SlideShare una empresa de Scribd logo

Software Management Iltce2007b

Descargar como PPT, PDF
G
guest804df32c5
Tecnología
1 de 35
Software Management Through GPOs Jim Pattenaude, Marshall CUSD #C-2 Terry Sullivan, Shiloh CUSD #1
Disclaimer ,[object Object],[object Object]
Introduction ,[object Object],[object Object],[object Object],[object Object],[object Object]
Methods for installing software ,[object Object],[object Object],[object Object],[object Object]
Traditional Method ,[object Object],[object Object],[object Object],[object Object],[object Object]
Using GPO to install ,[object Object],[object Object],[object Object],[object Object],[object Object]
.msi Files ,[object Object],[object Object],[object Object],[object Object]
Creating .msi files ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Software Install Makers ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Demonstration ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Problems creating .msi ,[object Object],[object Object],[object Object]
Group Policy Management Console (GPMC) ,[object Object],[object Object],[object Object],[object Object]
GPMC Key Features ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Network install point ,[object Object],[object Object]
Deploying Software through GPOs ,[object Object],[object Object],[object Object],[object Object],[object Object]
Overview of process ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Deployment Methods ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Assign vs. Publish ,[object Object],[object Object],[object Object],[object Object],[object Object]
Computer vs User ,[object Object],[object Object],[object Object]
Deployment Options ,[object Object],[object Object],[object Object],[object Object],[object Object]
Transforms (.mst) ,[object Object],[object Object],[object Object]
Removing software ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Issues ,[object Object],[object Object],[object Object]
Installing through scripts ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Installing using imaging ,[object Object],[object Object],[object Object],[object Object]
Software Restriction ,[object Object],[object Object],[object Object],[object Object]
Process
Default Security Levels ,[object Object],[object Object]
4 rules to identify software ,[object Object],[object Object],[object Object],[object Object]
When to use each rule Zone rule Trusted Sites set to Unrestricted You want to allow software to be installed from trusted Internet zone sites Certificate rule Certificate used to digitally sign the scripts You want to identify a set of scripts that can be run anywhere Path rule flcss.exe, set to Disallowed You want to disallow a file installed by a virus that is always called flcss.exe Path rule with wildcards *.VBS set to Disallowed LOGIN_SRVhare.VBS set to Unrestricted You want to disallow all .vbs files, except those in a login script directory Path rule with wildcards DC??hare You want to identify a set of scripts on a set of servers, DC01, DC02, and DC03 Path rule SERVER_NAMEhare You want to identify a set of scripts on a central server Registry path rule %HKEY_LOCAL_MACHINEOFTWAREComputerAssociatesnoculateIT.0athOME% You want to identify a program that can be installed anywhere on client machines Path rule with environment variables %ProgramFiles%nternet Explorerexplore.exe You want to identify a program that is always installed in the same place Hash rule Browse to file to create hash You want to allow or disallow a specific version of a program Recommended Rule Task
Using Software Restriction Policies to Protect Against Unauthorized Software ,[object Object],[object Object]
Protect Against Unauthorized Software
MS KB article 324036 http://support.microsoft.com/kb/324036/en-us
Administrative Templates ,[object Object],[object Object],[object Object],[object Object]
Q&A Copy of Presentation: www.shiloh.k12.il.us/Presentations/SoftwareManagement Jim Pattenaude [email_address] Terry Sullivan [email_address]

Recomendados

AV Comparatives 2013 (Comparación de Antivirus)
AV Comparatives 2013 (Comparación de Antivirus)AV Comparatives 2013 (Comparación de Antivirus)
AV Comparatives 2013 (Comparación de Antivirus)
Doryan Mathos
 
Avc per 201304_en
Avc per 201304_enAvc per 201304_en
Avc per 201304_en
Anatoliy Tkachev
 
ANTIVIRUS
ANTIVIRUSANTIVIRUS
ANTIVIRUS
fauscha
 
Performance dec 2010
Performance dec 2010Performance dec 2010
Performance dec 2010
nuttakorn nakkerd
 
Patch Management Best Practices
Patch Management Best Practices Patch Management Best Practices
Patch Management Best Practices
Ivanti
 
CYBERSECURITY PROCESSES & TECHNOLOGIES LAB #2: MANAGING HOST BASED SECURITY
CYBERSECURITY PROCESSES & TECHNOLOGIES LAB #2: MANAGING HOST BASED SECURITYCYBERSECURITY PROCESSES & TECHNOLOGIES LAB #2: MANAGING HOST BASED SECURITY
CYBERSECURITY PROCESSES & TECHNOLOGIES LAB #2: MANAGING HOST BASED SECURITY
ViscolKanady
 
