RE: SIEM

[Weatherford, Chad]

No...and I hope I never do!

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

From: Guyer, Don [mailto:don.gu...@fiserv.com] 
Sent: Wednesday, March 16, 2011 10:48
To: NT System Admin Issues
Subject: RE: SIEM

 

What a coincidence! One of our servers was just chocking on the TriGeo
agent. I've only been at this company a few months and just heard about
this. I haven't looked into this yet, but apparently the TG agent will
consume the CPU every once in awhile. Have you witnessed this in your
environment?

 

Don Guyer

Windows Systems Engineer

Datasafe Platform

Enterprise Technology Group

Fiserv

don.gu...@fiserv.com

Office: 1-800-523-7282 x 1673

Fax: 610-293-4499

www.fiserv.com <http://www.fiserv.com/> 

 

From: Weatherford, Chad [mailto:cweatherf...@scvl.com] 
Sent: Wednesday, March 16, 2011 11:43 AM
To: NT System Admin Issues
Subject: RE: SIEM

 

We have MARS...but rumor is its days are numbered. Not to mention you
cannot get details or customize alerts.

 

I just finished implementing TriGeo. So far I really like it and support
is great!

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

From: Matthew Bullock [mailto:mbull...@root9.com] 
Sent: Monday, March 14, 2011 15:29
To: NT System Admin Issues
Subject: RE: SIEM

 

Just the general splunk product.

 

Trustwave is the PCI auditor and they were trying to sell us their
appliance during the last audit.  One requirement for us is that the
product be available as a software virtual appliance, so I'll check on
their offering again.

 

I'll also dig around SC, thanks.

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Monday, March 14, 2011 10:59 AM
To: NT System Admin Issues
Subject: Re: SIEM

 

Did you look at the security product, or just the general Splunk
product?

 

Also look at TrustWave.

 

Lastly, SC Magazine is one of the best sources for useful reviews on
this category of products.  They are thorough in their review
methodology.


 

ASB (Find me online via About.Me <http://about.me/Andrew.S.Baker/bio> ) 
Exploiting Technology for Business Advantage...

 

 

On Mon, Mar 14, 2011 at 1:20 PM, Matthew Bullock 
wrote:

I took a look at Splunk 6 months ago, but decided it was a bit raw and
didn't have enough built-in reports.  I'd like to see native support for
Cisco IOS, ASA, IPS, SBC and NSEL, Windows WMI, Exchange, VMware, MS
SQL, IIS, AD, maybe Avaya Communications Manager and UNIX/Linux/Syslog.

 

-matt

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Monday, March 14, 2011 9:40 AM
To: NT System Admin Issues
Subject: Re: SIEM

 

Other options include:

*   http://www.trigeo.com/
*   http://www.splunk.com/view/enterprise-security-suite/SP-CAAAE8Z

 

What devices will you be tracking?

 

ASB (Find me online via About.Me <http://about.me/Andrew.S.Baker/bio> ) 
Exploiting Technology for Business Advantage...

 

 

On Mon, Mar 14, 2011 at 12:33 PM, Matthew Bullock 
wrote:

Does anyone have any experience/opinions with implementing SIEM or
logging solutions?  Right now, we're looking mainly at Accelops, Log
Logic and Log Rhythm, as well as an upgrade to our existing Cisco MARS
appliance and I would love to hear anyone's thoughts on these or any
other solutions worth looking into.

 

Thanks,

 

-matt

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To

RE: SIEM

[Weatherford, Chad]

We have MARS...but rumor is its days are numbered. Not to mention you
cannot get details or customize alerts.

 

I just finished implementing TriGeo. So far I really like it and support
is great!

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

From: Matthew Bullock [mailto:mbull...@root9.com] 
Sent: Monday, March 14, 2011 15:29
To: NT System Admin Issues
Subject: RE: SIEM

 

Just the general splunk product.

 

Trustwave is the PCI auditor and they were trying to sell us their
appliance during the last audit.  One requirement for us is that the
product be available as a software virtual appliance, so I'll check on
their offering again.

 

I'll also dig around SC, thanks.

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Monday, March 14, 2011 10:59 AM
To: NT System Admin Issues
Subject: Re: SIEM

 

Did you look at the security product, or just the general Splunk
product?

 

Also look at TrustWave.

 

Lastly, SC Magazine is one of the best sources for useful reviews on
this category of products.  They are thorough in their review
methodology.


 

ASB (Find me online via About.Me  ) 
Exploiting Technology for Business Advantage...

 

 

On Mon, Mar 14, 2011 at 1:20 PM, Matthew Bullock 
wrote:

I took a look at Splunk 6 months ago, but decided it was a bit raw and
didn't have enough built-in reports.  I'd like to see native support for
Cisco IOS, ASA, IPS, SBC and NSEL, Windows WMI, Exchange, VMware, MS
SQL, IIS, AD, maybe Avaya Communications Manager and UNIX/Linux/Syslog.

 

-matt

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Monday, March 14, 2011 9:40 AM
To: NT System Admin Issues
Subject: Re: SIEM

 

Other options include:

*   http://www.trigeo.com/
*   http://www.splunk.com/view/enterprise-security-suite/SP-CAAAE8Z

 

What devices will you be tracking?

 

ASB (Find me online via About.Me  ) 
Exploiting Technology for Business Advantage...

 

 

On Mon, Mar 14, 2011 at 12:33 PM, Matthew Bullock 
wrote:

Does anyone have any experience/opinions with implementing SIEM or
logging solutions?  Right now, we're looking mainly at Accelops, Log
Logic and Log Rhythm, as well as an upgrade to our existing Cisco MARS
appliance and I would love to hear anyone's thoughts on these or any
other solutions worth looking into.

 

Thanks,

 

-matt

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Antivirus Vendor Replacement

[Weatherford, Chad]

Thanks for all of the comments! I will gladly except more...swapping out AV is 
not an easy decision or task.



Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc. |  
:812.867.8314 | : 812.471.9866 |  : cweatherf...@scvl.com


-Original Message-
From: Rod Trent [mailto:rodtr...@myitforum.com] 
Sent: Friday, March 11, 2011 13:37
To: NT System Admin Issues
Subject: RE: Antivirus Vendor Replacement

Agreed.  But, Gartner plays to the CIOs and CTOs who are the ones that actually 
listen to them.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Friday, March 11, 2011 13:07
To: NT System Admin Issues
Subject: Re: Antivirus Vendor Replacement

On Fri, Mar 11, 2011 at 2:01 PM, Weatherford, Chad  
wrote:
> The only issue I have with Vipre are the ratings I have seen on 
> Gartner and such…I take that all with a grain of salt but we still 
> have to consider what is said.

  I dunno about the "and such", but for Garter, that just means Sunbelt didn't 
pay them to "participate in the study" or whatever.
Garter's a corporate mouthpiece and always has been.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin




~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Cisco 3560 Switch config

[Weatherford, Chad]

I assume the ACL is to allow the machine running both apps to reach the
switches?

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

From: itli...@imcu.com [mailto:itli...@imcu.com] 
Sent: Friday, March 11, 2011 12:25
To: NT System Admin Issues
Subject: Cisco 3560 Switch config

 

I have 6 Cisco 3560 Switches.

All 6 have 

a SNMP-SERVER COMMUNITY MyString RO

And ACCESS-LIST 10 PERMIT xxx.xxx.xxx.4

In there running config.

