Brent 的个人资料Brent's space照片日志列表更多  |  工具 帮助 |
|
|
12月31日 Update! New Years Resolution I have some projects I'm going to start as of January 1st, but they are more time sensitive and include a pseudo photo diary. I wouldn't however call it a new year's resolution. I have tried the new year's resolution thing in the past and it never works out. So this year I'm going to have the new year's resolution that should stick with me the rest of my life. This year my new year's resolution is ..... Never to have another new year's resolution again. This one should be easy to stick and finally takes the pressure off of me for the rest of my physical existence. If we have a meta-physical existence after our physical one has expired there may be an issue I have to rectify later. Whenever someone asks in the future "Did you manage to complete your new year's resolution?" I can say with pride that I'm not yet done with it , but so far I seem to be maintaining it. This is a stock answers that I can (knock on wood) use for decades to come. I no longer have to deal with the BS that comes with trying to follow something that your not going to stick with, I can be open honest and hold my head up high. I am Creeva and I have no more new year's resolutions. [More at Creeva's World 2.0] MSN Notifier by tension Update! @sheagunther - Shhhh - and tha...@sheagunther - Shhhh - and that statement didn't help your twitter history in your prexidential campaign [More at Creeva's World 2.0] MSN Notifier by tension Update! New Years ResolutionI have some projects I'm going to start as of January 1st, but htey are more time sensitive and include a psuedo photo diary. I wouldn't however call it a new year's resolution. I have tried the new year's resolution thing in the past and it never works out. So this year I'm going to have the new year's resolution that should stick with me the rest of my life. This year my new year's resolution is ..... Never to have another new year's resolution again. This one should be easy to stick and finally takes the pressure off of me for the rest of my physical existence. If we have a meta-physical existence after our physical one has expired there may be an issue I have to rectify later. Whenever someone asks in the future "Did you manage to complete your new year's resolution?" I can say with pride that I'm not yet done with it , but so far I seem to be maintaining it. This is a stock answers that I can (knock on wood) use for decades to come. I no longer have to deal with the BS that comes with trying to follow something that your not going to stick with, I can be open honest and hold my head up high. I am Creeva and I have no more new year's resolutions. [More at Creeva's World 2.0] MSN Notifier by tension Update! @sheagunther just remember two...@sheagunther just remember two lines - I did not have sexual raltions with that woman - and I did not inhale [More at Creeva's World 2.0] MSN Notifier by tension Update! Spokeo - The Interesting, Exciting, and Scary Spokeo is one of the latest Web 2.0 services I have tried here is how it works: First you sign up and it asks if you want to look for friends from your address book (gmail, yahoo, AOL, etc,) it then spends time going through all the addresses and see which services they belong (Amazon, Myspace, Last.fm, Digg, Twitter, Etc.) - at this point it shows you all of their public activity on these services. You also have the option of linking your myspace, linkedin, or other accounts where it doe the same searching as before. This is interesting since it allows you to track your friends without hunting them all down and searching them out. You know what they are up to without actively going to all these different sites online for hours at a time. You may never log into your normal sites to keep up with your friends, it all coming to you. Now the scary - you can put in any e-mail address and look up someone the same way. You also receive hits from your address book of someone you may have had one quick e-mail exchange with but no relationship. Because of this you are infringing on their privacy. More people need to be aware of Spokeo so they understand the implications of their online activities and how easy they are to track and monitor. I'm well aware and have been for awhile, I use teh internet and post information knowing this and expecting it. Other people I know are not nearly as aware. I would recommend trying it out just to see what you can find. If your worried about your e-mail address becoming part of the beast i would advise to sign up with a throw away e-mail address. [More at Creeva's World 2.0] MSN Notifier by tension Update! Spokeo - The Interesting, Exciting, and ScarySpokeo is one of the latest Web 2.0 services I have tried here is how it works: First you sign up and it asks if you want to look for friends from your address book (gmail, yahoo, AOL, etc,) it then spends time going through all the addresses and see which services they belong (Amazon, Myspace, Last.fm, Digg, Twitter, Etc.) - at this point it shows you all of their public activity on these services. You also have the option of linking your myspace, linkedin, or other accounts where it doe the same searching as before. This is interesting since it allows you to track your friends without hunting them all down and searching them out. You know what they are up to without actively going to all these different sites online for hours at a time. You may never