How many users?

Post #55,832 by pwhysall 10/9/02 6:25:12 PM Reply	How many users? If you've got a licence for TVD or McAfee ePolicy Orchestrator, this is the way to go - you can make policy changes (like changing the name of the server used for updates) and push it out to all users. Vanilla TVD ships with a thing called the "management edition". It's pretty agricultural, but sort of gets the job done. However, any policy changes will have to be explicitly pushed by you. ePO is smarter. The agent that gets installed on the desktop PCs periodically queries the master server to see if there are any updates - either DAT files, or policy changes. Policy is enforced at a pre-defined interval. Alternatively, you could use the Installation Designer that ships with TVD to make your own deployed version of VirusScan, with the updated auto-update configuration, then publish that application to your users. However, this assumes an all-Windows 2000 and AD setup. Peter [link\|http://www.debian.org\|Shill For Hire] [link\|http://www.kuro5hin.org\|There is no K5 Cabal] [link\|http://guildenstern.dyndns.org\|Blog]
Post #55,836 by Silverlock 10/9/02 6:57:09 PM Reply	500+ W2K users Those sound like great tools. We, of course, don't get to use them because that would infringe on the role of the antivirus administrator. I will see if he has these and explain to him what they can do. The problem however is that the server these endusers are looking for no longer exists with the name as recorded on the endusers system. Domain names got changed to reflect our new company name. This broke things quite nicely for many of us in many areas. "A civilian gang of thieving lobbyists for the military industrial complex is running the White House. If to be against them is considered unpatriotic -- Hell, then call me a traitor." -- Hunter S. Thompson
Post #55,946 by bepatient 10/10/02 8:17:38 AM Reply	At some point... ...you are going to have to violate some security policy (given the set of constraints that you've posted)...so someone in Security (or the AV guy) is gonna have to deal with a little infringement. You need to remotely access 500 machines...or manual touch 500 machines and you need to do it with admin rights or the remote software available from the antivirus vendor. There's not alot of other options...except leave them all broke and get whacked by the next virus to come along. You were born...and so you're free...so Happy Birthday! _{Laurie Anderson} [link\|mailto:bepatient@aol.com\|BePatient]
Post #55,963 by Silverlock 10/10/02 10:15:28 AM Reply	About what I thought. Our security policies are a hell of a mess. "A civilian gang of thieving lobbyists for the military industrial complex is running the White House. If to be against them is considered unpatriotic -- Hell, then call me a traitor." -- Hunter S. Thompson
Post #56,132 by static 10/11/02 1:28:58 AM Reply	Find someone in Security to help. Often, those guys are allowed to break security policy for various reasons. I know - I used to be one of them! :-) You also need someone else with some power to agree that the current anti-virus administrator is a) probably the wrong person or b) doesn't have the access or authority or knowledge to do their job properly. Fixing security policies is a long and slow task, especially when you're not in security. Best not fight that one now. Wade. "Ah. One of the difficult questions."
Post #56,363 by boxley 10/12/02 10:42:14 AM Reply	sneakernet :( will work for cash and other incentives [link\|http://home.tampabay.rr.com/boxley/resume/Resume.html\|skill set] "Therefore, by objective standards, the leading managers of the U.S. economy...are collectively, clinically insane." Lyndon LaRouche

Welcome to IWETHEY!