RE: Windows 7 64-bit SP1 fails

Weirdly, SP1 on Win 7 64bit went fine on my laptop with the full 900MB+ installation pack, but failed on my home desktop (5 year old 64bit AMD). The WU installer worked a treat though. Both systems now upgraded and stable. a -Original Message- From: Carl Houseman [mailto:c.house...@gm

RE: Antivirus Vendor Replacement

Sophos is constantly catching variants of "Fake AVs" in our environment. Not saying it catches all of them, but I definitely see it catching a lot of them. Jim Holmgren Senior Manager, Infrastructure Services XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suit

Exchange Database -- VMDK or RAW?

For those who have your Exchange boxes inside of VMWare, did you put your databases inside VMDK files, or did you go RAW? VMDK seems like it would be easier to manage, but I'm wondering about size issues, performance, etc. Thanks, Jon ~ Finally, powerful endpoint security that ISN'T a resource

RE: Exchange Database -- VMDK or RAW?

I'm not sure there's so much in it in terms of performance between RDM and VMDK but the answer there is to use Jetstress. The benefits tend to be if your SAN has VSS aware snapshots and you allocate LUNs directly to the initiator inside of the VM, but there may also be benefits to you being able t

RE: Exchange Database -- VMDK or RAW?

We use the MS iSCSI initiator to attach all the Exchange data and log drives. There have been no observable performance issues doing so in our environment. Use Dell's "extpart.exe" for 2003, or the W2008 native "diskpart", we've been able to grow the drives on the fly when we needed to add spac

RE: Exchange Database -- VMDK or RAW?

Without knowing the parameters of your environment, this isn't really that useful. E.g. if you are using iSCSI over Ethernet, then it makes a big difference if you are using 1gbps vs 10gbps (depending on the environment size). If you only have 100 users, it doesn't matter if you are using VMDK v

RE: Exchange Database -- VMDK or RAW?

Ok, if it helps, we're using iSCSI over Ethernet, on 1 Gbps connections, with about 900 users -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Monday, March 14, 2011 9:00 AM To: NT System Admin Issues Subject: RE: Exchange Database -- VMDK or RAW? Without knowi

RE: Exchange Database -- VMDK or RAW?

Which version of Exchange? I'm currently planning our move from 2003 to 2010 and really you want to run Jetstress to ensure you get the IOPS you want within acceptable latency etc. -Original Message- From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: 14 March 2011 14:04 To: NT

Re: Exchange Database -- VMDK or RAW?

Thanks for everyones replies so far. More details: Exchange 2010(all roles). FC to SAN Around 300 users. I want to increase mailbox limits putting the total databases at around 750MB - 1TB combined. Thanks, Jon On Mon, Mar 14, 2011 at 10:06 AM, Paul Hutchings wrote: > Which version of Exch

DirectAccess HowTo?

Does anyone have a favorite/very easy to use set of instructions for configuring DirectAccess? I've got the product documentation, but I'm asking for something you LIKE and found easy to use. I'd rather not spend two days setting up a DA lab if I can avoid it. Thanks. Regards, Michael B. Smi

RE: DirectAccess HowTo?

Direct Access is OK, but if you have a WAN, different subnets and/or older machines, you may want to look at forefront directaccess with UAG -Original Message- From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Monday, March 14, 2011 10:39 AM To: NT System Admin Issues Subject:

RE: DirectAccess HowTo?

I used this one and it was easy enough for a me to follow. http://blog.concurrency.com/infrastructure/uag-directaccess-configuration-guide/ We're using it with about a dozen dell laptops and so far all are working except one. Got the log from it, but need to analyze it to figure out what's not up

RE: Exchange Database -- VMDK or RAW?

Both versions. We're finishing up the migration from E2K3 to E2K10. -Original Message- From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Monday, March 14, 2011 9:07 AM To: NT System Admin Issues Subject: RE: Exchange Database -- VMDK or RAW? Which version of Exchange? I'm

RE: DirectAccess HowTo?

