I'm betting the rule set on that firewall is a bit complex... On Wed, Aug 24, 2011 at 11:56, Michael B. Smith <[email protected]> wrote: > Firewall in between, as well as a different switching matrix. > > Regards, > > Michael B. Smith > Consultant and Exchange MVP > http://TheEssentialExchange.com > > > -----Original Message----- > From: Kurt Buff [mailto:[email protected]] > Sent: Wednesday, August 24, 2011 10:04 AM > To: NT System Admin Issues > Subject: Re: Symantec Endpoint Protection and Exclusions > > Isolated in what way? > > Just a separate subnet, or on a separate subnet with a firewall (or > router with ACLs)? > > Or something more than that? > > On Wed, Aug 24, 2011 at 06:17, Michael B. Smith <[email protected]> wrote: >> I’ve got several clients whose server farm is isolated from their user >> desktops and therefore chose to not run standard AV. >> >> >> >> Regards, >> >> >> >> Michael B. Smith >> >> Consultant and Exchange MVP >> >> http://TheEssentialExchange.com >> >> >> >> From: James Rankin [mailto:[email protected]] >> Sent: Wednesday, August 24, 2011 9:15 AM >> >> To: NT System Admin Issues >> Subject: Re: Symantec Endpoint Protection and Exclusions >> >> >> >> There's not many server-end systems that don't need exclusions. On XenApp, >> without a particular set of them you can't get EdgeSight working >> effectively, either - and if you use AppSense agents, you need to configure >> another particular set of exclusions, even on client endpoints. >> >> The days of the reactive AV are coming to an end, I think. Application >> management stops more threats for us these days than traditional AV ever >> does. I'm tempted to run a few systems without standard AV, but my current >> emplyer won't let me take the risk, even for an experiment :-) >> >> On 24 August 2011 14:07, Michael B. Smith <[email protected]> wrote: >> >> BTW #3, not entering exclusions in an A/V product running on an Exchange >> Server can also really foul up the works. >> >> >> >> BTW #4, not entering exclusions in an A/V product running on a SQL Server >> can also really foul up the works. >> >> >> >> And your other comment is spot on! J >> >> >> >> Regards, >> >> >> >> Michael B. Smith >> >> Consultant and Exchange MVP >> >> http://TheEssentialExchange.com >> >> >> >> From: Webster [mailto:[email protected]] >> Sent: Wednesday, August 24, 2011 9:01 AM >> >> To: NT System Admin Issues >> >> Subject: RE: Symantec Endpoint Protection and Exclusions >> >> >> >> Tried that. Gave up. Found some posts saying in the managed version of SEP >> that there is no way to export the exclusion stuff. This customer had >> decided on the unmanaged version of SEP 12.1. Decisions like that make me >> glad I charge by the hour! J I wound up just manually entering the >> exclusions on all six Citrix XenApp servers. >> >> >> >> BTW #1, not entering exclusions in an A/V product running on a XenApp server >> can really screw things up. They installed SEP 12.1 on all XenApp servers >> over the weekend and didn’t tell me they were even planning on such a >> thing. Monday morning all you know what broke loose when users were getting >> corrupted profile, couldn’t log off and sessions would never terminate and >> their main accounting app’s executable kept being blocked so no one could do >> any accounting work. 12 man-hours later they were back running. >> >> >> >> BTW #2, not entering exclusions in an A/V product running on a Domain >> Controller can also really foul up the works. >> >> >> >> ID10T issues like this keep MBS and me in business. >> >> >> >> Thanks >> >> >> >> >> >> Carl Webster >> >> Consultant and Citrix Technology Professional >> >> http://www.CarlWebster.com >> >> >> >> >> >> From: Pete Howard [mailto:[email protected]] >> Sent: Wednesday, August 24, 2011 7:51 AM >> To: NT System Admin Issues >> Subject: Re: Symantec Endpoint Protection and Exclusions >> >> >> >> You may have access to the key but not Regedit perms. Try importing from an >> elevated cmd prompt ? >> >> Sent from my iPad >> >> On Aug 23, 2011, at 11:58 PM, Webster <[email protected]> wrote: >> >> My GoogleFu is failing me. Is there a way to copy the Exclusions from one >> computer to another? I found the registry key: >> >> >> >> [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint >> Protection\AV\Exclusions] >> >> >> >> I exported it but when I try to import the .reg file, I get an access >> denied. I gave my account FC permission to the key but still a no-go. Any >> clues? >> >> >> >> Thanks >> >> >> >> >> >> Carl Webster >> >> Consultant and Citrix Technology Professional >> >> http://www.CarlWebster.com >> >> >> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> >> -- >> "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into >> the machine wrong figures, will the right answers come out?' I am not able >> rightly to apprehend the kind of confusion of ideas that could provoke such >> a question." >> >> ***** IMPORTANT INFORMATION/DISCLAIMER ***** >> >> This document should be read only by those persons to whom it is addressed. >> If you have received this message it was obviously addressed to you and >> therefore you can read it, even it we didn't mean to send it to you. >> However, if the contents of this email make no sense whatsoever then you >> probably were not the intended recipient, or, alternatively, you are a >> mindless cretin; either way, you should immediately kill yourself and >> destroy your computer (not necessarily in that order). Once you have taken >> this action, please contact us.. no, sorry, you can't use your computer, >> because you just destroyed it, and possibly also committed suicide >> afterwards, but I am starting to digress...... >> >> The originator of this email is not liable for the transmission of the >> information contained in this communication. Or are they? Either way it's a >> pretty dull legal query and frankly one I'm not going to dwell on. But >> should you have nothing better to do, please feel free to ruminate on it, >> and please pass on any concrete conclusions should you find them. However, >> if you pass them on via email, be sure to include a disclaimer regarding >> liability for transmission. >> >> In the event that the originator did not send this email to you, then please >> return it to us and attach a scanned-in picture of your mother's brother's >> wife wearing nothing but a kangaroo suit, and we will immediately refund you >> exactly half of what you paid for the can of Whiskas you bought when you >> went to Pets At Home yesterday. >> >> We take no responsibility for non-receipt of this email because we are >> running Exchange 5.5 and everyone knows how glitchy that can be. In the >> event that you do get this message then please note that we take no >> responsibility for that either. Nor will we accept any liability, tacit or >> implied, for any damage you may or may not incur as a result of receiving, >> or not, as the case may be, from time to time, notwithstanding all >> liabilities implied or otherwise, ummm, hell, where was I...umm, no matter >> what happens, it is NOT, and NEVER WILL BE, OUR FAULT! >> >> The comments and opinions expressed herein are my own and NOT those of my >> employer, who, if he knew I was sending emails and surfing the seamier side >> of the Internet, would cut off my manhood and feed it to me for afternoon >> tea. >> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
