Server 2003 EOS, Part 4…

2017-07-27T00:01:00+00:00 March 4th, 2015|Uncategorized|

(Please see Server 2003 EOS Parts 1, 2, and 3 for background)

Well, folks, now the Server 2003 EOS is just 132 days away as I type this in early March of 2015… 

Did you really forget that you’re running Terminal Services on that Server 2003… to get to your critical applications?!?

Well, it’s a good thing that Kris and I just finished presenting the third part of our 4-part webinar series, “The Windows Server 2003 Comfort Trap”.  This time we’re back with a new episode filled with tips, anecdotes, and some helpful options to get you and your applications as far away from TS 2003 as you can get.

So grab a cup of tea, and watch the movie!  It’s about 38 minutes long, and is just what you need to get out of the Comfort Trap!

By the way, our other sessions can be seen here:

Thanks to all that attended the live webinar!  So register for our last session.

And who knows what’s next?  Whatever it is, I know I’m looking forward to it!  See you then…

 

Server 2003 EOS, Part 1.

2017-07-27T00:01:00+00:00 December 16th, 2014|Uncategorized|

As you surely know, the Microsoft Windows Server 2003 family is quickly approaching its End of Service (EOS) date. 

Side note: Coretek is absolutely ramped-up and ready to assist you in your migration to Server 2012 R2 (on-premises or Cloud-based), including the possibility of Microsoft funding for assessment and other exciting options.  But that’s not why I’m writing today….

Like the XP EOS frenzy early this year, these big-impact EOS timeframes end up causing some strange feelings for your friendly neighborhood server technician.  What I mean is, as a consultant, I spend a great deal of my time staying current on bleeding-edge technologies and building automations to eliminate manual installs and deployments, etc.

But today, I needed to test some odd behavior I discovered in preparation for an application migration, and I actually had to perform a manual install of Server 2003 — that’s right, manual — for the first time in what must be years.  And because of that, I’m suddenly awash in memories of where I was all those years ago.

But you’re wondering, why a manual installation?  Well just to clarify, I’ve long-since deleted all my VMM templates for Server 2003, or any VHDs that I might have had lying around to “hydrate” and test.  I searched, trust me.  So for this particular test-bed, on this particular evening, I figured it was just quicker to attach the the old CD-sized ISO to the virtual DVD drive, and on I went through that old blue initial setup screen. 

And then it hit me…  What was different about my life the last time I saw and walked through this setup screen? 

It must’ve been around mid-2008, I’m thinking, based on my memory of the day.  I think I recall the situation correctly — I had a different president, different employer, different car, different family arrangement, and on and on…  Basically a very different life.  I guess this setup screen is a bit like a time capsule of memories, like an old song that brings back a day long forgotten.  Or maybe I’m just melancholy as the holidays approach…

You know what else I had forgotten all about?  That “continue on CD #2” thing.  Remember that?  And Hyper-V issues like not having the mouse integrations, having to ctrl+alt+left-arrow all the time, and needing “integration Services” installed manually before it can communicate.  Ah, how quaint.

Will I ever walk through the blue setup screen again?  Surely; after all, I’ll probably be setting up some test beds for other folks like me who long-ago deleted deployment images and templates for Server 2003.  But I’ll tell you one thing, the next time I do the install, it will be for building a template in my VMM lab so I don’t have to do it again. 

Server 2003 might be antiquated and End of Service, but at least I can pull it forward into the future kicking and screaming just enough to help hasten its demise. 

😉

 

XP EOS D-9… And Counting…

2017-07-27T00:01:02+00:00 March 30th, 2014|Uncategorized|

It’s Monday.  The last day of March.  Forget the fact that tomorrow is April Fool’s Day.  The Windows XP “End of Service” date is now only 9 days away! 

Before reading on, it might be a good idea to reference my post from last month, “XP Elimination — The looming crush…” and “XP EOS M-9… And Counting…

Now that you’ve caught up on those previous articles, let’s spend a moment catching up on our 3 semi-fictitious companies and see how they are doing.