I'm specifically working with DA for a customer that doesn't use UAG. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com] Sent: Monday, March 14, 2011 10:43 AM To: NT Sys

RE: DirectAccess HowTo?

So, are you using UAG? Or did you avoid that? Thanks. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, March 14, 2011 10:43 AM To: NT System Admin Issues Subject: RE: Di

RE: DirectAccess HowTo?

Yes we are using UAG. Sorry I didn't mention that. Also in the process or moving several publishing rules from ISA 2006 to TMG. Hopefully the last one will be finished today at noon. -Original Message- From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Monday, March 14, 2011 10:4

Re: Antivirus Vendor Replacement

VIPRE catches a lot of infection attempts too, either through known malicious EXEs or through infected PDFs. It definitely doesn't get all of them but I've been happy with the performance. Jack Kramer Computer Systems Specialist University Relations, Michigan State University w: 517-884-123

RE: DirectAccess HowTo?

We use the UAG but this blog has some good general info on DA. http://blog.concurrency.com/infrastructure/uag-directaccess-configuration-guide/ John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 M

SIEM

Does anyone have any experience/opinions with implementing SIEM or logging solutions? Right now, we're looking mainly at Accelops, Log Logic and Log Rhythm, as well as an upgrade to our existing Cisco MARS appliance and I would love to hear anyone's thoughts on these or any other solutions wort

RE: DirectAccess HowTo?

This doc gives a good step-by-step on configuring UAG DA. It's based on a lab scenario, but the steps are relevant to a production deployment. http://www.microsoft.com/downloads/en/details.aspx?FamilyID=71be4b7b-e0e9-42 04-b2b5-ac7f3c23b16d -Malcolm -Original Message- From: Michael B.

Re: SIEM

Other options include: - http://www.trigeo.com/ - http://www.splunk.com/view/enterprise-security-suite/SP-CAAAE8Z What devices will you be tracking? *ASB *(Find me online via About.Me ) *Exploiting Technology for Business Advantage... * On Mon, Ma

RE: Antivirus Vendor Replacement

Good Afternoon, We recently changed from eSet NOD32 to Shavlik Netch Protect. It uses the Sunbelt Vipre AV engine. Solved my patch/AV/Malware issues (majority) all through one app. I agree with supplementing with Malware Bytes or another malware scanner just to be safe. I understand GFI is in

Re: Antivirus Vendor Replacement

In non-corporate high-exposure environments: I've come across quite a few new variant malware that weren't being detected by any AV installed or at my disposal (I typically offline clean with ESET and Kaspersky, followed-up with Malwarebytes) - but when I uploaded the new suspect files to Virus To

RE: SIEM

I took a look at Splunk 6 months ago, but decided it was a bit raw and didn't have enough built-in reports. I'd like to see native support for Cisco IOS, ASA, IPS, SBC and NSEL, Windows WMI, Exchange, VMware, MS SQL, IIS, AD, maybe Avaya Communications Manager and UNIX/Linux/Syslog. -matt Fro

Re: DirectAccess HowTo?

Sorry, MBS, I just haven't had the time to write that one! :) Webster On Mon, Mar 14, 2011 at 9:38 AM, Michael B. Smith wrote: > Does anyone have a favorite/very easy to use set of instructions for > configuring DirectAccess? > > ~ Finally, powerful endpoint security that ISN'T a resource hog!

RE: DirectAccess HowTo?

Try this for starters http://www.msteched.com/2010/NorthAmerica/WSV306 John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: Carl Webster [ma

Re: SIEM

Did you look at the security product, or just the general Splunk product? Also look at TrustWave. Lastly, SC Magazine is one of the best sources for useful reviews on this category of products. They are thorough in their review methodology. *ASB *(Find me online via About.Me

RE: DirectAccess HowTo?

How difficult was the PKI infrastructure to setup? We had a hiccup with that which required a call to PSS to get figured out, and even that took a few days, and just happened to find the one guy who said "did you clear this cache?" >>> Glen Johnson 3/14/2011 7:42 AM >>> I used this one and it

RE: DirectAccess HowTo?

