Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Endpoint Management Community Blog
Showing posts tagged with Symantec Management Platform (Notification Server)
Showing posts in English
mmurphy7 | 18 Jan 2013 | 0 comments

With the new year upon us, it’s time for Arellia’s 2012 analysis of Adobe Security Bulletins and those with privilege exploits. As a refresher from the Introduction on Privilege Exploitation, privilege exploitation is where the malicious software takes advantage of the rights of the logged in user to change the configuration of the local computer.  Breakdown of Adobe Bulletins:

Bulletins 28
Vulnerabilities 125
Bulletins with Privilege Exploitations 20
Vulnerabilities with Privilege Exploitations 98
% of Bulletins with Privilege Exploitation 71.43%
% of Vulnerabilities with Privilege Exploitation...
Ludovic Ferre | 02 Jan 2013 | 0 comments

It looks like we tried to push out some update before the worl did _not_ end :D.

File name: symantec.pl.xml
File hash: f66d34f93a3b240f0fa2f908428051b4
File date: 2012-12-20 10:31
File size: 13,727,806 bytes (~14MB)
Release date: 2012-12-21

Additional information:

  • ProductListing definitionName="symantec_v2" majorVersion="7" minorVersion="1" buildVersion="11"
  • Some changes occured in the package tree, as shown below with some prunning being done and Service Desk 7.5.1 being added
--- tree-737a531d1c28c34bd7b73f14e0633578.txt	2013-01-02 12:09:19.000000000 +0100
+++ tree-f66d34f93a3b240f0fa2f908428051b4.txt	2013-01-02 12:12:01.000000000 +0100
@@ -1,4 +1,4 @@
-tree-737a531d1c28c34bd7b73f14e0633578/
+tree-f66d34f93a3b240f0fa2f908428051b4...
Ludovic Ferre | 01 Jan 2013 | 0 comments

Happy New Year Symantec and the Connect Community.

Today I updated my patch toolkit ([1][2]) with version 0.6.7, brining in a couple of features ontop of some project consolidation (nothing visible from the end-user standpoint but I have implementing a generic initializer and a config class that allow me to further consolidate the project codes).

Here are the features implemented in 0.6.7:

  • /severity=<severity>|* now has a wildcard token ("*") that allows users to select any severities instead of only one [available in both ZeroDayPAtch.exe and PAtchAutomation.exe]
  • /custom-sp=<sp_name> allows the user to specify a stored procedure name that will be executed [available in PatchAutomation.exe alone]

What's specially interesting in this case (and in the combination of both features) is that it is now possible to generate a result-set to be used in the tool based on what ever the end user want.

The /...

HighTower | 27 Dec 2012 | 7 comments

At the last couple of Symantec Endpoint Management User Group meetings I talked about a couple of things that can be done to improve the performance of your Symantec Management Platform.  I figured it would be best to summarize them in the group itself:

  1. The first one I mentioned had to do with changing the Kerberos authentication order in the IIS website from Negotiate > NTLM to NTLM > Negotiate
    http://www.symantec.com/business/support/index?page=content&id=TECH156006
     
  2. The second we just ran across this week.  Our 16 core, 24gb RAM SQL server was running a constant 80-90% CPU utilization and we were experiencing frequent deadlocks.  On Sunday, a deadlock/blocking situation corrupted our PMImport and broke Patch.  Very bad things happened.

    In any event, we found that the SQL Tuning guide had been updated by...

Ludovic Ferre | 20 Dec 2012 | 0 comments

I was asked today to help on a long running hierarchy replication task. I pointed my customer to the default report whilst I was searching a hand crafted SQL to do the same, with a slightly friendlier look to it.