Organization “A” – What, me worry?

For our fictitious Organization “A”, things are actually getting better – at a price, that is.  You see, they realized they had no hope of making the deadline, and decided to throw buckets of money at the problem.  They brought in consultants, vendors, and staff leaders, and locked them in a room with a blank checkbook.  The 20,000 XP machines are rapidly becoming 7000 or so machines and dropping.  It’s “getting done”, but in a very “machine gun” style that doesn’t lend itself well to on-going management or future enhancements and upgrades.  This just means that after this checkbook is empty, they’ll be setting up for Round 2, in preparation for the next generation.  If they had gotten underway earlier, they could have had at least *some* of the tools and infrastructure in place to carry forward…  But, no…

Organization “B” – Nope.  We don’t wanna.

Well, Organization “B” is now partially integrated into Organization “C”.  They’re not going to make the deadline, I’m afraid; but because Organization “C” is so ruthlessly efficient, they are at least documenting the environment, planning the on-going integration, and actually deploying some elements of the extended infrastructure.  They still have most of the 40,000 XP workstations to get to, but the future looks better.  They’ve got fingers crossed that no calamity will befall them over the next few months as they catch up, and they are considering an alternate (expensive) support strategy.  It’s about the best they can do, given their previous situation.

Organization “C” – The best-laid plans…

For the original Organization “C” side of the C/B acquisition, things actually look pretty good.  Across the infrastructure, there are still a few thousand XP machines – but most of these are documented and/or isolated, or about to be replaced shortly.  It’s down to the wire!  But we can finally say that they’ve booked their project completion dinner party reservations.  Congratulations!  But keep at it with Organization B… 

Organization “D” – Yeah?  So?

Since my last post, I met Organization “D”.   Nice folks; smart too.  But they simply cannot afford to care about the deadline.   After a string of financial hardships, org changes, and so forth, they are only now making enough headway to think they’ll survive.  As a result of the hard past, they are only now putting their heads up for air and exploring option of how to get them from “here” to “there”.  They are numb from the scars of the economy, and they don’t see this XP EOS challenge any differently than the past challenges; they will run headlong into it, and take the blows.  They will come out the other end, but only with more scars.

Honestly, some of these stories are heartbreaking, while others are inspiring.  And mind you, I worked through the 2000 bubble like many of you, so you’d think I’d be less moved by the trials that these folks are going though.  But this one is different.  It didn’t make the news the same way (at least in the build-up), but it hits real folks where it hurts.  And we at Coretek are doing our absolute best to help those that we can, as quickly and effeciently — and as prudently — as we can. 

So good luck, hang in there, and we’ll all be watching the clock tick down to the final day.  And we’ll see you on the other side of the XP EOS…

[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

How to fix Ownerships and Inheritance on NTFS file systems, Pt. 2…

2017-07-27T00:01:03+00:00 September 18th, 2013|Uncategorized|

For background on this post, make sure to see Part 1, here

Picking up where we left off in Part 1, recall that I had a set of folders that were copied with original source permissions, and as a result, had broken permission “inheritance”.  The copy also brought over the various ownerships, which I was seeking to replace with the local “Administrators” group, according to standard practice of the customer.

So in Part 1, I had written a DOS batch script to loop through the folders and 1.) force down ownership in the new folder sub-structures (in order to follow company standard and be able to seize control of them), and 2.) re-apply inheritance of the administrative permissions from the folders above.  While I’d like to think I accomplished this swimmingly with my batch file, the truth is that it really needs to be in PowerShell in order to satisfy the needs of the team (future-proofing, portability, and such).

Let’s step through the PowerShell version now; but watch carefully because even though it is the same in principle as the DOS batch script in Part 1 (same enough to be worthy of comparison), it actually is a tad different in a few of the steps.