Only 3 of them show up in PRTG or MRTG (I am trying both).

The other 3 just won't connect?

What may I be missing?

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: OTish: Network monitoring tools

[Weatherford, Chad]

I have never seen Longitude before. We use Solarwinds (mostly for network but 
have been monitoring a few servers) and it was a lot cheaper than what we were 
using (Cisco Works...NOT). For server performance monitoring we use NetIQ's 
AppManager (at least I think that's who still owns them). It does a lot but the 
price is nowhere near a Solarwinds product.



Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc. |  
:812.867.8314 | : 812.471.9866 |  : cweatherf...@scvl.com


-Original Message-
From: Kim Longenbaugh [mailto:k...@colonialsavings.com] 
Sent: Friday, March 11, 2011 12:25
To: NT System Admin Issues
Subject: RE: OTish: Network monitoring tools

Longitude, from Heroix, is the best I've come across that doesn't cost an arm 
and 15 legs.  It's much less expensive than the SolarWinds stuff, and monitors 
a lot of stuff, including but not limited to Windows WMI, SQL, Netflow, Citrix, 
Exchange, VMware, and,well, a lot of stuff.

They have some extremely knowledgeable people there that know more about 
monitoring than most of us even imagined existed.

http://www.heroix.com/

it's worth the time to check it out.

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Friday, March 11, 2011 11:11 AM
To: NT System Admin Issues
Subject: OTish: Network monitoring tools

All,

My manager is looking for a network/server monitoring package, which pleases me 
no end. My SAlive installation if 5.0 running on a Win2k box, and I haven't had 
time to do more than a token install of nagios.

However, he doesn't want open source stuff (so nagios, mrtg, jffnms, opennms, 
etc. are out), and would even like a hardware appliance.

Budget isn't huge, but possible up to about $10k.

He's mentioned Netmon (http://netmon.ca) as he has experience with it, but is 
casting about for other solutions.

A smaller package like SAlive is probably not what he's looking for, nor What's 
Up, though he's not as averse to the latter.

Anyone have a package they're familiar with and like?

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Antivirus Vendor Replacement

[Weatherford, Chad]

LOL! I wondered about that!



Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc. |  
:812.867.8314 | : 812.471.9866 |  : cweatherf...@scvl.com

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Friday, March 11, 2011 13:07
To: NT System Admin Issues
Subject: Re: Antivirus Vendor Replacement

On Fri, Mar 11, 2011 at 2:01 PM, Weatherford, Chad  
wrote:
> The only issue I have with Vipre are the ratings I have seen on 
> Gartner and such…I take that all with a grain of salt but we still 
> have to consider what is said.

  I dunno about the "and such", but for Garter, that just means Sunbelt didn't 
pay them to "participate in the study" or whatever.
Garter's a corporate mouthpiece and always has been.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Antivirus Vendor Replacement

[Weatherford, Chad]

I did notice them, Paul. I really haven't heard much about them so I was
a bit reluctant. Do you use it?

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] 
Sent: Friday, March 11, 2011 10:44
To: NT System Admin Issues
Subject: RE: Antivirus Vendor Replacement

 

Try Avira Antivir.  Not sure how well known it is in the US but in most
of the labs it comes out well on detection and it's very light.

From: Weatherford, Chad [mailto:cweatherf...@scvl.com] 
Sent: 11 March 2011 16:00
To: NT System Admin Issues
Subject: Antivirus Vendor Replacement

 

We are looking to replace our current AV (McCrappy Total Protection for
Endpoint) with something that is more light weight AND catches all of
the bugs. I was pretty excited about Trend and LANDesk's Kaspersky
engine...until either testing or listening to SE's describe the product.

 

I would appreciate any and all feedback on the AV vendor you use and if
you recommend them.

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



MIRA Ltd

 

Watling Street, Nuneaton, Warwickshire, CV10 0TU, England

Registered in England and Wales No. 402570

VAT Registration  GB 100 1464 84

 

The contents of this e-mail are confidential and are solely for the use
of the intended recipient.  If you receive this e-mail in error, please
delete it and notify us either by e-mail, telephone or fax.  You should
not copy, forward or otherwise disclose the content of the e-mail as
this is prohibited.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Antivirus Vendor Replacement

[Weatherford, Chad]

I agree with that, James. Trend has a nice looking product especially in
their Deep Security product. Their Gartner and SC ratings are good...but
the thought of 'I Love You' coming in again and passing right by
OfficeScan's defense's is a little worrisome :o) 

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Friday, March 11, 2011 10:19
To: NT System Admin Issues
Subject: Re: Antivirus Vendor Replacement

 

I would also recommend Vipre as it is very unobtrusive and easy to
configure.

However I am of the feeling that reactive AV is losing its
effectiveness, and that AV combined with good whitelisting is the best
way to try and keep systems clean. And, of course, not giving anyone
admin rights who doesn't need them.

On 11 March 2011 15:59, Weatherford, Chad  wrote:

We are looking to replace our current AV (McCrappy Total Protection for
Endpoint) with something that is more light weight AND catches all of
the bugs. I was pretty excited about Trend and LANDesk's Kaspersky
engine...until either testing or listening to SE's describe the product.

 

I would appreciate any and all feedback on the AV vendor you use and if
you recommend them.

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

IMPORTANT: This email is intended for the use of the individual
addressee(s) named above and may contain information that is
confidential, privileged or unsuitable for overly sensitive persons with
low self-esteem, no sense of humour or irrational religious beliefs. If
you are not the intended recipient, any dissemination, distribution or
copying of this email is not authorised (either explicitly or
implicitly) and constitutes an irritating social faux pas.

Unless the word absquatulation has been used in its correct context
somewhere other than in this warning, it does not have any legal or no
grammatical use and may be ignored. No animals were harmed in the
transmission of this email, although the kelpie next door is living on
borrowed time, let me tell you. Those of you with an overwhelming fear
of the unknown will be gratified to learn that there is no hidden
message revealed by reading this warning backwards, so just ignore that
Alert Notice from Microsoft.

However, by pouring a complete circle of salt around yourself and your
computer you can ensure that no harm befalls you and your pets. If you
have received this email in error, please add some nutmeg and egg
whites, whisk and place in a warm oven for 40 minutes.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Antivirus Vendor Replacement

[Weatherford, Chad]

HA HA! I know that's a pipe dream...just mentioned it for a grin

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Friday, March 11, 2011 10:18
To: NT System Admin Issues
Subject: Re: Antivirus Vendor Replacement

 

Hehe, I missed that catches all bugs.

If someone finds that product, I want it.

On Fri, Mar 11, 2011 at 11:15 AM, Kim Longenbaugh
 wrote:

Good luck on the "catches all of the bugs" part, regardless of vendor.  

Vipre has the smallest footprint of Trend, McAfee, Eset, and a couple of
others that have been tested here in the last couple of months.

 

From: Weatherford, Chad [mailto:cweatherf...@scvl.com] 
Sent: Friday, March 11, 2011 10:00 AM 


To: NT System Admin Issues

Subject: Antivirus Vendor Replacement 

 

We are looking to replace our current AV (McCrappy Total Protection for
Endpoint) with something that is more light weight AND catches all of
the bugs. I was pretty excited about Trend and LANDesk's Kaspersky
engine...until either testing or listening to SE's describe the product.

