Silicon Shecky

Infosec Practitioner

Connect

Licensing… WTF!

By Leave a Comment

So I’ve been working on a project at the office which is more annoying than anything I’ve ever done. I am going through licensing and see what we have, where we need to update, and what is what. The problem is twofold. First, the prior people never kept good documentation, so finding the actually pieces of paper with the licenses on them, or going to eOpen to check on what we have is nigh impossible. Heck, no one even knows what the eOpen username and password are for our licenses. This is a pain mostly because you need to create a Windows Live ID to use eOpen, and every time I try to do it with an actual e-mail address for the company itself, it fails, thereby forcing me to have to create a Hotmail account.

Second, there is no good piece of software to give you an accurate count of licenses installed. I know there is the license logging service on the servers, but it is not always accurate, I have to check it on each server individually, and to top it all off, it won’t show Exchange 2007 licenses, which I did find paperwork for.

Now if companies like Microsoft want people to stay in compliance with licensing, why don’t they make it easier to do an internal audit, so we can find where we are deficient, and then go through the process of ordering what is needed? Am I crazy to be asking for something like that, or is it just a matter of them wanting us to be out of compliance without knowing, so that we can get in trouble? I think that would be called entrapment in the legal field, but I could be wrong.

Betas, RCs, and other upcoming reviews

By Leave a Comment

Ok, with all the security blogging I’ve done this week, I figure its time to do a post about something a little different.

There is a bunch of Beta software out there, and more coming soon. Currently Windows 7, Exchange 2010, Firefox 3.5 and Ubuntu 9.04 are all out in beta form. Exchange, unfortunately, I don’t have a real way of doing proper beta testing on or reviewing.

Windows 7 I will be getting with the RC1 on May 5. I want to test the heck out of it and post a review as I do test it. I figure while I’m working with Windows 78, I can check out the new beta of Firefox and see what is up on that.

Finally, Ubuntu 9.04. Yes I run Ubuntu on one laptop and an old Celeron machine. The old desktop won’t be getting 9.04, but the lappy definitely will. I’ve been wanting to do a wipe and reinstall of the laptop for a while now, and this looks like the perfect chance. Mind you sometime today 9.04 is officially released, or so it was announced earlier this week. If it takes another day or two before I get my hands on it, then oh well.

So much going on, and while I do all of that, I am waiting to see which way the wind blows for the next version of office this week. Its been announced that the beta for it later this year will be open to the public, then announced that it woun’t be, then announced that it will be. I think someone at Microsoft needs to get on the ball with a decision on that one.

Symantec SMB solution

By Leave a Comment

It is being reported that Symantec is coming out with a new SMB version of Endpoint Protection. Pardon me if I don’t start jumping for joy.

I do install a lot of Symantec for clients, and I have dealt with their current Endpoint SMB solution. It does work, but at a very high cost. The management system in it is anything but intuitive, adding desktops to the management console and managing them through the console is not simple. The database for the Management system continuously grows to the point where I have had to make sure it is installed only on a data drive, and not to install the Endpoint Manager on an OS partition.

Other odd things I’ve run across is the way it comes out of the box, you need to go in and tell it not to scan your backup drive, especially if it is an SSD drive. I’ve had many issues with Symantec’s own BackupExec because the drive is in use due to Endpoint scanning it all. Then there is the firewall and the way on a server it starts blocking ports that you tell it to leave open. Some software packages do use special ports for legitimate communication purposes. As far as support goes, don’t get me started on the poor support resources Symantec has for all of its products.

Since Endpoint now does allow back reving to the older 10.2 AV solution, I tend to put 10.2 on because it causes less problems.  Less overhead, easier to manage, and it just works.

I know I’ll wind up having to deal with the new version, I just hope that the upcoming beta testing is open so I can place it on my test box and see whether it is worth it, or should I start recommending a different SMB solution. I know that my clients need the protection one way or another.