windows anti virus and security l.
Skip this Video
Loading SlideShow in 5 Seconds..
Windows Anti-virus and Security PowerPoint Presentation
Download Presentation
Windows Anti-virus and Security

Loading in 2 Seconds...

play fullscreen
1 / 17

Windows Anti-virus and Security - PowerPoint PPT Presentation

  • Updated on

Windows Anti-virus and Security WNUG Meeting 2-7-2002 Anti-virus Overview New License information ASU Current Protection Best Practices Wireless Product New Tools for Management Security Overview SANS best Practices Windows NT Windows 2000 Tools to Assist with Securit

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

Windows Anti-virus and Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
windows anti virus and security

Windows Anti-virus and Security

WNUG Meeting 2-7-2002

anti virus overview
Anti-virus Overview
  • New License information
  • ASU Current Protection
  • Best Practices
  • Wireless Product
  • New Tools for Management
security overview
Security Overview
  • SANS best Practices
    • Windows NT
    • Windows 2000
  • Tools to Assist with Securit
  • Information from Microsoft Security Seminar
anti virus license update
Anti-virus License Update
  • A new license with NAI has been signed for another 2 years.
  • All Current products are again covered.
  • We need a better idea of the number of clients we have.
asu current protection plan
ASU Current Protection Plan
  • ASU Post Office and Exchange servers are running GroupShield from NAI.
  • Workstations running VirusScan or Virex.
  • Servers running NetShield (both Netware and Windows)
  • Addition of new management tools (ePO)
anti virus best practices
Anti-virus Best Practices
  • Always have the latest sdat installed.
  • Use the most current version of the software.
  • Never EVER open attachments that are not confirmed or expected.
  • The following settings are recommended:
    • Install system, email, and download scan.
    • Scan all files even compressed.
    • Always have heuristics turned on for both macro and program scanning.
    • With email scan, scan all attachments even compressed ones.
wireless product
Wireless Product
  • Supports Palm OS, Pocket PC, Windows CE, and Symbian EPOC operating systems.
  • Handheld devices are scanned on synchronization.
wireless continued
Wireless Continued
  • Use the Configured Auto Update in the software.
  • On the Advanced Tab select the last two options. There are no defaults on the screen by default.
  • Also under the Log Activity Tab, select verbose logs. This aids in troubleshooting later.
anti virus management tools
Anti-virus Management Tools
  • ePolicy Orchestrator
  • Installation Designer
epolicy orchestrator
ePolicy Orchestrator
  • Repository for anti-virus software software.
  • Centralized anti-virus software installation.
  • Admin be able to view the state of anti-virus software on all computers on the network which have an agent.
  • Has support for multiple service providers.
  • Comprehensive reporting on anti-virus software activity.
  • Default reports that can be customized.
  • Replaces Management Console.
epo default reports
ePO Default Reports
  • Agent to Server Connect Interval
  • DAT deployment Summary
  • DAT/Engine Coverage
  • Engine Deployment Summary
  • Machines with no AV Protection
  • Machines without ePO Agent Installed
  • Product Protection Summary
  • ePO Agent Versions
  • Infection Reports
  • Top Ten Reports
  • Detection Reports
installation designer
Installation Designer
  • Utility to pre-configure VirusScan or NetShield for installation on another computer.
  • GUI utility
  • Pre-set any install time options.
  • Select additional files to copy to the system during installation.
  • Set Registry Keys.
  • Install other .DAT files other than those shipped with the product.
sans documents
SANS Documents
  • Windows NT
    • Phase 1: Setting up the machine
    • Phase 2: Safe File system and Creation of ERD
    • Phase 3: Setting Registry keys
    • Phase 4: Strong Password controls and Account policies
    • Phase 5: Auditing
    • Phase 6: Networking and Internet Security
    • Phase 7: Monitoring and updating Security
sans documents continued
SANS Documents Continued
  • Windows 2000
    • Same general guidelines from the Windows NT document.
      • Disable any unused services
      • Secure any remote control programs
suggested utilities
Suggested Utilities
  • Dumpchk.exe – provides dump file validation and analysis
  • Memsnap.exe – produces a picture of memory usage by all processes and writes a log file.
  • Poolmon.exe – used to detect memory leaks.
  • W2000msgs.chm – list of Windows 2000 error and event messages in Help File format.
  • Acldiag.exe – reads access control lists from AD objects and generates a report.
  • Filever.exe – Utility to report on the versions of the file structure, executable and DLL files.
  • Guid2obj.exe – translates a GUID to its distinguished name.
suggested utilities continued
Suggested Utilities Continued
  • Snort – free Intrustion detection system.
  • HFNetChk – inventory of security patches.
  • Qchain.exe – installs mulitple hotfixes together.
  • IIS Lockdown wizard – wizard used to lockdown IIS 4 & 5.
microsoft security seminar
Microsoft Security Seminar
  • Security Tool Kit (available from web site)
  • Keep up to date on patches/hot fixes.
  • Have anti-virus software installed and up-to-date.
  • Use good security techniques, for example those offered by SANS step by step guides.
  • Audit your systems on a regular interval