Presentation is loading. Please wait.

Presentation is loading. Please wait.

6/4/2015H. Schwendicke1 Reinhard Baltrusch, Helga Schwendicke, Gunter Trowitzsch Total Virus Defense Licensing Installation Updates Lovesan/

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "6/4/2015H. Schwendicke1 Reinhard Baltrusch, Helga Schwendicke, Gunter Trowitzsch Total Virus Defense Licensing Installation Updates Lovesan/"— Presentation transcript:

1 6/4/2015H. Schwendicke1 Antivirus@DESY Reinhard Baltrusch, Helga Schwendicke, Gunter Trowitzsch Total Virus Defense Licensing Installation Updates Lovesan/ Mblast incidents

2 DESY 6/4/2015H. Schwendicke2 Mc Afee System Protection Total Virus Defense includes:File Server Protection (Netshield) Desktop protection (All Windows platforms) e-mail protection (Groupshield) Internet Gateway protection (Webshield) also available for Solaris and Linux McAfee Prime support – 24 hours, 7days/week Management tools Licensing:2000 nodes VirusScan 4.03 (NT4) VirusScan 4.51 (WXP, W2K) Enterprise V 7.0 (WXP, W2003) contract for 2 years special contract for German Public Administrative Organizations which includes Governmental and research Centers

3 DESY 6/4/2015H. Schwendicke3 Total Virus Defense 3 Tools 1. Auto Update Architect n Downloads the updates from McAfee server n Supports distributed repositories 2. Installation Designer – VSE7.0 n Preconfigure VirusScan Enterprise 7 installation package n Creates a new customized.MSI file n Creates and modifies a settings (.CAB) file 3. ePolicy Orchestrator n Management tool for the whole suite n Overview, updates, installation

4 DESY 6/4/2015H. Schwendicke4 Overview Client Management group specific parameter (alert handling) basic setup scanning / update alerting McAfee installation DESY configuration AVS repository running av-service on the PC Alert Server Auto Update Architect update upgrade WBDM e-Pol. mm-console

5 DESY 6/4/2015H. Schwendicke5 Installation and Configuration l First installation: n WXP: AVS will be installed together with the OS via RIS (VSE 7.0) or WXP installation CD (VS 4.5x, now VSE 7.0) n NT4: NetInstall (DESYNT – 4.0.x) n all other PCs: native installation procedure l Web Based Domain Management is used to configure message recipients (e-mail, Winpopup) & update and upgrade schedule (only VS 4.0x) l The rollout of VirusScan Enterprise 7 is still in progress allows remote configuration of other PCs

6 DESY 6/4/2015H. Schwendicke6 AVS repository ß installation repository ß contains the actual dat-xxxx.zip & update.ini ß language dependent SuperDAT’s ß enterprise repository Resides on a Samba Server Allows guest access Read only for everybody

7 DESY 6/4/2015H. Schwendicke7 W32Lovsan/ W32Nachi l 8/12/03 First infections of WXP PCs in Hamburg (Laptops) l First actions n Closing of IP ports in the firewall to outside n Patching the windows systems : DESYNT: Netinstall package for WXP and NT4 clients or by hand : Win.DESY.de: automatically with SUS n Collecting information about : The status of Antivirus software (installation, signature versions) : Patched/non-patched systems (Microsoft Scanner – KB 824146) : Infected systems n Providing information for the users l 9/12/03 only few incidents

8 DESY 6/4/2015H. Schwendicke8 W32Lovsan/ W32Nachi II l Problems n PCs without Antivirus software n VirusScan signatures weren’t Up-to-date on all PCs n Variety of operating systems and service packs n Variety of VirusScan clients NT4 (German + English), W2000, WXP n PCs which were switched off (summer time, school holidays) n Laptops - connected behind the firewall n patching all the systems was very time consuming n Problems ond DCE systems using port 135 l We need rules for n Connecting guest laptops and PCs into the intranet and also DESY laptops n Not centralized managed PCs l mechanism to keep the PCs Up-to-date with hotfixes and SPs

9 DESY 6/4/2015H. Schwendicke9 Virus statistics Most frequent viruses since June 2002 – viruses found by mailsweeper are not included

10 DESY 6/4/2015H. Schwendicke10 W32/ Sobig l First infections at the end of August l Sobig was spread via email l was detected by Mailsweeper on the mail gateways n Generated an email to sender and receiver of the mail n Attachment was deleted n If spam was detected the mail was blocked too l Exchange server blocked infected emails

11 DESY 6/4/2015H. Schwendicke11

12 DESY 6/4/2015H. Schwendicke12 Outlook and Questions l Next steps n Get rid of both old versions n Completing the management concept for VSE 7.0 (alerting and control of update schedules) n Testing the ePolicy orchestrator n Completing the infrastructure on both sides l Questions n What are your criteria's for choosing antivirus software? Management model: centralized based on tools like ePO or distributed with less interactions? n What to do with guest Laptops and PCs? n PCs from outside (Home PCs)

Download ppt "6/4/2015H. Schwendicke1 Reinhard Baltrusch, Helga Schwendicke, Gunter Trowitzsch Total Virus Defense Licensing Installation Updates Lovesan/"

Similar presentations

HEPIX May 2004 Edinburgh Linux/Unix highlights.

HEPIX May 2004 Edinburgh Linux/Unix highlights.
The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.
CSS Central: Central Management Utility Screen View Samples Next.

CSS Central: Central Management Utility Screen View Samples Next.
Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.

Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.
15.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
Content Overview Update Process Additional Tools.

Content Overview Update Process Additional Tools.
AVG Internet Security 7.5 Product presentation.

AVG Internet Security 7.5 Product presentation.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Monitoring Your Network Chris Bamber, IT Systems Manager Somerville College Confidentiality: The contents of this presentation and workshop discussion.

Monitoring Your Network Chris Bamber, IT Systems Manager Somerville College Confidentiality: The contents of this presentation and workshop discussion.
CT NIKHEF Nov 2003 1 MS NIKHEF (ET special) CT system support.

CT NIKHEF Nov MS NIKHEF (ET special) CT system support.
Web Server Administration

Web Server Administration
Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.

Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.
Exchange server 2003. Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.

Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.
Trend Micro Round Table May 19, 2006. Agenda Introduction – why switch? Timeline for implementation Related policies Trend Micro product descriptions.

Trend Micro Round Table May 19, Agenda Introduction – why switch? Timeline for implementation Related policies Trend Micro product descriptions.
Kerio Connect 7.1 More Than Just a Mail Server

Kerio Connect 7.1 More Than Just a Mail Server
Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the common cold of modern technology. One e-mail in every 200 containing.

Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the "common cold" of modern technology. One in every 200 containing.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)

Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)
Windows Anti-virus and Security WNUG Meeting 2-7-2002.

Windows Anti-virus and Security WNUG Meeting
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Similar presentations

Ads by Google