log into your normal sites to keep up with your friends, it all coming to you. Now the scary - you can put in any e-mail address and look up someone the same way. You also receive hits from your address book of someone you may have had one quick e-mail exchange with but no relationship. Because of this you are infringing on their privacy. More people need to be aware of Spokeo so they understand the implications of their online activities and how easy they are to track and monitor. I'm well aware and have been for awhile, I use teh internet and post information knowing this and expecting it. Other people I know are not nearly as aware. I would recommend trying it out just to see what you can find. If your worried about your e-mail address becoming part of the beast i would advise to sign up with a throw away e-mail address. [More at Creeva's World 2.0] MSN Notifier by tension Update! Crazy Nintendo Support Call: Smack Wiimote to Fix ItAccording to this article I found on Digg. Nintendo Technical Support had the user smack the Wiimore against the users palm to fix it. Now as foolish as this seems to some people. Compaq had an issue years and years ago where the hard drives installed in them did not include enough oil. Their techinical support people had you life your computer 2-3 inches above your desk and drop you $2000.00 investment. So this type of scenario is not new. I know I fixed many things from computers to cars by hitting them once in awhile. [More at Creeva's World 2.0] MSN Notifier by tension Update! Web Wandering Dump
[More at Creeva's World 2.0] MSN Notifier by tension Update! Creeva's Latest Consumption
[More at Creeva's World 2.0] MSN Notifier by tension 12月30日 Update!Top Ten Signs Your Country May Be Going Fascist [More at Creeva's World 2.0] MSN Notifier by tension Update! Symantec Endpoint Protection 11.0I'm currently in a webex seminar for Symantec Endpoint Security - the moderator has not joined yet. I thought I would share thoughts and ideas as this went along - and for reference to myself at a later date. I realize this is no apple speech or Nintendo launch - but we all have to get our real time blogging skills up to date somehow. I signed and view no disclosure agreement in the invitation that was given to me and I would not have violated it if I did. This is not specific to my job or company so I don't feel I'm violating any trust. The seminar is scheduled to be 1 hour and 15 minutes - unless it's a really short seminar and its only 1 minute 15 seconds - in that case I guess this is a hug waste of time. Waiting for the moderator - we just got a message that the seminar will start in 3 minutes - 2 minutes late btw. The presenter according to the slide is Kevin Haley, Director of Technical Product Management in the Endpoint Security Group. Since my understanding is that replaces Symantec Anti-virus there is a drastic change as they consolidate all the products they have purchased in the past trying to get them to work cohesively. The seminar just started only 4 minutes late. Kevin is responsible for Symantec End Point protection. Agenda: Goals: They've muted the participants for our own anonymity *roll eyes* - I know from experience that this is solely to not get stopped by possible trigger points that listeners may have. We have options of typing in questions and getting them answered in real time. Product Overview: Symantec Endpoint Protection 11.0 and Symantec Multi-tier protections 11.0 Multi tier is the new version of SAV Enterprise Edition 8, 9, 10 - customer with upgrade protection and support with Symantec will get a free upgrade. This also includes SAV for Mac OSX. Endpoint protection 11.0 - is the upgrade for SAV CE, SCS, Symantec Sygate Enterprise Protection, and Whole Confidence online for corporate PC's get this in their upgrade contract They now took a poll if we entered the beta test for Symantec Endpoint Protection - 9% did public - 20% did external and 69% did not (this was a seminar poll for the participants. They are talking about the reasons for integrating everything Parts Antispyware - Leads in root kit detection and removal *unless they are keeping quiet for Sony Firewall technology - taken from Symantec Client Security and Sygate Intrusion Prevention - Behavior Based Threat protection - SONAR whole security - network traffic protection Device Control/ Application Control Network Access Control - add on client New client is all bubbly and vista like - take that how you want. New help and support button allows some basic troubleshooting info in one spot. Access to windows accounts info, disk space, log files, and version information. You can also import or export policies from the client. Any client installed by default from the CD are initially self managed - if you want them to be managed by default you need to create an installation package on your management server. You can change all policies not just the firewall based on location. The file that tells if the client is managed or unmanaged is located in the file sylink.xml - contains also server list, certificate info, heartbeat, and communications. There is a tool to auto edit the file included on the cd for easy managed to unmanaged deployment. You could also edit this manually and the file is said to be documented. Intrusion prevention capability - network based intrusion prevention tied into the tcp stack - generic exploit blocking from SCS and Sygate IDS which supports custom signatures - signature format is similar to Snort. Behavior blocking - proactive threat scan from whole security - innovative behavior based analysis - uniquely accurate low .004% false positive rate (testing for 2 years) via the web site and the consumer product (your enterprise beta testers) - enables broad deployment on endpoints. 