Intel,Altiris Group

ITMS 7.1 - SEPIC Power Sensitive Malware Scanning Integrated Task 

Jan 31, 2011 02:47 PM

The following scenario may sound familiar:

You need to ensure a virus scan is completed on a regular basis, but the business prefers that the scan does not interrupt users during business hours.  You will need to run virus scans and other maintenance activities during non-business hours.   At the same time, you need to enforce Green IT power policies which will put systems in a sleep or hibernate state after a defined time period (i.e. 15 minutes).   Since the virus scans or other maintenance events will likely occur during evening hours, there is a good chance systems will be offline.   Not all systems are responding to power-on commands\requests - leading to incomplete jobs. Etc, etc, etc.

Sound familiar?

In the next release of SEPIC (Symantec Endpoint Protection Integration Component) running on ITMS 7.1 there will be an integrated TaskServer job to complete the following core tasks:

  • Power on the client (via Wake-on-LAN or Intel vPro Technology)
  • Run LiveUpdate
  • Perform a Quick or Full scan of the client
  • Power down the client

A graphical summary is shown below.

The individual components could be instrumented via series of custom defined tasks wrapped into a single job.   The interesting part is a single pre-defined Task with some user-defined customizations has been provided.

A common hurdle I hear is getting the system to reliably power-on.   Most of my posts within Symantec Connect focus on Intel vPro Technology, and the graphical summary above helps to understand where this technology might help.   Only part of step 2 really applies to Intel vPro Technology - the ability to securely and reliably power-on the target clients.  

In working with the Symantec product management and development teams - an integrated job was defined.   Having the opportunity to test it out in the labs, I was impressed.  Take a look at the screenshot below:

What you see is that 9 systems were targeted... 9 being the total number of available systems in lab.   The clients represented various operating systems (Windows XP, Windows 7 32-bit, Windows 7 64-bit), across all generations of Intel vPro Technology (2006 through 2010 models).

All were powered on via "Run Power On" - which uses Intel vPro Technology.   I left the "Wake-on-LAN" option enabled - although it wasn't required in this scenario.   If you look above the main window, you'll notice the option is configurable whether to use vPro, WoL, or both.  

The systems all ran LiveUpdate.   Always good to have the latest definitions\updates.

The next entry might look like an error occurred - 11% of the systems failed to complete the "Quick scan for viruses and security risks".   What really happened is that I forced the task to timeout after 5 minutes and intentional prevented one of the clients from completing the virus scan.   This was for testing purposes - "If a system fails to complete a task, will the remaining tasks complete".    Hard to prevent an efficient SEP client from not completing a quick scan... unless you have the system running another process that is consuming a majority of the resources.   In truth - the Quick Scan did complete, but it was outside the 5 minute interval that I defined for the overall TaskServer job.

Similarly, the "Power Off" task also shows a single client failed to respond.   This again was due to timings and settings on my part.  

Interested to hear thoughts and feedback on this new task.   More ideas are coming - some integrated, some customized and optimized to work well with Intel vPro Technology.   As an example of customized\optimized, take a look at http://www.symantec.com/connect/articles/optimizing-sert-intel-vpro-technology.   More interesting insights\posts to come...

 

The opinions expressed on this site are mine alone and do not necessarily reflect the opinions or strategies of Intel Corporation or its worldwide subsidiaries.

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.