 

I would appreciate any and all feedback on the AV vendor you use and if
you recommend them.

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Antivirus Vendor Replacement

[Weatherford, Chad]

The only issue I have with Vipre are the ratings I have seen on Gartner
and such...I take that all with a grain of salt but we still have to
consider what is said.

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

From: Kim Longenbaugh [mailto:k...@colonialsavings.com] 
Sent: Friday, March 11, 2011 10:15
To: NT System Admin Issues
Subject: RE: Antivirus Vendor Replacement

 

Good luck on the "catches all of the bugs" part, regardless of vendor.  

Vipre has the smallest footprint of Trend, McAfee, Eset, and a couple of
others that have been tested here in the last couple of months.

 

From: Weatherford, Chad [mailto:cweatherf...@scvl.com] 
Sent: Friday, March 11, 2011 10:00 AM
To: NT System Admin Issues
Subject: Antivirus Vendor Replacement

 

We are looking to replace our current AV (McCrappy Total Protection for
Endpoint) with something that is more light weight AND catches all of
the bugs. I was pretty excited about Trend and LANDesk's Kaspersky
engine...until either testing or listening to SE's describe the product.

 

I would appreciate any and all feedback on the AV vendor you use and if
you recommend them.

 

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| (:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.com

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Restrict bandwidth on Cisco 2950?

[Weatherford, Chad]

Hey Jonathan, Try changing your search to '2950G bandwidth throttle'. I
google'd that and found lots of hits.

 

Chad

 

From: Jonathan [mailto:ncm...@gmail.com] 
Sent: Friday, January 14, 2011 16:35
To: NT System Admin Issues
Subject: Restrict bandwidth on Cisco 2950?

 

I've googled and tried various snippets of code and this doesn't seem to
be working

I need to limit bandwidth on a copper port on a catalyst 2950G (Enhanced
Image 12.1 IOS) to 45 Mbps.

Anyone know definitively if this is possible, and if so, how?

Thanks,

Jon

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Log management/ SIEM solution

[Weatherford, Chad]

Hello all!

 

We are currently using GFI EventsManager for our event management but we
are now looking to expand the monitoring to 300+ locations with
everything coming back to HQ. This led us to look at other products and
I was wondering if any of you may be using these could tell me what you
think. We are looking at the following: ArcSight, enVision by RSA,
Tripwire and Nessus LCE with Security Center.

 

Thanks in advance for any feedback!

Chad

 

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Packing Method

[Weatherford, Chad]

Erik,

My cube neighbors thank you for sending that link



-Original Message-
From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Monday, September 20, 2010 13:20
To: NT System Admin Issues
Subject: RE: Packing Method

http://www.puffgames.com/bubblewrap/


Erik Goldoff
IT  Consultant
Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '


-Original Message-
From: Maglinger, Paul [mailto:pmaglin...@scvl.com]
Sent: Monday, September 20, 2010 2:16 PM
To: NT System Admin Issues
Subject: RE: Packing Method

But you're not factoring in the entertainment value for the guy on the
other end that gets to pop the bubbles!!!


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Packing Method

[Weatherford, Chad]

Do what our users do and just throw it in a box and toss a few
newspapers in to show an attempt at packing.

-Original Message-
From: Maglinger, Paul [mailto:pmaglin...@scvl.com] 
Sent: Monday, September 20, 2010 13:16
To: NT System Admin Issues
Subject: RE: Packing Method

But you're not factoring in the entertainment value for the guy on the
other end that gets to pop the bubbles!!!

-Original Message-
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Monday, September 20, 2010 1:08 PM
To: NT System Admin Issues
Subject: RE: Packing Method

As if that were new.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com


-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Monday, September 20, 2010 2:06 PM
To: NT System Admin Issues
Subject: Re: Packing Method

  The amount of effort expended upon this discussion has exceeded the
value of the monitor.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Switch opinions

[Weatherford, Chad]

LOL! I don't think Cisco has any free configuration support. I had a new
2960 (which we just bought 320) that was a DOA. I opened a TAC case and
the response was "you need to go through the reseller to get this
replaced if it is a DOA". I was thrilled! 

 

We are a total Cisco shop at present and I am now pushing to go to HP
Networking. I have been very impressed with the things I have read and
seen.

I would get with HP to fix your issue so you could keep the switch you
have as long as it will suit your needs. Don't let the Cisco bigots push
you...I know it seems cool to have Cisco but trust me!!! I have replaced
10-15 3750's due to stackport failures...but Cisco says there is no
problem.

 

>From a former "Cisco Bigot"

 

 

 

 

From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Tuesday, September 14, 2010 14:20
To: NT System Admin Issues
Subject: RE: Switch opinions

 

I'm going to sound like an HP fan here, but the devil is in the details.
HP ProCurve Lifetime Warranty is superior to the Cisco Limited Lifetime
Warranty, IMHO...

 

http://h20338.www2.hp.com/enterprise/us/en/messaging/realstory-cisco-war
ranty.html

 

http://www.cisco.com/en/US/products/prod_warranties_listing.html

 

Interesting that I didn't find any HP versus Cisco warranty page on the
Cisco site...

 

 

 

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com mailto:%20jra...@eaglemds.com> 
www.eaglemds.com http://www.eaglemds.com/>  



From: Rohyans, Aaron [mailto:arohy...@dpsciences.com] 
Sent: Tuesday, September 14, 2010 2:57 PM
To: NT System Admin Issues
Subject: RE: Switch opinions

 

If I'm not mistaken, a lot of Cisco's switches now come with a
limited/enhanced lifetime warranties... similar to HP.  SMARTNet is
primarily for Cisco's support offering (not necessarily as a hardware
replacement offering... although it's used for that quite frequently) -
in which you can get expedited support in the event that issues arise,
or you need help with configuration.

 

Just wanted to point that out J.  I know HP's support is free, but
technically both vendors offer lifetime hardware warranties If
that's all you're after.

 

Hope this helps!

 

Aaron T. Rohyans
Senior Network Engineer

CCIE #21945

DPSciences Corporation
7400 N. Shadeland Ave., Suite 245

Indianapolis, IN 46250
Office:  (317) 348-0099
Fax:   (317) 849-7134
arohy...@dpsciences.com
http://www.dpsciences.com/

"I want an Anti-Virus system that sends Arnold back in time to kill the
hacker as a small child before he invents the virus..."

"There are 10 kinds of people in this world... those who can read
binary, and those who can't"

 

From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Tuesday, September 14, 2010 2:40 PM
To: NT System Admin Issues
Subject: RE: Switch opinions

 

It is going to be interesting to see how the whole Cisco/HP
Networking/Server thing is going to pan out ultimately. My understanding
was that HP & Cisco had kind of a friendly agreement to stay out of each
others' spaces for a while there, but now that HP has entered the server
arena going head to head against HP and everyone else, it will be
interesting to see if HP steps up their networking game...

 

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com mailto:%20jra...@eaglemds.com> 
www.eaglemds.com http://www.eaglemds.com/>  



From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] 
Sent: Tuesday, September 14, 2010 2:29 PM
To: NT System Admin Issues
Subject: RE: Switch opinions

 


+1 

Both our old 3500-series Cisco and our current 3750 series are, unless
you know the CIOS CLI stuff thoroughly, are a pain to manage. 

Support renewal is expensive (SmartNet - smart for Cisco, I guess...) 

