I agree MOF is great in theory but you need an organization the size of M$ to properly implement it. I think looking at NIST guides, also helps, but might not be realistic for some organization/business. Understanding your security policies and how they translate to your technical, administrative, and physical controls, and then implementing monitoring ( passive, detective control) probably the best way to go.
Using Servers alive here, but its slowly being overloaded with the number of servers it can monitor and the useful information I can get out of it, so looking at other enterprise packages ( AKA NETPRO) to do some of this heavy-lifting for me. Z Edward E. Ziots Netwok Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 -----Original Message----- From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 26, 2008 6:54 PM To: NT System Admin Issues Subject: RE: If you're monitoring your servers thoroughly.... MOF is great on theory. I used it extensively. I've just started using SCOM. It's early in my evaluation, but so far - it's got holes. I'm figuring out (slowly) how best to fill them for my needs... Regards, Michael B. Smith MCSE/Exchange MVP http://TheEssentialExchange.com -----Original Message----- From: Ken Schaefer [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 26, 2008 6:46 PM To: NT System Admin Issues Subject: RE: If you're monitoring your servers thoroughly.... Microsoft's got MOF (Microsoft Operations Framework) and Ops Manager to make this easier for you if you are a Microsoft shop. That takes away a lot of the need to run base level diagnostic tools as that can all be done for you via Ops Manager. Unfortunately they don't have a CMDB product yet, so you'll still something else that can hook in. Cheers Ken -----Original Message----- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Wednesday, 27 February 2008 10:40 AM To: NT System Admin Issues Subject: Re: If you're monitoring your servers thoroughly.... I agree. It's one of the major reasons why I bought my juniors each a personal copy of the book. On Tue, Feb 26, 2008 at 3:35 PM, Michael B. Smith <[EMAIL PROTECTED]> wrote: > When I was responsible for a fairly large server farm, after patching I ran > DCDIAG on the DCs and netdiag on all servers. I did parse the output of the > utilities. I also had a complex script that tested the health of our DCs > from an LDAP perspective and all of the mail servers (with each protocol - > POP, IMAP, RPC/HTTP, MAPI, HTTP) and web servers. > > After 26 years, primarily in computer operations, I can say with some > authority that (in my experience) what most people screw up is change > management. They just don't do it. Don't understand it. Don't see the value > in it. > > Until it bites them in the rear. > > Regards, > > Michael B. Smith > MCSE/Exchange MVP > http://TheEssentialExchange.com ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
