Video Screencast Help
Endpoint Management Community Blog
Showing posts tagged with Altiris Client Management Suite
Showing posts in English
stebro | 27 Sep 2012 | 0 comments

Since publishing the article on Zero-Day Vulnerability Protection with Privilege Management, there has been a lot of additional press around the September 2012 Microsoft Internet Explorer vulnerability that adds additional insights into this problem. The bottom line is that zero-day vulnerabilities, while not new, continue to be a big problem to organizations.

Time to respond to security threats is crucial and there is some concerning news around the disclosure of this latest Internet Explorer vulnerability. Reviewing the publicly disclosed timeline, we see the following key events:

andykn101 | 25 Sep 2012 | 0 comments

OK, so you need to add new Mass Storage drivers to your Windows XP sysprep image for your new HP 6470b laptop with the ""Intel(R) 7 Series/C216 Chipset Family SATA AHCI Controller", the previous model, the 6460b, having the "Intel(R) Mobile Express Chipset SATA AHCI Controller".

You download the "Intel Rapid Storage Technology Driver" SoftPaq from the HP website, run it on a temporary PC to extract the .sys and .inf files and notice that they no longer support the same storage chipsets as your previous set. Support for things like "Intel(R) ESB2 SATA AHCI Controller" seems to have been dropped. Do you care? Run this report to find out:

 

SELECT DISTINCT [Device ID]

FROM         dbo.Inv_HW_Plug_and_Play_Entity_Windows

WHERE     (Service LIKE N'iastor') AND ([Device ID] LIKE N'pci%')

And it will give you a list of all active Intel SATA controllers in your database:

 ...

ianatkin | 20 Sep 2012 | 0 comments

It's just been brought to my attention that Brian Madden yesterday posted this very interesting blog,

http://www.brianmadden.com/blogs/brianmadden/archive/2012/09/19/here-s-how-symantec-can-dominate-the-quot-new-quot-desktop-fingers-crossed-they-don-t-screw-it-up-again.aspx

Interesting to see how others on the outside see the Symantec's plays in desktop management space. 

stebro | 18 Sep 2012 | 0 comments

Have you used Internet Explorer to visit a malicious website recently? Have you used Internet Explorer to visit any website lately? How do you know for sure that you are not infected? Yesterday, a new zero-day vulnerability for Internet Explorer versions 6-9 was reported affecting everything from Windows XP to Windows 7 and Windows Servers. Zero-day vulnerabilities are a common fact of life, but the same old approaches to protection continue to be insufficient. Let’s discuss this vulnerability and how privilege management can mitigate the impact.

In the case of this zero-day vulnerability, a malicious website can be crafted then unsuspecting victims can visit it with Internet Explorer only to be exploited. Once exploited, security software can be disabled, files are downloaded or malicious software is installed so that system can be reused as a zombie or SPAM relay.

...

jasonfo | 18 Sep 2012 | 0 comments

If you have ever needed to create a report but dont know what table you are looking for this might help you out. In my case I had to find something that had the "Publisher".

 To look for columns in view...

USE
Symantec_CMDB
SELECT
V.name AS View_name,
SCHEMA_NAME(schema_id) AS schema_name,
c.name AS column_name
FROM sys.views AS v
INNER JOIN sys.columns c ON v.OBJECT_ID = c.OBJECT_ID
WHERE c.name LIKE '%Publisher%'
ORDER BY schema_name, View_name;

To look for columns in tables...

USE
Symantec_CMDB
SELECT t.name AS table_name,
SCHEMA_NAME(schema_id) AS schema_name,
c.name AS column_name
FROM sys.tables AS t
INNER JOIN sys.columns c ON t.OBJECT_ID...

Darrell Elmore | 24 Aug 2012 | 0 comments

Problem

It seems that the Install Endpoint Protection task fails for some but not all computers.

Solution

  1. Go to the installation package located under D:\Program Files\Altiris\Notification Server\NSCap\bin\Win32\x86\Symantec Endpoint Protection\Install Package or D:\Program Files\Altiris\Notification Server\NSCap\bin\Win64\x64\Symantec Endpoint Protection\Install Package
  2. Open the InstallSEP_<Package Name>.vbs file
  3. Make the following changes

Change: WshShell.Run <Package Name>.exe, HIDE_WINDOW, WAIT_ON_RETURN

To:  sCurrPath = CreateObject("Scripting.FileSystemObject").GetAbsolutePathName(".")

WshShell.Run chr(34) + sCurrPath + "\<Package Name>.exe" + chr(34), HIDE_WINDOW, WAIT_ON_RETURN

In my case this seemed to have fixed my...

stebro | 21 Aug 2012 | 0 comments

One of the first challenges an organization faces when deciding to remove end-user administrator rights is determining what applications require such rights. Many times the approach is to remove administrator rights, see who complains and add those users back to the administrators group. Over time, large chunks of an organization still have administrator rights due to applications that are not compatible when run as a standard user. Let’s look at how this can be addressed.

There are four application types that typically require administrator rights:

  • System Utilities: Some of these utilities make sense to restrict from standard users including computer management, turning Windows features on or off, or allowing remote access. Others such as the Disk Defragmenter, changing the system time, or adding language packs may be appropriate
  • Installers: Most installers will not run by a standard user. There are some installer exceptions that will still...
ianatkin | 08 Aug 2012 | 0 comments

As I keep forgetting where the Dell driver cabs are, I thought that I should document it somewhere.... ;-)

http://en.community.dell.com/techcenter/enterprise-client/w/wiki/2065.dell-driver-cab-files-for-enterprise-client-os-deployment.aspx

For those of you out there that download drivers by going through the Dell support website, you'll find these CABs a dream. All the drivers for your model in one place. I generally just do an inf search through the folder structure, looking for the Device ID I need.

ianatkin | 08 Aug 2012 | 0 comments

 

Just a little query to to detail how many computers have the Intel 7 Series SATA AHCI controller which has Device ID 1E03. These new controllers come on our shiny new Dell Latitude E6330, but I was curious to see if anyone else in our managed estate had this controller. 

 

 

select count(*), [System Manufacturer],[Computer Model] from AexInv_Aex_HW_PCI_Bus 

join Wrksta on AexInv_Aex_HW_PCI_Bus.wrkstaID = Wrksta.Wrkstaid

join Inv_Aex_HW_Serial_Number on Inv_Aex_HW_Serial_Number._ResourceGUID = Wrksta.GUID

where [PCI BUS Component] 

like '%DEV_1E03%'

group by [System Manufacturer],[Computer Model]
stebro | 02 Aug 2012 | 0 comments

Windows 7 migrations are in full force with Windows 8 on the horizon. One of the many challenges is addressing application compatibility and security. Arellia will be hosting a webcast to learn about issues related to moving legacy applications to Windows 7 or 8 and how to make those applications compatible and secure. Arellia is integrated with the Symantec Management Platform and sold through Symantec.

Register for the webcast