I found it, so I sent it to them and I share it with the Community now:

select
		rs._eventTime as 'Event time',
		replace (src.name, '.15-cloud.fr', '') + ' --> ' +
		replace (dst.name, '.15-cloud.fr', '') + 
		case src.name when 'vbox-atrs5.15-cloud.fr' then ' (Down)' else ' (Up)' end as 'Details',
		cast(rs.TotalReplicationCount as varchar) as 'Objects (total)',
		cast (rs.FailedReplicationCount as varchar) as 'Failed',
		cast (rs.DataTransferred as varchar) as 'Size in KiB',
		cast (DATEDIFF(mi, rs.[StartTime], rs.[FinishTime] ) as varchar)AS 'Duration (mins)'
  from...
Ludovic Ferre | 21 Nov 2012 | 1 comment

I just wrote an article in French regarding recommanded application pool configuration for the SMP and IIS.

It's available [1] but I won't tease you too much. Here is the most interesting part from it, a batch script to automate the pool creation, "straight off the bat" as a British friend of mine would put it. Please note that some web-applications work nicely in their own pools, but other need to remain in the /Altiris application domain. So if you feel like trying to craft your own, keep this in mind and be ready to revert.

@echo off
set appcmd=%comspec%\..\inetsrv\appcmd

%appcmd% add apppool -name:Altiris-NS-Agent
%appcmd% set apppool Altiris-NS-Agent -managedPipelineMode:Classic
%appcmd% set app "Default Web Site/Altiris/NS/Agent" -applicationPool:Altiris-NS-Agent

%appcmd% add apppool -name:TaskManagement
%appcmd% set apppool TaskManagement -managedPipelineMode:Classic
%appcmd% set app "Default Web Site/Altiris/TaskManagement...
Ludovic Ferre | 21 Nov 2012 | 0 comments

This evening I was asked whether I would recommand disabling IIS log file to make sure the SMP console runs as fast as possible.

My answer was (and remains) a big NO. Do _not_ disable IIS logging. It contains a lot of good information on it (that I am a big consumer of, but the value is there to anyone).

So, first lets dispell this nonsense about improving performances.

IIS logging is done on the http.sys driver, so it run in the Windows Kernel. You can verify this using procexp as per the image below. This means logging requests once they are completed (as this is when it) does not cost any context switching (as it would if it was in living user space). Besides, each entry is normal less than 1024 bytes, which means the "cost" of logging entries is fractional: push the information already held in memory to disk.

If you compare the cost of doing this tiny little task with what happens in user mode in the w3wp.exe (handling the request in ISAPI...

stebro | 12 Nov 2012 | 0 comments

One of the challenges related to critical applications on Windows desktops is end user’s or malware’s ability to kill critical services and processes. Critical applications in an enterprise desktop can include antivirus and endpoint security products as well as systems management tools for software delivery, patching, and\or inventory. Protection of the services and processes related to these applications is key to ongoing operational security and availability.

Critical Windows applications typically run as a service that often can be stopped by a user running with administrator credentials. Any user who runs as a standard user is limited from stopping services, but as most users in enterprises run with administrator accounts they can stop those services and often do. Reasons for stopping critical services vary, but the most common reasons include complaints about performance impact of such applications or not wanting to be controlled by corporate IT. Whatever...

ohzone - CherylPeterson | 06 Nov 2012 | 0 comments

Twitter users @SymantecEMM has changed it name to @SymcEndptMgt ! Follow us for news and information from the Endpoint Management team!

You'll be glad you did!

tgrandpre | 12 Oct 2012 | 0 comments

As a current Endpoint Management customer, you are likely already entitled to upgrade to the latest version as part of your maintenance. Since the 6.x release, Symantec has released a number of very powerful enhancements and improvements that will likely benefit your organization. 

In this *recorded webcast, you'll learn about the latest features of Symantec Endpoint Management, as well as understand how to locate the resources and assistance for a successful migration from previous versions. There are numerous tools and tips to help you make the upgrade easy.

This webcast includes technical details that are sure to help you plan your move and reap the benefits of Symantec’s Endpoint Management solutions.

View Webcast HERE

*Live...