You could track this in your CMDB. What tools you use probably depends on what
platforms you need to monitor in your environment. Alternatively, have a
process that records license purchase and allocation with a step to record in
CMDB. Other tools that scan your environment could then be for
We are using License Dashboard (http://www.licensedashboard.com/) it is very
*very* involved to setup but gives real visibility of your software assets.
We have our own local install but they will also run a managed service too
which I would say is probably a better bet for small organisations
I know, that is exactly what I think too. But this is what they are
telling me, and since they are the SMEs for the application, its up to me
to prove that what they are saying is wrong.
Was really hoping someone on the list out there used the product and could
tell me without a doubt that it
Very Well Done !
From: David Lum [mailto:david@nwea.org]
Sent: Monday, October 01, 2012 9:56 AM
To: NT System Admin Issues
Subject: Only took my 18 months...
But effective today I get to add Sr. to my Systems Engineer job title. W00t!
David Lum
Sr. Systems Engineer // NWEATM
Office
Don't spread this out to everyone, Isn't this lists traffic publicly
posted?
From: Stu Sjouwerman [mailto:s...@sunbelt-software.com]
Sent: Tuesday, October 02, 2012 6:42 AM
To: NT System Admin Issues
Subject: RE: My sons IT learning..
If he now knows about Kevin, let him step through an
My apologies for the intrusion but I can't find this via Bing or Google. I am
trying to find AV exclusions for IIS 7.5. I thought this would be easy to
search for but it is turning into an elusive hunt. I can find Lync, Office
Communicator, Exchange and SQL but nothing specific to IIS7.5
This is the best I can do for you:
http://social.technet.microsoft.com/wiki/contents/articles/953.windows-anti-virus-exclusion-list-en-us.aspx
You might try asking/searching on www.iis.nethttp://www.iis.net - although I
couldn't find anything quickly. There should be a list somewhere for IIS
+1 o Michaels Link its what I have been using as a baseline for a while.
Z
Edward E. Ziots, CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Tuesday, October 02, 2012 11:04 AM
To:
Umparts of this should be required viewing for all employees (wait, you've
been saying THAT the entire time as well..).
I like this Stu - it's not new info to us sysadmins, but I'm certain end users
would go whoa The one thing that might be inferred is that McAfee is
flawed and some
see, we need to dump McAfee
What is wrong with that conclusion? :)
Carl Webster
Consultant and Citrix Technology Professional
http://www.CarlWebster.comhttp://www.carlwebster.com/
From: David Lum [mailto:david@nwea.org]
Subject: RE: My sons IT learning..
Umparts of this should be
Dump all reactive AV, I say, at least the realtime monitoring portions
Read-only vDisks and application whitelisting combined will do the job nicely
---Blackberried
-Original Message-
From: Webster webs...@carlwebster.com
Date: Tue, 2 Oct 2012 15:29:19
To: NT System Admin
I see that AV is flawed, because its fighting a losing race with modern
malware, and some AV;s will catch things better than others, and all AV
will miss more than we know simply because there isn't a signature for
the malware. Although compliance mandates still require AV on systems
(PCI-DSS) so
That's the only thing - compliance. I've seen many clients where I could
shut down reactive AV and they won't just for compliance reasons. It's not
doing anything - the whitelisting catches everything the AV would and more
- but they leave it using up resources just for compliance. It's stupidity,
I don't disagree, but that's not my point :). AV these days is a smaller part
of defense-in-depth, but believe it or not, just about every week McAfee
catches stuff on our systems.
LOL Webster.
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Tuesday, October 02, 2012 8:50 AM
To: NT
It probably does catch stuff, but if you had a whitelisting solution, it
would catch all the stuff AV does and more.
On 2 October 2012 16:58, David Lum david@nwea.org wrote:
I don’t disagree, but that’s not my point J. AV these days is a smaller
part of defense-in-depth, but believe it or
At Derbycon this weekend a speaker asked the room if there was anyone not
running any AV. I was the only person to raise my hand.
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Tuesday, October 02, 2012 11:52 AM
To: NT System Admin Issues
Subject: RE: My sons IT learning..
I see that
Well, between whitelisting and blacklisting, you can have software-driven *
greylisting*, which removes the admin overhead associated with whitelists
http://appsensebigot.blogspot.co.uk/2012/02/using-appsense-application-manager-to.html
The AppSense AM stuff also does an incredible job of
With regard to locking of endpoints, there's a load of software now that
can allow users to install apps without needing admin privileges. Personal
vDisks, StrataApps, etc. come to mind, and they're very efficient at
dealing with what Citrix refer to as *long-tail apps.
*Combine this into a
I should clarify, he asked not running any AV corporate wide. We don't. 3500
desktops and no large events and very very few small ones. We have not seen and
driveby malware in months. There were a lot of gasps in the room and plenty of
questions for me.
The key for us is no admin rights and a
That's quite gutsy. I've seen quite a bit of malware executing from the user
profile itself. Do you have a heavy restriction on removable devices?
---Blackberried
-Original Message-
From: Kennedy, Jim kennedy...@elyriaschools.org
Date: Tue, 2 Oct 2012 16:50:38
To: NT System Admin
Do the compliance mandates require an AV solution that uses black-listing? Why
doesn't a white-listing solution qualify as AV?
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Tuesday, October 02, 2012 10:50 AM
To: NT System Admin Issues
Subject: RE: My sons IT learning..
I see that AV
That's where I want to land - no admin rights and really good
perimeter filtering.
Care to share what filter you use?
Kurt
On Tue, Oct 2, 2012 at 9:50 AM, Kennedy, Jim
kennedy...@elyriaschools.org wrote:
I should clarify, he asked not running any AV corporate wide. We don’t. 3500
desktops and
Yes, from time to time we do have to delete a profile. Auto run is turned off
for removable media. That is about it.
From: Rankin, James R [mailto:kz2...@googlemail.com]
Sent: Tuesday, October 02, 2012 2:01 PM
To: NT System Admin Issues
Subject: Re: My sons IT learning..
That's quite gutsy.
I wonder how you know some stations are not infected?
De : Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
Envoyé : 2 octobre 2012 14:05
À : NT System Admin Issues
Objet : RE: My sons IT learning..
Yes, from time to time we do have to delete a profile.
We'd need a lot more info to have a chance at answering this, as
printing / PDFs are not something built-in to IIS, but could certainly
be a function of custom application code. What have you tried as far
as application pool settings?
On Tue, Oct 2, 2012 at 1:13 PM, David L Herrick
So at first I thought I was going crazy. I have a 2008 R2 terminal server
(RDS) that hadn't been updated in many months. It was running an older
version of Adobe Flash (no, I don't remember which version but something
PRE-June 2012 at least). In late September, some of the users were saying
Let me also add that... Installing Flash 11.4 with Firefox isn't
problematic at all. Everything works as it should when accessing websites
(Flash and non-Flash sites) via Firefox 15. The issues below seem directly
related to IE9. I guess for now I will just ask users to use Firefox on
the
27 matches
Mail list logo