1 / 31

IT Briefing Agenda 1/20/05

iCommand & Remedy Update SESA Overview & Demo Win ’98 Support OID Update & Demo Security Scan Demo NetCom (Wireless) Update. IT Briefing Agenda 1/20/05. Karen Jenkins Craig Myers Stu Lipkin Mark Parten Andy Efting Paul Petersen. S ymantec E nterprise S ecurity A rchitecture.

aplace
Download Presentation

IT Briefing Agenda 1/20/05

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. iCommand & Remedy Update SESA Overview & Demo Win ’98 Support OID Update & Demo Security Scan Demo NetCom (Wireless) Update IT Briefing Agenda 1/20/05 • Karen Jenkins • Craig Myers • Stu Lipkin • Mark Parten • Andy Efting • Paul Petersen

  2. Symantec Enterprise Security Architecture Craig Myers ITD, Client Services Development

  3. Desktop Antivirus Managed Antivirus SESA Event Manager for AV SESA and Event Manager Diagrams and Demo Real-world Experiences by Derek Spransy Symantec Enterprise Security ArchitecturePresentation Outline

  4. AntiVirusSpring 2005 Symantec Antivirus Corporate Edition version 9.0.2.1000 Norton Antivirus for Macintosh (with “nonag”) version 9.0.3 (6)

  5. Managed AV • Support thousands of PCs • PCs get Virus Definitions from Server and/or via LiveUpdate • Events are logged by the Parent Server • Quick display of current versions, which definitions are in use, last scan performed and virus alerts. • Can schedule scans without user being logged in. • Can configure client settings per machine or by group. • With Alert Management Service (AMS), can get email when a machine gets a virus. • Lacks reporting ….

  6. Managed AV • Managed AV • Campus parent server available to departmental servers for updates • Virus definitions updated hourly via Intelligent Updates. • Investigating installing a managed faculty/staff server and/or student server to provide management to campus entities without a local managed AV server … thoughts?

  7. SESA • Scalable solution that integrates multiple Symantec Security and third party products. • Provides granular alerting of events. • Query, filter and sort data for charting and reporting. • Relatively new, still growing.

  8. SESA Architecture

  9. Event Manager for Antivirus • SESA integration product. • Enables centralized, cross-tier logging, alerting and reporting between the SESA event management system and Symantec Antivirus.

  10. SESA with Event Manager • Collector on each parent AV server passes logged data to the SESA Manager via an Agent. • The Manager stores the event data into the Data store. • The Manager uses a directory to manage the devices, users and permissions. • Access to the Manager is through a SESA console, which is java based. • All SESA components are Java based except the Data store and Directory (Oracle and DB2).

  11. SESA DEMO

  12. SESA Requirements • Prerequisites • Department must be running Symantec AV Server version 9 or better. • Must allow Java SDK 1.3.1_09 to be installed. • Departmental server must be win32-based (ie. Win2K, XP, 2003). • Must have a designated contact. • ITD Responsibilities • Create an OU and an access account. • Provide on-site installation assistance. • Provide on-site training at the time of installation. Install and training take about 1 hour and does not require a server reboot.

  13. SESA Procedure • ESR Form Method • Go to the Electronic Support Request (ESR) form. http://help.emory.edu • Login using your campus id and password. • Select the General Emory Helpdesk. • Select the Request Type of General / Other. • Use "Please add my managed AV server to SESA. in the Additional Details box.

  14. SESA Procedure (cont.) • Magic Method • Create a new incident using your name. • Set Subject to Software. • Enter "Please add my managed AV server to SESA." in the incident description. • Assign the call to EU_ITD_CLIENT_SERVICES_TIER_2 queue. • Someone from CSD will respond to your request within three business days. • We will verify the prerequisites and setup an installation time.

  15. SESA

  16. Client Services Update Stu Lipkin

  17. Discontinuing Support For Windows 98 and Mac OS 9 • Mainstream support from MS ceased for these products June 30, 2002 and December 31, 2003. Fee-for-service extended support is available but no future development is planned for these products. Microsoft will only provide critical security updates for above products posted on the Windows Update web site. Hotfixes for non-critical updates will be available on request only. • No further development and support for Mac OS 9.x is indicated from Apple. Mac OS 10.2 is the recommended platform for Apple computers.

  18. OPERATING SYSTEM Windows 98 Windows 98 SE Windows ME END OF SUPPORT June 30, 2002 June 30, 2002 December 31, 2003 Windows 98 Support from Microsoft Only paid incident support is available until December 31 2006. http://support.microsoft.com/default.aspx?scid=fh;[ln];LifeWin http://support.microsoft.com/gp/lifean1

  19. Proposed End of Support • We propose to end support for Mac OS 9.x, Windows 98, 98 SE and Windows ME on May 31st, 2005.

  20. Impact of discontinuation of stated OS support • No phone or desktop support from ITD would be provided for customers running Win 98, Win 98 2nd ed., ME, Mac OS 9.x • No support provided for ITD applications running on stated OS • Development of installers would not be written for above OS • Enterprise applications and continuing development would not need to consider the above OSes as included in the technical specifications

  21. Impact • There should be no immediate effect on users. There is no immediate plan to change services so that they are incompatible with these Windows and Macintosh Operating Systems. • Users should expect that newer applications introduced in the preceding months may not operate on older systems and may require Windows 2000 or Mac OS 10.2 or higher.

  22. Proposed Communication Plan • present at IT Briefing January 2005 • present at Desknet in January 2005 • prepare announcement to end users mid-February • post announcement in ER/Wheel February/March • email to Local-l, All-emory, various Learnlink conferences (LL Demigods, SCC Technology, and Emory Announcements) last business day of Jan, Feb, Mar, Apr • post on defined page on it.emory.edu/Desktop Computing

  23. Oracle Names to Oracle Internet Directory Mark Parten

  24. Self-Service Vulnerability Scanning A new service from your ITD Security Team

  25. Introduction • Utilizes the Nessus Vulnerability Scanning Tool • Specifically for use by System Administrators and Local Support Personnel • Can scan both desktop and server machines • Reports vulnerabilities and gives possible solutions / fixes

  26. Getting Started • For more information on requesting the ability to do a Self-Service Scan, go to the following URL: http://it.emory.edu/showdoc.cfm?docid=4248 • The ITD Security Team will work with System Administrators and Local Support Personnel to get them set up and scanning once a request has been received

  27. Overview Network Vulnerability Scanning Self-Service Overview :: FAQ ITD Security offers Network Vulnerability Scanning Self-Service using Nessus from a centralized scanning server in the DMZ. To request the ability to scan your network, please send the following information to the security team at SecurityTeam-L@listserv.emory.edu: 1. Name and organization you support2. The IP address range on your network that you would like to scan3. Phone number and e-mail address4. Your network ID We will confirm this information, send a link for the latest Nessus scanning client, and provide a password to use when you connect to the system.

  28. How to • Use GUI to connect to the Scanning Server • Use network ID and Nessus password to authenticate • Create scan session (which nodes, options, etc) • Run scan, view results, create report

  29. Documentation Can be found at: http://www.nessus.org/documentation/

  30. Self-Service Scanning

  31. NetCom

More Related