I would seriously consider staying with HP (which was not my choice to
make a couple of years back...)
-- 
Richard D. McClary 
Systems Administrator, Information Technology Group 
ASPCA(r) 
1717 S. Philo Rd, Ste 36 
Urbana, IL  61802 
  
richardmccl...@aspca.org 
  
P: 217-337-9761 
C: 217-417-1182 
F: 217-337-9761 
www.aspca.org   
  

The information contained in this e-mail, and any attachments hereto, is
from The American Society for the Prevention of Cruelty to Animals(r)
(ASPCA(r)) and is intended only for use by the addressee(s) named herein
and may contain legally privileged and/or confidential information. If
you are not the intended recipient of this e-mail, you are hereby
notified that any dissemination, distribution, copying or use of the
contents of this e-mail, and any attachments hereto, is strictly
prohibited. If you have received this e-mail in error, please
immediately notify me by reply email and permanently delete the original
and any copy of this e-mail and any printout thereof. 
  

"Raper, Jonathan - Eagle"  wrote on 09/14/201

RE: SIMPLE FILE SHARING

[Weatherford, Chad]

 

 

True...

 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Thursday, May 13, 2010 12:11 PM
To: NT System Admin Issues
Subject: Re: SIMPLE FILE SHARING

 

In this day and I age, I presume that system administrators aren't
allowing users to run as local admins...

On Thu, May 13, 2010 at 12:51 PM, Weatherford, Chad
 wrote:

We created a batch file that makes a registry change to do this




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: SIMPLE FILE SHARING

[Weatherford, Chad]

We created a batch file that makes a registry change to do this



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Computers becoming unresponsive across entire network.

[Weatherford, Chad]

That sounds a lot McAfee's response with the "5958" disaster! 

>From McAfee:

 

"If you have not rolled out DAT 5958 DON'T If so roll out the
included extra dat"

 

How do I roll anything to PC's that no longer have network connectivity
or are in a constant reboot cycle?

 

Here's you sign!

 

 

 

 

 

From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] 
Sent: Friday, May 07, 2010 10:54 AM
To: NT System Admin Issues
Subject: Re: Computers becoming unresponsive accross entire network.

 


How the @#*& do you force an update to 6275 on a machine that is pretty
much unresponsive? 

VIPRE console says "Inactive", which seems in this case to apply to the
whole machine... 
-- 
RMc 

"Tom Miller"  wrote on 05/07/2010 10:29:22 AM:

>   It is/was a Vipre issue.  Force a defs update and you'll be good. 
> Must have been a bad def.
> 
> >>> "Luke"  5/7/2010 10:56 AM >>>
> The Network Administrator and I have been working on this all 
> morning. Since about 7:00AM random machines on the Local Network 
> have been slipping into and out of a random state of 
> unresponsiveness ("Freezing"). 
> 
> The symptoms are pretty serious - I have seen it take up to 5 
> minutes to  bring an already open window from the background to the 
> foreground on client machines - and there are servers that are so 
> unresponsive that I am not even able to log into them (enter 
> Username and Password and nothing happens for the next 30min.). We 
> have had to cold boot one server 3 times in the past hour!
> 
> This problem is not specific to any user, profile, machine, OS, 
> network switch, etc. - at least from what we have been able to 
> Identify. So far it has affected Windows 7, XP and Server 2003. 
> However, this issue is not affecting everyone on the network. My 
> Colleague sitting right next to me has been having all kinds of 
> trouble with his PC and I have not. 
> 
> We have found that cold booting the affected machines does help a 
> little or at least for a while, but more often than not the machine 
> will just return to its unresponsive state after a few minutes. On 
> the machines that I have that are accessible I am attempting scan with
Vipre. 
> 
> We are seriously starting to suspect that Vipre is doing something 
> (in the background that we cant see) that is actually causing all 
> this. We completely removed Vipre from one PC that was having 
> trouble and it seemed to fix the problem. The PC has been running fine
since.
> 
> Any thoughts?
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

> Confidentiality Notice: This e-mail message, including attachments, 
> is for the sole use of the intended recipient(s) and may contain 
> confidential and privileged information. Any unauthorized review, 
> use, disclosure, or distribution is prohibited. If you are not the 
> intended recipient, please contact the sender by reply e-mail and 
> destroy all copies of the original message. 
>   
>   

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Computers becoming unresponsive across entire network.

[Weatherford, Chad]

LOL! I was thinking the same thing!

 

From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] 
Sent: Friday, May 07, 2010 10:46 AM
To: NT System Admin Issues
Subject: RE: Computers becoming unresponsive accross entire network.

 


Wait a minute - 

You whole-heartedly agree with "> ~ Finally, powerful endpoint security
that ISN'T a resource hog! ~
> ~   ~

? 

"Luke"  wrote on 05/07/2010 10:46:31 AM:

> Agreed!!
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Network Bandwidth scaling question

[Weatherford, Chad]

:o) I usually do it just as you suggested. I guess you could get super
technical...but it is Friday and McAfee took all of my brain power for
this week. 

 

From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Friday, April 23, 2010 10:33 AM
To: NT System Admin Issues
Subject: RE: Network Bandwidth scaling question

 

Chad - Thanks for the affirmation. Any idea how I can calculate it?

 

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com mailto:%20jra...@eaglemds.com> 
www.eaglemds.com http://www.eaglemds.com/>  

____

From: Weatherford, Chad [mailto:cweatherf...@scvl.com] 
Sent: Friday, April 23, 2010 11:18 AM
To: NT System Admin Issues
Subject: RE: Network Bandwidth scaling question

 

I do believe you are correct.

 

Chad

 

From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Friday, April 23, 2010 9:43 AM
To: NT System Admin Issues
Subject: OT: Network Bandwidth scaling question

 

Ok, it's been a long time since I've thought about this in these terms,
and I'm having a brain cramp...

 

If I remember correctly, bandwidth/throughput availability does not
increase over a lineal scale, right?

 

If I am, then 100% utilization on a 10 Mb Fdx link would look like less
than 10% utilization on a 100 Mb Fdx link and look like practically
nothing (less than 1%) on a GigE Fdx link, correct?

 

Am I completely off base, or is there a formula/table that any of you
know of by which I can calculate this?

 

TIA (& TGIF),

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com mailto:%20jra...@eaglemds.com> 
www.eaglemds.com http://www.eaglemds.com/>  

 

 



Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender immediately
and delete this material from your computer. Do not deliver, distribute
or copy this message, and do not disclose its contents or take any
action in reliance on the information that it contains.

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Network Bandwidth scaling question

[Weatherford, Chad]

I do believe you are correct.

 

Chad

 

From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] 
Sent: Friday, April 23, 2010 9:43 AM
To: NT System Admin Issues
Subject: OT: Network Bandwidth scaling question

 

Ok, it's been a long time since I've thought about this in these terms,
and I'm having a brain cramp...

 

If I remember correctly, bandwidth/throughput availability does not
increase over a lineal scale, right?

 

If I am, then 100% utilization on a 10 Mb Fdx link would look like less
than 10% utilization on a 100 Mb Fdx link and look like practically
nothing (less than 1%) on a GigE Fdx link, correct?

 

Am I completely off base, or is there a formula/table that any of you
know of by which I can calculate this?

