail unless you really 
need to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Server monitoring solution recommendations?

2010-04-20 Thread kstephenson04

Hello Steven
One other product which I used previously was WhatsUp(r) Gold Premium
Edition provides an extensive and cost-effective out-of-the-box single site
management and monitoring solution for networks of all sizes

Ken

-Original Message-
From: Stringham, Steven [mailto:sstri...@lrlaw.com] 
Sent: Tuesday, April 20, 2010 11:50 AM
To: NT System Admin Issues
Subject: RE: Server monitoring solution recommendations?

+1 Nagios - yes a bit to setup - but it just runs.

+1 also for Cacti - if you want the historical graphs. Very nice.


-Original Message-
From: Michael Leone [mailto:oozerd...@gmail.com]
Sent: Friday, April 16, 2010 6:07 AM
To: NT System Admin Issues
Subject: Server monitoring solution recommendations?

I'm investigating server monitoring solutions for my enterprise. What I'm
interested in is real world experiences and recommendations, not just sales
pitches and product sheets that I can get from Google.

The way I see it, I need 2 basic functions: I need to be able to monitor
various aspects of a server (CPU usage, free disk space, is a service
running, does the web service return a web page in a timely manner, is the
switch at that site being overloaded, etc - the usual things you'd want to
know from a server, I think) and then alert me when certain triggers or
thresholds are crossed; and also to provide historical reports, showing
trends over time. At a previous job, I used to ServersAlive!, which suited
my needs there. But now I am at a place that has over 100 servers and
switches, across multiple sites.
And so I think I'd need something with more heft, perhaps.

We're an HP shop, and I am looking at HP's SIM (Insight Manager) software,
but that doesn't seem to monitor all the sorts of functions I want, nor does
it seem to present it in a timely manner.

I'm also looking at PacketTraps PT 360 tool suite (which is free), and that
seems to show me some of what I need, but doesn't seem to have a lot in the
way of reporting, nor have I found a way (yet) for it to alert me to
configurable settings.

I've also downloaded SpiceWorks, on the recommendation of a colleague, but
haven't had a chance to investigate it yet.

We're a gov't agency, so I don't have a whole lot of money. But I have a
need, and at the moment, nothing in place to fill it. Getting an alert email
that tells me that my mail server CPU has been up over 80% for more than xx
seconds would be a good thing, so I don't have to get phone calls from
users, asking why mail is so slow, and that's the first I've heard of it.
I'm sure you get the idea. And the boss wants reports over time, for
capacity planning and the like.

So any recommendations would be welcome, as would anything I've forgotten.
We're almost exclusively a Windows shop, but with 10 VMware ESX hosts, a
number of MS SQL servers (2000, 2005), and a number of Cisco switches (and a
couple Nortel ones scattered here and there). No Exchange (we're a Notes
shop).

TIA

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


For more information about Lewis and Roca LLP, please go to
www.lewisandroca.com.
Phoenix (602) 262-5311
Tucson (520) 622-2090
Las Vegas (702) 949-8200
Reno (775) 823-2900
Minden (775) 586-9500
Albuquerque (505) 764-5400
Silicon Valley (650) 391-1380

This message is intended only for the use of the individual or entity to
which it is addressed. If the reader of this message is not the intended
recipient, or the employee or agent responsible for delivering the message
to the intended recipient, you are hereby notified that any dissemination,
distribution or copying of this message is strictly prohibited. If you have
received this communication in error, please notify us immediately by
replying to the sender of this E-Mail by return E-Mail or by telephone. 

In accordance with Internal Revenue Service Circular 230, we advise you that
if this email contains any tax advice, such tax advice was not intended or
written to be used, and it cannot be used, by any taxpayer for the purpose
of avoiding penalties that may be imposed on the taxpayer.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Group membership updates

2010-04-20 Thread Free, Bob

If you purge the TGT and then try to access a network resource by FQDN
then a new TGT with upgraded memberships should be issued.

 

You can test with klist tgt to see in action.

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Tuesday, April 20, 2010 8:47 AM
To: NT System Admin Issues
Subject: Re: Group membership updates

 

We tend to deploy applications to users via group membership. The
shortcuts to applications are held in a single shared desktop folder,
with NTFS permissions on each shortcut linking to the application group.
It is quick and dirty and saves writing new entries to the relevant GPOs
every time you want to push out a new app. However, some of our more
PITA users are complaining that they have to log off and back on when a
new app is deployed, so we were trying to give them a way to update
their group memberships dynamically by running some sort of shortcut on
their desktop.

I considered klist, but does that not just purge the Kerberos token and
you have to reacquire a new one at login time? I've never used it before
- that was just what I read in a couple of forums.

Cheers,

On 20 April 2010 16:40, Free, Bob  wrote:

Is the issue around Kerberos tickets? Is it that YOU want to update
Their memberships or you want Them to be able to do it to themselves?
You could have them purge their tickets with klist if they are somewhat
savvy...

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Tuesday, April 20, 2010 3:40 AM
To: NT System Admin Issues
Subject: Group membership updates

 

I know that there's probably no way of doing this, but I thought I'd
askis there any way of updating a logged-on user's AD group
memberships without them logging out of the system? Everything I've read
suggests that there is no way to update an access token except by
logging in again, so short of launching an application with a RunAs
command, I think I may be pretty much snookered. I live in hope
though.


TIA,



JRR

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

 

 

 

 




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Group membership updates

2010-04-20 Thread James Rankin

Thanks! I will do some testing

On 20 April 2010 17:00, Free, Bob  wrote:

>  If you purge the TGT and then try to access a network resource by FQDN
> then a new TGT with upgraded memberships should be issued.
>
>
>
> You can test with klist tgt to see in action.
>
>
>
> *From:* James Rankin [mailto:kz2...@googlemail.com]
> *Sent:* Tuesday, April 20, 2010 8:47 AM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Group membership updates
>
>
>
> We tend to deploy applications to users via group membership. The shortcuts
> to applications are held in a single shared desktop folder, with NTFS
> permissions on each shortcut linking to the application group. It is quick
> and dirty and saves writing new entries to the relevant GPOs every time you
> want to push out a new app. However, some of our more PITA users are
> complaining that they have to log off and back on when a new app is
> deployed, so we were trying to give them a way to update their group
> memberships dynamically by running some sort of shortcut on their desktop.
>
> I considered klist, but does that not just purge the Kerberos token and you
> have to reacquire a new one at login time? I've never used it before - that
> was just what I read in a couple of forums.
>
> Cheers,
>
> On 20 April 2010 16:40, Free, Bob  wrote:
>
> Is the issue around Kerberos tickets? Is it that YOU want to update Their
> memberships or you want Them to be able to do it to themselves? You could
> have them purge their tickets with klist if they are somewhat savvy…
>
>
>
> *From:* James Rankin [mailto:kz2...@googlemail.com]
> *Sent:* Tuesday, April 20, 2010 3:40 AM
> *To:* NT System Admin Issues
> *Subject:* Group membership updates
>
>
>
> I know that there's probably no way of doing this, but I thought I'd
> askis there any way of updating a logged-on user's AD group memberships
> without them logging out of the system? Everything I've read suggests that
> there is no way to update an access token except by logging in again, so
> short of launching an application with a RunAs command, I think I may be
> pretty much snookered. I live in hope though.
>
>
> TIA,
>
>
>
> JRR
>
> --
> "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
> the machine wrong figures, will the right answers come out?' I am not able
> rightly to apprehend the kind of confusion of ideas that could provoke such
> a question."
>
>
>
>
>
>
>
>
>
>
>
>
> --
> "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
> the machine wrong figures, will the right answers come out?' I am not able
> rightly to apprehend the kind of confusion of ideas that could provoke such
> a question."
>
>
>
>
>
>
>
>
>
>


-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Group membership updates

2010-04-20 Thread Michael B. Smith

Does that work in the "normal" short-name environment? That is, 
\\fileserver\sharename\doc.doc ??

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Free, Bob [mailto:r...@pge.com]
Sent: Tuesday, April 20, 2010 12:00 PM
To: NT System Admin Issues
Subject: RE: Group membership updates

If you purge the TGT and then try to access a network resource by FQDN then a 
new TGT with upgraded memberships should be issued.

You can test with klist tgt to see in action.

From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Tuesday, April 20, 2010 8:47 AM
To: NT System Admin Issues
Subject: Re: Group membership updates

We tend to deploy applications to users via group membership. The shortcuts to 
applications are held in a single shared desktop folder, with NTFS permissions 
on each shortcut linking to the application group. It is quick and dirty and 
saves writing new entries to the relevant GPOs every time you want to push out 
a new app. However, some of our more PITA users are complaining that they have 
to log off and back on when a new app is deployed, so we were trying to give 
them a way to update their group memberships dynamically by running some sort 
of shortcut on their desktop.

I considered klist, but does that not just purge the Kerberos token and you 
have to reacquire a new one at login time? I've never used it before - that was 
just what I read in a couple of forums.

Cheers,
On 20 April 2010 16:40, Free, Bob mailto:r...@pge.com>> wrote:
Is the issue around Kerberos tickets? Is it that YOU want to update Their 
memberships or you want Them to be able to do it to themselves? You could have 
them purge their tickets with klist if they are somewhat savvy...

From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Tuesday, April 20, 2010 3:40 AM
To: NT System Admin Issues
Subject: Group membership updates

I know that there's probably no way of doing this, but I thought I'd askis 
there any way of updating a logged-on user's AD group memberships without them 
logging out of the system? Everything I've read suggests that there is no way 
to update an access token except by logging in again, so short of launching an 
application with a RunAs command, I think I may be pretty much snookered. I 
live in hope though.


TIA,



JRR

--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the 
machine wrong figures, will the right answers come out?' I am not able rightly 
to apprehend the kind of confusion of ideas that could provoke such a question."











--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the 
machine wrong figures, will the right answers come out?' I am not able rightly 
to apprehend the kind of confusion of ideas that could provoke such a question."









~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Group membership updates

2010-04-20 Thread Malcolm Reitz

This complaint would probably elicit a "that's the way it is - deal with it"
response from me; a workaround such KLIST may help (are you sure the user
really has a Kerberos logon and ticket to the relevant CIFS service?), but
it complicates the scenario significantly and your users are just as likely
to complain that they have to go through the workaround steps, too.

 

-Malcolm

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Tuesday, April 20, 2010 08:47
To: NT System Admin Issues
Subject: Re: Group membership updates

 

We tend to deploy applications to users via group membership. The shortcuts
to applications are held in a single shared desktop folder, with NTFS
permissions on each shortcut linking to the application group. It is quick
and dirty and saves writing new entries to the relevant GPOs every time you
want to push out a new app. However, some of our more PITA users are
complaining that they have to log off and back on when a new app is
deployed, so we were trying to give them a way to update their group
memberships dynamically by running some sort of shortcut on their desktop.

I considered klist, but does that not just purge the Kerberos token and you
have to reacquire a new one at login time? I've never used it before - that
was just what I read in a couple of forums.

Cheers,

On 20 April 2010 16:40, Free, Bob  wrote:

Is the issue around Kerberos tickets? Is it that YOU want to update Their
memberships or you want Them to be able to do it to themselves? You could
have them purge their tickets with klist if they are somewhat savvy.

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Tuesday, April 20, 2010 3:40 AM
To: NT System Admin Issues
Subject: Group membership updates

 

I know that there's probably no way of doing this, but I thought I'd
askis there any way of updating a logged-on user's AD group memberships
without them logging out of the system? Everything I've read suggests that
there is no way to update an access token except by logging in again, so
short of launching an application with a RunAs command, I think I may be
pretty much snookered. I live in hope though.


TIA,



JRR

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

 

 

 

 




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Group membership updates

2010-04-20 Thread Michael B. Smith

Which is why I originally replied as I did. :)

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Malcolm Reitz [mailto:malcolm.re...@live.com]
Sent: Tuesday, April 20, 2010 12:52 PM
To: NT System Admin Issues
Subject: RE: Group membership updates

This complaint would probably elicit a "that's the way it is - deal with it" 
response from me; a workaround such KLIST may help (are you sure the user 
really has a Kerberos logon and ticket to the relevant CIFS service?), but it 
complicates the scenario significantly and your users are just as likely to 
complain that they have to go through the workaround steps, too.

-Malcolm

From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Tuesday, April 20, 2010 08:47
To: NT System Admin Issues
Subject: Re: Group membership updates

We tend to deploy applications to users via group membership. The shortcuts to 
applications are held in a single shared desktop folder, with NTFS permissions 
on each shortcut linking to the application group. It is quick and dirty and 
saves writing new entries to the relevant GPOs every time you want to push out 
a new app. However, some of our more PITA users are complaining that they have 
to log off and back on when a new app is deployed, so we were trying to give 
them a way to update their group memberships dynamically by running some sort 
of shortcut on their desktop.

I considered klist, but does that not just purge the Kerberos token and you 
have to reacquire a new one at login time? I've never used it before - that was 
just what I read in a couple of forums.

Cheers,
On 20 April 2010 16:40, Free, Bob mailto:r...@pge.com>> wrote:
Is the issue around Kerberos tickets? Is it that YOU want to update Their 
memberships or you want Them to be able to do it to themselves? You could have 
them purge their tickets with klist if they are somewhat savvy...

From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Tuesday, April 20, 2010 3:40 AM
To: NT System Admin Issues
Subject: Group membership updates

I know that there's probably no way of doing this, but I thought I'd askis 
there any way of updating a logged-on user's AD group memberships without them 
logging out of the system? Everything I've read suggests that there is no way 
to update an access token except by logging in again, so short of launching an 
application with a RunAs command, I think I may be pretty much snookered. I 
live in hope though.


TIA,



JRR

--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the 
machine wrong figures, will the right answers come out?' I am not able rightly 
to apprehend the kind of confusion of ideas that could provoke such a question."











--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the 
machine wrong figures, will the right answers come out?' I am not able rightly 
to apprehend the kind of confusion of ideas that could provoke such a question."









~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Running Forefront(tm) Client Security - RAM usage?

2010-04-20 Thread Stu Sjouwerman

Anyone running Forefront that can quickly tell me what its real-world RAM usage 
is on an end-point?

Warm regards,

Stu Sjouwerman
Co-Founder, Publisher, Sunbelt Media
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com



...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Infragard

2010-04-20 Thread Roger Wright

http://www.infragard.net/about.php

Anyone a member or have comments regarding the FBI's Infragrad program?



Die dulci fruere!

Roger Wright
___

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Infragard

2010-04-20 Thread Andrew S. Baker

I have a good friend and former co-worker who is currently a member.It
is well worth it if you can get into this program.

You will have access to some privileged info, and you will get exposed to
issues pertaining to both physical and information security.

-ASB: http://XeeSM.com/AndrewBaker

On Tue, Apr 20, 2010 at 2:12 PM, Roger Wright  wrote:

> http://www.infragard.net/about.php
>
> Anyone a member or have comments regarding the FBI's Infragrad program?
>
>
>
> Die dulci fruere!
>
> Roger Wright
> ___
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Infragard

2010-04-20 Thread John Aldrich

Ahh. I take it that they don't accept all applicants then? Wonder what the
acceptance criteria are?

 

John-AldrichTile-Tools

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Tuesday, April 20, 2010 2:14 PM
To: NT System Admin Issues
Subject: Re: Infragard

 

I have a good friend and former co-worker who is currently a member.It
is well worth it if you can get into this program.


You will have access to some privileged info, and you will get exposed to
issues pertaining to both physical and information security.


-ASB: http://XeeSM.com/AndrewBaker



On Tue, Apr 20, 2010 at 2:12 PM, Roger Wright  wrote:

http://www.infragard.net/about.php

Anyone a member or have comments regarding the FBI's Infragrad program?



Die dulci fruere!

Roger Wright
___

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

HP Partnumber help

2010-04-20 Thread Joseph L. Casale

Anyone know what the pn for the 8 drive SFF tray in the front of an HP ProLiant 
ML350 Generation 5 is?

The quick specs don't show it, I need to order one...