First, we clear the screen, set some variables, and clean up any files from the last run:

clear
$StartDate = date
Write-Host "Setting variables..."
$PARENTDRIVE = "S:"
$PARENTFOLDER = "Apps"
$PARENTPATH = "$PARENTDRIVE$PARENTFOLDER"
$LOCALPATH = "c:temp"
$TAKEOWNLOG = "$LOCALPATHtakeown-FixOwnerships.log"
$ICACLSLOG = "$LOCALPATHicacls-FixInheritance.log"
$ICACLSSUMMARYLOG = "$LOCALPATHicacls-FixInheritance-Summary.log"
Write-Host "Cleaning up log files from previous run..."
del $TAKEOWNLOG
del $ICACLSLOG

Now, with this PowerShell version of the script, I don’t need to write my lists out to a temp file for later processing (like I did with DOS in Part 1); I just dump it all into objects in memory.  Far more efficient!  Like so:

Write-Host "Creating Listing..."
$FolderListing = Get-ChildItem $PARENTPATH

Then, we hit the real work part of the script, where we loop through the folder listing, decend though and fix all the ownerships and inheritance.  This part is actually almost the same as the DOS batch script, actually, except that it’s more… um… awesomer:

Write-Host "Process listing..."
foreach ($FolderItem in $FolderListing)
{
  Write-Host "Fixing ownership: $PARENTPATH$FolderItem"
  Write-Output "Fixing ownership: $PARENTPATH$FolderItem" | Out-File $TAKEOWNLOG -append -encoding Default
  takeown /f $PARENTPATH$FolderItem /R /A /D Y  | Out-File $TAKEOWNLOG -append -encoding Default
  Write-Output "" | Out-File $TAKEOWNLOG -append -encoding Default
  #
  Write-Host "Fixing inheritance: $PARENTPATH$FolderItem"
  Write-Output "" | Out-File $ICACLSLOG -append -encoding Default
  Write-Output "Fixing inheritance: $PARENTPATH$FolderItem" | Out-File $ICACLSLOG -append -encoding Default
  ICACLS $PARENTPATH$FolderItem /inheritance:e | Out-File $ICACLSLOG -append -encoding Default
}

And finally, we create a summary log and create some closing comments before cleaning up:

Write-Host ""
Write-Host "Creating summary log..."
Select-String -pattern "Failed" $ICACLSLOG | Out-File $ICACLSSUMMARYLOG -encoding Default
Write-Host ""
$EndDate = date
Write-Host "Started: $StartDate"
Write-Host "Ended:   $EndDate"
Write-Host ""
Write-Host "...Complete!"

So that’s about it, really.  Note that I’m using the -encoding Default flag  at each Out-File so the file gets written in ANSI (on my system) instead of UniCode.   I don’t know about you, but I can’t stand dealing with UniCode files for text parsing and such.

And in case you prefer it in one contiguous list, here ya go:

clear
$StartDate = date
Write-Host "Setting variables..."
$PARENTDRIVE = "S:"
$PARENTFOLDER = "Apps"
$PARENTPATH = "$PARENTDRIVE$PARENTFOLDER"
$LOCALPATH = "c:temp"
$TAKEOWNLOG = "$LOCALPATHtakeown-FixOwnerships.log"
$ICACLSLOG = "$LOCALPATHicacls-FixInheritance.log"
$ICACLSSUMMARYLOG = "$LOCALPATHicacls-FixInheritance-Summary.log"
Write-Host "Cleaning up log files from previous run..."
del $TAKEOWNLOG
del $ICACLSLOG
Write-Host "Creating Listing..."
$FolderListing = Get-ChildItem $PARENTPATH
Write-Host "Process listing..."
foreach ($FolderItem in $FolderListing)
{
  Write-Host "Fixing ownership: $PARENTPATH$FolderItem"
  Write-Output "Fixing ownership: $PARENTPATH$FolderItem" | Out-File $TAKEOWNLOG -append -encoding Default
  takeown /f $PARENTPATH$FolderItem /R /A /D Y  | Out-File $TAKEOWNLOG -append -encoding Default
  Write-Output "" | Out-File $TAKEOWNLOG -append -encoding Default
  #
  Write-Host "Fixing inheritance: $PARENTPATH$FolderItem"
  Write-Output "" | Out-File $ICACLSLOG -append -encoding Default
  Write-Output "Fixing inheritance: $PARENTPATH$FolderItem" | Out-File $ICACLSLOG -append -encoding Default
  ICACLS $PARENTPATH$FolderItem /inheritance:e | Out-File $ICACLSLOG -append -encoding Default
}
Write-Host ""
Write-Host "Creating summary log..."
Select-String -pattern "Failed" $ICACLSLOG | Out-File $ICACLSSUMMARYLOG -encoding Default
Write-Host ""
$EndDate = date
Write-Host "Started: $StartDate"
Write-Host "Ended:   $EndDate"
Write-Host ""
Write-Host "...Complete!"