 

TIA (& TGIF),

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com mailto:%20jra...@eaglemds.com> 
www.eaglemds.com http://www.eaglemds.com/>  

 

 



Any medical information contained in this electronic message is
CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to
view, copy, disclose, or disseminate CONFIDENTIAL information. This
electronic message may contain information that is confidential and/or
legally privileged. It is intended only for the use of the individual(s)
and/or entity named as recipients in the message. If you are not an
intended recipient of this message, please notify the sender immediately
and delete this material from your computer. Do not deliver, distribute
or copy this message, and do not disclose its contents or take any
action in reliance on the information that it contains.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: PC in domain across stable VPN tunnel?

[Weatherford, Chad]

I bet that works great especially when you have slow connection speeds
at the remote sites. We are looking to do something like that with our
POS systems in the future...but we have over 300 remote sites right now.
Should be fun!

 

cw



From: Steve Ens [mailto:stevey...@gmail.com] 
Sent: Wednesday, August 12, 2009 4:30 PM
To: NT System Admin Issues
Subject: Re: PC in domain across stable VPN tunnel?

 

I am in the same situation (10 remote sites).  What I've done is added
Sonicwall TZ's at each site, and let them connect to the terminal server
through the VPN.  That allows me to control all applications locally as
well as storage.  If the clients die in the wild, we just ship a
replacement.  No need to reload apps or anything.  GPO's are all
enforced, just not on their local stations.



On Wed, Aug 12, 2009 at 4:17 PM, Tom Miller  wrote:

Hey folks:

 

I have about 15 sites that have 2- 5 users/PCs that have "business
class" broadband (a bit faster than typical home access).  Soon I plan
to provide each site a soho firewall and will have a VPN tunnel from
each site to here at HQ.  

 

I'd love to be able to add these PCs to our domain so I could enforce
our various GPOs at these locations.  Has anyone done this?  I already
have several tunnels like this at other locations but haven't added the
PCs to the domain.

 

I'm not sure about the cross-tunnel authentication, but if it's not too
slow (no mapped drives or logon scripts), I'd do it.  It would be nice
to have these users log into the domain as well.

 

Comments, suggestions, words of wisdom?

 

 

 

 

Tom Miller
Engineer, Information Technology
Hampton-Newport News Community Services Board
757-788-0528 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: PC in domain across stable VPN tunnel?

[Weatherford, Chad]

We use out DNS servers at HQ. You could put in a local provider as
secondary just in case your end goes down. I even push DHCP over the
WAN. That makes changes a lot easier. 

 

cw



From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Wednesday, August 12, 2009 4:29 PM
To: NT System Admin Issues
Subject: Re: PC in domain across stable VPN tunnel?

 

How do you configure DNS for those sites?  Currently these sites point
to our provider DNS servers for Internet sites.  I could add entries in
local host files and still leave the provider DNS entries.  I don't want
DNS requests for sites going across tunnels.

>>> "James Kerr"  8/12/2009 5:25 PM >>>

Sure. We have two domains and a VPN between them. When I sit at the main
site we can setup a PC and add it to the remote domain, they are able to
find the remote DC through our DNS.

 

James

- Original Message - 

From: Tom Miller   

To: NT System Admin Issues
  

Sent: Wednesday, August 12, 2009 5:17 PM

Subject: PC in domain across stable VPN tunnel?

 

Hey folks:

 

I have about 15 sites that have 2- 5 users/PCs that have
"business class" broadband (a bit faster than typical home access).
Soon I plan to provide each site a soho firewall and will have a VPN
tunnel from each site to here at HQ.  

 

I'd love to be able to add these PCs to our domain so I could
enforce our various GPOs at these locations.  Has anyone done this?  I
already have several tunnels like this at other locations but haven't
added the PCs to the domain.

 

I'm not sure about the cross-tunnel authentication, but if it's
not too slow (no mapped drives or logon scripts), I'd do it.  It would
be nice to have these users log into the domain as well.

 

Comments, suggestions, words of wisdom?

 

 

 

 

Tom Miller
Engineer, Information Technology
Hampton-Newport News Community Services Board
757-788-0528 

Confidentiality Notice: This e-mail message, including
attachments, is for the sole use of the intended recipient(s) and may
contain confidential and privileged information. Any unauthorized
review, use, disclosure, or distribution is prohibited. If you are not
the intended recipient, please contact the sender by reply e-mail and
destroy all copies of the original message. 

 

 

 

 

 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: PC in domain across stable VPN tunnel?

[Weatherford, Chad]

What will you terminate the VPN tunnels to at HQ?

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| 812.867.8314 | cweatherf...@scvl.com



From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Wednesday, August 12, 2009 4:18 PM
To: NT System Admin Issues
Subject: PC in domain across stable VPN tunnel?

 

Hey folks:

 

I have about 15 sites that have 2- 5 users/PCs that have "business
class" broadband (a bit faster than typical home access).  Soon I plan
to provide each site a soho firewall and will have a VPN tunnel from
each site to here at HQ.  

 

I'd love to be able to add these PCs to our domain so I could enforce
our various GPOs at these locations.  Has anyone done this?  I already
have several tunnels like this at other locations but haven't added the
PCs to the domain.

 

I'm not sure about the cross-tunnel authentication, but if it's not too
slow (no mapped drives or logon scripts), I'd do it.  It would be nice
to have these users log into the domain as well.

 

Comments, suggestions, words of wisdom?

 

 

 

 

Tom Miller
Engineer, Information Technology
Hampton-Newport News Community Services Board
757-788-0528 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: PC in domain across stable VPN tunnel?

[Weatherford, Chad]

That shouldn't be a problem. But if you add restrictions (ACL's) to your
network for the remote clients be very careful! ;o)

cw



From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Wednesday, August 12, 2009 4:18 PM
To: NT System Admin Issues
Subject: PC in domain across stable VPN tunnel?

 

Hey folks:

 

I have about 15 sites that have 2- 5 users/PCs that have "business
class" broadband (a bit faster than typical home access).  Soon I plan
to provide each site a soho firewall and will have a VPN tunnel from
each site to here at HQ.  

 

I'd love to be able to add these PCs to our domain so I could enforce
our various GPOs at these locations.  Has anyone done this?  I already
have several tunnels like this at other locations but haven't added the
PCs to the domain.

 

I'm not sure about the cross-tunnel authentication, but if it's not too
slow (no mapped drives or logon scripts), I'd do it.  It would be nice
to have these users log into the domain as well.

 

Comments, suggestions, words of wisdom?

 

 

 

 

Tom Miller
Engineer, Information Technology
Hampton-Newport News Community Services Board
757-788-0528 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Monday Funny

[Weatherford, Chad]

I don't think Cisco allows the hiring of anyone who speaks English as a
first language...

 

cw



From: Maglinger, Paul [mailto:pmaglin...@scvl.com] 
Sent: Monday, August 10, 2009 9:16 AM
To: NT System Admin Issues
Subject: RE: Monday Funny

 

And Cisco...

 



From: Cor Hazen [mailto:cor.ha...@msp.be] 
Sent: Monday, August 10, 2009 9:05 AM
To: NT System Admin Issues
Subject: RE: Monday Funny

:-)

 

I think he works for CA as well  ;-)

 

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: 10 August 2009 15:04
To: NT System Admin Issues
Subject: OT: Monday Funny

 

You really have to click on the link to fully enjoy the joke(Lyris
doesn't allow attachments...)

