...and armed with this info, I already have a climbdown from this consultancy, who are claiming it isn't a "performance enhancement" any more and a recommendation based around previous experience with it causing "false positives". Still doesn't explain why they would turn it off altogether then, I'd assume this would be the case Tom talked about when it needs to be switched to "essential services only"
I smell bullsh*t. Hope these guys aren't going to be asked to ratify my XenApp design! Cheers, JR On 31 May 2012 14:58, James Rankin <[email protected]> wrote: > Thanks for the confirmation guys. I am surprised (well, I'm not, actually) > how many supposedly good-quality consultancies simply traipse out complete > fabrications as gospel based on the word of a few Internet sites > > > On 31 May 2012 14:50, Webster <[email protected]> wrote: > >> I just check with a XenApp product architect and this person indicated >> that is a setting that is never changed in any of the product testing. >> IOW, the default is what Citrix expects and uses in their testing and >> validation processes.**** >> >> ** ** >> >> ** ** >> >> Carl Webster**** >> >> Consultant and Citrix Technology Professional**** >> >> http://www.CarlWebster.com <http://www.carlwebster.com/>**** >> >> ** ** >> >> *From:* James Rankin [mailto:[email protected]] >> *Sent:* Thursday, May 31, 2012 4:47 AM >> *To:* NT System Admin Issues >> *Subject:* Disabling DEP on XenApp/RDS platforms**** >> >> ** ** >> >> I've read far too much contradictory info on this subject so was >> wondering if anyone could actually clarify....is there any performance gain >> to be had by disabling DEP on XenApp or RDS platforms? I've never noticed >> any major difference myself, but I've got yet another report in front of me >> that suggests disabling DEP is a performance enhancer. I have plenty of >> defense in depth so am not worried about the possible security implications >> of it, but I'd just like to know once and for all if there's any hard >> evidence that disabling DEP is good practice for XenApp or RDS systems. >> >> **** >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > > > -- > http://appsensebigot.blogspot.co.uk > > IMPORTANT INFORMATION/DISCLAIMER > > I certainly don't have time to monitor the content of e-mail sent and > received via this account for the purposes of ensuring compliance with > anyone's policies and procedures. I am pretty sure that somewhere in UK > legislation there is some politically-correct drivel that stipulates I must > never send or store e-mails or attachments that are obscene, indecent, > sexist, racist, defamatory, abusive, in breach of copyright, encrypted, > amusing, overly long, slightly opinionated, anonymous, likely to harm > animals or hurt the feelings of an as-yet-unspecified or as-yet-nonexistent > minority (such as extraterrestrial eggplants). Emails of this nature sent > in or out of this account may be intercepted and stopped by the system, but > it's a long shot. This being the UK, even if I was prosecuted for breach of > said email guidelines, I'd probably walk with a suspended sentence anyway, > but if I'd forgotten to pay my car insurance, I'd most certainly be hung, > drawn and quartered. > > I am not responsible for any changes made to the message after it has been > sent, in more or less the same way that cyclozine manufacturers aren't > responsible for drug addicts mixing it with methadone and overdosing, so > I'm glad I cleared the confusion up there nice and early. Where opinions > are expressed, they are not necessarily mine. However, I don't make a habit > of expressing other people's opinions for them, so you shouldn't take that > statement as an indication that I am in the business of providing an > opinion-expressing service. In the event that I did, this discourse would > provide no guarantee that I would do it anyway, but I don't, so I won't. > > This e-mail and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they are > addressed. If you are not the intended addressee, or the person responsible > for delivering it to them, aside from the fact that you've clearly got some > level of unauthorised access to their account or are at least engaged in > some sort of fraud, I'm obliged to tell you that may not copy, forward > disclose or otherwise use it or any part of it in any way. To do so may be > unlawful, and as you're already breaking the law, I am sure that bombshell > makes you quake in your boots and turn yourself over to law enforcement > immediately. If you receive this e-mail by mistake, please advise the > sender immediately. That would be me, and as I am clearly prone to sending > emails to completely the wrong person, I should instantly be stripped of my > status as a technical consultant and sent to do something more becoming of > my stupidity, such as appearing on Big Brother, the X Factor or "insert > country name here"'s Got Talent. > > -- http://appsensebigot.blogspot.co.uk IMPORTANT INFORMATION/DISCLAIMER I certainly don't have time to monitor the content of e-mail sent and received via this account for the purposes of ensuring compliance with anyone's policies and procedures. I am pretty sure that somewhere in UK legislation there is some politically-correct drivel that stipulates I must never send or store e-mails or attachments that are obscene, indecent, sexist, racist, defamatory, abusive, in breach of copyright, encrypted, amusing, overly long, slightly opinionated, anonymous, likely to harm animals or hurt the feelings of an as-yet-unspecified or as-yet-nonexistent minority (such as extraterrestrial eggplants). Emails of this nature sent in or out of this account may be intercepted and stopped by the system, but it's a long shot. This being the UK, even if I was prosecuted for breach of said email guidelines, I'd probably walk with a suspended sentence anyway, but if I'd forgotten to pay my car insurance, I'd most certainly be hung, drawn and quartered. I am not responsible for any changes made to the message after it has been sent, in more or less the same way that cyclozine manufacturers aren't responsible for drug addicts mixing it with methadone and overdosing, so I'm glad I cleared the confusion up there nice and early. Where opinions are expressed, they are not necessarily mine. However, I don't make a habit of expressing other people's opinions for them, so you shouldn't take that statement as an indication that I am in the business of providing an opinion-expressing service. In the event that I did, this discourse would provide no guarantee that I would do it anyway, but I don't, so I won't. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended addressee, or the person responsible for delivering it to them, aside from the fact that you've clearly got some level of unauthorised access to their account or are at least engaged in some sort of fraud, I'm obliged to tell you that may not copy, forward disclose or otherwise use it or any part of it in any way. To do so may be unlawful, and as you're already breaking the law, I am sure that bombshell makes you quake in your boots and turn yourself over to law enforcement immediately. If you receive this e-mail by mistake, please advise the sender immediately. That would be me, and as I am clearly prone to sending emails to completely the wrong person, I should instantly be stripped of my status as a technical consultant and sent to do something more becoming of my stupidity, such as appearing on Big Brother, the X Factor or "insert country name here"'s Got Talent. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
