Wednesday, August 27, 2008

AV Software Initial Thoughts: Sunbelt VIPRE Enterprise

I'm currently in a cycle of reviewing some Antivirus/AntiMalware software for our next round of protection.

Here are my initial thoughts on Sunbelt's VIPRE Enterprise (remember, I'm just a normal, non-AV-specialist IT admin trying this out):

  • The setup is very easy on the server side. Just make sure you have .NET framework installed (it will notify/install it for you).
  • The local "agents" on your network computers use a ridiculously low amount of resources (my Vista x64 box uses just 52MB of RAM when I turn all of the protection on; XP Pro uses less). Running with "open file/copy file protection" can slow things down.
  • Deploying the software to Vista machines is easy as pie. I've had some struggles with my XP boxes (haven't finished reading the proper way to do it yet).
  • The Enterprise Console can be a little slow at times when doing intensive tasks (like loading all of the threats in the database as a list, or sorting them).
  • A LOT of good reports come standard in the box.
  • Run the "Console" on a computer with a lot of RAM. When making changes to policies, etc. you can eat a huge amount of RAM. I ate 500+MB when doing some large list/policy settings.
  • Licensing is not complicated. I was very happy that it was straight-forward, and easy to understand

More updates to come! Up next is Sophos Endpoint Security.

Tuesday, August 26, 2008

Windows Vista Testing: Update 1

Welcome to part one of my Windows Vista testing experiment!

I'm going to try and put this in a series of Pro's/Con's, with a summary write-up at the end.

Pro's:

  • It sure is pretty. My machine uses Aero Glass, and it's a breeze to look at. I'm not sure yet if it makes life "easier" or "better"
  • Font rendering is greatly improved. Looking at XP (even on the same exact hardware), it's not as smooth. This reminds me of the good font rendering Apple has had for a while.
  • I was able to "push" my AV client to the Vista install without a hitch.
  • Vista is capable of using more RAM than XP 32-bit.
  • Vista x64 is more stable than XP x64.
  • Sidebar gadget's have immense potential for making my job easier (think management).

Con's:

  • User Account Control can be very annoying. Especially when getting everything installed.
  • You can't right-click on a folder and "Search" anymore.
  • Searching for "*.mp3" takes a LOT longer than searching for "mp3".
  • Setting up Search Indexing is not easy. I keep on using the "Click to turn on the index..." link, but then it keeps telling me it's not on.
  • Vista x64 uses more RAM than XP x64.
  • Vista's Task Manager doesn't give you the "usual" picture on Memory usage:
    • While using VMWare Workstation 6.5 today I noticed that my Sidebar was telling me I had used 89% of my 8GB of RAM. This seemed odd, because I looked in task manager and found that the largest process, explorer.exe, was using "186,104K". I only had a total of 80 processes, with 3 consuming >100,000K.
    • Upon further investigation, I found that the default "Mem Usage" column from Win2k/XP has now been replaced with "Memory (Private Working Set)".
    • To really see how much memory your processes are using, add the "Memory-Working Set" column.

Monday, August 25, 2008

Windows Vista: Testing Begins

Yesterday/Today I installed Windows Vista Enterprise x64 on my new workstation as my 2nd boot OS (I also have XP x64). Look for upcoming posts about how this experience goes for me. I'll be trying to implement the following best practices:

- As much as possible, try to experience Windows Vista like a regular user on the network would. aka "Eat your own Dog food"

- Follow Microsoft's "assumed best/default way" as much as possible.

Here are a couple questions for you:

What performance "metrics" suggestions do you have?

Am I missing any obvious "Best Practices" that you would implement with your users?

Wednesday, August 13, 2008

ACS Backup Service

 

For the past month I've been having issues with our ACS Backup Service. What this does is make a backup of the ACS Database to a network location. This is a crucial step in our DR process, because files in the backup location are replicated (tape, Disk, offsite).

The problem seems to be that the Backup Service doesn't want to run properly, and hangs in some way or form. I've worked with ACS, and at this point we're waiting for validation of ACS 10.0 (which we're hoping fixes the issue). In the meantime they suggested using the old, non-service backup program. This works, but also requires the user to be logged in. Being a server that I rarely touch, this server sometimes reboots for Windows Updates, etc. This creates an issue for us (seeing how you have to be logged in for the old backup tool to run).

So, I came up with the following script to restart the service. You can setup a scheduled task to perform this action at times you designate. This is a very basic script, and could be used to restart any service you're needing to restart at certain points in time:

net stop "ACS Service"
net start "ACS Service"
end

I'll definitely be finding other uses for this using Scheduled Tasks. Are there ways that you accomplish this more elegantly?

Tuesday, August 12, 2008

Test: Dew Revolution

Beware, this isn't IT-related info! So, if you're looking for a tech fix, this isn't it.

Today during lunch I tried Mountain Dew Revolution, which is described as "Dew infused with Wild Berry fruit flavor and Ginseng". My Dad had a couple of cans of it, and handed them off to me (he doesn't "do" the dew).

Experience:
I had Dew Revolution while eating my Sinai Kosher Hot Dog and Buffalo Wings potato chips. It was a good combination. Dew Revolution seems to be similar to traditional Dew, but then again, without some of the Citrus "kick" I associate with Dew. It was almost "Sprite with Mount Dew".
Then I ended lunch. At this point I had some Dew Revolution left, and kept working on it. Then I had a revelation: I didn't like the taste. The Dew Revolution was definitely not like Sprite, Classic Dew, or the 2 mixed together. I didn't finish it.

Verdict: Good with lunch, but not as a stand-alone.

Will I buy Dew Revolution? Probably not. If it was a stand-alone drinkable product, I might substitute it here or there instead of the original. But it's not. It definitely "feels" like it has more caffeine/kick, but it's pretty slight. If I want that caffeinated kick, I'll have a Mocha, regular Dew, or Dr. Pepper.

Friday, August 8, 2008

AV software choices

I'm starting the process of looking for a (possibly) new AV/malware protection vendor. We're currently using Symantec Corporate Edition, and the time has come for another round of licensing, etc.

Here's a short list of what I'm checking out in the next 2 weeks (hopefully I'll decide before August is over):

- Symantec Endpoint Security (apparently this replaces Symantec Corporate Edition)
- Eset NOD32
- Sophos Endpoint Security
- Sunbelt VIPRE Enterprise
- Avira Network Bundle

What other products should I be checking out?