We've all talked to this guy...At LastA Picture of Him.
 http://i134.photobucket.com/albums/q108/sabercro/green_pink_yellow.jpg
Mujibar was trying to get a job in  India . 
  
The Personnel Manager said, 'Mujibar, you have passed all the tests,
except one. 
Unless you pass it , you cannot qualify for this job.'   
Mujibar said, 'I am ready.'   
The manager said, 'Make a sentence using the words 
Yellow, Pink, and Green .'   
Mujibar thought for a few minutes and said, 'Mister manager, I am
ready.' 
The manager said, 'Go ahead.' 
Mujibar said, 'The telephone goes green, green, and I pink it up, and
say,
Yellow, this is Mujibar.'   
Mujibar now works at a call center.  
No doubt you have spoken to him.
I know I have.

-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke
Sent from Azle, TX, United States 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: U.S. Marines ban Facebook, MySpace, Twitter

[Weatherford, Chad]

Hey now, the Marines may go in first but they wouldn't hold the ground
without the Army coming in behind them!

 

cw



From: Brumbaugh, Luke [mailto:luke.brumba...@butlerahs.com] 
Sent: Friday, August 07, 2009 2:00 PM
To: NT System Admin Issues
Subject: RE: U.S. Marines ban Facebook, MySpace, Twitter

 

The Grunt I meant was Army (slang 
for an infantryman  )

 

 

 

From: David W. McSpadden [mailto:dav...@imcu.com] 
Sent: Friday, August 07, 2009 2:54 PM
To: NT System Admin Issues
Subject: Re: U.S. Marines ban Facebook, MySpace, Twitter

 

I think that was actually someone in the Army or Navy.

We don't have time to change the channel.

:-)

- Original Message - 

From: Brumbaugh, Luke   

To: NT System Admin Issues
  

Sent: Friday, August 07, 2009 2:50 PM

Subject: RE: U.S. Marines ban Facebook, MySpace, Twitter

 

I give you that one. Wasn't it the grunts who tried the find out
where to  change the channel.

 

 

From: David W. McSpadden [mailto:dav...@imcu.org] 
Sent: Friday, August 07, 2009 2:21 PM
To: NT System Admin Issues
Subject: Re: U.S. Marines ban Facebook, MySpace, Twitter

 

Luke,

Understanding that you might be able to use a computer and maybe
even help load a bomb or two on a plane.  I have to ask who it is that
is 'lighting up' the target for ya'.  I think it is a forward observer.
You know those dumb jarheads that are catching bullets for you flyboys
to sleep tight every night.

You might think we can't operate a computer but if you think
about it they all make good tire blocks for the jets...

:-)

 

 

- Original Message - 

From: Micheal Espinola Jr
  

To: NT System Admin Issues
  

Sent: Friday, August 07, 2009 2:14 PM

Subject: Re: U.S. Marines ban Facebook, MySpace, Twitter

 

It prolly just a front.

--
ME2

On Fri, Aug 7, 2009 at 2:06 PM, Brumbaugh, Luke
 wrote:

Wow that's shocking, being ex-Air Force, I always
thought that Marines couldn't operate a computer.

 

From: Micheal Espinola Jr
[mailto:michealespin...@gmail.com] 
Sent: Friday, August 07, 2009 1:58 PM
To: NT System Admin Issues
Subject: FYI: U.S. Marines ban Facebook, MySpace,
Twitter

 

The U.S. Marine Corps has slapped an immediate
ban on the use of social networking sites on its network, warning that
sites like Facebook, MySpace and Twitter are a "proven haven for
malicious hackers and content."

The ban, contained in an order issued Monday,
will last for a year.  It specifically mentions Facebook, Twitter and
MySpace although it applies to what is described as "Web-based services
that allows communities of people to share common interests."


http://blogs.zdnet.com/security/?p=3907

--
ME2

 

 


**

CONFIDENTIALITY NOTICE: The information transmitted in
this message is intended only for the person or entity to which it is
addressed and may contain confidential and/or privileged material. Any
review, retransmission, dissemination or other use of this information
by persons or entities other than the intended recipient is prohibited.
If you received this in error, please contact the sender and destroy all
copies of this document. Thank you. 

Butler Animal Health Supply


**

 

 

 

 

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Blackberry Server question.

[Weatherford, Chad]

Our BES doesn't cost us any extra with AT&T (not that I recommend AT&T).
I am with Ben, that's a load of crap! You have to get a data plan in
order to send email so how does connecting to the BES any different? 
As far as cost, if you already have a SQL server you just create another
database on it. DBA's can help with that. T-Support, we have never
purchased this because if I call AT&T (Enterprise Technical Support
which you get for free if you have 100+ cells) and they transfer me to
RIM on their support with them.

Sounds to me like Sprint/Nextel really sucks! Try Verizon.

cw

-Original Message-
From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] 
Sent: Thursday, August 06, 2009 9:44 AM
To: NT System Admin Issues
Subject: RE: Blackberry Server question.


 > IF you are going to use the BB on your own BES, the carrier has to 
> enable the device/data plan to be able to do this (otherwise you will 
> only have data on their network, not yours).

  >With VZW, we've never been asked, nor told VZW, that we're using a
BES.  The BBs "just work".  Other carriers may be different.  I don't
remember for Nextel.

Ah, with Sprint/Nextel you do.


-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Thursday, August 06, 2009 10:02 AM
To: NT System Admin Issues
Subject: Re: Blackberry Server question.

On Thu, Aug 6, 2009 at 9:50 AM, David
Mazzaccaro wrote:
> IF you are going to use the BB on your own BES, the carrier has to 
> enable the device/data plan to be able to do this (otherwise you will 
> only have data on their network, not yours).

  With VZW, we've never been asked, nor told VZW, that we're using a
BES.  The BBs "just work".  Other carriers may be different.  I don't
remember for Nextel.

  We *have* had a case where VZW provisioned a mobile subscriber
incorrectly.  It wasn't in their system as BlackBerry at all, they had
it as some other kind of mobile device.  *That* caused the BB to not
work.

> You pay for the data plan ($20, $30, $40, whatever).

  Sure.  VZW calls it an "email plan", but same thing.  But if you don't
subscribe to said email plan, you don't get email on the BB *at all*.
It's not an extra fee for BES.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: No 419 email scams today

[Weatherford, Chad]

Ha! Yes it does. They moved to the west due to the exposure they have
gained on the east coast...

 

cw



From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Thursday, July 30, 2009 8:33 AM
To: NT System Admin Issues
Subject: Re: No 419 email scams today

 

Sounds like an East African gridiron team

2009/7/30 Weatherford, Chad 

 

Can we blame the Somali Pirates?

 

cw

 



From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Thursday, July 30, 2009 7:07 AM


To: NT System Admin Issues

Subject: RE: No 419 email scams today

 

Interesting.

 

There were two cable faults within a week or so of each other a while
back near the Mediterranean(?), that seemed suspicious, but I never
heard any more about it.

 

-sc

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Thursday, July 30, 2009 7:41 AM
To: NT System Admin Issues
Subject: OT: No 419 email scams today

 

http://news.bbc.co.uk/1/hi/technology/8176014.stm 

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

http://raythestray.blogspot.com

 

 

 

 

 

 




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

http://raythestray.blogspot.com

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: No 419 email scams today

[Weatherford, Chad]

 

Can we blame the Somali Pirates?

