[NTSysADM] RE: SIEM devices

Not sure for hardware appliance but we are using Splunk on VM. Regards, Dhiraj From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden Sent: 27 January 2018 01:24 To: Benjamin Durham Subject: [NTSysADM] SIEM devices I know we have

RE: [NTSysADM] Server build recommendation

I forgot to add that getting Server 2016 Standard will also require you to get CALs also. Essentials Server 2016 includes 25 users and/or 50 devices. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of art.dekn...@cox.net Sent: Friday, January 26, 2018

RE: [NTSysADM] Server build recommendation

Windows Server Essentials 2016 allows you to use Hyper-V on the host and Essentials Server as a VM. The product use rights allows one Operating System Environment (OSE) with Essentials and it must be Essentials. Basically you do the first part of the install and then cancel adding the

RE: [NTSysADM] RE: Palo Alto Endpoint Security Trapps?

In my opinion, yes. This isn't your run of the mill AV. Way different and in my opinion more effective than AV. On Jan 26, 2018 11:29, "David McSpadden" wrote: > I am hoping Sean was being as vague as my question. > > Mostly I need to know without a sales pitch if it is worth

[NTSysADM] RE: SIEM devices

Have you looked at competing cloud solutions (e.g. Microsoft OMS, Splunk, etc.)? Thanks, Brian From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden Sent: Friday, January 26, 2018 1:54 PM To: Benjamin Durham Subject:

Re: [NTSysADM] Server build recommendation

What he said. It gives you lots more options going forward. On 1/26/2018 12:32 PM, Michael B. Smith wrote: And to clear this up a little for Kurt…   Essentials is available as a

RE: [NTSysADM] Server build recommendation

And to clear this up a little for Kurt… Essentials is available as a Windows Role and as a separate SKU. The separate SKU has built-in limitations as to what it can do (and is cheaper because of that). Most of those limitations do not apply to the Windows Role. So buy Windows Standard. Put it

Re: [NTSysADM] Server build recommendation

My apologies I was thinking normal server, not Essentials.  I'd recommend normal Server because Essentials can't be a HyperV host.  Essentials has a funky virtualization eula/rights that it can hyperv but only itself and then it's only useful for Azure backup.

RE: [NTSysADM] Server build recommendation

Pretty much. I believe Essentials has the same license grant as standard (one guest server VM) but I wouldn't quote myself on that. You'd have to license additional VMs beyond that. Thanks, Brian Thanks, Brian Desmond w – 312.625.1438 | c – 312.731.3132 -Original Message- From:

[NTSysADM] SIEM devices

I know we have discussed this before but I am up for hardware renewal of my LogRhythm. Looking like I will go with a LogRhythm XM4411 device. Does anyone have something better they use or have heard of from IBM, Splunk, or McAfee (The rest of the top 4 in the Leaders of the Magic Quadrant.) Let

RE: [NTSysADM] RE: Palo Alto Endpoint Security Trapps?

I am hoping Sean was being as vague as my question. Mostly I need to know without a sales pitch if it is worth my time to listen to a sales pitch. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Don Ely Sent: Friday, January 26, 2018 2:10 PM To:

Re: [NTSysADM] RE: Palo Alto Endpoint Security Trapps?

Depends on if you're looking for the next generation way of defending your assets from vulnerabilities or if you're content with the old school way On Fri, Jan 26, 2018 at 11:11 AM David McSpadden wrote: > Best I can find it that it is innovative on the Gartner magic quadrant…

Re: [NTSysADM] Server build recommendation

I've never played with Windows Essentials, and have very little experience with Hyper-V, so I'll need to do some more reading. Let me parrot back to you, to make sure I understood what you said. I can set up the new machine with Windows Essentials as a Hyper-V host, and use that, with the same

Re: [NTSysADM] RE: Palo Alto Endpoint Security Trapps?

Do explain. Based on your statement, I disagree with you On Fri, Jan 26, 2018 at 11:04 AM Sean Chapman wrote: > Sure. Its like any other next gen AV product. > > > > *From:* listsad...@lists.myitforum.com [mailto: > listsad...@lists.myitforum.com] *On Behalf Of *David

[NTSysADM] RE: Palo Alto Endpoint Security Trapps?