20 million installations during the test - so 40 false positives for every 1 million PC's - can also do white listing so false positives only show up once. Stupid picture of a cookie jar with a digital camera and video camera - cookies disappear in the night and you want to catch who is doing this used camera for random images or camcorder you can review the film later but the camcorder solution is more expensive - so proactive threat scanning takes a picture of all the processes every 15 minutes and analyzes it. *is this seriously the best analogy????????? Application Control - you can disable certain application Device protection - block devices by type - trying to stop items like USB, infrared, Bluetooth, serial , parallel , firewire, scsi, PCMCIA - can block read/write execute on burnable media drives - can block all USB except keyboard and mouse - *I would just use a browser Features overview Migration Standard migration steps so far - document, design, install architecture, migrate existing groups and policies, configure reporting, configure server/site (policies, groups, Admins, notifications etc. , create and test client packages, Java based Management - talk to it on HTTPS (admin and client) clients can be configured for HTTP if you want unencrypted traffic- SQL database for storage. Database contains only replicates SQL can be separate from the management sever - many management servers can use a single database. Numbers are to be determined but there is basic info in the documentation - hard numbers will not be available in FCS (First Customer Shipment) Distributed environment - multiple management servers and databases - Management servers always replicate policies and group information between them - so they will all know about ALL the clients and policies - any client can check into any server - but you can restrict that by server or server group - you can also setup a order it checks in. Logging replication is optional and they call it filtering - if you have a current architecture where all information rolls up to a master server you can still do that - or you can replicate all logs to all servers. Supports migration from SAV, SCS, and SSEP - clients upgrade to SAV 11.0 will automatically connect to new SESM Look and feel for reporting data is the same First use wizard simplifies initial setup SEPM can run on the save server as a SAV management server since they are designed to coexist since they use different executables. Migration 1 - on same server as your SAV server Migration 2 - different server Reporting migration Sav 10.1 - you can redirect clients to the new SEP 11 database for reporting. Client installation - support to install over SAV 9-10.1, SCS 3-3.1, SEP 5.1, SPA 5.1 (don't have to uninstall these products) Already rolled out internally at Symantec with 5000 users First use wizard - which will enable you to migrate your groups, policies, users to your new management server - they will not install the client automatically on a management server-so this will have to be done manually. They warn about installing the client firewall on the servers install - LOL - I can see why but I wonder how many administrators actually did that. Content distribution SEPM gets client updates and content from Symantec live update - clients can be patched from management server using only a small difference file that can be pushed down. Still can get content from central internal live update server or rapid release definitions Clients send events, operation state, and command status to the SEPM server - commands are sent to client from server, profiles, content, updates sent to client - content and updates only the different micro definitions they don't' have are sent instead of all the definitions each time. Clients with a group update provider - will go to the group update provider for content (av defs, etc.) The group update providers caches information from the SEPM server - designed for low bandwidth architectures. Unmanaged clients can still go to live update on their own Additional tools http://edm.symantec.com/endpointsecurity/ Goodbyes and that's the end Questions and Answer from the text box:+ Question: Sorry missed what said... Did you mention Macintosh would be included? Question: Will the Multi-Tier console server handle Macintosh clients? Question: Will it be Vista compliant? Question: Will the Symantec Multi-tier Protection for MAC be able to utilize the Parent Servers for Windows? Question: Asking about the console. Will there still be a seperate console server for Macs? Question: So there won't be a Mac solution if we're a SEPM customer? Question: What is the upgrade from SAVCE Question: is the full endpoint suite required, or can you still purchase products separately? Question: Assuming no more console? Question: Can you turn off various components? Question: Will it have built in reporting capabilities or do we need to continue with SAV reporter? Question: Will the SEP v11 console be able to managed legacy clients (SAV10, etc) Question: Will this all still be in a single agent? Question: Will these products be Vista