You would do well to implement an application whitelisting GPO and also use
a GPO to disable AutoPlay. This should mitigate a lot of the threat from USB
keys. GPOs can also be used to block out access to CD and tape drives,
should they be present.
SEP is my least favourite AV product. I use Vipre
Thank you for your input.
For this network they have used various technologies as well but I did not
cover al of them in here.
Emails web are filtered centrally by the education grid network.
WSUS is being used as well.
The GPO team are already scratching there heads as the school has more
Why would the GPO team be scratching their heads? If you know the
applications in use, it is fairly easy to create an application whitelist.
It's also very easy to update when something is missed - the full path to
the executable that is blocked is written to the event log and can be
updated
Thank you James for the reassurance.
As for the GPO team I dont know why I did not bother asking the details
cheers
Peter
On 25 May 2010 15:19, James Rankin kz2...@googlemail.com wrote:
Why would the GPO team be scratching their heads? If you know the
applications in use, it is fairly
Windows Defender does not tend to conflict with other AV or antimalware
products. Some 3rd party products will, however, offer to disable Windows
Defender for you when they install. It beats having Defender tell you all
about the changes they are making.
-ASB: http://XeeSM.com/AndrewBaker
On
Yes I have just done my first SEP install on a Wndows 7 pc as a test and it
has disabled WD.
I do get your point.
:)
cheers
Peter
On 25 May 2010 15:52, Andrew S. Baker asbz...@gmail.com wrote:
Windows Defender does not tend to conflict with other AV or antimalware
products. Some 3rd party
Neither Windows 7 Enterprise nor AppLocker are required for application
white listing.
Software Restrictions Policies (the predecessor to AppLocker) isn't as
flexible but is present in all business editions of Windows = XP.
On 5/25/2010 9:08 AM, helpdesk UK wrote:
Unfortunately the school does
: Tuesday, 25 May 2010 10:20 PM
To: NT System Admin Issues
Subject: Re: Deploying windows 7 - Anti Virus
Why would the GPO team be scratching their heads? If you know the applications
in use, it is fairly easy to create an application whitelist. It's also very
easy to update when something is missed
Useful information that I have referenced when installing SEP on an image build:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110510364248
Matt Burian | IT Consultant
Burian Information Technology, LLC.
m...@burianit.com | Main: 937 660-8196 | Cell: 937 681-3600
.
-Malcolm
From: helpdesk UK [mailto:uk.helpd...@gmail.com]
Sent: Tuesday, May 25, 2010 09:45
To: NT System Admin Issues
Subject: Re: Deploying windows 7 - Anti Virus
Thank you James for the reassurance.
As for the GPO team I dont know why I did not bother asking the details
cheers
That is why you white list folder paths (ie c:\windows\system32 and
C:\Program Files) instead of individual executables. White listing based
on file hash would work too.
BTW both the Run dialog and cmd.exe respect both SRP and AppLocker.
On XP and 2003 you can get around software restrictions
Has anyone had any known issues with this product? [SEP]
You just opened the floodgates :) Lol.
MSRT just scans as part of the Windows Update process. It scans when
the updates are applied, it's a one process. I skip most of them
because it really bogs down the machine.
Sam
Since it's a school environment, I forgot to mention something else.
I have done some work for a high school in which we Faronics
DeepFreeze deployed on all student machines. When in a frozen state
the computers essentially can not be harmed from a software
perspective. Upon a reboot,
13 matches
Mail list logo