Thanks!
jlc

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Infragard

2010-04-20 Thread Jacob

Hmm.. I wonder if we would be considered a critical infrastructure.

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Tuesday, April 20, 2010 11:16 AM
To: NT System Admin Issues
Subject: RE: Infragard

Ahh. I take it that they don't accept all applicants then? Wonder what the
acceptance criteria are?

John-AldrichTile-Tools

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Tuesday, April 20, 2010 2:14 PM
To: NT System Admin Issues
Subject: Re: Infragard

I have a good friend and former co-worker who is currently a member.It
is well worth it if you can get into this program.

You will have access to some privileged info, and you will get exposed to
issues pertaining to both physical and information security.

-ASB: http://XeeSM.com/AndrewBaker

On Tue, Apr 20, 2010 at 2:12 PM, Roger Wright  wrote:

http://www.infragard.net/about.php

Anyone a member or have comments regarding the FBI's Infragrad program?

Die dulci fruere!

Roger Wright
___

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Running Forefront(tm) Client Security - RAM usage?

2010-04-20 Thread Hart, Robert

MsMpEng.exe = 66,720K sitting ldle

MsPMSPSv.exe = 1,568K sitting idle

 

If I may add I dislike the product.

 

 

Bob

 

From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] 
Sent: Tuesday, April 20, 2010 2:08 PM
To: NT System Admin Issues
Subject: Running Forefront(tm) Client Security - RAM usage?

 

Anyone running Forefront that can quickly tell me what its real-world
RAM usage is on an end-point?

 

Warm regards,

Stu Sjouwerman

Co-Founder, Publisher, Sunbelt Media
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com




... 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Running Forefront(tm) Client Security - RAM usage?

2010-04-20 Thread Crawford, Scott

Care to elaborate on why you dislike it?

From: Hart, Robert [mailto:robert.h...@genexservices.com] 
Sent: Tuesday, April 20, 2010 1:31 PM
To: NT System Admin Issues
Subject: RE: Running Forefront(tm) Client Security - RAM usage?

MsMpEng.exe = 66,720K sitting ldle

MsPMSPSv.exe = 1,568K sitting idle

If I may add I dislike the product.

Bob

From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] 
Sent: Tuesday, April 20, 2010 2:08 PM
To: NT System Admin Issues
Subject: Running Forefront(tm) Client Security - RAM usage?

Anyone running Forefront that can quickly tell me what its real-world
RAM usage is on an end-point?

Warm regards,

Stu Sjouwerman

Co-Founder, Publisher, Sunbelt Media
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com

... 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Infragard

2010-04-20 Thread John Aldrich

Hehe. I'm sure *some* folks would consider you a "Critical Infrastructure"
but I seriously doubt that the Feds would. J

 

John-AldrichTile-Tools

 

From: Jacob [mailto:ja...@excaliburfilms.com] 
Sent: Tuesday, April 20, 2010 2:22 PM
To: NT System Admin Issues
Subject: RE: Infragard

 

Hmm.. I wonder if we would be considered a critical infrastructure.

 

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Tuesday, April 20, 2010 11:16 AM
To: NT System Admin Issues
Subject: RE: Infragard

 

Ahh. I take it that they don't accept all applicants then? Wonder what the
acceptance criteria are?

 

John-AldrichTile-Tools

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Tuesday, April 20, 2010 2:14 PM
To: NT System Admin Issues
Subject: Re: Infragard

 

I have a good friend and former co-worker who is currently a member.It
is well worth it if you can get into this program.


You will have access to some privileged info, and you will get exposed to
issues pertaining to both physical and information security.


-ASB: http://XeeSM.com/AndrewBaker

On Tue, Apr 20, 2010 at 2:12 PM, Roger Wright  wrote:

http://www.infragard.net/about.php

Anyone a member or have comments regarding the FBI's Infragrad program?



Die dulci fruere!

Roger Wright
___

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

Re: Server monitoring solution recommendations?

2010-04-20 Thread Kurt Buff

Cost-effective? Not the last time I looked at it.

However, when I last used it in production (um, well, more than 10
years ago) it was *very* nice.

Kurt

On Tue, Apr 20, 2010 at 08:55,   wrote:
> Hello Steven
> One other product which I used previously was WhatsUp(r) Gold Premium
> Edition provides an extensive and cost-effective out-of-the-box single site
> management and monitoring solution for networks of all sizes
>
> Ken
>
> -Original Message-
> From: Stringham, Steven [mailto:sstri...@lrlaw.com]
> Sent: Tuesday, April 20, 2010 11:50 AM
> To: NT System Admin Issues
> Subject: RE: Server monitoring solution recommendations?
>
> +1 Nagios - yes a bit to setup - but it just runs.
>
> +1 also for Cacti - if you want the historical graphs. Very nice.
>
>
> -Original Message-
> From: Michael Leone [mailto:oozerd...@gmail.com]
> Sent: Friday, April 16, 2010 6:07 AM
> To: NT System Admin Issues
> Subject: Server monitoring solution recommendations?
>
> I'm investigating server monitoring solutions for my enterprise. What I'm
> interested in is real world experiences and recommendations, not just sales
> pitches and product sheets that I can get from Google.
>
> The way I see it, I need 2 basic functions: I need to be able to monitor
> various aspects of a server (CPU usage, free disk space, is a service
> running, does the web service return a web page in a timely manner, is the
> switch at that site being overloaded, etc - the usual things you'd want to
> know from a server, I think) and then alert me when certain triggers or
> thresholds are crossed; and also to provide historical reports, showing
> trends over time. At a previous job, I used to ServersAlive!, which suited
> my needs there. But now I am at a place that has over 100 servers and
> switches, across multiple sites.
> And so I think I'd need something with more heft, perhaps.
>
> We're an HP shop, and I am looking at HP's SIM (Insight Manager) software,
> but that doesn't seem to monitor all the sorts of functions I want, nor does
> it seem to present it in a timely manner.
>
> I'm also looking at PacketTraps PT 360 tool suite (which is free), and that
> seems to show me some of what I need, but doesn't seem to have a lot in the
> way of reporting, nor have I found a way (yet) for it to alert me to
> configurable settings.
>
> I've also downloaded SpiceWorks, on the recommendation of a colleague, but
> haven't had a chance to investigate it yet.
>
> We're a gov't agency, so I don't have a whole lot of money. But I have a
> need, and at the moment, nothing in place to fill it. Getting an alert email
> that tells me that my mail server CPU has been up over 80% for more than xx
> seconds would be a good thing, so I don't have to get phone calls from
> users, asking why mail is so slow, and that's the first I've heard of it.
> I'm sure you get the idea. And the boss wants reports over time, for
> capacity planning and the like.
>
> So any recommendations would be welcome, as would anything I've forgotten.
> We're almost exclusively a Windows shop, but with 10 VMware ESX hosts, a
> number of MS SQL servers (2000, 2005), and a number of Cisco switches (and a
> couple Nortel ones scattered here and there). No Exchange (we're a Notes
> shop).
>
> TIA
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
>
> 
> For more information about Lewis and Roca LLP, please go to
> www.lewisandroca.com.
> Phoenix (602) 262-5311
> Tucson (520) 622-2090
> Las Vegas (702) 949-8200
> Reno (775) 823-2900
> Minden (775) 586-9500
> Albuquerque (505) 764-5400
> Silicon Valley (650) 391-1380
>
> This message is intended only for the use of the individual or entity to
> which it is addressed. If the reader of this message is not the intended
> recipient, or the employee or agent responsible for delivering the message
> to the intended recipient, you are hereby notified that any dissemination,
> distribution or copying of this message is strictly prohibited. If you have
> received this communication in error, please notify us immediately by
> replying to the sender of this E-Mail by return E-Mail or by telephone.
>
> In accordance with Internal Revenue Service Circular 230, we advise you that
> if this email contains any tax advice, such tax advice was not intended or
> written to be used, and it cannot be used, by any taxpayer for the purpose
> of avoiding penalties that may be imposed on the taxpayer.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Raper, Jonathan - Eagle

Ok, I need some insight/thoughts/suggestions...especially if any of you have 
come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
authentication (we don't support 802.11b, and 802.11g is on the way out the 
door). All desktops are XP, with a small handful of 2000 Pro boxes left out in 
the field. We've never supported Vista or Apple-anything on our network, and 
pulled the last 9x box off of our network years ago. We're close to getting rid 
of all of the 2000 clients off, and we're starting to look at Windows 7. We're 
multi-specialty, multi-location, physician-owned healthcare provider, which 
means HIPAA is of significant concern. Not much else applies, since we're not 
publicly traded (aside from common sense and the law in general). We have about 
425 employees and around 65 physicians (most of the physicians are 
shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of the 
network thus far, because we simply don't have the people in house to be able 
to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the network. 
I'm not sure why, but I suppose because they think it will be so much better 
than the Lenovo X200 Tablet PCs that we JUST bought them for use with our EMR 
system. We do not yet have a functional wireless guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no avail, 
and then discovered that apparently the iPod touch doesn't like hidden 
networks. I'm not about to start broadcasting my SSID... this gives me pause 
about even considering an iPad, not to mention that I wouldn't be able to 
control the machine or authenticate the machine against the network.

Anyway, do any of you have any arguments for or against allowing the 
iPad/iPod/iPhone, both from a support standpoint and a security standpoint?

Thanks in advance,


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com



Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Server monitoring solution recommendations?

2010-04-20 Thread kstephenson04

Completely Understand - Yes; cost is still high. 

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Tuesday, April 20, 2010 2:42 PM
To: NT System Admin Issues
Subject: Re: Server monitoring solution recommendations?

Cost-effective? Not the last time I looked at it.

However, when I last used it in production (um, well, more than 10 years
ago) it was *very* nice.

Kurt

On Tue, Apr 20, 2010 at 08:55,   wrote:
> Hello Steven
> One other product which I used previously was WhatsUp(r) Gold Premium 
> Edition provides an extensive and cost-effective out-of-the-box single 
> site management and monitoring solution for networks of all sizes
>
> Ken
>
> -Original Message-
> From: Stringham, Steven [mailto:sstri...@lrlaw.com]
> Sent: Tuesday, April 20, 2010 11:50 AM
> To: NT System Admin Issues
> Subject: RE: Server monitoring solution recommendations?
>
> +1 Nagios - yes a bit to setup - but it just runs.
>
> +1 also for Cacti - if you want the historical graphs. Very nice.
>
>
> -Original Message-
> From: Michael Leone [mailto:oozerd...@gmail.com]
> Sent: Friday, April 16, 2010 6:07 AM
> To: NT System Admin Issues
> Subject: Server monitoring solution recommendations?
>
> I'm investigating server monitoring solutions for my enterprise. What 
> I'm interested in is real world experiences and recommendations, not 
> just sales pitches and product sheets that I can get from Google.
>
> The way I see it, I need 2 basic functions: I need to be able to 
> monitor various aspects of a server (CPU usage, free disk space, is a 
> service running, does the web service return a web page in a timely 
> manner, is the switch at that site being overloaded, etc - the usual 
> things you'd want to know from a server, I think) and then alert me 
> when certain triggers or thresholds are crossed; and also to provide 
> historical reports, showing trends over time. At a previous job, I 
> used to ServersAlive!, which suited my needs there. But now I am at a 
> place that has over 100 servers and switches, across multiple sites.
> And so I think I'd need something with more heft, perhaps.
>
> We're an HP shop, and I am looking at HP's SIM (Insight Manager) 
> software, but that doesn't seem to monitor all the sorts of functions 
> I want, nor does it seem to present it in a timely manner.
>
> I'm also looking at PacketTraps PT 360 tool suite (which is free), and 
> that seems to show me some of what I need, but doesn't seem to have a 
> lot in the way of reporting, nor have I found a way (yet) for it to 
> alert me to configurable settings.
>
> I've also downloaded SpiceWorks, on the recommendation of a colleague, 
> but haven't had a chance to investigate it yet.
>
> We're a gov't agency, so I don't have a whole lot of money. But I have 
> a need, and at the moment, nothing in place to fill it. Getting an 
> alert email that tells me that my mail server CPU has been up over 80% 
> for more than xx seconds would be a good thing, so I don't have to get 
> phone calls from users, asking why mail is so slow, and that's the first
I've heard of it.
> I'm sure you get the idea. And the boss wants reports over time, for 
> capacity planning and the like.
>
> So any recommendations would be welcome, as would anything I've forgotten.
> We're almost exclusively a Windows shop, but with 10 VMware ESX hosts, 
> a number of MS SQL servers (2000, 2005), and a number of Cisco 
> switches (and a couple Nortel ones scattered here and there). No 
> Exchange (we're a Notes shop).
>
> TIA
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> 
> For more information about Lewis and Roca LLP, please go to 
> www.lewisandroca.com.
> Phoenix (602) 262-5311
> Tucson (520) 622-2090
> Las Vegas (702) 949-8200
> Reno (775) 823-2900
> Minden (775) 586-9500
> Albuquerque (505) 764-5400
> Silicon Valley (650) 391-1380
>
> This message is intended only for the use of the individual or entity 
> to which it is addressed. If the reader of this message is not the 
> intended recipient, or the employee or agent responsible for 
> delivering the message to the intended recipient, you are hereby 
> notified that any dissemination, distribution or copying of this 
> message is strictly prohibited. If you have received this 
> communication in error, please notify us immediately by replying to the
sender of this E-Mail by return E-Mail or by telephone.
>
> In accordance with Internal Revenue Service Circular 230, we advise 
> you that if this email contains any tax advice, such tax advice was 
> not intended or written to be used, and it cannot be used, by any 
> taxpayer for the purpose of avoiding penalties that may be imposed on the
taxpayer.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> ~ Finally, powerful endpoint security that ISN'T

RE: Running Forefront(tm) Client Security - RAM usage?

2010-04-20 Thread Joseph L. Casale

I'd like to know as well, it's never had a false positive, blue screened, or 
any other  in my domain...
And for anyone who's ever dealt with PSS, MS support is about as good as it 
gets.

From: Crawford, Scott [mailto:crawfo...@evangel.edu]
Sent: Tuesday, April 20, 2010 12:40 PM
To: NT System Admin Issues
Subject: RE: Running Forefront(tm) Client Security - RAM usage?

Care to elaborate on why you dislike it?

From: Hart, Robert [mailto:robert.h...@genexservices.com]
Sent: Tuesday, April 20, 2010 1:31 PM
To: NT System Admin Issues
Subject: RE: Running Forefront(tm) Client Security - RAM usage?

MsMpEng.exe = 66,720K sitting ldle
MsPMSPSv.exe = 1,568K sitting idle

If I may add I dislike the product.

Bob

From: Stu Sjouwerman [mailto:s...@sunbelt-software.com]
Sent: Tuesday, April 20, 2010 2:08 PM
To: NT System Admin Issues
Subject: Running Forefront(tm) Client Security - RAM usage?

Anyone running Forefront that can quickly tell me what its real-world RAM usage 
is on an end-point?