Hurry up already! I need to talk to you. Incoming. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Carl Webster [mailto:carlwebs...@gmail.com] Sent: Monday, March 14, 2011 1:31 PM To: NT System Admin Issues Subject: Re: DirectAccess HowTo? Sorry, MBS

RE: DirectAccess HowTo?

Be sure you install the DirectAccess Connectivity Assistant on your client PCs. It provides some good troubleshooting logs that will help considerably if you have client connectivity failures. It also provides a visual indicator of DA connectivity in the system tray. DCA 1.5 is part of the UAG SP1

Re: Network Messaging (primarily for emergency)

My past experience with relying on a computer to send time sensitive notifications is hit and miss. We find paging via intercom systems and office speakers to be the most effective. Is this not a possibility for you? On Mon, Mar 14, 2011 at 3:50 PM, Reimer, Mark wrote: > Back in the day, “net

Re: Network Messaging (primarily for emergency)

I agree. I wouldnt trust this as a primary digital emergency notification system, as its not auditable. -- ME2 On Mon, Mar 14, 2011 at 12:54 PM, Jonathan Link wrote: > My past experience with relying on a computer to send time sensitive > notifications is hit and miss. We find paging via i

RE: Network Messaging (primarily for emergency)

SMS. I keep an updated list of SMS Email addresses in my personal Gmail. More of a DR pre-caution... If Mail is done, network is down, etc, I can still contact everyone. Sam From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Monday, March 14, 2011 2:54 PM To: NT System Adm

RE: Network Messaging (primarily for emergency)

IM/Office Communicator? Carrier pigeon If all else fails... Don Guyer Windows Systems Engineer Datasafe Platform Enterprise Technology Group Fiserv don.gu...@fiserv.com Office: 1-800-523-7282 x 1673 Fax: 610-293-4499 www.fiserv.com From: Micheal Espinol

Re: Network Messaging (primarily for emergency)

Take a look at ACEMessage: http://www.spydaman.com/ACEmessage/index.htm Not 100% and not free, but it works well for us. Roger Wright ___ If there's an exception to every rule, is there an exception to that rule? On Mon, Mar 14, 2011 at 3:50 PM, Reimer, Mark wrote: > Back in the day, “net

Re: Network Messaging (primarily for emergency)

That NET SEND approach has been unreliable for years. I'd look at something like IM, which already handles this. As has been noted already, these are not the best way to handle primary notifications, so what type of "emergencies" are you considering here? *ASB *(Find me online via About.Me

0 Day in Flash being utilized in Targeted attacks

http://isc.sans.edu/diary.html?n&storyid=10549 Adobe posted a security advisory (http://www.adobe.com/support/security/advisories/apsa11-01.html) about a new 0-day vulnerability in Flash reader. According to the post about this vulnerability (available at http://blogs.adobe.com/asset/2011/03/backg

RE: Network Messaging (primarily for emergency)

We do have speaker phones, and can broadcast that way (which would be primary). This is in addition to. Thanks for the input. I'll pass it on to the person who was asking. Mark From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Monday, March 14, 2011 1:54 PM To: NT System Admin

RE: SIEM

Just the general splunk product. Trustwave is the PCI auditor and they were trying to sell us their appliance during the last audit. One requirement for us is that the product be available as a software virtual appliance, so I'll check on their offering again. I'll also dig around SC, thanks.

Re: Sysvol perms in 2008

Not that I have encountered or heard about. Were these in-place upgrades or an addition of new R2 DC's? -- ME2 On Mon, Mar 14, 2011 at 10:39 AM, Kennedy, Jim wrote: > I am having GPO weirdness. Desktops are getting denied on accessing my > Software Policies. I THINK this started with our u

Re: Sysvol perms in 2008

>From what I can tell it shouldn't be applicable to the issue you're seeing, but out of curiosity did you run "adprep32 /domainprep /gpprep" when you upgraded the domain? On Mon, Mar 14, 2011 at 1:39 PM, Kennedy, Jim wrote: > I am having GPO weirdness. Desktops are getting denied on accessing my