Enjoy!

 

 

How to fix Ownerships and Inheritance on NTFS file systems, Pt. 1…

2017-07-27T00:01:03+00:00 August 28th, 2013|Uncategorized|

Following up on Matt’s post last year, and my post about a similar-but-different situation…  I’m just taking Matt’s original notions to the next level, and making the script he described.

It all started after we ran into a situation where someone was migrating some data from one Windows server to another along with the NTFS permissions (using a 3rd-party copy tool).  It was soon discovered that all the permission inheritance was blocked at the point of the copy, and all the ownerships were set to the original owners (not desired in this case).  The company policy dictated that the administrative permissions from the parent folder must flow down, and that all ownerships for files and folders were set to the Administrators group. 

So, I needed to whip up a little script to fix the permission inheritance for all the new subfolders on the destination under one parent folder, and reset the ownerships to the Administrators group for each subfolder as well.

A couple important criteria I had to work around was that I write it so that it only works on the migrated subfolders, so I don’t affect the parent folders under which these new folders were copied (which actually had *intentionally* blocked inheritance and might possibly have intentional alternate owners in some situations).

Well, since all folders ended up in the same destination parent, I naturally wrote a simple little DOS batch script to fix these.  Why DOS batch, you say?  I don’t know, honestly.  Sometimes when I’m thinking through a Linux/Unix scripting situation, I start thinking of it in bash, and change to Perl when I realize it’s too complex.  And similarly in Windows-based environments I start thinking in DOS batch, and then switch to PowerShell when it gets too complex.  Just an old habit that’s hard to break, I guess.

So, walking through the main sections of the script…

First, we do initial setup, set variables for output files and such, and delete the files from the last run of the script (since it would likely be run repeatedly as a maintenance tool):

@ECHO OFF
@cls
1>&2 Echo Setting variables...
SET PARENTDRIVE=S:
SET PARENTFOLDER=Apps
SET PARENTPATH=%PARENTDRIVE%%PARENTFOLDER%
SET LOCALPATH=c:temp
SET FOLDERLIST=FolderList.txt
SET TAKEOWNLOG=takeown-FixOwnerships.log
SET ICACLSLOG=icacls-FixInheritance.log
SET ICACLSSUMMARYLOG=icacls-FixInheritance-Summary.log
1>&2 Echo Cleaning up log files from previous run...
@del %LOCALPATH%%FOLDERLIST%
@del %LOCALPATH%%TAKEOWNLOG%
@del %LOCALPATH%%ICACLSLOG%
@del %LOCALPATH%%ICACLSSUMMARYLOG%

Then, we create a listing file of the top-level folders, and store them in a file (with quotes):

1>&2 Echo Creating Listing...
@FOR /F "tokens=*" %%a in ('"dir %PARENTPATH% /A:D /B"') do @echo "%%a">>%LOCALPATH%%FOLDERLIST%

Now we change to the destination folder, and begin processing.  This is really the meat of the script.  This is where we use takeown to set Adminstrators group ownership to each folder heirarchy, and ICACLS to force permission inheritance (for administrator permissions from the parent):