Warm regards,

Stu Sjouwerman
Co-Founder, Publisher, Sunbelt Media
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com
...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Kurt Buff

Here's the only argument I can see for the iPad:

http://www.good.com/news/press-releases/100316

On Tue, Apr 20, 2010 at 11:44, Raper, Jonathan - Eagle
 wrote:
> Ok, I need some insight/thoughts/suggestions...especially if any of you have 
> come up against this.
>
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
> authentication (we don't support 802.11b, and 802.11g is on the way out the 
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out 
> in the field. We've never supported Vista or Apple-anything on our network, 
> and pulled the last 9x box off of our network years ago. We're close to 
> getting rid of all of the 2000 clients off, and we're starting to look at 
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare 
> provider, which means HIPAA is of significant concern. Not much else applies, 
> since we're not publicly traded (aside from common sense and the law in 
> general). We have about 425 employees and around 65 physicians (most of the 
> physicians are shareholders).
>
> I've done a good job of keeping the iPod touch and iPhone users off of the 
> network thus far, because we simply don't have the people in house to be able 
> to support any more devices.
>
> Enter the iPad, Apple's answer to the Tablet PC.
>
> We now have physicians who are starting to ask for iPad access on the 
> network. I'm not sure why, but I suppose because they think it will be so 
> much better than the Lenovo X200 Tablet PCs that we JUST bought them for use 
> with our EMR system. We do not yet have a functional wireless guest network.
>
> I've tried connecting a 64 Gig iPod touch to our wireless network to no 
> avail, and then discovered that apparently the iPod touch doesn't like hidden 
> networks. I'm not about to start broadcasting my SSID... this gives me pause 
> about even considering an iPad, not to mention that I wouldn't be able to 
> control the machine or authenticate the machine against the network.
>
> Anyway, do any of you have any arguments for or against allowing the 
> iPad/iPod/iPhone, both from a support standpoint and a security standpoint?
>
> Thanks in advance,
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
>
> Any medical information contained in this electronic message is CONFIDENTIAL 
> and privileged. It is unlawful for unauthorized persons to view, copy, 
> disclose, or disseminate CONFIDENTIAL information. This electronic message 
> may contain information that is confidential and/or legally privileged. It is 
> intended only for the use of the individual(s) and/or entity named as 
> recipients in the message. If you are not an intended recipient of this 
> message, please notify the sender immediately and delete this material from 
> your computer. Do not deliver, distribute or copy this message, and do not 
> disclose its contents or take any action in reliance on the information that 
> it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread John Cook

How do you encrypt/manage/remote wipe an Ipad would be the first line of 
questions.

- Original Message -
From: Raper, Jonathan - Eagle 
To: NT System Admin Issues 
Sent: Tue Apr 20 14:44:49 2010
Subject: need suggestions...iPad in a Windows enterprise, anyone?

Ok, I need some insight/thoughts/suggestions...especially if any of you have 
come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
authentication (we don't support 802.11b, and 802.11g is on the way out the 
door). All desktops are XP, with a small handful of 2000 Pro boxes left out in 
the field. We've never supported Vista or Apple-anything on our network, and 
pulled the last 9x box off of our network years ago. We're close to getting rid 
of all of the 2000 clients off, and we're starting to look at Windows 7. We're 
multi-specialty, multi-location, physician-owned healthcare provider, which 
means HIPAA is of significant concern. Not much else applies, since we're not 
publicly traded (aside from common sense and the law in general). We have about 
425 employees and around 65 physicians (most of the physicians are 
shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of the 
network thus far, because we simply don't have the people in house to be able 
to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the network. 
I'm not sure why, but I suppose because they think it will be so much better 
than the Lenovo X200 Tablet PCs that we JUST bought them for use with our EMR 
system. We do not yet have a functional wireless guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no avail, 
and then discovered that apparently the iPod touch doesn't like hidden 
networks. I'm not about to start broadcasting my SSID... this gives me pause 
about even considering an iPad, not to mention that I wouldn't be able to 
control the machine or authenticate the machine against the network.

Anyway, do any of you have any arguments for or against allowing the 
iPad/iPod/iPhone, both from a support standpoint and a security standpoint?

Thanks in advance,

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com

Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
 Consider the environment. Please don't print this e-mail unless you really 
need to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Mayo, Bill

What do you mean that the iPod Touch doesn't like hidden networks?
Never seen or heard of a problem, you just have to manually enter the
network name/password as you would on any device.

As for the other, there have been some suggestions that the encryption
used in the current OS is easily crackable.  iPhone OS 4 is due out in
the June timeframe and one of the bullet points is better security,
although it's obviously too soon to say if they have fixed the problem
that has been reported.

Bill Mayo 

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Tuesday, April 20, 2010 2:45 PM
To: NT System Admin Issues
Subject: need suggestions...iPad in a Windows enterprise, anyone?

Ok, I need some insight/thoughts/suggestions...especially if any of you
have come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x
authentication (we don't support 802.11b, and 802.11g is on the way out
the door). All desktops are XP, with a small handful of 2000 Pro boxes
left out in the field. We've never supported Vista or Apple-anything on
our network, and pulled the last 9x box off of our network years ago.
We're close to getting rid of all of the 2000 clients off, and we're
starting to look at Windows 7. We're multi-specialty, multi-location,
physician-owned healthcare provider, which means HIPAA is of significant
concern. Not much else applies, since we're not publicly traded (aside
from common sense and the law in general). We have about 425 employees
and around 65 physicians (most of the physicians are shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of
the network thus far, because we simply don't have the people in house
to be able to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the
network. I'm not sure why, but I suppose because they think it will be
so much better than the Lenovo X200 Tablet PCs that we JUST bought them
for use with our EMR system. We do not yet have a functional wireless
guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no
avail, and then discovered that apparently the iPod touch doesn't like
hidden networks. I'm not about to start broadcasting my SSID... this
gives me pause about even considering an iPad, not to mention that I
wouldn't be able to control the machine or authenticate the machine
against the network.

Anyway, do any of you have any arguments for or against allowing the
iPad/iPod/iPhone, both from a support standpoint and a security
standpoint?

Thanks in advance,


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com



Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender immediately
and delete this material from your computer. Do not deliver, distribute
or copy this message, and do not disclose its contents or take any
action in reliance on the information that it contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Raper, Jonathan - Eagle

Bill,

You must have a different software version, or just better luck. I've tried 
numerous times and it simply won't work. Here's someone else who has had the 
same problem, but resetting their network seemed to resolve the issue - not for 
me, though (next to the last post):

http://discussions.apple.com/thread.jspa?threadID=2019995&tstart=0&start=60


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Tuesday, April 20, 2010 2:51 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

What do you mean that the iPod Touch doesn't like hidden networks?
Never seen or heard of a problem, you just have to manually enter the
network name/password as you would on any device.

As for the other, there have been some suggestions that the encryption
used in the current OS is easily crackable.  iPhone OS 4 is due out in
the June timeframe and one of the bullet points is better security,
although it's obviously too soon to say if they have fixed the problem
that has been reported.

Bill Mayo

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Tuesday, April 20, 2010 2:45 PM
To: NT System Admin Issues
Subject: need suggestions...iPad in a Windows enterprise, anyone?

Ok, I need some insight/thoughts/suggestions...especially if any of you
have come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x
authentication (we don't support 802.11b, and 802.11g is on the way out
the door). All desktops are XP, with a small handful of 2000 Pro boxes
left out in the field. We've never supported Vista or Apple-anything on
our network, and pulled the last 9x box off of our network years ago.
We're close to getting rid of all of the 2000 clients off, and we're
starting to look at Windows 7. We're multi-specialty, multi-location,
physician-owned healthcare provider, which means HIPAA is of significant
concern. Not much else applies, since we're not publicly traded (aside
from common sense and the law in general). We have about 425 employees
and around 65 physicians (most of the physicians are shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of
the network thus far, because we simply don't have the people in house
to be able to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the
network. I'm not sure why, but I suppose because they think it will be
so much better than the Lenovo X200 Tablet PCs that we JUST bought them
for use with our EMR system. We do not yet have a functional wireless
guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no
avail, and then discovered that apparently the iPod touch doesn't like
hidden networks. I'm not about to start broadcasting my SSID... this
gives me pause about even considering an iPad, not to mention that I
wouldn't be able to control the machine or authenticate the machine
against the network.

Anyway, do any of you have any arguments for or against allowing the
iPad/iPod/iPhone, both from a support standpoint and a security
standpoint?

Thanks in advance,


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com



Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender immediately
and delete this material from your computer. Do not deliver, distribute
or copy this message, and do not disclose its contents or take any
action in reliance on the information that it contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer

Re: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Steve Ens

Oh man, when you decommission those X200's, send them my way.  In no way
shape or form would an iPad be better than the Lenovo.  Except for reading
books!  LOL

On Tue, Apr 20, 2010 at 1:44 PM, Raper, Jonathan - Eagle <
jra...@eaglemds.com> wrote:

> Ok, I need some insight/thoughts/suggestions...especially if any of you
> have come up against this.
>
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x
> authentication (we don't support 802.11b, and 802.11g is on the way out the
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out
> in the field. We've never supported Vista or Apple-anything on our network,
> and pulled the last 9x box off of our network years ago. We're close to
> getting rid of all of the 2000 clients off, and we're starting to look at
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare
> provider, which means HIPAA is of significant concern. Not much else
> applies, since we're not publicly traded (aside from common sense and the
> law in general). We have about 425 employees and around 65 physicians (most
> of the physicians are shareholders).
>
> I've done a good job of keeping the iPod touch and iPhone users off of the
> network thus far, because we simply don't have the people in house to be
> able to support any more devices.
>
> Enter the iPad, Apple's answer to the Tablet PC.
>
> We now have physicians who are starting to ask for iPad access on the
> network. I'm not sure why, but I suppose because they think it will be so
> much better than the Lenovo X200 Tablet PCs that we JUST bought them for use
> with our EMR system. We do not yet have a functional wireless guest network.
>
> I've tried connecting a 64 Gig iPod touch to our wireless network to no
> avail, and then discovered that apparently the iPod touch doesn't like
> hidden networks. I'm not about to start broadcasting my SSID... this gives
> me pause about even considering an iPad, not to mention that I wouldn't be
> able to control the machine or authenticate the machine against the network.
>
> Anyway, do any of you have any arguments for or against allowing the
> iPad/iPod/iPhone, both from a support standpoint and a security standpoint?
>
> Thanks in advance,
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
>
> Any medical information contained in this electronic message is
> CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
> view, copy, disclose, or disseminate CONFIDENTIAL information. This
> electronic message may contain information that is confidential and/or
> legally privileged. It is intended only for the use of the individual(s)
> and/or entity named as recipients in the message. If you are not an intended
> recipient of this message, please notify the sender immediately and delete
> this material from your computer. Do not deliver, distribute or copy this
> message, and do not disclose its contents or take any action in reliance on
> the information that it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Raper, Jonathan - Eagle

We have Good, but were disappointed in the way it worked with Palm-based 
devices, which was the whole reason we bought it. Android and iPhone may be a 
different story, but we haven't gone that route yet.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com 


-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Tuesday, April 20, 2010 2:49 PM
To: NT System Admin Issues
Subject: Re: need suggestions...iPad in a Windows enterprise, anyone?

Here's the only argument I can see for the iPad:

http://www.good.com/news/press-releases/100316

On Tue, Apr 20, 2010 at 11:44, Raper, Jonathan - Eagle
 wrote:
> Ok, I need some insight/thoughts/suggestions...especially if any of you have 
> come up against this.
>
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
> authentication (we don't support 802.11b, and 802.11g is on the way out the 
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out 
> in the field. We've never supported Vista or Apple-anything on our network, 
> and pulled the last 9x box off of our network years ago. We're close to 
> getting rid of all of the 2000 clients off, and we're starting to look at 
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare 
> provider, which means HIPAA is of significant concern. Not much else applies, 
> since we're not publicly traded (aside from common sense and the law in 
> general). We have about 425 employees and around 65 physicians (most of the 
> physicians are shareholders).
>
> I've done a good job of keeping the iPod touch and iPhone users off of the 
> network thus far, because we simply don't have the people in house to be able 
> to support any more devices.
>
> Enter the iPad, Apple's answer to the Tablet PC.
>
> We now have physicians who are starting to ask for iPad access on the 
> network. I'm not sure why, but I suppose because they think it will be so 
> much better than the Lenovo X200 Tablet PCs that we JUST bought them for use 
> with our EMR system. We do not yet have a functional wireless guest network.
>
> I've tried connecting a 64 Gig iPod touch to our wireless network to no 
> avail, and then discovered that apparently the iPod touch doesn't like hidden 
> networks. I'm not about to start broadcasting my SSID... this gives me pause 
> about even considering an iPad, not to mention that I wouldn't be able to 
> control the machine or authenticate the machine against the network.
>
> Anyway, do any of you have any arguments for or against allowing the 
> iPad/iPod/iPhone, both from a support standpoint and a security standpoint?
>
> Thanks in advance,
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
>
> Any medical information contained in this electronic message is CONFIDENTIAL 
> and privileged. It is unlawful for unauthorized persons to view, copy, 
> disclose, or disseminate CONFIDENTIAL information. This electronic message 
> may contain information that is confidential and/or legally privileged. It is 
> intended only for the use of the individual(s) and/or entity named as 
> recipients in the message. If you are not an intended recipient of this 
> message, please notify the sender immediately and delete this material from 
> your computer. Do not deliver, distribute or copy this message, and do not 
> disclose its contents or take any action in reliance on the information that 
> it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Raper, Jonathan - Eagle

Hehe, I hear ya - it will be a while, though. We just bought 160 of them, the 
last 10 of which just came in a month ago. I like them, but the display is a 
bit small.


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: Steve Ens [mailto:stevey...@gmail.com]
Sent: Tuesday, April 20, 2010 2:54 PM
To: NT System Admin Issues
Subject: Re: need suggestions...iPad in a Windows enterprise, anyone?

Oh man, when you decommission those X200's, send them my way.  In no way shape 
or form would an iPad be better than the Lenovo.  Except for reading books!  LOL
On Tue, Apr 20, 2010 at 1:44 PM, Raper, Jonathan - Eagle 
mailto:jra...@eaglemds.com>> wrote:
Ok, I need some insight/thoughts/suggestions...especially if any of you have 
come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
authentication (we don't support 802.11b, and 802.11g is on the way out the 
door). All desktops are XP, with a small handful of 2000 Pro boxes left out in 
the field. We've never supported Vista or Apple-anything on our network, and 
pulled the last 9x box off of our network years ago. We're close to getting rid 
of all of the 2000 clients off, and we're starting to look at Windows 7. We're 
multi-specialty, multi-location, physician-owned healthcare provider, which 
means HIPAA is of significant concern. Not much else applies, since we're not 
publicly traded (aside from common sense and the law in general). We have about 
425 employees and around 65 physicians (most of the physicians are 
shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of the 
network thus far, because we simply don't have the people in house to be able 
to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the network. 
I'm not sure why, but I suppose because they think it will be so much better 
than the Lenovo X200 Tablet PCs that we JUST bought them for use with our EMR 
system. We do not yet have a functional wireless guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no avail, 
and then discovered that apparently the iPod touch doesn't like hidden 
networks. I'm not about to start broadcasting my SSID... this gives me pause 
about even considering an iPad, not to mention that I wouldn't be able to 
control the machine or authenticate the machine against the network.

Anyway, do any of you have any arguments for or against allowing the 
iPad/iPod/iPhone, both from a support standpoint and a security standpoint?

Thanks in advance,


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com



Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Raper, Jonathan - Eagle

Agreed.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com 


-Original Message-
From: John Cook [mailto:john.c...@pfsf.org] 
Sent: Tuesday, April 20, 2010 2:49 PM
To: NT System Admin Issues
Subject: Re: need suggestions...iPad in a Windows enterprise, anyone?

How do you encrypt/manage/remote wipe an Ipad would be the first line of 
questions.

- Original Message -
From: Raper, Jonathan - Eagle 
To: NT System Admin Issues 
Sent: Tue Apr 20 14:44:49 2010
Subject: need suggestions...iPad in a Windows enterprise, anyone?

Ok, I need some insight/thoughts/suggestions...especially if any of you have 
come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
authentication (we don't support 802.11b, and 802.11g is on the way out the 
door). All desktops are XP, with a small handful of 2000 Pro boxes left out in 
the field. We've never supported Vista or Apple-anything on our network, and 
pulled the last 9x box off of our network years ago. We're close to getting rid 
of all of the 2000 clients off, and we're starting to look at Windows 7. We're 
multi-specialty, multi-location, physician-owned healthcare provider, which 
means HIPAA is of significant concern. Not much else applies, since we're not 
publicly traded (aside from common sense and the law in general). We have about 
425 employees and around 65 physicians (most of the physicians are 
shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of the 
network thus far, because we simply don't have the people in house to be able 
to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the network. 
I'm not sure why, but I suppose because they think it will be so much better 
than the Lenovo X200 Tablet PCs that we JUST bought them for use with our EMR 
system. We do not yet have a functional wireless guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no avail, 
and then discovered that apparently the iPod touch doesn't like hidden 
networks. I'm not about to start broadcasting my SSID... this gives me pause 
about even considering an iPad, not to mention that I wouldn't be able to 
control the machine or authenticate the machine against the network.