 

cw

 



From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Thursday, July 30, 2009 7:07 AM
To: NT System Admin Issues
Subject: RE: No 419 email scams today

 

Interesting.

 

There were two cable faults within a week or so of each other a while
back near the Mediterranean(?), that seemed suspicious, but I never
heard any more about it.

 

-sc

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Thursday, July 30, 2009 7:41 AM
To: NT System Admin Issues
Subject: OT: No 419 email scams today

 

http://news.bbc.co.uk/1/hi/technology/8176014.stm 

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

http://raythestray.blogspot.com

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Windows 7 edition comparison

[Weatherford, Chad]

You sure have a purty mouth!




--
Chad Weatherford
Shoe Carnival
Systems Administrator
812-867-8314
812-204-0235 cell

Sent via BlackBerry
 

- Original Message -
From: Jim Majorowicz 
To: NT System Admin Issues 
Sent: Fri Jul 24 16:16:05 2009
Subject: RE: Windows 7 edition comparison

I'm still laughing.  It took me a good 2 minutes to compose myself enough to
type...

-Original Message-
From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Friday, July 24, 2009 1:45 PM
To: NT System Admin Issues
Subject: RE: Windows 7 edition comparison

So let me get this straight... you wanted it to say:

"Michael Espinola is pretty useful when TVK drops the soap."?

Wow.

-sc

> -Original Message-
> From: Tim Vander Kooi [mailto:tvanderk...@expl.com]
> Sent: Friday, July 24, 2009 4:35 PM
> To: NT System Admin Issues
> Subject: RE: Windows 7 edition comparison
> 
> What he forget to add was "whenever I drop the soap..."
> TVK
> 
> -Original Message-
> From: Steven M. Caesare [mailto:scaes...@caesare.com]
> Sent: Friday, July 24, 2009 3:05 PM
> To: NT System Admin Issues
> Subject: RE: Windows 7 edition comparison
> 
> You forgot to say "YMMV" or "IMO"
> 
> -sc
> 
> > -Original Message-
> > From: Ben Scott [mailto:mailvor...@gmail.com]
> > Sent: Friday, July 24, 2009 4:00 PM
> > To: NT System Admin Issues
> > Subject: Re: Windows 7 edition comparison
> >
> > On Fri, Jul 24, 2009 at 2:50 PM, Steven M.
> > Caesare wrote:
> > > The Michael Espinola version windows flat *sucked*.
> >
> >   Fortunately, the second edition (ME2) is pretty useful.  ;-)
> >
> > -- Ben
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Windows 7 edition comparison

[Weatherford, Chad]

Wow, you missed out...we are still using Bob!



Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| 812.867.8314 | cweatherf...@scvl.com
-Original Message-
From: Webster [mailto:carlwebs...@gmail.com] 
Sent: Friday, July 24, 2009 12:37 PM
To: NT System Admin Issues
Subject: RE: Windows 7 edition comparison

> -Original Message-
> From: Peter van Houten [mailto:peter...@gmail.com]
> Subject: Windows 7 edition comparison
> 
> With the impending move of the Windows world to version 7, I thought
it
> would be prudent for the list to discuss this. In addition, most of us
> would use a Windows desktop, in one form or other, on a personal
system
> to access and/or administer corporate servers/networks.
> 
> Off the top of my head, questions would be (but not limited to):
> 
> . Staying with XP?
>Why / until when
> 
> . Staying with Vista? ;-)
>U...
> 
> . Recommendations to management/clients regarding upgrading?
> 
> . 32 or 64 bit?
> 
> . Which edition of se7en (as my 13 year old calls it)
>Microsoft is not very helpful here:

We have finally gotten Windows ME through the change control process.
We
will start rolling out ME 3rd qtr of 2010.  Hope to have Windows 2000
Pro
thru the approval process by 1H 2019 for rollout 2H 2020.

Unfortunately. Microsoft Bob didn't make it thru the approval process.
:(


Webster


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: WPAD DHCP option

[Weatherford, Chad]

Wpad.company.com?

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| 812.867.8314 | cweatherf...@scvl.com



From: Eric Wittersheim [mailto:eric.wittersh...@gmail.com] 
Sent: Friday, July 24, 2009 10:55 AM
To: NT System Admin Issues
Subject: Re: WPAD DHCP option

 

I have created the DNS record as well and it works here.

On Fri, Jul 24, 2009 at 10:48 AM, Weatherford, Chad
 wrote:

Users are not being sent through the proxy. I am watching the reports on
Websense and not seeing traffic from my PC when I have the
"Automatically Detect Settings" option set in IE.

 

So far using DHCP and GPO.

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| 812.867.8314 | cweatherf...@scvl.com



From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Friday, July 24, 2009 10:00 AM
To: NT System Admin Issues
Subject: RE: WPAD DHCP option

 

What is the issue?

 

Doesn't seem to take at all? If so, how are you determining this?

 

How are you rolling it out?

 

-sc

 

From: Weatherford, Chad [mailto:cweatherf...@scvl.com] 
Sent: Friday, July 24, 2009 10:53 AM
To: NT System Admin Issues
Subject: WPAD DHCP option

 

I am trying to get a transparent proxy setup to direct traffic to our
Websense appliance but I seem to be having issues...any advice?

 

Setup option 252 pointing to http://10.110.1.124:8083/wpad.dat . Do I
need a DNS setting as well?

 

Strawberry Shortcake has been no help to me and My Little Pony keeps
running away every time I mention WPAD...

 

 

 

Chad Weatherford

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: WPAD DHCP option

[Weatherford, Chad]

Users are not being sent through the proxy. I am watching the reports on
Websense and not seeing traffic from my PC when I have the
"Automatically Detect Settings" option set in IE.

 

So far using DHCP and GPO.

 

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| 812.867.8314 | cweatherf...@scvl.com



From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Friday, July 24, 2009 10:00 AM
To: NT System Admin Issues
Subject: RE: WPAD DHCP option

 

What is the issue?

 

Doesn't seem to take at all? If so, how are you determining this?

 

How are you rolling it out?

 

-sc

 

From: Weatherford, Chad [mailto:cweatherf...@scvl.com] 
Sent: Friday, July 24, 2009 10:53 AM
To: NT System Admin Issues
Subject: WPAD DHCP option

 

I am trying to get a transparent proxy setup to direct traffic to our
Websense appliance but I seem to be having issues...any advice?

 

Setup option 252 pointing to http://10.110.1.124:8083/wpad.dat . Do I
need a DNS setting as well?

 

Strawberry Shortcake has been no help to me and My Little Pony keeps
running away every time I mention WPAD...

 

 

 

Chad Weatherford

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

WPAD DHCP option

[Weatherford, Chad]

I am trying to get a transparent proxy setup to direct traffic to our Websense 
appliance but I seem to be having issues...any advice?
 
Setup option 252 pointing to http://10.110.1.124:8083/wpad.dat . Do I need a 
DNS setting as well?
 
Strawberry Shortcake has been no help to me and My Little Pony keeps running 
away every time I mention WPAD...
 
 
 
Chad Weatherford

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Port 443 Question

[Weatherford, Chad]

Thanks Troy!



--
Chad Weatherford
Shoe Carnival
Systems Administrator
812-867-8314
812-204-0235 cell

Sent via BlackBerry
 

- Original Message -
From: Troy Meyer 
To: NT System Admin Issues 
Sent: Fri Jul 17 18:50:45 2009
Subject: RE: Port 443 Question

Seems to be topic of the day. 