1>&2 Echo Changing to %PARENTDRIVE% and %PARENTFOLDER%...
%PARENTDRIVE%
CD %PARENTFOLDER%
1>&2 Echo Process listing...
@For /F "tokens=*" %%Q in (%LOCALPATH%%FOLDERLIST%) Do @(
1>&2 Echo Fixing ownership: %%Q
@takeown /f %%Q /R /A /D Y >> %LOCALPATH%%TAKEOWNLOG%
1>&2 Echo Fixing inheritance: %%Q
ECHO Analyzing: %%Q >> %LOCALPATH%%ICACLSLOG%
ICACLS %%Q /inheritance:e /T /C >> %LOCALPATH%%ICACLSLOG%
)

And here is where we wrap it up.  I provide a brief summary report, and say goodbye:

1>&2 Echo Creating summary log...
FindStr /I /C:"failed" /C:"analyzing" %LOCALPATH%%ICACLSLOG% > %LOCALPATH%%ICACLSSUMMARYLOG%
1>&2 Echo ...Complete!

Now here is the whole script again, in once piece:

@ECHO OFF
@cls
1>&2 Echo Setting variables...
SET PARENTDRIVE=S:
SET PARENTFOLDER=Apps
SET PARENTPATH=%PARENTDRIVE%%PARENTFOLDER%
SET LOCALPATH=c:temp
SET FOLDERLIST=FolderList.txt
SET TAKEOWNLOG=takeown-FixOwnerships.log
SET ICACLSLOG=icacls-FixInheritance.log
SET ICACLSSUMMARYLOG=icacls-FixInheritance-Summary.log
1>&2 Echo Cleaning up log files from previous run...
@del %LOCALPATH%%FOLDERLIST%
@del %LOCALPATH%%TAKEOWNLOG%
@del %LOCALPATH%%ICACLSLOG%
@del %LOCALPATH%%ICACLSSUMMARYLOG%
1>&2 Echo Creating Listing...
@FOR /F "tokens=*" %%a in ('"dir %PARENTPATH% /A:D /B"') do @echo "%%a">>%LOCALPATH%%FOLDERLIST%
1>&2 Echo Changing to %PARENTDRIVE% and %PARENTFOLDER%...
%PARENTDRIVE%
CD %PARENTFOLDER%
1>&2 Echo Process listing...
@For /F "tokens=*" %%Q in (%LOCALPATH%%FOLDERLIST%) Do @(
1>&2 Echo Fixing ownership: %%Q
@takeown /f %%Q /R /A /D Y >> %LOCALPATH%%TAKEOWNLOG%
1>&2 Echo Fixing inheritance: %%Q
ECHO Analyzing: %%Q >> %LOCALPATH%%ICACLSLOG%
ICACLS %%Q /inheritance:e /T /C >> %LOCALPATH%%ICACLSLOG%
)
1>&2 Echo Creating summary log...
FindStr /I /C:"failed" /C:"analyzing" %LOCALPATH%%ICACLSLOG% > %LOCALPATH%%ICACLSSUMMARYLOG%
1>&2 Echo ...Complete!

But you know what?  That’s not good enough for Matt and me.  Nope, Matt basically insisted that it had to be done in PowerShell after all.  So of course I did that too, and I’ll put that up next week.  Why PowerShell you say?  I don’t know… Why not?

😉

 

 

XP EOS M-9… And Counting…

2017-07-27T00:01:03+00:00 July 17th, 2013|Uncategorized|

The Windows XP “End of Service” date is now only 9 months away!  Well, we’re actually just beyond 9-month mark now, but you get the point.

Before reading on, it might be a good idea to reference my post from last month, “XP Elimination — The looming crush…

If you think it’s ridiculous or hilarious that anyone should be concerned about migrating off of XP at this point, then you probably work in a small-to-medium sized company.  You might even be able to consider upgrading all the workstations by yourself (or with a buddy), or maybe you’ve just replaced all the computers with modern devices with updated OS’s.  Easy-peasy.