Anyway, do any of you have any arguments for or against allowing the 
iPad/iPod/iPhone, both from a support standpoint and a security standpoint?

Thanks in advance,


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com



Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
 Consider the environment. Please don't print this e-mail unless you really 
need to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Jay Dale

Tell them that IPads are not allowed...problem solved...:)

Seriously, they will have no practical use for it.  They will not be able to 
use their EMR or PM software, they won't be able to utilize any printing 
features, and they will not be able to take it room to room to do anything but 
take notes, which of course won't integrate with their EMR, which is what they 
want it to do.

Security is the same as the IPhone - depending on your levels and assurance, it 
is either acceptable or not acceptable.  If you're a bit lax on security, it 
should be fine.

I used to manage a group of urologists with several locations and migrated them 
to a new EMR.  I know the headaches.  They are looking at the IPad as a new toy 
and thinking it can replace their current infrastructure.  Bottom line, it 
can't.

Jay Dale
I.T. Manager, 3GiG
Mobile: 713.299.2541
Email: jay.d...@3-gig.com

Confidentiality Notice: This e-mail, including any attached files, may contain 
confidential and/or privileged information for the sole use of the intended 
recipient. If you are not the intended recipient, you are hereby notified that 
any review, dissemination or copying of this e-mail and attachments, if any, or 
the information contained herein, is strictly prohibited. If you are not the 
intended recipient (or authorized to receive information for the intended 
recipient), please contact the sender by reply e-mail and delete all copies of 
this message.


From: Steve Ens [mailto:stevey...@gmail.com]
Sent: Tuesday, April 20, 2010 1:54 PM
To: NT System Admin Issues
Subject: Re: need suggestions...iPad in a Windows enterprise, anyone?

Oh man, when you decommission those X200's, send them my way.  In no way shape 
or form would an iPad be better than the Lenovo.  Except for reading books!  LOL
On Tue, Apr 20, 2010 at 1:44 PM, Raper, Jonathan - Eagle 
mailto:jra...@eaglemds.com>> wrote:
Ok, I need some insight/thoughts/suggestions...especially if any of you have 
come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x 
authentication (we don't support 802.11b, and 802.11g is on the way out the 
door). All desktops are XP, with a small handful of 2000 Pro boxes left out in 
the field. We've never supported Vista or Apple-anything on our network, and 
pulled the last 9x box off of our network years ago. We're close to getting rid 
of all of the 2000 clients off, and we're starting to look at Windows 7. We're 
multi-specialty, multi-location, physician-owned healthcare provider, which 
means HIPAA is of significant concern. Not much else applies, since we're not 
publicly traded (aside from common sense and the law in general). We have about 
425 employees and around 65 physicians (most of the physicians are 
shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of the 
network thus far, because we simply don't have the people in house to be able 
to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the network. 
I'm not sure why, but I suppose because they think it will be so much better 
than the Lenovo X200 Tablet PCs that we JUST bought them for use with our EMR 
system. We do not yet have a functional wireless guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no avail, 
and then discovered that apparently the iPod touch doesn't like hidden 
networks. I'm not about to start broadcasting my SSID... this gives me pause 
about even considering an iPad, not to mention that I wouldn't be able to 
control the machine or authenticate the machine against the network.

Anyway, do any of you have any arguments for or against allowing the 
iPad/iPod/iPhone, both from a support standpoint and a security standpoint?

Thanks in advance,


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com



Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~

RE: Server monitoring solution recommendations? - Email has different SMTP TO: and MIME TO: fields in the email addresses

2010-04-20 Thread Raper, Jonathan - Eagle

I've used both Whats Up Gold and Solarwinds. Solarwinds is better, but still 
not inexpensive.

You might look @ PA Server Monitor. It may be what you're looking for, and is 
very cost effective compared to WUG or SW. We use it for some of our monitoring.

http://www.poweradmin.com/servermonitor/


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: kstephenso...@thinkpath.com [mailto:kstephenso...@thinkpath.com]
Sent: Tuesday, April 20, 2010 2:46 PM
To: NT System Admin Issues
Subject: [SPAM] - RE: Server monitoring solution recommendations? - Email has 
different SMTP TO: and MIME TO: fields in the email addresses

Completely Understand - Yes; cost is still high.

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Tuesday, April 20, 2010 2:42 PM
To: NT System Admin Issues
Subject: Re: Server monitoring solution recommendations?

Cost-effective? Not the last time I looked at it.

However, when I last used it in production (um, well, more than 10 years
ago) it was *very* nice.

Kurt

On Tue, Apr 20, 2010 at 08:55,   wrote:
> Hello Steven
> One other product which I used previously was WhatsUp(r) Gold Premium
> Edition provides an extensive and cost-effective out-of-the-box single
> site management and monitoring solution for networks of all sizes
>
> Ken
>
> -Original Message-
> From: Stringham, Steven [mailto:sstri...@lrlaw.com]
> Sent: Tuesday, April 20, 2010 11:50 AM
> To: NT System Admin Issues
> Subject: RE: Server monitoring solution recommendations?
>
> +1 Nagios - yes a bit to setup - but it just runs.
>
> +1 also for Cacti - if you want the historical graphs. Very nice.
>
>
> -Original Message-
> From: Michael Leone [mailto:oozerd...@gmail.com]
> Sent: Friday, April 16, 2010 6:07 AM
> To: NT System Admin Issues
> Subject: Server monitoring solution recommendations?
>
> I'm investigating server monitoring solutions for my enterprise. What
> I'm interested in is real world experiences and recommendations, not
> just sales pitches and product sheets that I can get from Google.
>
> The way I see it, I need 2 basic functions: I need to be able to
> monitor various aspects of a server (CPU usage, free disk space, is a
> service running, does the web service return a web page in a timely
> manner, is the switch at that site being overloaded, etc - the usual
> things you'd want to know from a server, I think) and then alert me
> when certain triggers or thresholds are crossed; and also to provide
> historical reports, showing trends over time. At a previous job, I
> used to ServersAlive!, which suited my needs there. But now I am at a
> place that has over 100 servers and switches, across multiple sites.
> And so I think I'd need something with more heft, perhaps.
>
> We're an HP shop, and I am looking at HP's SIM (Insight Manager)
> software, but that doesn't seem to monitor all the sorts of functions
> I want, nor does it seem to present it in a timely manner.
>
> I'm also looking at PacketTraps PT 360 tool suite (which is free), and
> that seems to show me some of what I need, but doesn't seem to have a
> lot in the way of reporting, nor have I found a way (yet) for it to
> alert me to configurable settings.
>
> I've also downloaded SpiceWorks, on the recommendation of a colleague,
> but haven't had a chance to investigate it yet.
>
> We're a gov't agency, so I don't have a whole lot of money. But I have
> a need, and at the moment, nothing in place to fill it. Getting an
> alert email that tells me that my mail server CPU has been up over 80%
> for more than xx seconds would be a good thing, so I don't have to get
> phone calls from users, asking why mail is so slow, and that's the first
I've heard of it.
> I'm sure you get the idea. And the boss wants reports over time, for
> capacity planning and the like.
>
> So any recommendations would be welcome, as would anything I've forgotten.
> We're almost exclusively a Windows shop, but with 10 VMware ESX hosts,
> a number of MS SQL servers (2000, 2005), and a number of Cisco
> switches (and a couple Nortel ones scattered here and there). No
> Exchange (we're a Notes shop).
>
> TIA
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
>
> 
> For more information about Lewis and Roca LLP, please go to
> www.lewisandroca.com.
> Phoenix (602) 262-5311
> Tucson (520) 622-2090
> Las Vegas (702) 949-8200
> Reno (775) 823-2900
> Minden (775) 586-9500
> Albuquerque (505) 764-5400
> Silicon Valley (650) 391-1380
>
> This message is intended only for the use of the individual or entity
> to which it is addressed. If the reader of this message is not the
> intended recipient, or the employee or agent responsible for
> delivering the message to the intended recipient, you are hereby
> notified that any dissemination, distribution o

RE: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Mayo, Bill

I thought you meant you could not connect to it at all.  Are you saying
that it has problems staying connected or re-connecting?  If so, there
is a known issue where you have a dual-band wi-fi router.  If that is
the situation, there is a workaround at
http://support.apple.com/kb/TS3304.

HTH,
Bill 

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Tuesday, April 20, 2010 2:53 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Bill,

You must have a different software version, or just better luck. I've
tried numerous times and it simply won't work. Here's someone else who
has had the same problem, but resetting their network seemed to resolve
the issue - not for me, though (next to the last post):

http://discussions.apple.com/thread.jspa?threadID=2019995&tstart=0&start
=60


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Tuesday, April 20, 2010 2:51 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

What do you mean that the iPod Touch doesn't like hidden networks?
Never seen or heard of a problem, you just have to manually enter the
network name/password as you would on any device.

As for the other, there have been some suggestions that the encryption
used in the current OS is easily crackable.  iPhone OS 4 is due out in
the June timeframe and one of the bullet points is better security,
although it's obviously too soon to say if they have fixed the problem
that has been reported.

Bill Mayo

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Tuesday, April 20, 2010 2:45 PM
To: NT System Admin Issues
Subject: need suggestions...iPad in a Windows enterprise, anyone?

Ok, I need some insight/thoughts/suggestions...especially if any of you
have come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x
authentication (we don't support 802.11b, and 802.11g is on the way out
the door). All desktops are XP, with a small handful of 2000 Pro boxes
left out in the field. We've never supported Vista or Apple-anything on
our network, and pulled the last 9x box off of our network years ago.
We're close to getting rid of all of the 2000 clients off, and we're
starting to look at Windows 7. We're multi-specialty, multi-location,
physician-owned healthcare provider, which means HIPAA is of significant
concern. Not much else applies, since we're not publicly traded (aside
from common sense and the law in general). We have about 425 employees
and around 65 physicians (most of the physicians are shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of
the network thus far, because we simply don't have the people in house
to be able to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the
network. I'm not sure why, but I suppose because they think it will be
so much better than the Lenovo X200 Tablet PCs that we JUST bought them
for use with our EMR system. We do not yet have a functional wireless
guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no
avail, and then discovered that apparently the iPod touch doesn't like
hidden networks. I'm not about to start broadcasting my SSID... this
gives me pause about even considering an iPad, not to mention that I
wouldn't be able to control the machine or authenticate the machine
against the network.

Anyway, do any of you have any arguments for or against allowing the
iPad/iPod/iPhone, both from a support standpoint and a security
standpoint?

Thanks in advance,


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com



Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender immediately
and delete this material from your computer. Do not deliver, distribute
or copy this message, and do not disclose its contents or take any
action in reliance on the information that it contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~




~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


Any medical info

RE: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Raper, Jonathan - Eagle

Thanks Bill, but you understood correctly the first go-round - I can't connect 
AT ALL. I've connected numerous other Windows based devices via manual setup 
with little to no problem, so I know the settings are correct...

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Tuesday, April 20, 2010 3:04 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I thought you meant you could not connect to it at all.  Are you saying
that it has problems staying connected or re-connecting?  If so, there
is a known issue where you have a dual-band wi-fi router.  If that is
the situation, there is a workaround at
http://support.apple.com/kb/TS3304.

HTH,
Bill

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Tuesday, April 20, 2010 2:53 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Bill,

You must have a different software version, or just better luck. I've
tried numerous times and it simply won't work. Here's someone else who
has had the same problem, but resetting their network seemed to resolve
the issue - not for me, though (next to the last post):

http://discussions.apple.com/thread.jspa?threadID=2019995&tstart=0&start
=60


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Tuesday, April 20, 2010 2:51 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

What do you mean that the iPod Touch doesn't like hidden networks?
Never seen or heard of a problem, you just have to manually enter the
network name/password as you would on any device.

As for the other, there have been some suggestions that the encryption
used in the current OS is easily crackable.  iPhone OS 4 is due out in
the June timeframe and one of the bullet points is better security,
although it's obviously too soon to say if they have fixed the problem
that has been reported.

Bill Mayo

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Tuesday, April 20, 2010 2:45 PM
To: NT System Admin Issues
Subject: need suggestions...iPad in a Windows enterprise, anyone?

Ok, I need some insight/thoughts/suggestions...especially if any of you
have come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x
authentication (we don't support 802.11b, and 802.11g is on the way out
the door). All desktops are XP, with a small handful of 2000 Pro boxes
left out in the field. We've never supported Vista or Apple-anything on
our network, and pulled the last 9x box off of our network years ago.
We're close to getting rid of all of the 2000 clients off, and we're
starting to look at Windows 7. We're multi-specialty, multi-location,
physician-owned healthcare provider, which means HIPAA is of significant
concern. Not much else applies, since we're not publicly traded (aside
from common sense and the law in general). We have about 425 employees
and around 65 physicians (most of the physicians are shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of
the network thus far, because we simply don't have the people in house
to be able to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the
network. I'm not sure why, but I suppose because they think it will be
so much better than the Lenovo X200 Tablet PCs that we JUST bought them
for use with our EMR system. We do not yet have a functional wireless
guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no
avail, and then discovered that apparently the iPod touch doesn't like
hidden networks. I'm not about to start broadcasting my SSID... this
gives me pause about even considering an iPad, not to mention that I
wouldn't be able to control the machine or authenticate the machine
against the network.

Anyway, do any of you have any arguments for or against allowing the
iPad/iPod/iPhone, both from a support standpoint and a security
standpoint?

Thanks in advance,


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com



Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you a

RE: Running Forefront(tm) Client Security - RAM usage?

2010-04-20 Thread Stu Sjouwerman

Thanks !

Warm regards,


Stu Sjouwerman
Co-Founder, Publisher, Sunbelt Media
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com




From: Hart, Robert [mailto:robert.h...@genexservices.com]
Sent: Tuesday, April 20, 2010 2:31 PM
To: NT System Admin Issues
Subject: RE: Running Forefront(tm) Client Security - RAM usage?

MsMpEng.exe = 66,720K sitting ldle
MsPMSPSv.exe = 1,568K sitting idle

If I may add I dislike the product.


Bob

From: Stu Sjouwerman [mailto:s...@sunbelt-software.com]
Sent: Tuesday, April 20, 2010 2:08 PM
To: NT System Admin Issues
Subject: Running Forefront(tm) Client Security - RAM usage?

Anyone running Forefront that can quickly tell me what its real-world RAM usage 
is on an end-point?

Warm regards,

Stu Sjouwerman
Co-Founder, Publisher, Sunbelt Media
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com

...









~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread N Parr

http://news.cnet.com/8301-19882_3-20002550-250.html?tag=nl.e703 

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Tuesday, April 20, 2010 1:45 PM
To: NT System Admin Issues
Subject: need suggestions...iPad in a Windows enterprise, anyone?

Ok, I need some insight/thoughts/suggestions...especially if any of you
have come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x
authentication (we don't support 802.11b, and 802.11g is on the way out
the door). All desktops are XP, with a small handful of 2000 Pro boxes
left out in the field. We've never supported Vista or Apple-anything on
our network, and pulled the last 9x box off of our network years ago.
We're close to getting rid of all of the 2000 clients off, and we're
starting to look at Windows 7. We're multi-specialty, multi-location,
physician-owned healthcare provider, which means HIPAA is of significant
concern. Not much else applies, since we're not publicly traded (aside
from common sense and the law in general). We have about 425 employees
and around 65 physicians (most of the physicians are shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of
the network thus far, because we simply don't have the people in house
to be able to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the
network. I'm not sure why, but I suppose because they think it will be
so much better than the Lenovo X200 Tablet PCs that we JUST bought them
for use with our EMR system. We do not yet have a functional wireless
guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no
avail, and then discovered that apparently the iPod touch doesn't like
hidden networks. I'm not about to start broadcasting my SSID... this
gives me pause about even considering an iPad, not to mention that I
wouldn't be able to control the machine or authenticate the machine
against the network.