Software
SoftwareSoftware
Software
Prem Sahu
 
Solaris servers sec
Solaris servers secSolaris servers sec
Solaris servers sec
Raja Waseem Akhtar
 

Recomendados

AV Comparatives 2013 (Comparación de Antivirus)
AV Comparatives 2013 (Comparación de Antivirus)AV Comparatives 2013 (Comparación de Antivirus)
AV Comparatives 2013 (Comparación de Antivirus)
Doryan Mathos
 
Avc per 201304_en
Avc per 201304_enAvc per 201304_en
Avc per 201304_en
Anatoliy Tkachev
 
ANTIVIRUS
ANTIVIRUSANTIVIRUS
ANTIVIRUS
fauscha
 
Performance dec 2010
Performance dec 2010Performance dec 2010
Performance dec 2010
nuttakorn nakkerd
 
Patch Management Best Practices
Patch Management Best Practices Patch Management Best Practices
Patch Management Best Practices
Ivanti
 
CYBERSECURITY PROCESSES & TECHNOLOGIES LAB #2: MANAGING HOST BASED SECURITY
CYBERSECURITY PROCESSES & TECHNOLOGIES LAB #2: MANAGING HOST BASED SECURITYCYBERSECURITY PROCESSES & TECHNOLOGIES LAB #2: MANAGING HOST BASED SECURITY
CYBERSECURITY PROCESSES & TECHNOLOGIES LAB #2: MANAGING HOST BASED SECURITY
ViscolKanady
 
Software
SoftwareSoftware
Software
Prem Sahu
 
Solaris servers sec
Solaris servers secSolaris servers sec
Solaris servers sec
Raja Waseem Akhtar
 
Online Security
Online Security Online Security
Online Security
JimWhite
 
WordPress security
WordPress securityWordPress security
WordPress security
Shelley Magnezi
 
Patch management
Patch managementPatch management
Patch management
SyAM Software
 
Moskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondMoskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And Beyond
CoreTrace Corporation
 
OSSIM Overview
OSSIM OverviewOSSIM Overview
OSSIM Overview
n|u - The Open Security Community
 
Taishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_Lab
Taishaun Owens
 
5 howtomitigate
5 howtomitigate5 howtomitigate
5 howtomitigate
richarddxd
 
Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...
Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...
Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...
Andriy Krayniy
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database Server
Fahri Firdausillah
 
Alien vault _policymanagement
Alien vault _policymanagementAlien vault _policymanagement
Alien vault _policymanagement
Marjo'isme Yoyok
 
Integrated Tools in OSSIM
Integrated Tools in OSSIMIntegrated Tools in OSSIM
Integrated Tools in OSSIM
AlienVault
 
70-272 Chapter10
70-272 Chapter1070-272 Chapter10
70-272 Chapter10
Gene Carboni
 
3 windowssecurity
3 windowssecurity3 windowssecurity
3 windowssecurity
richarddxd
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
MLG College of Learning, Inc
 
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara
 
Ch06
Ch06Ch06
Ch06
Raja Waseem Akhtar
 
Prueba de Presentacion
Prueba de PresentacionPrueba de Presentacion
Prueba de Presentacion
rubychavez
 
Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?
AlienVault
 
Mac review 2012_en
Mac review 2012_enMac review 2012_en
Mac review 2012_en
Anatoliy Tkachev
 
QuickHeal Anti-Virus
QuickHeal Anti-VirusQuickHeal Anti-Virus
QuickHeal Anti-Virus
V.R.RAO Mentreddi
 
MSI / Windows Installer for NGN 'Dummies'
MSI / Windows Installer for NGN 'Dummies'MSI / Windows Installer for NGN 'Dummies'
MSI / Windows Installer for NGN 'Dummies'
Roel van Bueren
 
Rapidly deploying software
Rapidly deploying softwareRapidly deploying software
Rapidly deploying software
Concentrated Technology
 

Más contenido relacionado

La actualidad más candente

Moskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondMoskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And Beyond
CoreTrace Corporation
 
Taishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_Lab
Taishaun Owens
 
5 howtomitigate
5 howtomitigate5 howtomitigate
5 howtomitigate
richarddxd
 
Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...
Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...
Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...
Andriy Krayniy
 
3 windowssecurity
3 windowssecurity3 windowssecurity
3 windowssecurity
richarddxd
 

La actualidad más candente (20)

