 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Thu, 11 May 2006 14:54:33 -0500 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
I agree with Rand. That's the reason we brought CCA in, is to get all
the machines on our network up to date and prevent the viruses and
threats.
Paul Miller
Network Administrator
Dominican University
-----Original Message-----
From: Perfigo SecureSmart and CleanMachines Discussion List
[mailto:[log in to unmask]] On Behalf Of Hall, Rand
Sent: Thursday, May 11, 2006 7:52 AM
To: [log in to unmask]
Subject: Re: Mandatory Automatic Updates and Cisco Clean Access
Frankly, I wouldn't fret about this too much. At least compared to when
most of us probably started requiring SP2.
We required SP2 in September of '04. NO ONE had it at that time. THAT
was a problem. You're in much better shape!
My advice:
0) Require SP2. http://support.microsoft.com/gp/lifean19
1) Give advance warning. Tell them why. Suggest they do it from home.
2) Prepare for pirated copies of XP. You are probably starting to see
that now with Microsoft's new random Genuine testing.
3) Get the AV and antispyware cooking first. Tell the students not to
bother trying SP2 unless they have a clean PC.
Cheers,
Rand
Please STARTsafe and RUNsafe -- www.merrimack.edu/runsafe
--
Rand P. Hall * Director, Network Services
Merrimack College * SunGard Higher Education
315 Turnpike Street, North Andover MA 01845 * Tel 978-837-5000
Fax 978-837-5434 * [log in to unmask] * www.sungardcollegis.com
CONFIDENTIALITY: This e-mail (including any attachments) may contain
confidential, proprietary and privileged information, and unauthorized
disclosure or use is prohibited. If you received this e-mail in error,
please notify the sender and delete this e-mail from your system.
-----Original Message-----
From: Perfigo SecureSmart and CleanMachines Discussion List
[mailto:[log in to unmask]] On Behalf Of Rothberg, Aaron
Sent: Wednesday, May 10, 2006 5:05 PM
To: [log in to unmask]
Subject: Mandatory Automatic Updates and Cisco Clean Access
In Fall 2006, we're going to require that all students have all
Microsoft Critical Updates installed before we let them on the network.
Looking at Microsoft's Service Pack Roadmap and specifically this quote
(http://www.microsoft.com/windows/lifecycle/servicepacks.mspx):
"Automatic Updates in Windows XP Professional and Windows XP Home
Edition can keep your computer up to date with the latest hotfixes.
However, service packs are not automatically deployed at this time. You
will need to visit the Windows Update website manually to install the
Service Pack."
It appears students can forego installing XP SP2 and still get Critical
Updates as long as they rely on Automatic Updates to get their patches.
So questions are:
1) Using CCA's canned rule set, is there a way to require all of
Microsoft's Critical Updates without requiring XP SP2?
2) For those of you enforcing XP SP2 on your network, how bad was the
fallout from student machines when you first started requiring SP2 and
did you see a lot of the same issues or were student computers (with
malware issues prior to SP2 install) simply left unbootable?
3) For those of you requiring Critical Updates and/or XP SP2, do you
have any general advice for us?
Thanks in advance-
Aaron
Aaron Rothberg
IT Group
Keene State College
|
|
|