Best I can find it that it is innovative on the Gartner magic quadrant... It is worth leaving Trend? From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Sean Chapman Sent: Friday, January 26, 2018 9:23 AM To: ntsysadm@lists.myitforum.com Subject: [NTSysADM]

[NTSysADM] RE: Palo Alto Endpoint Security Trapps?

Sure. Its like any other next gen AV product. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden Sent: Friday, January 26, 2018 7:57 AM To: ntsysadm@lists.myitforum.com Subject: [NTSysADM] Palo Alto Endpoint Security Trapps? Anyone using

Re: [NTSysADM] Palo Alto Endpoint Security Trapps?

Definitely heard of it, and we're looking to certify our offering to one customer with it, which might provide us with the impetus to drop our current AV (ESET), which I''m not terribly thrilled with, as the management interface for it as overly complex. ESET performs OK on the endpoint, but

Re: [NTSysADM] Scheduling updates on a DC via GPO isn't working

Is it the Automatic Maintenance feature messing with you? https://blogs.technet.microsoft.com/wsus/2013/10/08/enabling-a-more-predictable-windows-update-experience-for-windows-8-and-windows-server-2012-kb-2885694/ On Jan 26, 2018 11:06, "Susan Bradley" wrote: Well at

Re: [NTSysADM] Scheduling updates on a DC via GPO isn't working

On Fri, Jan 26, 2018 at 11:03 AM, Susan Bradley wrote: > Well at least on my Windows 10's that misbehave like this I've never ever > seen a message in the log file indicating anything. > > I also set the policy, "Always automatically restart at the scheduled time" Already

Re: [NTSysADM] Palo Alto Endpoint Security Trapps?

Yes, my employer sells them Webster Get Outlook for iOS From: listsad...@lists.myitforum.com on behalf of David McSpadden Sent: Friday, January 26, 2018 7:57:05 AM To:

Re: [NTSysADM] Server build recommendation

In SMB space I don't see VMware as the virtualization platform of choice. I see HyperV, not to mention in a single host, you either go with what we used to do:  Host is not domain joined, hanging off the dhcp/dns of the firewall with static entries.  Or what you

Re: [NTSysADM] Scheduling updates on a DC via GPO isn't working

DC OS is Win 2012 R2. And yes, the option to reboot with logged in users is disabled. Not that I leave a DC with a logged in user overnight; I always log out when I am done, so there was no logged on user at the time the updates were supposed to install. Even if so, I should have seen a message to

Re: [NTSysADM] Palo Alto Endpoint Security Trapps?

The integration with the Palo firewalls is coming very soon or may already have been released. We are looking strongly at replacing our endpoint protection with it. I've been demoing it for a couple months now... On Jan 26, 2018 07:01, "Mike Pace" wrote: We have been

Re: [NTSysADM] Server build recommendation

You can actually go to IT Creations on ebay, they're a good refurbisher, and get an IBM System X 3550 M4 for around $3,000 specced with 2x 8 core Xeon, 256GB RAM 2x Enterprise Value SSDs, 2x 10Gbit SFP+ and 4x 1Gbit RJ45, IMM upgrade for remote KVM etc... Oh, and dual power and redundant

RE: [NTSysADM] Scheduling updates on a DC via GPO isn't working

Been a while since I used only wsus, but what does the reboot policy say? Computer Configuration/Policies/Administrative Templates/Windows Components/Windows Update "No auto-restart..." > -Original Message- > From: listsad...@lists.myitforum.com > [mailto:listsad...@lists.myitforum.com]

[NTSysADM] Palo Alto Endpoint Security Trapps?

Anyone using or heard of this? David McSpadden Systems Administrator Indiana Members Credit Union P: 317.554.8190| F: 317.554.8106 [Description: imcu email icon] [Description: facebook email icon] [Description: twitter email icon]

RE: [NTSysADM] Server build recommendation

I'm not sure who told you that, I have several setups where the DNS server is on the esxi host, including the actual firewall which performs routing and provides all network access as well... > -Original Message- > From: listsad...@lists.myitforum.com >