Online Security
Online Security Online Security
Online Security
 
WordPress security
WordPress securityWordPress security
WordPress security
 
Patch management
Patch managementPatch management
Patch management
 
Moskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And BeyondMoskowitz Whitepaper Microsoft App Locker And Beyond
Moskowitz Whitepaper Microsoft App Locker And Beyond
 
OSSIM Overview
OSSIM OverviewOSSIM Overview
OSSIM Overview
 
Taishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_LabTaishaun_OwnensCNS-533_Lab
Taishaun_OwnensCNS-533_Lab
 
5 howtomitigate
5 howtomitigate5 howtomitigate
5 howtomitigate
 
Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...
Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...
Alexey Ostapov: Distributed Video Management and Security Systems: Tips and T...
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database Server
 
Alien vault _policymanagement
Alien vault _policymanagementAlien vault _policymanagement
Alien vault _policymanagement
 
Integrated Tools in OSSIM
Integrated Tools in OSSIMIntegrated Tools in OSSIM
Integrated Tools in OSSIM
 
70-272 Chapter10
70-272 Chapter1070-272 Chapter10
70-272 Chapter10
 
3 windowssecurity
3 windowssecurity3 windowssecurity
3 windowssecurity
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
 
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5James Jara Portfolio 2014 - InfoSec White Paper- Part 5
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
 
Ch06
Ch06Ch06
Ch06
 
Prueba de Presentacion
Prueba de PresentacionPrueba de Presentacion
Prueba de Presentacion
 
Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?Whats New in OSSIM v2.2?
Whats New in OSSIM v2.2?
 
Mac review 2012_en
Mac review 2012_enMac review 2012_en
Mac review 2012_en
 
QuickHeal Anti-Virus
QuickHeal Anti-VirusQuickHeal Anti-Virus
QuickHeal Anti-Virus
 

Similar a Software Management Iltce2007b

Free tools for rapidly deploying software
Free tools for rapidly deploying softwareFree tools for rapidly deploying software
Free tools for rapidly deploying software
Concentrated Technology
 
Host Based Security Best Practices
Host Based Security Best PracticesHost Based Security Best Practices
Host Based Security Best Practices
webhostingguy
 
Desktop applicationtesting
Desktop applicationtestingDesktop applicationtesting
Desktop applicationtesting
Akss004
 
Lab #2 Managing Host Based Security Purpose To develop .docx
Lab #2 Managing Host Based Security Purpose To develop .docxLab #2 Managing Host Based Security Purpose To develop .docx
Lab #2 Managing Host Based Security Purpose To develop .docx
smile790243
 
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
eugeniadean34240
 
TechMentor Fall, 2011 - Packaging Software for Automated Deployment with Wind...
TechMentor Fall, 2011 - Packaging Software for Automated Deployment with Wind...TechMentor Fall, 2011 - Packaging Software for Automated Deployment with Wind...
TechMentor Fall, 2011 - Packaging Software for Automated Deployment with Wind...
Concentrated Technology
 
Configuration testing
Configuration testingConfiguration testing
Configuration testing
farouq umar
 

Similar a Software Management Iltce2007b (20)

MSI / Windows Installer for NGN 'Dummies'
MSI / Windows Installer for NGN 'Dummies'MSI / Windows Installer for NGN 'Dummies'
MSI / Windows Installer for NGN 'Dummies'
 
Rapidly deploying software
Rapidly deploying softwareRapidly deploying software
Rapidly deploying software
 
Ch06 system administration
Ch06 system administration Ch06 system administration
Ch06 system administration
 
Installation testing
Installation testingInstallation testing
Installation testing
 
Improving Your Admin Image
Improving Your Admin ImageImproving Your Admin Image
Improving Your Admin Image
 
MSI Packaging Free eBook
MSI Packaging Free eBookMSI Packaging Free eBook
MSI Packaging Free eBook
 
Window Desktop Application Testing
Window Desktop Application TestingWindow Desktop Application Testing
Window Desktop Application Testing
 
Free tools for rapidly deploying software
Free tools for rapidly deploying softwareFree tools for rapidly deploying software
Free tools for rapidly deploying software
 
10 resource kit remote administration tools
10 resource kit remote administration tools10 resource kit remote administration tools
10 resource kit remote administration tools
 
Prepping software for w7 deployment
Prepping software for w7 deploymentPrepping software for w7 deployment
Prepping software for w7 deployment
 
Host Based Security Best Practices
Host Based Security Best PracticesHost Based Security Best Practices
Host Based Security Best Practices
 
Desktop applicationtesting
Desktop applicationtestingDesktop applicationtesting
Desktop applicationtesting
 