But many *large* enterprise company/organizations are watching the clock (or should be) for that looming April 8th deadline, for a variety of reasons.  And this is what I really wanted to touch on today — the fact that steering the massive enterprise can be like steering the largest ship in an ocean, but there are other factors to consider in the metaphorical ocean as well.  Like icebergs…  Like other, older ships that require rescuing… 

Okay, I’ve worn out the metaphor, so let’s start discussing some specifics.  Let’s look at the examples of three, ahem, *fictitious* example large organizations that have arrived at three different XP situations.

Organization “A” – What, me worry?

For our fictitious Organization “A”, things are smooth sailing.  Or so they think.  They’ve got only 20,000 XP machines, and they’ve set up a test pilot bed of about 50 Windows 7 machines, and it’s going well.  Well, *that* part’s going well.  What they will soon realize is that their back-end infrastructure isn’t prepared (in design nor scale) for the type of load that their Win7 deployment strategy calls for — and they have only just begun to prepare their applications for re-packaging.  But they aren’t worried.  Well, not as much as they should be, anyway.

Organization “B” –  Nope.  We don’t wanna.

Organization “B” doesn’t have a plan.  It’s not that they don’t have a clue, it’s just that they mostly don’t care.  They have 40,000 workstations, a bunch of old servers, and so on, in a complicated, aging infrastructure.  You see, things don’t really look good for the business end of the company in this age of consolidation, and most folks think they’ll be acquired anyway.  So XP is fine for now.  I guess.  Whatever.

Organization “C” – The best-laid plans…

For Organization “C”, they really have been doing it right.  They jumped in front of the project, and designed/prepared/deployed a sturdy, modern back-end infrastructure.  They rallied the troops and started the application re-packaging very early-on and devised a “just-in-time” strategy to manage application-to-user/workstation tracking and roll out the workstations right behind the infrastructure and apps.  The working schedule seems to indicate that all of their 50,000 workstations should be upgraded/re-deployed right around the the April 8th deadline.  Whew!  It looks like they’re going to make it!  Until…  Uh-oh…  Did we mention that Organization “C” just acquired Organization “B”? 

While these are hypothetical scenarios, I will be re-visiting these imaginary companies over the next few months as we approach the XP EOS date, discussing some of the finer points of their challenges along the way…  Let’s wish them all luck, shall we? 

😉

 

 

 

Symantec Endpoint Protection: The next generation of antivirus technology from Symantec

2017-07-27T00:01:09+00:00 August 24th, 2010|Uncategorized|

Overview

Advanced threat protection

Symantec™ Endpoint Protection combines Symantec AntiVirus™ with advanced threat prevention to deliver an unmatched defense against malware for laptops, desktops, and servers. It provides protection against even the most sophisticated attacks that evade traditional security measures, such as rootkits, zero-day attacks, and mutating spyware. Symantec Endpoint Protection delivers more than world-class, industry-leading antivirus and antispyware signature-based protection. It also provides advanced threat

prevention that protects endpoints from targeted attacks and attacks not seen before. It includes turnkey, proactive technologies that automatically analyze application behaviors and network communications to detect and block suspicious activities, as well as administrative control features that allow you to deny specific device and application activities deemed as high risk for your organization. You can even block specific actions based on the location of the user.

 This multilayered approach significantly lowers risks and gives you the confidence that your business assets are protected. It is a comprehensive product that gives you the capabilities you need now, along with the ability to enable the pieces you need, as you need them. Whether the attack is coming from a malicious insider or is externally motivated, endpoints will be protected. Symantec Endpoint Protection increases protection and helps lower your total cost of ownership by reducing administrative overhead as well as the costs associated with managing multiple endpoint security products. It provides a single agent that is administered by a single management console. This simplifies endpoint security administration and provides operational efficiencies such as single software updates and policy updates, unified and central reporting, and a single licensing and maintenance program. Symantec Endpoint Protection is easy to implement and deploy. Symantec provides a range of consulting, technical education, and support services that guide organizations through the migration, deployment, and management of the solution and help them realize the full value of their investment. For organizations that want to outsource security monitoring and management, Symantec also offers Managed Security Services to deliver real-time security protection.