Anyway, do any of you have any arguments for or against allowing the
iPad/iPod/iPhone, both from a support standpoint and a security
standpoint?

Thanks in advance,

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com

Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender immediately
and delete this material from your computer. Do not deliver, distribute
or copy this message, and do not disclose its contents or take any
action in reliance on the information that it contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Running Forefront(tm) Client Security - RAM usage?

2010-04-20 Thread Hart, Robert

I am currently demoing it, so take that with some salt.  However, there
has now been three times where Mcrappy (current AV) has stopped malware
from infection some remote machines.  When I pulled those Quarantine
files and placed them on the machine with FCS it just  continued to run
like nothing happened.  I even submitted samples to MS and they came
back and said they do not meet their requirements.  I also submitted
them to virustotal which had all major AV companies detecting the file.

 

FCS does not have a central Quarantine for us to remotely restore a file
for whatever reason.  

FCS cannot report on disconnected PCs (outside of LAN)

You ask MS about it and they run around it and say well
updates will come from MS

Maybe this can be done but MS can't seem to answer for
me

FCS does not have a centrally managed console for what I think AV
software should handle

FCS depends too much on other products.  It can't just run on its own.

WSUS,MOM,FCS console, GPO's

FCS cannot stop an application/program from running

If you say your application can protect against Unwanted
programs then guess what ITunes is unwanted for us so stop it from
running.

This also goes for MyWebSearch

I have yet to find one application/program that is
unwanted by FCS.  Disk encryption, remote admin tools, etc.

FCS cannot remove any other AV product without utilizing one of
Microsoft other products to do it for you.

FCS cannot do any Data protection



 

 

I find that other companies run FCS because it was included in the
E-CAL, that is a bad business model in my view.  Unfortunately we may be
headed in the same direction.  Yes, FCS runs great but in my view it
runs great because it skips over too much and there is no real function
to the application.  Every function is part of some other product.

 

Bob



 

 

From: Crawford, Scott [mailto:crawfo...@evangel.edu] 
Sent: Tuesday, April 20, 2010 2:40 PM
To: NT System Admin Issues
Subject: RE: Running Forefront(tm) Client Security - RAM usage?

 

Care to elaborate on why you dislike it?

 

From: Hart, Robert [mailto:robert.h...@genexservices.com] 
Sent: Tuesday, April 20, 2010 1:31 PM
To: NT System Admin Issues
Subject: RE: Running Forefront(tm) Client Security - RAM usage?

 

MsMpEng.exe = 66,720K sitting ldle

MsPMSPSv.exe = 1,568K sitting idle

 

If I may add I dislike the product.

 

 

Bob

 

From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] 
Sent: Tuesday, April 20, 2010 2:08 PM
To: NT System Admin Issues
Subject: Running Forefront(tm) Client Security - RAM usage?

 

Anyone running Forefront that can quickly tell me what its real-world
RAM usage is on an end-point?

 

Warm regards,

Stu Sjouwerman

Co-Founder, Publisher, Sunbelt Media
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com

... 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Infragard

2010-04-20 Thread David Lum

I wonder if being a contractor for a couple of government agencies counts as 
critical infrastructure? Probably not...

From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Tuesday, April 20, 2010 11:14 AM
To: NT System Admin Issues
Subject: Re: Infragard

I have a good friend and former co-worker who is currently a member.It is 
well worth it if you can get into this program.

You will have access to some privileged info, and you will get exposed to 
issues pertaining to both physical and information security.

-ASB: http://XeeSM.com/AndrewBaker

On Tue, Apr 20, 2010 at 2:12 PM, Roger Wright 
mailto:rhw...@gmail.com>> wrote:
http://www.infragard.net/about.php

Anyone a member or have comments regarding the FBI's Infragrad program?

Die dulci fruere!

Roger Wright
___

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Infragard

2010-04-20 Thread Jon Harris

They might considering that they pay their taxes faster than a lot of
companies seem to and the on screen workers don't want any hassels that they
would get for not paying on time.  But that is just my opinion.

Jon

On Tue, Apr 20, 2010 at 2:41 PM, John Aldrich
wrote:

>  Hehe… I’m sure **some** folks would consider you a “Critical
> Infrastructure” but I seriously doubt that the Feds would. J
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Jacob [mailto:ja...@excaliburfilms.com]
> *Sent:* Tuesday, April 20, 2010 2:22 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Infragard
>
>
>
> Hmm.. I wonder if we would be considered a critical infrastructure…
>
>
>
> *From:* John Aldrich [mailto:jaldr...@blueridgecarpet.com]
> *Sent:* Tuesday, April 20, 2010 11:16 AM
> *To:* NT System Admin Issues
> *Subject:* RE: Infragard
>
>
>
> Ahh… I take it that they don’t accept all applicants then? Wonder what the
> acceptance criteria are?
>
>
>
> [image: John-Aldrich][image: Tile-Tools]
>
>
>
> *From:* Andrew S. Baker [mailto:asbz...@gmail.com]
> *Sent:* Tuesday, April 20, 2010 2:14 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Infragard
>
>
>
> I have a good friend and former co-worker who is currently a member.It
> is well worth it if you can get into this program.
>
>
> You will have access to some privileged info, and you will get exposed to
> issues pertaining to both physical and information security.
>
>
> -ASB: http://XeeSM.com/AndrewBaker 
>
> On Tue, Apr 20, 2010 at 2:12 PM, Roger Wright  wrote:
>
> http://www.infragard.net/about.php
>
> Anyone a member or have comments regarding the FBI's Infragrad program?
>
>
>
> Die dulci fruere!
>
> Roger Wright
> ___
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Group membership updates

2010-04-20 Thread Brian Desmond

It should - the short name is a valid SPN component by default

Thanks,
Brian Desmond
br...@briandesmond.com

c   - 312.731.3132

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Tuesday, April 20, 2010 11:37 AM
To: NT System Admin Issues
Subject: RE: Group membership updates

Does that work in the "normal" short-name environment? That is, 
\\fileserver\sharename\doc.doc ??

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Free, Bob [mailto:r...@pge.com]
Sent: Tuesday, April 20, 2010 12:00 PM
To: NT System Admin Issues
Subject: RE: Group membership updates

If you purge the TGT and then try to access a network resource by FQDN then a 
new TGT with upgraded memberships should be issued.

You can test with klist tgt to see in action.

From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Tuesday, April 20, 2010 8:47 AM
To: NT System Admin Issues
Subject: Re: Group membership updates

We tend to deploy applications to users via group membership. The shortcuts to 
applications are held in a single shared desktop folder, with NTFS permissions 
on each shortcut linking to the application group. It is quick and dirty and 
saves writing new entries to the relevant GPOs every time you want to push out 
a new app. However, some of our more PITA users are complaining that they have 
to log off and back on when a new app is deployed, so we were trying to give 
them a way to update their group memberships dynamically by running some sort 
of shortcut on their desktop.

I considered klist, but does that not just purge the Kerberos token and you 
have to reacquire a new one at login time? I've never used it before - that was 
just what I read in a couple of forums.

Cheers,
On 20 April 2010 16:40, Free, Bob mailto:r...@pge.com>> wrote:
Is the issue around Kerberos tickets? Is it that YOU want to update Their 
memberships or you want Them to be able to do it to themselves? You could have 
them purge their tickets with klist if they are somewhat savvy...

From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Tuesday, April 20, 2010 3:40 AM
To: NT System Admin Issues
Subject: Group membership updates

I know that there's probably no way of doing this, but I thought I'd askis 
there any way of updating a logged-on user's AD group memberships without them 
logging out of the system? Everything I've read suggests that there is no way 
to update an access token except by logging in again, so short of launching an 
application with a RunAs command, I think I may be pretty much snookered. I 
live in hope though.


TIA,



JRR

--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the 
machine wrong figures, will the right answers come out?' I am not able rightly 
to apprehend the kind of confusion of ideas that could provoke such a question."











--
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the 
machine wrong figures, will the right answers come out?' I am not able rightly 
to apprehend the kind of confusion of ideas that could provoke such a question."













~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Mayo, Bill

Sorry, don't know what else to offer.  Good luck!
Bill 

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Tuesday, April 20, 2010 3:06 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Thanks Bill, but you understood correctly the first go-round - I can't
connect AT ALL. I've connected numerous other Windows based devices via
manual setup with little to no problem, so I know the settings are
correct...

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com

-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Tuesday, April 20, 2010 3:04 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I thought you meant you could not connect to it at all.  Are you saying
that it has problems staying connected or re-connecting?  If so, there
is a known issue where you have a dual-band wi-fi router.  If that is
the situation, there is a workaround at
http://support.apple.com/kb/TS3304.

HTH,
Bill

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Tuesday, April 20, 2010 2:53 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Bill,

You must have a different software version, or just better luck. I've
tried numerous times and it simply won't work. Here's someone else who
has had the same problem, but resetting their network seemed to resolve
the issue - not for me, though (next to the last post):

http://discussions.apple.com/thread.jspa?threadID=2019995&tstart=0&start
=60

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com

-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Tuesday, April 20, 2010 2:51 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

What do you mean that the iPod Touch doesn't like hidden networks?
Never seen or heard of a problem, you just have to manually enter the
network name/password as you would on any device.

As for the other, there have been some suggestions that the encryption
used in the current OS is easily crackable.  iPhone OS 4 is due out in
the June timeframe and one of the bullet points is better security,
although it's obviously too soon to say if they have fixed the problem
that has been reported.

Bill Mayo

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Tuesday, April 20, 2010 2:45 PM
To: NT System Admin Issues
Subject: need suggestions...iPad in a Windows enterprise, anyone?

Ok, I need some insight/thoughts/suggestions...especially if any of you
have come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x
authentication (we don't support 802.11b, and 802.11g is on the way out
the door). All desktops are XP, with a small handful of 2000 Pro boxes
left out in the field. We've never supported Vista or Apple-anything on
our network, and pulled the last 9x box off of our network years ago.
We're close to getting rid of all of the 2000 clients off, and we're
starting to look at Windows 7. We're multi-specialty, multi-location,
physician-owned healthcare provider, which means HIPAA is of significant
concern. Not much else applies, since we're not publicly traded (aside
from common sense and the law in general). We have about 425 employees
and around 65 physicians (most of the physicians are shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of
the network thus far, because we simply don't have the people in house
to be able to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the
network. I'm not sure why, but I suppose because they think it will be
so much better than the Lenovo X200 Tablet PCs that we JUST bought them
for use with our EMR system. We do not yet have a functional wireless
guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no
avail, and then discovered that apparently the iPod touch doesn't like
hidden networks. I'm not about to start broadcasting my SSID... this
gives me pause about even considering an iPad, not to mention that I
wouldn't be able to control the machine or authenticate the machine
against the network.

Anyway, do any of you have any arguments for or against allowing the
iPad/iPod/iPhone, both from a support standpoint and a security
standpoint?

Thanks in advance,

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com

Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized per

Install VIPRE on to SharePoint Server?

2010-04-20 Thread Marty Nelson

Hi everyone, I have a quick about the installation of VIPRE.  Seeing as though 
it requires one of my '03 servers be R2, I was wondering if it would coexist on 
a server that's currently running SharePoint v.3?  It's one of only a few 
servers that I have that are R2, most are straight '03.  The other '03 R2 
servers are either DC's and running a bunch of DC typ0e items (DNS. DHCP, etc.) 
or are my current Symantec server, which Sunbelt has said they will absolutely 
not play well together.  Sooo, that leaves me with the SharePoint option. 
Whatcha think?

I'd appreciate any input.

Thanks in advance,

-Marty




Marty Nelson | Systems Administrator
Transdyn, Inc. | 4256 Hacienda Dr., Suite 100 | Pleasanton, CA 94588
T: 925.225.1600 | F: 925.225.1610
mnel...@transdyn.com | www.transdyn.com

[cid:transdynlogo1649.jpg]

This email and any files transmitted with it are confidential and intended 
solely for the use by the addressee. If you received this email in error, 
please contact the sender immediately and delete the email and attachments.









~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

RE: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Raper, Jonathan - Eagle

Thanks. I've got access to possibly two other iPod Touch devices that I'll try 
tomorrow. For what it is worth, we have Cisco 1142 APs, with a/g/n radios 
active.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Tuesday, April 20, 2010 3:20 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Sorry, don't know what else to offer.  Good luck!
Bill

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Tuesday, April 20, 2010 3:06 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Thanks Bill, but you understood correctly the first go-round - I can't
connect AT ALL. I've connected numerous other Windows based devices via
manual setup with little to no problem, so I know the settings are
correct...

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Tuesday, April 20, 2010 3:04 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

I thought you meant you could not connect to it at all.  Are you saying
that it has problems staying connected or re-connecting?  If so, there
is a known issue where you have a dual-band wi-fi router.  If that is
the situation, there is a workaround at
http://support.apple.com/kb/TS3304.

HTH,
Bill

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Tuesday, April 20, 2010 2:53 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

Bill,

You must have a different software version, or just better luck. I've
tried numerous times and it simply won't work. Here's someone else who
has had the same problem, but resetting their network seemed to resolve
the issue - not for me, though (next to the last post):

http://discussions.apple.com/thread.jspa?threadID=2019995&tstart=0&start
=60


Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Tuesday, April 20, 2010 2:51 PM
To: NT System Admin Issues
Subject: RE: need suggestions...iPad in a Windows enterprise, anyone?

What do you mean that the iPod Touch doesn't like hidden networks?
Never seen or heard of a problem, you just have to manually enter the
network name/password as you would on any device.

As for the other, there have been some suggestions that the encryption
used in the current OS is easily crackable.  iPhone OS 4 is due out in
the June timeframe and one of the bullet points is better security,
although it's obviously too soon to say if they have fixed the problem
that has been reported.

Bill Mayo

-Original Message-
From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Tuesday, April 20, 2010 2:45 PM
To: NT System Admin Issues
Subject: need suggestions...iPad in a Windows enterprise, anyone?

Ok, I need some insight/thoughts/suggestions...especially if any of you
have come up against this.

I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x
authentication (we don't support 802.11b, and 802.11g is on the way out
the door). All desktops are XP, with a small handful of 2000 Pro boxes
left out in the field. We've never supported Vista or Apple-anything on
our network, and pulled the last 9x box off of our network years ago.
We're close to getting rid of all of the 2000 clients off, and we're
starting to look at Windows 7. We're multi-specialty, multi-location,
physician-owned healthcare provider, which means HIPAA is of significant
concern. Not much else applies, since we're not publicly traded (aside
from common sense and the law in general). We have about 425 employees
and around 65 physicians (most of the physicians are shareholders).

I've done a good job of keeping the iPod touch and iPhone users off of
the network thus far, because we simply don't have the people in house
to be able to support any more devices.

Enter the iPad, Apple's answer to the Tablet PC.

We now have physicians who are starting to ask for iPad access on the
network. I'm not sure why, but I suppose because they think it will be
so much better than the Lenovo X200 Tablet PCs that we JUST bought them
for use with our EMR system. We do not yet have a functional wireless
guest network.

I've tried connecting a 64 Gig iPod touch to our wireless network to no
avail, and then discovered that apparently the iPod touch doesn't like
hidden networks. I'm not about to start broadcasting my SSID... this
gives me pause about even considering an iPad, not to mention that I
wouldn't be

Re: Install VIPRE on to SharePoint Server?

2010-04-20 Thread Phil Brutsche

VIPRE doesn't strictly require 2003 R2, plain 2003 will be fine.

On 4/20/2010 2:22 PM, Marty Nelson wrote:
> Hi everyone, I have a quick about the installation of VIPRE.  Seeing as
> though it requires one of my ’03 servers be R2

-- 

Phil Brutsche
p...@optimumdata.com


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Install VIPRE on to SharePoint Server?

2010-04-20 Thread Richard Stovall

You're talking about the server piece?  The documentation that specifies
Vipre 4 as only being supported on 2003 R2 and later is incorrect according
to chatter on the forums.  I can dig up the link if you need it.

