Windows anti virus and security
Download
1 / 17

Windows Anti-Virus and Security - PowerPoint PPT Presentation


  • 313 Views
  • Updated On :

Windows Anti-virus and Security WNUG Meeting 2-7-2002 Anti-virus Overview New License information ASU Current Protection Best Practices Wireless Product New Tools for Management Security Overview SANS best Practices Windows NT Windows 2000 Tools to Assist with Securit

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Windows Anti-Virus and Security' - libitha


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Windows anti virus and security l.jpg

Windows Anti-virus and Security

WNUG Meeting 2-7-2002


Anti virus overview l.jpg
Anti-virus Overview

  • New License information

  • ASU Current Protection

  • Best Practices

  • Wireless Product

  • New Tools for Management


Security overview l.jpg
Security Overview

  • SANS best Practices

    • Windows NT

    • Windows 2000

  • Tools to Assist with Securit

  • Information from Microsoft Security Seminar


Anti virus license update l.jpg
Anti-virus License Update

  • A new license with NAI has been signed for another 2 years.

  • All Current products are again covered.

  • We need a better idea of the number of clients we have.


Asu current protection plan l.jpg
ASU Current Protection Plan

  • ASU Post Office and Exchange servers are running GroupShield from NAI.

  • Workstations running VirusScan or Virex.

  • Servers running NetShield (both Netware and Windows)

  • Addition of new management tools (ePO)


Anti virus best practices l.jpg
Anti-virus Best Practices

  • Always have the latest sdat installed.

  • Use the most current version of the software.

  • Never EVER open attachments that are not confirmed or expected.

  • The following settings are recommended:

    • Install system, email, and download scan.

    • Scan all files even compressed.

    • Always have heuristics turned on for both macro and program scanning.

    • With email scan, scan all attachments even compressed ones.


Wireless product l.jpg
Wireless Product

  • Supports Palm OS, Pocket PC, Windows CE, and Symbian EPOC operating systems.

  • Handheld devices are scanned on synchronization.


Wireless continued l.jpg
Wireless Continued

  • Use the Configured Auto Update in the software.

  • On the Advanced Tab select the last two options. There are no defaults on the screen by default.

  • Also under the Log Activity Tab, select verbose logs. This aids in troubleshooting later.


Anti virus management tools l.jpg
Anti-virus Management Tools

  • ePolicy Orchestrator

  • Installation Designer


Epolicy orchestrator l.jpg
ePolicy Orchestrator

  • Repository for anti-virus software software.

  • Centralized anti-virus software installation.

  • Admin be able to view the state of anti-virus software on all computers on the network which have an agent.

  • Has support for multiple service providers.

  • Comprehensive reporting on anti-virus software activity.

  • Default reports that can be customized.

  • Replaces Management Console.


Epo default reports l.jpg
ePO Default Reports

  • Agent to Server Connect Interval

  • DAT deployment Summary

  • DAT/Engine Coverage

  • Engine Deployment Summary

  • Machines with no AV Protection

  • Machines without ePO Agent Installed

  • Product Protection Summary

  • ePO Agent Versions

  • Infection Reports

  • Top Ten Reports

  • Detection Reports


Installation designer l.jpg
Installation Designer

  • Utility to pre-configure VirusScan or NetShield for installation on another computer.

  • GUI utility

  • Pre-set any install time options.

  • Select additional files to copy to the system during installation.

  • Set Registry Keys.

  • Install other .DAT files other than those shipped with the product.


Sans documents l.jpg
SANS Documents

  • Windows NT

    • Phase 1: Setting up the machine

    • Phase 2: Safe File system and Creation of ERD

    • Phase 3: Setting Registry keys

    • Phase 4: Strong Password controls and Account policies

    • Phase 5: Auditing

    • Phase 6: Networking and Internet Security

    • Phase 7: Monitoring and updating Security


Sans documents continued l.jpg
SANS Documents Continued

  • Windows 2000

    • Same general guidelines from the Windows NT document.

      • Disable any unused services

      • Secure any remote control programs


Suggested utilities l.jpg
Suggested Utilities

  • Dumpchk.exe – provides dump file validation and analysis

  • Memsnap.exe – produces a picture of memory usage by all processes and writes a log file.

  • Poolmon.exe – used to detect memory leaks.

  • W2000msgs.chm – list of Windows 2000 error and event messages in Help File format.

  • Acldiag.exe – reads access control lists from AD objects and generates a report.

  • Filever.exe – Utility to report on the versions of the file structure, executable and DLL files.

  • Guid2obj.exe – translates a GUID to its distinguished name.


Suggested utilities continued l.jpg
Suggested Utilities Continued

  • Snort – free Intrustion detection system.

  • HFNetChk – inventory of security patches.

  • Qchain.exe – installs mulitple hotfixes together.

  • IIS Lockdown wizard – wizard used to lockdown IIS 4 & 5.


Microsoft security seminar l.jpg
Microsoft Security Seminar

  • Security Tool Kit (available from web site)

  • http://www.microsoft.com/security

  • Keep up to date on patches/hot fixes.

  • Have anti-virus software installed and up-to-date.

  • Use good security techniques, for example those offered by SANS step by step guides.

  • Audit your systems on a regular interval


ad