logo'd or just Vista compliant? Also will you be providing both 32bit and 64bit clients? Question: What? We will need to run multiple consoles? Will they all feed into SSIM? Question: Will we go over migrating an existing Reporting Server to the built-in reporting in SEPM? Question: would this be red if I disabled it from management side? Question: does the user need admin rights to execute a FIX Question: Are there different levels of users provided in the SEPM? Question: Will the 64-bit client differ by processor type, or will the 64-bit client be universal? Question: Current installation from CD presents you an option to choose the management server if you want to install managed. Why has that been removed? Question: can it be locked so a cleint can't remove from a server? Question: In previous versions, we could specify management server. This is not possible now? Question: Will the client upgrade handle all current individual components that may be installed on the desktop (SSEP, SAV10, etc.)? Question: Does the new policy import/export replace the usage of GRC.dat and the need to at times manually implement it. Question: Will the SPEM have the ability to set security access for other users/groups to manage their servers or sites? Question: So the sylink.xml replaces the grc.dat except it doesnt disappear once processed by the client? Question: When will this release be available? Question: can you import SNORT signaturs? Question: Is there a maximum network latency value between a policy sevrer andf end client that we should consider when determine the count and location of policy servers on our global network? Question: Does the current license also include the signature subscription for IDS? Question: Has the port range for communication between SErvers and Clients decreased? Or will it still range from 1024-4999? Question: Will this presentation be available for download so we can share with upper management? Question: Does the client upgrade require a reboot from version 10.x Question: We currently install the SAVCE client on Windows Server OS managed by a Parent server. Which product is recommended for Windows Server OS or which components are recommeded to be disabled on Server OS? Question: is the management console still MMC based? Question: Is there a reporting server for this similar to the SAV 10 reporting server? Question: When will training be available for SEP 11? Question: will we be able to customize the white list Question: Does Behavior blocking handle rogue keyloggers? Question: Will the new console be able to communicate with "legacy' SSEP agents (or, can we upgrade the SSEP-PM without requiring the SSEP agents to upgrade at the same time)? Question: so just 443 and 80 Question: Can specific applications be "black listed"? Question: what are the functionality differences between Sym Endpoint Protection and Sym Multi-tier Protection? Question: will the clients listen on a port for server initiated communication, or is the communication only initiated by the client? Question: Will SEP require SQL? Question: Will mobile devices be supported? If so, what devices? Question: Will the Q&A be made available after the call? Question: any chance of getting a copy all the slides to review after the meeting? Question: Is there an estimate available of the resource impact on a host machines due to the proactive threat scanning? Question: Do the antivirus capabilities within SEP 11 use less resources on a typical client and server? We have many problems with SAV 10 chewing up too much memory and CPU utilization, especially on virtual servers. Question: Is there an override for the USB blocking? Question: Can devices be blocked based on Manufacturer / Model? Question: can usb thumb drives be blocked but other usb devices, ie scanner, printer be allowed? Question: is patch/maintenance release management going to be simplified over previous versions? (i.e. all inclusive rollups not requiring previous upgrades to a base version)? Question: so SMP includes the sygate firewall technology? Question: A new version of packager come with this - I am aware its unsupported but if new version does come with it will it be supported? If not any idea when? Question: Will the schema be available for the database, so we can query it? Question: Will SMSDOM (Mail Security for Domino) Still be supported as well as Premium Anti-Spam? How about for Exchange? Question: Are the INTEL portions from previous NAV/SAV versions been eliminated altogether? Question: Are the policies for the client available to be pushed via Group Policy in AD? Question: can you restrict file types allowed to write to USB drives? i.e. allow MP3, but not DOC or XLS? Question: Can individual components - say, the firewall portion - be disabled selectively? For example, we may want AV on a server but not necessarily firewall (even more specifically, for performance savings?). Question: What version of java? Question: how much space is required for the sql ie per machine? Question: Does this version get away from storing client information in the registry? Question: Can the management server be installed on VM? Question: Did he say the client port is 80? Question: is a certificate server required? Question: In the current version of SAV10 Reporting, there is a vulnerability of the PHP component. Will SEPv11 provide better response to layered components that have known vulnerabilities? Question: the client/server traffic