On Tue, Apr 20, 2010 at 3:22 PM, Marty Nelson  wrote:

>  Hi everyone, I have a quick about the installation of VIPRE.  Seeing as
> though it requires one of my ’03 servers be R2, I was wondering if it would
> coexist on a server that’s currently running SharePoint v.3?  It’s one of
> only a few servers that I have that are R2, most are straight ’03.  The
> other ’03 R2 servers are either DC’s and running a bunch of DC typ0e items
> (DNS. DHCP, etc.) or are my current Symantec server, which Sunbelt has said
> they will absolutely not play well together.  Sooo, that leaves me with the
> SharePoint option. Whatcha think?
>
>
>
> I’d appreciate any input.
>
>
>
> Thanks in advance,
>
>
>
> -Marty
>
>
>
>
>
> *Marty Nelson | Systems Administrator*
> Transdyn, Inc. | 4256 Hacienda Dr., Suite 100 | Pleasanton, CA 94588
> T: 925.225.1600 | F: 925.225.1610
> mnel...@transdyn.com | www.transdyn.com
>
>
> --
> This email and any files transmitted with it are confidential and intended
> solely for the use by the addressee. If you received this email in error,
> please contact the sender immediately and delete the email and attachments.
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

Re: Install VIPRE on to SharePoint Server?

2010-04-20 Thread Steve Ens

I don't see an issue at all.  I have Vipre running on a few instances of
SBS, including Sharepoint, Exchange, et al and it runs fine.  Vipre 4 I
might add.  I like the interface better than v3.

On Tue, Apr 20, 2010 at 2:22 PM, Marty Nelson  wrote:

>  Hi everyone, I have a quick about the installation of VIPRE.  Seeing as
> though it requires one of my ’03 servers be R2, I was wondering if it would
> coexist on a server that’s currently running SharePoint v.3?  It’s one of
> only a few servers that I have that are R2, most are straight ’03.  The
> other ’03 R2 servers are either DC’s and running a bunch of DC typ0e items
> (DNS. DHCP, etc.) or are my current Symantec server, which Sunbelt has said
> they will absolutely not play well together.  Sooo, that leaves me with the
> SharePoint option. Whatcha think?
>
>
>
> I’d appreciate any input.
>
>
>
> Thanks in advance,
>
>
>
> -Marty
>
>
>
>
>
> *Marty Nelson | Systems Administrator*
> Transdyn, Inc. | 4256 Hacienda Dr., Suite 100 | Pleasanton, CA 94588
> T: 925.225.1600 | F: 925.225.1610
> mnel...@transdyn.com | www.transdyn.com
>
>
> --
> This email and any files transmitted with it are confidential and intended
> solely for the use by the addressee. If you received this email in error,
> please contact the sender immediately and delete the email and attachments.
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

Re: Running Forefront(tm) Client Security - RAM usage?

2010-04-20 Thread Richard Stovall

What metric do those values represent?  My Win7 x64 machine running Vipre
Enterprise (3.1.2848) shows the following for working set.

SBAMSvc.exe = 21,424
SBAMTray.exe = 45,984

However, the private working set values are significantly lower:

SBAMSvc.exe = 16,960
SBAMTray.exe = 2,124

IIRC, XP and earlier reported the working set value from Task Manager.  The
same utility in Vista and later reports the private working set by default.
 (But can be made to show working set as well.)

On Tue, Apr 20, 2010 at 2:30 PM, Hart, Robert  wrote:

>  MsMpEng.exe = 66,720K sitting ldle
>
> MsPMSPSv.exe = 1,568K sitting idle
>
>
>
> If I may add I dislike the product.
>
>
>
>
>
> Bob
>
>
>
> *From:* Stu Sjouwerman [mailto:s...@sunbelt-software.com]
> *Sent:* Tuesday, April 20, 2010 2:08 PM
>
> *To:* NT System Admin Issues
> *Subject:* Running Forefront(tm) Client Security - RAM usage?
>
>
>
> Anyone running Forefront that can quickly tell me what its real-world RAM
> usage is on an end-point?
>
>
>
> Warm regards,
>
> *Stu Sjouwerman*
>
> *Co-Founder, Publisher, Sunbelt Media*
> P: +1-727-562-0101 ext 218
> F: +1-727-562-5199
> s...@sunbelt-software.com
>
>
>  ...
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: A Little OT: Rack Space Exchange Hosting Services

2010-04-20 Thread Andrew S. Baker

They are pricey, but their Exchange hosting is fine, and they are quite
responsive.

-ASB: http://XeeSM.com/AndrewBaker


On Tue, Apr 20, 2010 at 11:35 AM, Don Guyer wrote:

>  Greetings,
>
>
>
> We are entertaining the idea of having the Rack Space
> company host our Exchange environment. If anyone has any experience with
> them, good or bad, I would appreciate the feedback tremendously. I know they
> host more than just Exchange, so if you have any input at all regarding
> their services, that is most welcome as well.
>
>
>
> Thx,
>
>
>
> Don Guyer
>
> Systems Engineer - Information Services
>
> Prudential, Fox & Roach/Trident Group
>
> 431 W. Lancaster Avenue
>
> Devon, PA 19333
>
> Direct: (610) 993-3299
>
> Fax: (610) 650-5306
>
> don.gu...@prufoxroach.com
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Install VIPRE on to SharePoint Server?

2010-04-20 Thread Marty Nelson

Thank you everyone for the info, it's been quite helpful.  I do have a few 
follow up questions.  Is the consensus that v4 it will work just fine on a 
standard installation of '03?

I have to say that I'm tempted to just say let it go and see what happens.

Oh hey, does anyone know if the installation of V4 require a reboot?

Thanks so much,

-Marty

From: Richard Stovall [mailto:rich...@gmail.com]
Sent: Tuesday, April 20, 2010 12:30 PM
To: NT System Admin Issues
Subject: Re: Install VIPRE on to SharePoint Server?

You're talking about the server piece?  The documentation that specifies Vipre 
4 as only being supported on 2003 R2 and later is incorrect according to 
chatter on the forums.  I can dig up the link if you need it.
On Tue, Apr 20, 2010 at 3:22 PM, Marty Nelson 
mailto:mnel...@transdyn.com>> wrote:
Hi everyone, I have a quick about the installation of VIPRE.  Seeing as though 
it requires one of my '03 servers be R2, I was wondering if it would coexist on 
a server that's currently running SharePoint v.3?  It's one of only a few 
servers that I have that are R2, most are straight '03.  The other '03 R2 
servers are either DC's and running a bunch of DC typ0e items (DNS. DHCP, etc.) 
or are my current Symantec server, which Sunbelt has said they will absolutely 
not play well together.  Sooo, that leaves me with the SharePoint option. 
Whatcha think?

I'd appreciate any input.

Thanks in advance,

-Marty




Marty Nelson | Systems Administrator
Transdyn, Inc. | 4256 Hacienda Dr., Suite 100 | Pleasanton, CA 94588
T: 925.225.1600 | F: 925.225.1610
mnel...@transdyn.com | 
www.transdyn.com

[cid:image001.jpg@01CAE087.3A34B520]

This email and any files transmitted with it are confidential and intended 
solely for the use by the addressee. If you received this email in error, 
please contact the sender immediately and delete the email and attachments.

















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

Re: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Andrew S. Baker

I'd approach it from the following angle:

Tell them you are more than happy to support any device that will help them
increase revenue and/or lower operating costs, and have them fill out a
business case for the device so that it can be properly supported.
(Provide them with a business case template in case they lack one).

Then, prep your own case for necessary support -- one device for your team,
plus some training on it.

Begin to build a case for an additional support resource, so that you can
make that request at the appropriate time.

After all, this is a business problem, not a technology one.

-ASB: http://XeeSM.com/AndrewBaker


On Tue, Apr 20, 2010 at 2:44 PM, Raper, Jonathan - Eagle <
jra...@eaglemds.com> wrote:

> Ok, I need some insight/thoughts/suggestions...especially if any of you
> have come up against this.
>
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x
> authentication (we don't support 802.11b, and 802.11g is on the way out the
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out
> in the field. We've never supported Vista or Apple-anything on our network,
> and pulled the last 9x box off of our network years ago. We're close to
> getting rid of all of the 2000 clients off, and we're starting to look at
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare
> provider, which means HIPAA is of significant concern. Not much else
> applies, since we're not publicly traded (aside from common sense and the
> law in general). We have about 425 employees and around 65 physicians (most
> of the physicians are shareholders).
>
> I've done a good job of keeping the iPod touch and iPhone users off of the
> network thus far, because we simply don't have the people in house to be
> able to support any more devices.
>
> Enter the iPad, Apple's answer to the Tablet PC.
>
> We now have physicians who are starting to ask for iPad access on the
> network. I'm not sure why, but I suppose because they think it will be so
> much better than the Lenovo X200 Tablet PCs that we JUST bought them for use
> with our EMR system. We do not yet have a functional wireless guest network.
>
> I've tried connecting a 64 Gig iPod touch to our wireless network to no
> avail, and then discovered that apparently the iPod touch doesn't like
> hidden networks. I'm not about to start broadcasting my SSID... this gives
> me pause about even considering an iPad, not to mention that I wouldn't be
> able to control the machine or authenticate the machine against the network.
>
> Anyway, do any of you have any arguments for or against allowing the
> iPad/iPod/iPhone, both from a support standpoint and a security standpoint?
>
> Thanks in advance,
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
>
> Any medical information contained in this electronic message is
> CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
> view, copy, disclose, or disseminate CONFIDENTIAL information. This
> electronic message may contain information that is confidential and/or
> legally privileged. It is intended only for the use of the individual(s)
> and/or entity named as recipients in the message. If you are not an intended
> recipient of this message, please notify the sender immediately and delete
> this material from your computer. Do not deliver, distribute or copy this
> message, and do not disclose its contents or take any action in reliance on
> the information that it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Infragard

2010-04-20 Thread Kurt Buff

I've got an application sitting on my desk at home waiting to be mailed out.

I'll let you know what I think if I get accepted.

On Tue, Apr 20, 2010 at 11:12, Roger Wright  wrote:
> http://www.infragard.net/about.php
>
> Anyone a member or have comments regarding the FBI's Infragrad program?
>
>
>
> Die dulci fruere!
>
> Roger Wright

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

SBS 2008 Premium Q

2010-04-20 Thread David Lum

If you buy SBS 2008 Premium I see you get an additional 2008 R2 standard 
license, does that mean you can install 2008 R2 and then VM SBS 2008 on top of 
it? My guess is that's their intention anyway, but...
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Install VIPRE on to SharePoint Server?

2010-04-20 Thread Steve Ens

I think a reboot is required, if only for the agent update.

On Tue, Apr 20, 2010 at 2:44 PM, Marty Nelson  wrote:

>  Thank you everyone for the info, it’s been quite helpful.  I do have a
> few follow up questions.  Is the consensus that v4 it will work just fine on
> a standard installation of ’03?
>
>
>
> I have to say that I’m tempted to just say let it go and see what happens.
>
>
>
> Oh hey, does anyone know if the installation of V4 require a reboot?
>
>
>
> Thanks so much,
>
>
>
> -Marty
>
>
>
> *From:* Richard Stovall [mailto:rich...@gmail.com]
> *Sent:* Tuesday, April 20, 2010 12:30 PM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Install VIPRE on to SharePoint Server?
>
>
>
> You're talking about the server piece?  The documentation that specifies
> Vipre 4 as only being supported on 2003 R2 and later is incorrect according
> to chatter on the forums.  I can dig up the link if you need it.
>
> On Tue, Apr 20, 2010 at 3:22 PM, Marty Nelson 
> wrote:
>
> Hi everyone, I have a quick about the installation of VIPRE.  Seeing as
> though it requires one of my ’03 servers be R2, I was wondering if it would
> coexist on a server that’s currently running SharePoint v.3?  It’s one of
> only a few servers that I have that are R2, most are straight ’03.  The
> other ’03 R2 servers are either DC’s and running a bunch of DC typ0e items
> (DNS. DHCP, etc.) or are my current Symantec server, which Sunbelt has said
> they will absolutely not play well together.  Sooo, that leaves me with the
> SharePoint option. Whatcha think?
>
>
>
> I’d appreciate any input.
>
>
>
> Thanks in advance,
>
>
>
> -Marty
>
>
>
>
>
>
> *Marty Nelson | Systems Administrator*
> Transdyn, Inc. | 4256 Hacienda Dr., Suite 100 | Pleasanton, CA 94588
> T: 925.225.1600 | F: 925.225.1610
> mnel...@transdyn.com | www.transdyn.com
>
>  --
>
> This email and any files transmitted with it are confidential and intended
> solely for the use by the addressee. If you received this email in error,
> please contact the sender immediately and delete the email and attachments.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

RE: SBS 2008 Premium Q

2010-04-20 Thread Mike Hoffman

You can, and some do, but you don't need Premium for that. You can install 2008 
as a 'hypervisor' without a license as long as it is only the VM manager. The 
additional server is for the SQL instance, which can be on the same tin in a 
different VM if you want.

Mike

From: David Lum [mailto:david@nwea.org]
Sent: 20 April 2010 21:00
To: NT System Admin Issues
Subject: SBS 2008 Premium Q

If you buy SBS 2008 Premium I see you get an additional 2008 R2 standard 
license, does that mean you can install 2008 R2 and then VM SBS 2008 on top of 
it? My guess is that's their intention anyway, but...
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Infragard

2010-04-20 Thread Ziots, Edward

Looking to do the same, but already apart of NAISG, OWASP, ISACA, soon to be 
ISSA, and a few others, I don’t know how many organizations I need to get apart 
of, before I am burnt to a crisp. 

Z

Edward Ziots
CISSP,MCSA,MCP+I,Security +,Network +,CCA
Network Engineer
Lifespan Organization
401-639-3505
ezi...@lifespan.org

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Tuesday, April 20, 2010 3:53 PM
To: NT System Admin Issues
Subject: Re: Infragard

I've got an application sitting on my desk at home waiting to be mailed out.

I'll let you know what I think if I get accepted.

On Tue, Apr 20, 2010 at 11:12, Roger Wright  wrote:
> http://www.infragard.net/about.php
>
> Anyone a member or have comments regarding the FBI's Infragrad program?
>
>
>
> Die dulci fruere!
>
> Roger Wright

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Infragard

2010-04-20 Thread Kim Longenbaugh

As long as the total number of initials in the orgs you join is less than or 
equal to the number of initials in your sig, you will not spontaneously combust.

-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Tuesday, April 20, 2010 3:16 PM
To: NT System Admin Issues
Subject: RE: Infragard

Looking to do the same, but already apart of NAISG, OWASP, ISACA, soon to be 
ISSA, and a few others, I don’t know how many organizations I need to get apart 
of, before I am burnt to a crisp. 

Z

Edward Ziots
CISSP,MCSA,MCP+I,Security +,Network +,CCA
Network Engineer
Lifespan Organization
401-639-3505
ezi...@lifespan.org

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Tuesday, April 20, 2010 3:53 PM
To: NT System Admin Issues
Subject: Re: Infragard

I've got an application sitting on my desk at home waiting to be mailed out.

I'll let you know what I think if I get accepted.

On Tue, Apr 20, 2010 at 11:12, Roger Wright  wrote:
> http://www.infragard.net/about.php
>
> Anyone a member or have comments regarding the FBI's Infragrad program?
>
>
>
> Die dulci fruere!
>
> Roger Wright

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

How is this even in question?

2010-04-20 Thread David Lum

http://www.cnn.com/2010/LIVING/worklife/04/20/work.text.email.privacy/index.html?hpt=C1

Company owns the device, company owns the information on it, why should I 
expect privacy on a device I didn't buy and don't own?
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Server monitoring solution recommendations?

2010-04-20 Thread Neil Standley

Take a look at PRTG7 by Paessler, www.paessler.com. We've used their monitoring 
software for over 5 years starting out with IPCheck5. PRTG7 will do everything 
you are asking. It runs on Windows, monitor devices using SNMP (v1,2,3), or 
WMI. Scheduling, notifications, 50+ different sensor types, historical 
graphing, etc.

