Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows XP Service Pack 2 Deployment Dave Lee West Campus.

Published byDonald Norman Modified over 9 years ago

Similar presentations

Presentation on theme: "Windows XP Service Pack 2 Deployment Dave Lee West Campus."— Presentation transcript:

1 Windows XP Service Pack 2 Deployment Dave Lee West Campus

2 Preparation for a Controlled Deployment Update Group Policy Template for SP2 in Active Directory. Temporarily Disable the Delivery of SP2 Through Windows Updates and Automatic Updates from Active Directory’s GPO. Temporarily Disable SP2 Windows Firewall from Active Directory’s GPO.

3 Temporary Disabling SP2 GPO from AU and WU

4 Temporary Disabling SP2 Windows Firewall GPO

5 Evaluate and Test SP2 with Windows Firewall OFF Compatibility testing –Generally have not encountered problems when firewall is off. –NetOPS School requires latest update. –List of application issues with SP2 from Microsoft - http://support.microsoft.com/default.aspx?kbid=8841 30 http://support.microsoft.com/default.aspx?kbid=8841 30

6 Evaluate and Test SP2 General Results

7 Controlled Deployment of SP2 with Microsoft SMS 2003 Created collections for Windows XP that needs SP2 separating offices and public computers. Setup advertisement and package of SP2 for the needed collection. Notify campus users that they have 3 weeks to initiate self install of SP2 through “Advertised Programs” in Control Panel from SMS. Force install of SP2 after 3 weeks is up on any computer that requires SP2. Remove GPO that blocks SP2 from AU and WU.

8 Windows XP SP2 Firewall Assumptions and Concerns The firewall is stateful. Firewall does not block outbound traffic. Some applications we use would be affected: –Visual Studio.NET –SQL –Backup Exec –Ghost Server Corporate Edition –SMS 2003 Server –SecuRemote (SR_GUI) –WSFtp –Exceed –MOM 2000 –Windows Scanner and Camera Wizard –ColdFusion MX Server –SNA –Remote Assistance –Remote Desktop –File and Print Sharing –Windows Messenger –More…

9 Proposed GPO setting for Windows XP SP2 Firewall at West Campus Protect all network connections: Enabled Do not allow exceptions: Not configured. This setting allows to users to create exceptions. Define program exceptions: Not configured – this setting allows local settings to work so users can define their own exceptions. Allow local program exceptions. Not configured – this setting allows workstation administrators to make local program exception. Allow remote administration exception. Enabled, from IT subnet only, for remote WMI and MMC calls that are needed for workstation security management and public site management. Allow file and print sharing exception. Not configured. This setting allows local administrators to enable file and print sharing. Allow ICMP exceptions. Enabled, for inbound and outbound. Allow Remote Desktop exception. Not configured. This setting allows local administrators to enable Remote Desktop. Allow UPnP framework exception. Not Configured. This setting allows local administrators to enable UPnP. Prohibit notifications. Not configured. IDS and Public Sites will have to test and make a determination of how this affects their images. Allow logging. Enabled, with max log size at 32MB. This setting turns logging on and limits the log size to 32MB. Prohibit unicast response to multicast or broadcast requests. Not configured. This allows workstations to discover if there is another workstation with the same name, among other things. Define port exceptions. Not configured, but we would recommend that users use the local program exceptions instead of a port exception. Allow local port exceptions. Not configured. This allows local administrators to configure local port exceptions.

10 Deployment and Testing Timeline Force install begins on October 11 th. Final recommendation of firewall GPO on October 25 th. Enable firewall GPO from recommendation by October 31 st.

Download ppt "Windows XP Service Pack 2 Deployment Dave Lee West Campus."

Similar presentations

Auditing Microsoft Active Directory

Auditing Microsoft Active Directory
Configuring Windows to run Dr.Web scanner remotely.

Configuring Windows to run Dr.Web scanner remotely.
WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.

Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.
Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.

Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Changes in Windows XP Service Pack 2

Changes in Windows XP Service Pack 2
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
NETOP ONDEMAND What’s new in version 2.1? DECEMBER 09 NETOP ONDEMAND1.

NETOP ONDEMAND What’s new in version 2.1? DECEMBER 09 NETOP ONDEMAND1.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Group Policy in Microsoft Windows Active Directory.

Group Policy in Microsoft Windows Active Directory.
SUS Services ECE Computer Facilities. SUS Services Software Update Services Microsoft Security And Critical Update Service Microsoft Security And Critical.

SUS Services ECE Computer Facilities. SUS Services Software Update Services Microsoft Security And Critical Update Service Microsoft Security And Critical.
Module 16: Software Maintenance Using Windows Server Update Services.

Module 16: Software Maintenance Using Windows Server Update Services.
Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Similar presentations

Ads by Google