is based on port 80/443 correct? How is that going to affect clients running websites using port 80/443? Question: from the remediation aspect, will SAFE mode be required for a 100% detection and cleaning? Question: For replication what type of nbandwidth does it use over a WAN? Question: Since the client information is no longer in the registry how can we check AV status through scripts? Is there a WMI interface? Question: We have encountered issues with the volume of network traffic generated by corrupted defs. How does the 11.x version address this issue? Question: are there any JRE versions that are not supported or are recommended for the management console? Will the client itself require JRE to be installed for SEP to work? Question: will registry still use intel\landesk\virusprotect6 structure? Question: How can we obtain the scalability document? Question: has sepm been certified for vm Question: Why is this not backwards capable with SAV 10 or 9? Upgrading an entire enterprise can take a while. Question: is there a method for users to alter administrative scan schedule (but not any other option)? Question: what about Sygate 4.1? Question: Will you be able to save all the old data from the SAV 10.1? Question: no over intall for 7.x is that correct Question: OVerinstall of 10.2 for Vista supported? Question: he said that scalability doc will be available about a month after SEP 11.0 release Question: Will the overinstall work even if the previous client is password protected? Or will it still require a registry hack to remove? Question: can SAV10 client groups be migrated, or is there granularity to support that type of group? Question: Does SEP support NT4.0 clients? Question: Is the upgrade to SAV 11 more reliable than the upgrade to SAV 10? We were forced to use NONAV to pre-clean the SAV 8 and SAV 9 systems before going to SAV 10 Question: What is the SEPM blog URL? Question: Is the installer follow standard MSI best practices? Question: will management server install require reboot (windows server 2003)? Question: This includes central management and reporting for the FW? Question: Any problems creating an SMS package for installing to clients? Question: to install over 4.1 do you need to uninstall 4.1, reboot and install SEP or can you uninstall 4.1, install SEP and reboot? Question: Can our TAM answer questions regarding SEP 11 yet? Or do we have to wait until the release? Question: We run Symantec Mail Security for Exchange. If we run SEPv11 on the same box, are the defs compatible? Can they co-exist? Question: you mentioned earlier that the client initiates all contact with the server. What about Virus sweeps, updates that you want to push, do you have to wait til the next time the client checks in Question: does the patch require a reboot? We have lots a 24x7 servers. Question: Will the dif patch require reboots on the clients? Question: No problem to run in a mixed environment, e.g. legacy clients reporting to previous management console, newer clients reporting to newer management console? Question: We are going to have a lot of language requirements (Thai, German, French, Russian, Swedish, Japannesse, Chinesse). Is there a link on your web page to the supported language versions? Question: For definition distribution, what is the approx size of the diff-defs? If a client has been off the network for a week or longer, what is the approx size of the diff-def? Question: Thanks for the GUP!! Question: If a client goes to a GUP and then that client goes to another group will it still look for the GUP group A Question: With ver9 and > Symantec expanded the feature set to combat spyware and malware, many customers complained of CE being bloated, memory-intensive, and causing issues with many line-of-business applications. With all these added features in this new product release can you point to any documentation related to this version benchmarks and/or performance specs compared to previous releases? Question: will rapid release definitions be available for the Liveupdate server? Question: Not sure if this was asked. But when a client connects to a 11.0 server does it use a certificate like in the past for communications? Question: Can the gups be configured as Primary, secondary, and can the clients recognize that Question: when will this be available for download from the platinum site? Question: Thank You
[More at Creeva's World 2.0] MSN Notifier by tension Update! Consumed "Slither (Widescreen Edition)" WORTH IT!
Original post by nobody@www.allconsuming.net (creeva) [More at Creeva's World 2.0] MSN Notifier by tension Update! Consumed "The Woods (Widescreen Edition)" by Lucky McKee
WORTH IT!
Original post by nobody@43things.com (creeva) [More at Creeva's World 2.0] MSN Notifier by tension Update! Consumed "Slither (Widescreen Edition)"WORTH IT!
Original post by nobody@www.allconsuming.net (creeva) [More at Creeva's World 2.0] MSN Notifier by tension Update! Consumed "The Woods (Widescreen Edition)"by Lucky McKee
WORTH IT!
Original post by nobody@43things.com (creeva) [More at Creeva's World 2.0] MSN Notifier by tension Update! Consumed "The Woods (Widescreen Edition)"by Lucky McKee
WORTH IT!
Original post by nobody@43things.com (creeva) [More at Creeva's World 2.0] MSN Notifier by tension Update! Consumed "28 Weeks Later (Widescreen Edition)" WORTH IT!
Original post by nobody@43things.com (creeva) [More at Creeva's World 2.0] MSN Notifier by tension |
|
|