 

Your risk is that you now have 443 open to the internet, pure and simple.  Is 
that good/bad/ugly, that is for you to decide.  It is my personal opinion that 
the server holding my mailbox databases is the holy grail.  If that goes down 
for some reason every single user with mail on that server notices.  And as 
such, I try to minimize risks that can take down entire mb server.

 

When you bring up a FE or CAS you separate your holy grail from the internet 
and try to minimize the risk.  If some attack on 443 (say a modified DDOS that 
your machine doest know how to deal with) takes down a FE server you have 
limited functionality for phones and owa, if that were a mailbox server, you 
might have a whole office of people unable to utilize any exchange 
functionality.

 

As previously stated by Carl, people understand the need for a BES server, they 
should also understand the need for a FE for activesync.  It is the right way 
to do it.

 

Have a good weekend

 

-troy

 

 

 

From: Weatherford, Chad [mailto:cweatherf...@scvl.com] 
Sent: Friday, July 17, 2009 12:21 PM
To: NT System Admin Issues
Subject: Port 443 Question

 

If port 443 were opened up to our internal exchange server so iPhons could 
send and receive email (testing phase; we do not have a front end OWA server or 
ISA server yet) what kind of risks are we opening ourselves up to?

 

Thanks!

 

Chad 

 

 

 

 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Port 443 Question

[Weatherford, Chad]

If port 443 were opened up to our internal exchange server so iPhone's
could send and receive email (testing phase; we do not have a front end
OWA server or ISA server yet) what kind of risks are we opening
ourselves up to?

 

Thanks!

 

Chad 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Please keep me ON this mailing list

[Weatherford, Chad]

Agreed! Thanks for suggesting this site Paul!

 

 

Chad 



From: Devin Meade [mailto:devin.me...@gmail.com] 
Sent: Friday, July 17, 2009 11:04 AM
To: NT System Admin Issues
Subject: Please keep me ON this mailing list

 

This is not the day to leave this list, today's humor alone is worth it!

Anyone remember the "Way back" machine?

Devin



 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Server 08 Activation

[Weatherford, Chad]

Does it have access to the internet?


Chad 

-Original Message-
From: James Kerr [mailto:cluster...@gmail.com] 
Sent: Friday, July 17, 2009 11:06 AM
To: NT System Admin Issues
Subject: Server 08 Activation

I'm setting up our first 08 server here and its telling me it can't 
activate. I have event ID 8196, License Activation Scheduler 
(SLUINotify.dll) was not able to automatically activate. Anyone know
what is 
causing this server to not be able to activate? Does it need to have a 
certain port open to communicate with MS? The license key I'm using is a
KMS 
key.

James 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: where in the GPO?

[Weatherford, Chad]

I used the gpudate command. Network is not slow. I am curious as to what
Jon meant by "if you put it into the other one"...

 

 

Chad 



From: Rod Trent [mailto:rodtr...@myitforum.com] 
Sent: Friday, July 17, 2009 5:31 AM
To: NT System Admin Issues
Subject: Re: where in the GPO?

 

How long have you waited for the GPO to take effect?  Have the computers
been rebooted or have you performed a "gpupdate /force"?  Do you have a
slow network?  Which group are you linking it to?
 
Great utility for performing a gpupdate across the board:

http://www.specopssoft.com/products/specopsgpupdate/



 

If you at some point set it then it will stay set.  A Preference is just
that your (as the administrator) preference.  If you put it into the
other one then it is no longer a Preference and it becomes part of the
"bible" for that OS.

 

Jon

On Thu, Jul 16, 2009 at 3:32 PM, Weatherford, Chad
 wrote:

I have it configured as you do and it is not making the change

I do have Connection in 'preference mode'

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| 812.867.8314 | cweatherf...@scvl.com



From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Thursday, July 16, 2009 2:30 PM 


To: NT System Admin Issues
Subject: RE: where in the GPO?

 

 

 

Do you mean you have that configured and it's not working , or you don't
see it? This is what it should look like:

 



 

Chris Bodnar, MCSE
Sr. Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003

____

From: Weatherford, Chad [mailto:cweatherf...@scvl.com] 
Sent: Thursday, July 16, 2009 3:21 PM
To: NT System Admin Issues
Subject: RE: where in the GPO?

 

I have tried that.no dice

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| 812.867.8314 | cweatherf...@scvl.com



From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Thursday, July 16, 2009 2:18 PM
To: NT System Admin Issues
Subject: RE: where in the GPO?

 

User Configuration > Windows Settings > IE Maintenance > Connection
Settings

Chris Bodnar, MCSE
Sr. Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003



From: Weatherford, Chad [mailto:cweatherf...@scvl.com] 
Sent: Thursday, July 16, 2009 3:09 PM
To: NT System Admin Issues
Subject: where in the GPO?

 

I am trying to find the location in the GPO to check the box in
IE/internet settings/connections/LANsettings for Auto Configuration.
Could someone please tell me where to find that?

 

Thanks!

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| 812.867.8314 | cweatherf...@scvl.com

 

 

 

 

 

 

 

 

 

 

 

 

 



 

This message, and any attachments to it, may contain information that is
privileged, confidential, and exempt from disclosure under applicable
law. If the reader of this message is not the intended recipient, you
are notified that any use, dissemination, distribution, copying, or
communication of this message is strictly prohibited. If you have
received this message in error, please notify the sender immediately by
return e-mail and delete the message and any attachments. Thank you. 



 

This message, and any attachments to it, may contain information that is
privileged, confidential, and exempt from disclosure under applicable
law. If the reader of this message is not the intended recipient, you
are notified that any use, dissemination, distribution, copying, or
communication of this message is strictly prohibited. If you have
received this message in error, please notify the sender immediately by
return e-mail and delete the message and any attachments. Thank you. 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: where in the GPO?

[Weatherford, Chad]

I have tried that...no dice

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| 812.867.8314 | cweatherf...@scvl.com



From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Thursday, July 16, 2009 2:18 PM
To: NT System Admin Issues
Subject: RE: where in the GPO?

 

User Configuration > Windows Settings > IE Maintenance > Connection
Settings

Chris Bodnar, MCSE
Sr. Systems Engineer
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003

____

From: Weatherford, Chad [mailto:cweatherf...@scvl.com] 
Sent: Thursday, July 16, 2009 3:09 PM
To: NT System Admin Issues
Subject: where in the GPO?

 

I am trying to find the location in the GPO to check the box in
IE/internet settings/connections/LANsettings for Auto Configuration.
Could someone please tell me where to find that?

 

Thanks!

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| 812.867.8314 | cweatherf...@scvl.com

 

 

 

 

 



This message, and any attachments to it, may contain information that is
privileged, confidential, and exempt from disclosure under applicable
law. If the reader of this message is not the intended recipient, you
are notified that any use, dissemination, distribution, copying, or
communication of this message is strictly prohibited. If you have
received this message in error, please notify the sender immediately by
return e-mail and delete the message and any attachments. Thank you. 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

where in the GPO?

[Weatherford, Chad]

I am trying to find the location in the GPO to check the box in
IE/internet settings/connections/LANsettings for Auto Configuration.
Could someone please tell me where to find that?

 

Thanks!

 

Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc.
| 812.867.8314 | cweatherf...@scvl.com

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~