 

Key benefits

Secure

Comprehensive protection—Symantec Endpoint Protection integrates best-of-breed technologies to stop security threats—even from the most devious new and unknown attackers—before they penetrate the network. It detects and blocks malicious software in real time, including viruses, worms, Trojan horses, spyware, adware, and rootkits.

Proactive protection—TruScan™ Proactive Threat Scan is a unique Symantec technology used to score both good and bad behaviors of unknown applications, enhancing detection and reducing false positives without the need to create rule based configurations.

Industry-best threat landscape intelligence—Symantec protection mechanisms leverage the industry-leading Global Intelligence Network to deliver an unparalleled view of the entire Internet threat landscape. This intelligence results in actionable protection and peace of mind against evolving attacks.

Simple

Single agent, single console—A full range of security technologies are integrated into a single agent and a centralized management console, with an intuitive user interface and Web-based graphical reporting. You are able to set and enforce security policies across the enterprise to protect your critical assets. Symantec Endpoint Protection simplifies management, reduces system resource usage, and requires no additional agents when adding Symantec Network Access Control support. Symantec Network Access Control features are automatically enabled on the agent and management console with the purchase of a license.

Easy to deploy—Because it requires only a single agent and management console and it operates with an organization’s existing security and IT investments, Symantec Endpoint Protection is easy to implement and deploy. For organizations that want to outsource security monitoring and management, Symantec offers Managed Security Services to deliver real-time security protection.

Lower cost of ownership—Symantec Endpoint Protection delivers a lower total cost of ownership by reducing administrative overhead as well as the costs associated with managing multiple endpoint security products. This unified approach to endpoint security simplifies administration and

provides operational efficiencies such as single software updates and policy updates, unified and central reporting, and a single licensing and maintenance program.

Seamless

Easy to install, configure, and manage—Symantec Endpoint Protection makes it easy to enable/disable and configure desired technologies to fit into your environment.

Symantec Network Access Control ready—Each endpoint becomes “Symantec Network Access Control ready,” eliminating the need to deploy additional network access control endpoint agent software.

Leverages existing security technologies and IT

investments—Symantec Endpoint Protection works with other leading antivirus products, firewalls, IPS technologies, and network access control infrastructures. It also works with leading software deployment tools, patch management tools, and security information management tools.

Integration with Altiris endpoint management

solutions—Distributing software packages, migrating older Symantec AntiVirus™ or other antivirus deployments, and viewing new agent rollout status and activity is easier.

Key features

 

More than antivirus

Antivirus and antispyware—Provides unmatched, best of- breed malware protection, including market-leading antivirus protection, enhanced spyware protection, new rootkit protection, reduced memory footprint, and new dynamic performance adjustments to keep users productive.

Network threat protection—A rules-based firewall engine and Generic Exploit Blocking (GEB) block malware before it can enter a system.

Proactive threat protection—Providing protection against unseen threats (i.e., zero-day threats), it includes TruScan Proactive Threat Scan, which does not rely on a signature.

Single agent and single management console—Antivirus, antispyware, desktop firewall, IPS, device and application control, and network access control (with the purchase of a Symantec Network Access Control license) are provided on a single agent—all managed by a single console.

Coretek Services is a Michigan based Systems Integration and IT consulting company that works with virtualization infrastructure, and is also a Symantec Gold Partner specializing in Symantec Enterprise Vault (SEV), Symantec Backup Exec (SBE), and Symantec Endpoint Protection (SEP).  Please contact us today for any virtualization requirements, or Symantec Product requirements.

Source: Symantec.com