It's pretty easy to setup and update. Monitored servers (Windows hosts) run a 
remote probe client. You need to manually install probes the first time but 
when the core server gets updated it sends probe updates to all remote servers 
automatically.

Paessler is in Germany so support is not instantaneous but I've never had an 
emergency issue where I needed to talk to someone right then.

For the same capability we have with PRTG7, What's up Gold would have run us 
about $5-6K, PRTG was $1K.




Neil


-Original Message-
From: kstephenso...@thinkpath.com [mailto:kstephenso...@thinkpath.com] 
Sent: Tuesday, April 20, 2010 11:46 AM
To: NT System Admin Issues
Subject: RE: Server monitoring solution recommendations?

Completely Understand - Yes; cost is still high. 

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Tuesday, April 20, 2010 2:42 PM
To: NT System Admin Issues
Subject: Re: Server monitoring solution recommendations?

Cost-effective? Not the last time I looked at it.

However, when I last used it in production (um, well, more than 10 years
ago) it was *very* nice.

Kurt

On Tue,Apr 20, 2010 at 08:55,   wrote:
> Hello Steven
> One other product which I used previously was WhatsUp(r) Gold Premium 
> Edition provides an extensive and cost-effective out-of-the-box single 
> site management and monitoring solution for networks of all sizes
>
> Ken

> -Original Message-
> From: Stringham, Steven [mailto:sstri...@lrlaw.com]
> Sent: Tuesday, April 20, 2010 11:50 AM
> To: NT System Admin Issues
> Subject: RE: Server monitoring solution recommendations?
>
> +1 Nagios - yes a bit to setup - but it just runs.
>
> +1 also for Cacti - if you want the historical graphs. Very nice.
>
>
> -Original Message-
> From: Michael Leone [mailto:oozerd...@gmail.com]
> Sent: Friday, April 16, 2010 6:07 AM
> To: NT System Admin Issues
> Subject: Server monitoring solution recommendations?
>
> I'm investigating server monitoring solutions for my enterprise. What 
> I'm interested in is real world experiences and recommendations, not 
> just sales pitches and product sheets that I can get from Google.
>
> The way I see it, I need 2 basic functions: I need to be able to 
> monitor various aspects of a server (CPU usage, free disk space, is a 
> service running, does the web service return a web page in a timely 
> manner, is the switch at that site being overloaded, etc - the usual 
> things you'd want to know from a server, I think) and then alert me 
> when certain triggers or thresholds are crossed; and also to provide 
> historical reports, showing trends over time. At a previous job, I 
> used to ServersAlive!, which suited my needs there. But now I am at a 
> place that has over 100 servers and switches, across multiple sites.
> And so I think I'd need something with more heft, perhaps.
>
> We're an HP shop, and I am looking at HP's SIM (Insight Manager) 
> software, but that doesn't seem to monitor all the sorts of functions 
> I want, nor does it seem to present it in a timely manner.
>
> I'm also looking at PacketTraps PT 360 tool suite (which is free), and 
> that seems to show me some of what I need, but doesn't seem to have a 
> lot in the way of reporting, nor have I found a way (yet) for it to 
> alert me to configurable settings.
>
> I've also downloaded SpiceWorks, on the recommendation of a colleague, 
> but haven't had a chance to investigate it yet.
>
> We're a gov't agency, so I don't have a whole lot of money. But I have 
> a need, and at the moment, nothing in place to fill it. Getting an 
> alert email that tells me that my mail server CPU has been up over 80% 
> for more than xx seconds would be a good thing, so I don't have to get 
> phone calls from users, asking why mail is so slow, and that's the first
I've heard of it.
> I'm sure you get the idea. And the boss wants reports over time, for 
> capacity planning and the like.
>
> So any recommendations would be welcome, as would anything I've forgotten.
> We're almost exclusively a Windows shop, but with 10 VMware ESX hosts, 
> a number of MS SQL servers (2000, 2005), and a number of Cisco 
> switches (and a couple Nortel ones scattered here and there). No 
> Exchange (we're a Notes shop).
>
> TIA
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> 
> For more information about Lewis and Roca LLP, please go to 
> www.lewisandroca.com.
> Phoenix (602) 262-5311
> Tucson (520) 622-2090
> Las Vegas (702) 949-8200
> Reno (775) 823-2900
> Minden (775) 586-9500
> Albuquerque (505) 764-5400
> S

RE: SBS 2008 Premium Q

2010-04-20 Thread WJH

yeah, lots of people are doing hypervisor with an SBS and a LOB server or 
terminal server as VMs.  This would be compliant with licensing.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Webtrends

2010-04-20 Thread Joseph Heaton

Anyone out there using Webtrends Analytics?  Trying to gather some information 
about the product, such as hardware requirements, etc, and the site is 
confusing.  Also, would like to hear real-world experiences with the product, 
and if you're not using Webtrends, but you do analytics, I'd appreciate other 
options.

Our basic requirements:

Product needs to be database driven:  data retention, log retention in a 
database structure.

Web trending

client statistics

File types requested, etc.


TIA,


Joe Heaton


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: SBS 2008 Premium Q

2010-04-20 Thread David Lum

Thanks! I need the SQL so I need the Premium.

Dave

From: Mike Hoffman [mailto:m...@drumbrae.net]
Sent: Tuesday, April 20, 2010 1:11 PM
To: NT System Admin Issues
Subject: RE: SBS 2008 Premium Q

You can, and some do, but you don't need Premium for that. You can install 2008 
as a 'hypervisor' without a license as long as it is only the VM manager. The 
additional server is for the SQL instance, which can be on the same tin in a 
different VM if you want.

Mike

From: David Lum [mailto:david@nwea.org]
Sent: 20 April 2010 21:00
To: NT System Admin Issues
Subject: SBS 2008 Premium Q

If you buy SBS 2008 Premium I see you get an additional 2008 R2 standard 
license, does that mean you can install 2008 R2 and then VM SBS 2008 on top of 
it? My guess is that's their intention anyway, but...
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: How is this even in question?

2010-04-20 Thread Raper, Jonathan - Eagle

I agree, however...

It happened back in 2002, and the corporate policies were not clear (how many 
of us actually have clear corporate policies now, much less 8 years ago when 
not everybody was on line?) Also, the employee was willingly paying for texting 
overages to his employer...

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, April 20, 2010 4:29 PM
To: NT System Admin Issues
Subject: How is this even in question?

http://www.cnn.com/2010/LIVING/worklife/04/20/work.text.email.privacy/index.html?hpt=C1

Company owns the device, company owns the information on it, why should I 
expect privacy on a device I didn't buy and don't own?
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764







Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Source Code for password system stolen in Google Hack (UNCLASSIFIED)

2010-04-20 Thread Kent, Larry CTR US USA

Classification: UNCLASSIFIED
Caveats: NONE



Did all you Gmail Grassones see this one?

 

http://www.fiercecio.com/techwatch/story/source-code-password-system-sto
len-google-hack/2010-04-20?utm_medium=nl&utm_source=internal

 

Larry Kent

AD/Exchange 2003 OU Administrator

Lockheed Martin

Natick R&D Center

Natick, MA 01760

DSN: 312.256.4981  Comm: 508.233.4981

mailto:larry.k...@us.army.mil

 

Classification: UNCLASSIFIED
Caveats: NONE



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: How is this even in question?

2010-04-20 Thread Richard Stovall

It's a question because lawyers are involved.  :-)

I think it's interesting that the article doesn't mention what kind of case
it actually is.  A separate article stated that he and the girlfriend (not
the wife, or maybe ex-wife by now) are suing over 'privacy violations'.
 It isn't clear what harm they suffered.  Was the outing of the affair the
harm, or something worse like wrongful termination or public ridicule.  Was
the existence of the text messages made public outside of those parties with
reasonable right to know about them such as HR, supervisors, etc?

On Tue, Apr 20, 2010 at 4:28 PM, David Lum  wrote:

>
> http://www.cnn.com/2010/LIVING/worklife/04/20/work.text.email.privacy/index.html?hpt=C1
>
>
>
> Company owns the device, company owns the information on it, why should I
> expect privacy on a device I didn’t buy and don’t own?
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 971.222.1025 *// *(Cell) 503.267.9764
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Source Code for password system stolen in Google Hack (UNCLASSIFIED)

2010-04-20 Thread Kim Longenbaugh

You're calling GMAIL users "dumplings"?  fascinating.

 

From: Kent, Larry CTR US USA [mailto:larry.k...@us.army.mil] 
Sent: Tuesday, April 20, 2010 3:39 PM
To: NT System Admin Issues
Subject: Source Code for password system stolen in Google Hack
(UNCLASSIFIED)

 

Classification: UNCLASSIFIED
Caveats: NONE

Did all you Gmail Grassones see this one?

 

http://www.fiercecio.com/techwatch/story/source-code-password-system-sto
len-google-hack/2010-04-20?utm_medium=nl&utm_source=internal

 

Larry Kent

AD/Exchange 2003 OU Administrator

Lockheed Martin

Natick R&D Center

Natick, MA 01760

DSN: 312.256.4981  Comm: 508.233.4981

mailto:larry.k...@us.army.mil

 

Classification: UNCLASSIFIED
Caveats: NONE

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Infragard

2010-04-20 Thread Ziots, Edward

TY, 

I will remember to add a fire extinguisher to my Christmas wish list... Also if 
there is any Infosec Engineer/Analyst position out there in the NE/MA/CT/RI 
area I am all ears. 

Z

Edward Ziots
CISSP,MCSA,MCP+I,Security +,Network +,CCA
Network Engineer
Lifespan Organization
401-639-3505
ezi...@lifespan.org

-Original Message-
From: Kim Longenbaugh [mailto:k...@colonialsavings.com] 
Sent: Tuesday, April 20, 2010 4:27 PM
To: NT System Admin Issues
Subject: RE: Infragard

As long as the total number of initials in the orgs you join is less than or 
equal to the number of initials in your sig, you will not spontaneously combust.

-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Tuesday, April 20, 2010 3:16 PM
To: NT System Admin Issues
Subject: RE: Infragard

Looking to do the same, but already apart of NAISG, OWASP, ISACA, soon to be 
ISSA, and a few others, I don’t know how many organizations I need to get apart 
of, before I am burnt to a crisp. 

Z

Edward Ziots
CISSP,MCSA,MCP+I,Security +,Network +,CCA
Network Engineer
Lifespan Organization
401-639-3505
ezi...@lifespan.org

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Tuesday, April 20, 2010 3:53 PM
To: NT System Admin Issues
Subject: Re: Infragard

I've got an application sitting on my desk at home waiting to be mailed out.

I'll let you know what I think if I get accepted.

On Tue, Apr 20, 2010 at 11:12, Roger Wright  wrote:
> http://www.infragard.net/about.php
>
> Anyone a member or have comments regarding the FBI's Infragrad program?
>
>
>
> Die dulci fruere!
>
> Roger Wright

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: How is this even in question?

2010-04-20 Thread John Aldrich

I heard about this on NPR a few days ago. Part of it is that 1) he's a
police officer. 2) The department's OLD policy was that the employees could
use the departmental equipment all they wanted as long as they paid for the
overage. Later, the department got curious about the overages and decided to
look at like the top 5 or 10 users and that's when they went in to look at
the usage. Previously, the *stated* policy had been as described. Most
places now say that the company owns the equipment and such. I'm going to
have to review our policies here, I think, to make sure that we're covered.

 

John-AldrichTile-Tools

 

From: Richard Stovall [mailto:rich...@gmail.com] 
Sent: Tuesday, April 20, 2010 4:44 PM
To: NT System Admin Issues
Subject: Re: How is this even in question?

 

It's a question because lawyers are involved.  :-)

 

I think it's interesting that the article doesn't mention what kind of case
it actually is.  A separate article stated that he and the girlfriend (not
the wife, or maybe ex-wife by now) are suing over 'privacy violations'.
It isn't clear what harm they suffered.  Was the outing of the affair the
harm, or something worse like wrongful termination or public ridicule.  Was
the existence of the text messages made public outside of those parties with
reasonable right to know about them such as HR, supervisors, etc?

On Tue, Apr 20, 2010 at 4:28 PM, David Lum  wrote:

http://www.cnn.com/2010/LIVING/worklife/04/20/work.text.email.privacy/index.
html?hpt=C1

 

Company owns the device, company owns the information on it, why should I
expect privacy on a device I didn't buy and don't own?

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Source Code for password system stolen in Google Hack (UNCLASSIFIED)

2010-04-20 Thread Alverson, Tom (Xetron)

Probably "porker" rather than "dumpling".   Don't you know that Google
is run by Kanamits and their motto is "To Serve Man"??

 

 

From: Kim Longenbaugh [mailto:k...@colonialsavings.com] 
Sent: Tuesday, April 20, 2010 4:50 PM
To: NT System Admin Issues
Subject: RE: Source Code for password system stolen in Google Hack
(UNCLASSIFIED)

 

You're calling GMAIL users "dumplings"?  fascinating.

 

From: Kent, Larry CTR US USA [mailto:larry.k...@us.army.mil] 
Sent: Tuesday, April 20, 2010 3:39 PM
To: NT System Admin Issues
Subject: Source Code for password system stolen in Google Hack
(UNCLASSIFIED)

 

Classification: UNCLASSIFIED
Caveats: NONE

Did all you Gmail Grassones see this one?

 

http://www.fiercecio.com/techwatch/story/source-code-password-system-sto
len-google-hack/2010-04-20?utm_medium=nl&utm_source=internal

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Nagios folks....

2010-04-20 Thread David Lum

Can Nagios look for specific process in memory? I have a service that kicks off 
a couple of executables and want to know if I can have Nagios alert me if they 
aren't there.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Nagios folks....

2010-04-20 Thread Brian Desmond

What OS?

Thanks,
Brian Desmond
br...@briandesmond.com

c   - 312.731.3132

From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, April 20, 2010 4:50 PM
To: NT System Admin Issues
Subject: Nagios folks

Can Nagios look for specific process in memory? I have a service that kicks off 
a couple of executables and want to know if I can have Nagios alert me if they 
aren't there.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Nagios folks....

2010-04-20 Thread Alverson, Tom (Xetron)

You don't need a whole Nagios to do that.  You can just run PSLIST to
get a list of all processes and use FINDSTR to search for the process
name.  Then you can use the errorlevel from FINDSTR to send you an
email if it does not find the process in the list.

From: David Lum [mailto:david@nwea.org] 
Sent: Tuesday, April 20, 2010 5:50 PM
To: NT System Admin Issues
Subject: Nagios folks

Can Nagios look for specific process in memory? I have a service that
kicks off a couple of executables and want to know if I can have Nagios
alert me if they aren't there.

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Nagios folks....

2010-04-20 Thread Joseph L. Casale

Yes, in any OS.
I do this extensively with snmp, I hate installing sh!t on my production 
servers (even though there are Nagios win clients).
I also use pnp4nagios and get performance data logging for any plugins that 
provide it.

From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, April 20, 2010 3:50 PM
To: NT System Admin Issues
Subject: Nagios folks

Can Nagios look for specific process in memory? I have a service that kicks off 
a couple of executables and want to know if I can have Nagios alert me if they 
aren't there.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Spontaneous server reboots

2010-04-20 Thread Kyle Plummer

I have an HP DL380G4 server that randomly reboots. At first I suspected
an issue with Windows. However, I booted into the BIOS and let it sit
there for a few minutes. Again at random intervals the system will
reboot. Sometimes I can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) -
still reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this
with the G4's? It had run for about four years prior with no issue until
this started. No other hardware changes or updates to the BIOS have been
done in the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 



This written advice is not intended or written to be used, and can not be used, 
by a taxpayer for the purpose of avoiding penalties that may be imposed on the 
taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic Communications 
Privacy Act, 18 U.S.C. Sections 2510-2521, is confidential, and is intended 
solely for the use of the individuals or entities to whom it is addressed. If 
you are not the intended recipient or the person responsible for delivering the 
e-mail to the intended recipient, be advised that you have received this e-mail 
in error and that any use, dissemination, forwarding, printing, or copying of 
this e-mail and any file attachments is strictly prohibited. If you have 
received this e-mail in error, please immediately notify us by telephone 
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must destroy 
the original transmission and its contents. You will be reimbursed for 
reasonable costs incurred in notifying us. 




