Video Screencast Help
Search Video Help Close Back
to help

Endpoint Management Community Blog

Showing posts in English
Microsoft Privilege Exploitation in 2012
mmurphy7 | 02 Jan 2013 | 0 comments

 

With the new year upon us, time for Arellia’s 2012 analysis of Microsoft vulnerabilities and those with privilege exploitation:

Bulletins 83
Vulnerabilities 172
Bulletins with Privilege Exploitations 40
Vulnerabilities with Privilege Exploitations 87
% of Bulletins with Privilege Exploitation 48.2%
% of Vulnerabilities with...
Read more
Altiris Vs SCCM 2007
Ashish-Sharma | 02 Jan 2013 | 1 comment

Hi,

Someone asked, 

What is difference between Altiris Vs SCCM ?

What Can I do with altiris ?

Attached Document explain Briefly difference between Altiris Vs SCCM 2007.

 

Source:

http://myitforum.com/cs2/files/folders/comparedocs...

Read more
A new Symantec.pl.xml was released 2012-12-21 (SD 7.5.1)
Ludovic Ferre | 02 Jan 2013 | 0 comments

It looks like we tried to push out some update before the worl did _not_ end :D.

File name: symantec.pl.xml
File hash: f66d34f93a3b240f0fa2f908428051b4
File date: 2012-12-20 10:31
File size: 13,727,806 bytes (~14MB)
Release date: 2012-12-21

Additional information:

  • ProductListing definitionName="symantec_v2" majorVersion="7" minorVersion="1" buildVersion="11"
  • Some changes occured in the package tree, as shown below with some prunning being done and Service Desk 7.5.1 being added
--- tree-737a531d1c28c34bd7b73f14e0633578.txt	2013-01-02 12:09:19.000000000 +0100
+++ tree-f66d34f93a3b240f0fa2f908428051b4.txt	2013-01-02 12:12:01.000000000 +0100
@@ -1,4 +1,4 @@
-tree-737a531d1c28c34bd7b73f14e0633578/
+tree-f66d34f93a3b240f0fa2f908428051b4...
Read more
{CWoC-2012} Happy New Year Connect and Patch Tool Kit version bumped to 0.6.7
Ludovic Ferre | 01 Jan 2013 | 0 comments

Happy New Year Symantec and the Connect Community.

Today I updated my patch toolkit ([1][2]) with version 0.6.7, brining in a couple of features ontop of some project consolidation (nothing visible from the end-user standpoint but I have implementing a generic initializer and a config class that allow me to further consolidate the project codes).

Here are the features implemented in 0.6.7:

  • /severity=<severity>|* now has a wildcard token ("*") that allows users to select any severities instead of only one [available in both ZeroDayPAtch.exe and PAtchAutomation.exe]
  • /custom-sp=<sp_name> allows the user to specify a stored procedure name that will be executed [available in PatchAutomation.exe alone]

What's specially interesting in this case (and in the combination of both features) is that it is now possible to generate a result-set to be used in the tool based on what ever the end user want.

The /...

Read more
Performance Tuning for SMP 7.1SP2
HighTower | 26 Apr 2013 | 7 comments

At the last couple of Symantec Endpoint Management User Group meetings I talked about a couple of things that can be done to improve the performance of your Symantec Management Platform.  I figured it would be best to summarize them in the group itself:

  1. The first one I mentioned had to do with changing the Kerberos authentication order in the IIS website from Negotiate > NTLM to NTLM > Negotiate
    http://www.symantec.com/business/support/index?page=content&id=TECH156006
     
  2. The second we just ran across this week.  Our 16 core, 24gb RAM SQL server was running a constant 80-90% CPU utilization and we were experiencing frequent deadlocks.  On Sunday, a deadlock/blocking situation corrupted our PMImport and broke Patch.  Very bad things happened.

    In any event, we found that the SQL Tuning guide had been updated by...

Read more
A Quick Report for Hierarchy Replication
Ludovic Ferre | 20 Dec 2012 | 0 comments

I was asked today to help on a long running hierarchy replication task. I pointed my customer to the default report whilst I was searching a hand crafted SQL to do the same, with a slightly friendlier look to it.