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spontaneous server reboots

2010-04-20 Thread Mathew Shember

Bad power supply?

How is the circuit load?

From: Kyle Plummer [mailto:kplum...@nje.com]
Sent: Tuesday, April 20, 2010 3:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

I have an HP DL380G4 server that randomly reboots. At first I suspected an 
issue with Windows. However, I booted into the BIOS and let it sit there for a 
few minutes. Again at random intervals the system will reboot. Sometimes I 
can't even get all the way into the BIOS.

I replaced the memory modules with new ones (twice, just to be sure) - still 
reboots randomly even from the BIOS. I suspect an issue with the motherboard. 
Any other possible causes, or has anyone experienced this with the G4's? It had 
run for about four years prior with no issue until this started. No other 
hardware changes or updates to the BIOS have been done in the last year (only 
Windows patches).

Thanks in advance,

Kyle B. Plummer

This written advice is not intended or written to be used, and can not be used, 
by a taxpayer for the purpose of avoiding penalties that may be imposed on the 
taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic Communications 
Privacy Act, 18 U.S.C. Sections 2510-2521, is confidential, and is intended 
solely for the use of the individuals or entities to whom it is addressed. If 
you are not the intended recipient or the person responsible for delivering the 
e-mail to the intended recipient, be advised that you have received this e-mail 
in error and that any use, dissemination, forwarding, printing, or copying of 
this e-mail and any file attachments is strictly prohibited. If you have 
received this e-mail in error, please immediately notify us by telephone 
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must destroy 
the original transmission and its contents. You will be reimbursed for 
reasonable costs incurred in notifying us.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spontaneous server reboots

2010-04-20 Thread Kyle Plummer

I have it on an APC Smart-UPS 1500, very light load. I have my own AC
and keep the server room around 68 or so. Good airflow. No dust build up
inside the case. I'll try swapping the power supply itself with a known
good one to see if that helps.

 

Thank you,

 

Kyle B. Plummer

 

From: Mathew Shember [mailto:mathew.shem...@synopsys.com] 
Sent: Tuesday, April 20, 2010 6:46 PM
To: NT System Admin Issues
Subject: RE: Spontaneous server reboots

 

Bad power supply?  

 

How is the circuit load?

 

 

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 3:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected
an issue with Windows. However, I booted into the BIOS and let it sit
there for a few minutes. Again at random intervals the system will
reboot. Sometimes I can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) -
still reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this
with the G4's? It had run for about four years prior with no issue until
this started. No other hardware changes or updates to the BIOS have been
done in the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

 

 


This written advice is not intended or written to be used, and can not be used, 
by a taxpayer for the purpose of avoiding penalties that may be imposed on the 
taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic Communications 
Privacy Act, 18 U.S.C. Sections 2510-2521, is confidential, and is intended 
solely for the use of the individuals or entities to whom it is addressed. If 
you are not the intended recipient or the person responsible for delivering the 
e-mail to the intended recipient, be advised that you have received this e-mail 
in error and that any use, dissemination, forwarding, printing, or copying of 
this e-mail and any file attachments is strictly prohibited. If you have 
received this e-mail in error, please immediately notify us by telephone 
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must destroy 
the original transmission and its contents. You will be reimbursed for 
reasonable costs incurred in notifying us. 




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Webtrends

2010-04-20 Thread Steven M. Caesare

I'll see if I can talk to the folks running it at our place to get some
opinions...

-sc

-Original Message-
From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] 
Sent: Tuesday, April 20, 2010 4:37 PM
To: NT System Admin Issues
Subject: Webtrends

Anyone out there using Webtrends Analytics?  Trying to gather some
information about the product, such as hardware requirements, etc, and
the site is confusing.  Also, would like to hear real-world experiences
with the product, and if you're not using Webtrends, but you do
analytics, I'd appreciate other options.

Our basic requirements:

Product needs to be database driven:  data retention, log retention in a
database structure.

Web trending

client statistics

File types requested, etc.

TIA,

Joe Heaton

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spontaneous server reboots

2010-04-20 Thread Steven M. Caesare

Bad HW.

 

We've had our fair share go TU.

 

-sc

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 6:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected
an issue with Windows. However, I booted into the BIOS and let it sit
there for a few minutes. Again at random intervals the system will
reboot. Sometimes I can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) -
still reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this
with the G4's? It had run for about four years prior with no issue until
this started. No other hardware changes or updates to the BIOS have been
done in the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not
be used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is
confidential, and is intended solely for the use of the individuals or
entities to whom it is addressed. If you are not the intended recipient
or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and
that any use, dissemination, forwarding, printing, or copying of this
e-mail and any file attachments is strictly prohibited. If you have
received this e-mail in error, please immediately notify us by telephone
toll-free at (866) 841-6888 or by reply e-mail to the sender. You must
destroy the original transmission and its contents. You will be
reimbursed for reasonable costs incurred in notifying us. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Webtrends

2010-04-20 Thread Joseph Heaton

Thanks.  Also trying to verify if it runs on Server 2k8 R2.  Their site says 
yes to 2k8 x64, but doesn't mention R2, which as we all know, is a much 
different beast.

>>> "Steven M. Caesare"  4/20/2010 3:56 PM >>>
I'll see if I can talk to the folks running it at our place to get some
opinions...

-sc

-Original Message-
From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] 
Sent: Tuesday, April 20, 2010 4:37 PM
To: NT System Admin Issues
Subject: Webtrends

Anyone out there using Webtrends Analytics?  Trying to gather some
information about the product, such as hardware requirements, etc, and
the site is confusing.  Also, would like to hear real-world experiences
with the product, and if you're not using Webtrends, but you do
analytics, I'd appreciate other options.

Our basic requirements:

Product needs to be database driven:  data retention, log retention in a
database structure.

Web trending

client statistics

File types requested, etc.


TIA,


Joe Heaton


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Spontaneous server reboots

2010-04-20 Thread Mike Gill

Check for bad caps on the motherboard?

 

-- 
Mike Gill

 

From: Kyle Plummer [mailto:kplum...@nje.com] 
Sent: Tuesday, April 20, 2010 3:46 PM
To: NT System Admin Issues
Subject: Spontaneous server reboots

 

I have an HP DL380G4 server that randomly reboots. At first I suspected an
issue with Windows. However, I booted into the BIOS and let it sit there for
a few minutes. Again at random intervals the system will reboot. Sometimes I
can't even get all the way into the BIOS.

 

I replaced the memory modules with new ones (twice, just to be sure) - still
reboots randomly even from the BIOS. I suspect an issue with the
motherboard. Any other possible causes, or has anyone experienced this with
the G4's? It had run for about four years prior with no issue until this
started. No other hardware changes or updates to the BIOS have been done in
the last year (only Windows patches).

 

Thanks in advance,

 

Kyle B. Plummer

 

This written advice is not intended or written to be used, and can not be
used, by a taxpayer for the purpose of avoiding penalties that may be
imposed on the taxpayer.

Norman, Jones, Enlow & Co.  - CONFIDENTIAL COMMUNICATION

This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. Sections 2510-2521, is confidential,
and is intended solely for the use of the individuals or entities to whom it
is addressed. If you are not the intended recipient or the person
responsible for delivering the e-mail to the intended recipient, be advised
that you have received this e-mail in error and that any use, dissemination,
forwarding, printing, or copying of this e-mail and any file attachments is
strictly prohibited. If you have received this e-mail in error, please
immediately notify us by telephone toll-free at (866) 841-6888 or by reply
e-mail to the sender. You must destroy the original transmission and its
contents. You will be reimbursed for reasonable costs incurred in notifying
us. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Source Code for password system stolen in Google Hack (UNCLASSIFIED)

2010-04-20 Thread Ben Scott

On Tue, Apr 20, 2010 at 4:38 PM, Kent, Larry CTR US USA
 wrote:
> Did all you Gmail Grassones see this one….?

  It's the source code to an SSO (single sign-on) system.  Directly,
doesn't seem like a big deal.  Even to Google -- it was an internal
only system, so it's not like they'll be loosing sales.  And it's
unlikely anyone else will have much use for it -- all the big players
wouldn't risk the exposure of using stolen intellectual property, and
if you're not a big player you don't have a use for a giant SSO
system.

  If there's some security-through-obscurity vulnerability that will
be exposed due to this, well, that would be a problem, but things like
that are a ticking time bomb anyway.

  Indirectly, makes me wonder what *else* might have been stolen.

  Fortunately for me, I don't use Google for anything that isn't
already semi-public (e.g., Internet email) anyway.  If I were running
private stuff on Google systems, I'd be worried.  (But I'd have been
worried anyway, which is why I'm not.  I don't trust "cloud services"
for most things, regardless of who they're from.  Others are entitled
to disagree.)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: need suggestions...iPad in a Windows enterprise, anyone?

2010-04-20 Thread Micheal Espinola Jr

BZZZ.  An iPad is not a tablet PC.  It is not running Macintosh OS; it is
running the iPod/Phone OS.  From what I have seen, its more or less a big
honking iPod Touch[1].  If you dont have a specific purpose for an iPad,
it[2] does not belong on your network.

1.  Dont forget to quantify the apps and crap you are going to have to get
for it to be usable, as well as properly protected.
2.  This goes for any device.

--
ME2


On Tue, Apr 20, 2010 at 11:44 AM, Raper, Jonathan - Eagle <
jra...@eaglemds.com> wrote:

> Ok, I need some insight/thoughts/suggestions...especially if any of you
> have come up against this.
>
> I have a pure Windows & Cisco environment, W2k3 AD, 802.11n with 802.1x
> authentication (we don't support 802.11b, and 802.11g is on the way out the
> door). All desktops are XP, with a small handful of 2000 Pro boxes left out
> in the field. We've never supported Vista or Apple-anything on our network,
> and pulled the last 9x box off of our network years ago. We're close to
> getting rid of all of the 2000 clients off, and we're starting to look at
> Windows 7. We're multi-specialty, multi-location, physician-owned healthcare
> provider, which means HIPAA is of significant concern. Not much else
> applies, since we're not publicly traded (aside from common sense and the
> law in general). We have about 425 employees and around 65 physicians (most
> of the physicians are shareholders).
>
> I've done a good job of keeping the iPod touch and iPhone users off of the
> network thus far, because we simply don't have the people in house to be
> able to support any more devices.
>
> Enter the iPad, Apple's answer to the Tablet PC.
>
> We now have physicians who are starting to ask for iPad access on the
> network. I'm not sure why, but I suppose because they think it will be so
> much better than the Lenovo X200 Tablet PCs that we JUST bought them for use
> with our EMR system. We do not yet have a functional wireless guest network.
>
> I've tried connecting a 64 Gig iPod touch to our wireless network to no
> avail, and then discovered that apparently the iPod touch doesn't like
> hidden networks. I'm not about to start broadcasting my SSID... this gives
> me pause about even considering an iPad, not to mention that I wouldn't be
> able to control the machine or authenticate the machine against the network.
>
> Anyway, do any of you have any arguments for or against allowing the
> iPad/iPod/iPhone, both from a support standpoint and a security standpoint?
>
> Thanks in advance,
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
>
> Any medical information contained in this electronic message is
> CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
> view, copy, disclose, or disseminate CONFIDENTIAL information. This
> electronic message may contain information that is confidential and/or
> legally privileged. It is intended only for the use of the individual(s)
> and/or entity named as recipients in the message. If you are not an intended
> recipient of this message, please notify the sender immediately and delete
> this material from your computer. Do not deliver, distribute or copy this
> message, and do not disclose its contents or take any action in reliance on
> the information that it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Running Forefront(tm) Client Security - RAM usage?

2010-04-20 Thread James Hill

My experience with MSE (which is based on forefront I believe) showed much 
higher ram usage under XP compared to Windows 7 as well.

From: Richard Stovall [mailto:rich...@gmail.com]
Sent: Wednesday, 21 April 2010 5:34 AM
To: NT System Admin Issues
Subject: Re: Running Forefront(tm) Client Security - RAM usage?

What metric do those values represent?  My Win7 x64 machine running Vipre 
Enterprise (3.1.2848) shows the following for working set.

SBAMSvc.exe = 21,424
SBAMTray.exe = 45,984

However, the private working set values are significantly lower:

SBAMSvc.exe = 16,960
SBAMTray.exe = 2,124

IIRC, XP and earlier reported the working set value from Task Manager.  The 
same utility in Vista and later reports the private working set by default.  
(But can be made to show working set as well.)

On Tue, Apr 20, 2010 at 2:30 PM, Hart, Robert 
mailto:robert.h...@genexservices.com>> wrote:
MsMpEng.exe = 66,720K sitting ldle
MsPMSPSv.exe = 1,568K sitting idle

If I may add I dislike the product.

Bob

From: Stu Sjouwerman 
[mailto:s...@sunbelt-software.com]
Sent: Tuesday, April 20, 2010 2:08 PM

To: NT System Admin Issues
Subject: Running Forefront(tm) Client Security - RAM usage?

Anyone running Forefront that can quickly tell me what its real-world RAM usage 
is on an end-point?

Warm regards,

Stu Sjouwerman
Co-Founder, Publisher, Sunbelt Media
P: +1-727-562-0101 ext 218
F: +1-727-562-5199
s...@sunbelt-software.com

...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: UPSes

2010-04-20 Thread Angus Scott-Fleming

On 16 Apr 2010 at 8:25, Reimer, Mark  wrote:

> 
> Hi folks, I´ve done some (or tried to) research on the differences
> between APC Backups vs Smart-UPS, or Tripp Lite SmartPro vs OmniSmart. One
> set (Backups and OmniSmart) seem to be almost ½ price of the other set
> (Smart-UPS and SmartPro) for the same rated VA/wattage. The only real
> difference I can find is manageability. These will be for POE switches in
> wiring closets. Any help/experience will be most appreciated. Thanks. 

FWIW I have both TrippLites and APCs at one client who has bought them here and 
there.  They have not installed the cables or software, and the cables have 
disappeared.  The new TrippLites use standard USB A-to-B cables, while the APCs 
use proprietary $30 RJ5-to-USB-A cables.  A bunch of their APCs are older, with 
RS-232 interfaces (proprietary APC $32 cable).  I'm about to replace most of 
the units without cables, and the TrippLites are about 20-25% less for the same 
specs.

Does anyone here have experience with their network software?  APC wants $280 
for a 5-to-25-user version of their network console.  TrippLite has a free 
network console for up to 250 stations.

--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-895-3270
Security Blog: http://geoapps.com/

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Infragard

2010-04-20 Thread Angus Scott-Fleming

On 20 Apr 2010 at 14:12, Roger Wright  wrote:

> http://www.infragard.net/about.php
> 
> Anyone a member or have comments regarding the FBI's Infragrad program?

I was a member when there was a chapter in Tucson.  It's dormant now, don't 
know if my membership has lapsed.

It is for people in large orgs.  I am a small-biz consultant, I didn't really 
fit in.

--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
Security Blog: http://geoapps.com/

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Nagios folks....

2010-04-20 Thread David Lum

Cool thanks! Can you point me to documentation, etc than I can send my current 
Nagios admin to?

Dave

From: Joseph L. Casale [jcas...@activenetwerx.com]
Sent: Tuesday, April 20, 2010 3:07 PM
To: NT System Admin Issues
Subject: RE: Nagios folks

Yes, in any OS.
I do this extensively with snmp, I hate installing sh!t on my production 
servers (even though there are Nagios win clients).
I also use pnp4nagios and get performance data logging for any plugins that 
provide it.

From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, April 20, 2010 3:50 PM
To: NT System Admin Issues
Subject: Nagios folks

Can Nagios look for specific process in memory? I have a service that kicks off 
a couple of executables and want to know if I can have Nagios alert me if they 
aren’t there.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

1 2 >

100 matches

Mail list logo