I found it, so I sent it to them and I share it with the Community now:

select
		rs._eventTime as 'Event time',
		replace (src.name, '.15-cloud.fr', '') + ' --> ' +
		replace (dst.name, '.15-cloud.fr', '') + 
		case src.name when 'vbox-atrs5.15-cloud.fr' then ' (Down)' else ' (Up)' end as 'Details',
		cast(rs.TotalReplicationCount as varchar) as 'Objects (total)',
		cast (rs.FailedReplicationCount as varchar) as 'Failed',
		cast (rs.DataTransferred as varchar) as 'Size in KiB',
		cast (DATEDIFF(mi, rs.[StartTime], rs.[FinishTime] ) as varchar)AS 'Duration (mins)'
  from...
Read more
The mountain ahead
Tim.Jing | 19 Dec 2012 | 0 comments

If you can imaging a picture of Mount Ranier on a cloudy day. The towering structure is only partialy revealed, clouds camouflage the snow covered cap. leaving one a guess at what could be under the blanket.

We have alot of items to migrate ahead, including:

  1. A DS structure with about 300 packages vendor command lines and MSI built from Wise.
  2. An HII image in Windwos XP that has not changed since 2009.
  3. Wise to Admin Studio conversion.
  4. Windows 7 image.
  5. App Metering to block apps(If the header reading is better than version 6)
  6. Exploring virtual applications with Workspace Streaming.
  7. Mac OS image and software deployment.
  8. Symantec MDM.
  9. Customize console and training for the Desktop and service desk groups.

 

Should be a...

Read more
A Reflection on the Federal CIO Council Mobility Report
tiffany_jones | 17 Dec 2012 | 0 comments

On Tuesday the Federal CIO Council released a Mobility Report.  This report highlights several customer challenges associated with supporting a mobile environments and implementing Steve VanRoekel's Federal Digital Strategy.  The challenges highlighted are consistent with the challenges that many of our government customers have articulated to Symantec:

  1. Mobile Device Management: the need to manage devices and configure them in a way that is consistent with an agency's mobile policy
  2. Mobile Application Store: the need to have a well managed application store where applications can be authorized, secured and managed consistently and centrally for an organization
  3. Identity and Access Management: the need to have appropriate identity and access management controls for mobile devices with authentication and encryption capabilities that meet federal standards 
  4. Data Standards: the need to work with industry to bridge security...
Read more
Releasing version 0.6.6 of the patch automation 7.1 SP2 toolkit
Ludovic Ferre | 17 Dec 2012 | 0 comments

I completed some refactoring and aggregated the 2 related Patch Automation projects [1][2] in the last week and so I can call the 2 programs a toolkit :D.

Some features from the changes are only code related (sharing code between the projects) but there's a major addition to both project: custom patch exclusion.

This is implemented via the database, and it leaves plenty of room for you to choose which bulletins are excluded. The code is written to exclude bulletin by name, from the content of a table or view named "PatchAutomation_Excluded".

And here is a sample implementation, that will prevent duplicate entries in the table and will give some added information (a timestamp when a new exclusion is added):

if exists (select name from sys.objects where type = 'U' and name = 'PatchAutomation_Excluded')
	drop table PatchAutomation_Excluded

create table PatchAutomation_Excluded (
	_id int...
Read more
Altiris SMP 7.1 upgrade from 6.x
Tim.Jing | 13 Dec 2012 | 10 comments

This will be to document our migration from Symantec Client Managment 6 to SMP CMP 7.1. It is scheduled to be set in motion sometime Jan 2013 with the help of Xcend consulting services which also implemented our 6.x environment.

Our environment:

We are a school district with 80+ remote sites. 25,000+ Windows XP machines, a few Win 7, 300+ Mac's, 6,000+ iPads. We have a centralized datacenter, with fiber connections to each site. We have Cisco networking gear with gigbit connections at most ports, along with Cisco Aironet access points at some campuses.

We use Altiris for all new and existing SO and software automation except for the Apple equipment. The suites used in Altiris are:

Depoyment solution, we have 10 DS 6.9 SP2 servers divided up amoung the sites.

Inventory via NS, we have 3 client facing NS with a report server. Lots of custom reports for compliance and inventory questions.

Patch managment, for desktop and servers.

...

Read more