Lab #2 Managing Host Based Security Purpose To develop .docx
Lab #2 Managing Host Based Security Purpose To develop .docxLab #2 Managing Host Based Security Purpose To develop .docx
Lab #2 Managing Host Based Security Purpose To develop .docx
 
App locker
App lockerApp locker
App locker
 
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
 
Group policy preferences
Group policy preferencesGroup policy preferences
Group policy preferences
 
TechMentor Fall, 2011 - Packaging Software for Automated Deployment with Wind...
TechMentor Fall, 2011 - Packaging Software for Automated Deployment with Wind...TechMentor Fall, 2011 - Packaging Software for Automated Deployment with Wind...
TechMentor Fall, 2011 - Packaging Software for Automated Deployment with Wind...
 
TechNet Live spor 1 sesjon 2 - sc-forefront 2
TechNet Live spor 1 sesjon 2 - sc-forefront 2TechNet Live spor 1 sesjon 2 - sc-forefront 2
TechNet Live spor 1 sesjon 2 - sc-forefront 2
 
Configuration testing
Configuration testingConfiguration testing
Configuration testing
 
3 App Compat Win7
3 App Compat Win73 App Compat Win7
3 App Compat Win7
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Último (20)

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 

Software Management Iltce2007b

  • 1. Software Management Through GPOs Jim Pattenaude, Marshall CUSD #C-2 Terry Sullivan, Shiloh CUSD #1
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 28.
  • 29.
  • 30. When to use each rule Zone rule Trusted Sites set to Unrestricted You want to allow software to be installed from trusted Internet zone sites Certificate rule Certificate used to digitally sign the scripts You want to identify a set of scripts that can be run anywhere Path rule flcss.exe, set to Disallowed You want to disallow a file installed by a virus that is always called flcss.exe Path rule with wildcards *.VBS set to Disallowed LOGIN_SRVhare.VBS set to Unrestricted You want to disallow all .vbs files, except those in a login script directory Path rule with wildcards DC??hare You want to identify a set of scripts on a set of servers, DC01, DC02, and DC03 Path rule SERVER_NAMEhare You want to identify a set of scripts on a central server Registry path rule %HKEY_LOCAL_MACHINEOFTWAREComputerAssociatesnoculateIT.0athOME% You want to identify a program that can be installed anywhere on client machines Path rule with environment variables %ProgramFiles%nternet Explorerexplore.exe You want to identify a program that is always installed in the same place Hash rule Browse to file to create hash You want to allow or disallow a specific version of a program Recommended Rule Task
  • 31.
  • 33. MS KB article 324036 http://support.microsoft.com/kb/324036/en-us
  • 34.
  • 35. Q&A Copy of Presentation: www.shiloh.k12.il.us/Presentations/SoftwareManagement Jim Pattenaude [email_address] Terry Sullivan [email_address]

Notas del editor

  1. Clarifying this up front will allow people to leave and find an alternate session if this is not what they are looking for.
  2. Briefly review each term/concept
  3. Briefly mention three processes for installing software – each will be covered in detail later
  4. Do NOT spend much time on this – everyone in attendance will be familiar with a traditional install method. The main purpose of this slide is to build a rapport with the audience and build their comfort level
  5. Review each bullet briefly, no need to elaborate. Main purpose is to differentiate an GPO-based install from a traditional install.
  6. Discuss what .msi file is. This is a topic that even some experienced users are not extremely familiar with. Do NOT go into TOO much depth at this point.
  7. Emphasize that most software that would be mass deployed either comes with a .msi file or has some other means to mass deploy. This is likely the EXCEPTION. Briefly describe the differences between each tool, but no need to dwell on each tool. These tools are likely more advanced than much of the audience is going to want to get into at this point. Perhaps poll the audience to determine how many are interested in making their own .msi files.
  8. Depending on interest determined previously, a demo of a real .msi creation can be started at this time. This is where the process can be reviewed. Again, depending on the audience this explanation may be sufficient to satisfy their interest.
  9. Do NOT spend much time on this slide. Use it simply as an introduction as some in the audience may not be familiar with the tool yet.
  10. General info – let them read from the handout. No need to discuss.
  11. Most users are probably familiar with this concept, but it should be mentioned because it is a key part of the process and is different from the way a “traditional” install works.
  12. Intro slide – each of these topics will be covered in depth. Do NOT spend much time on this slide.
  13. Review the process and start a demonstration at this time.
  14. If performing live demo at this point, you can choose to Assign or Publish before Advanced, but ultimately you will need to use Advanced in order to show the transforms. If pressed for time, ONLY use the Advanced option.
  15. This would be a good time to show the Sophos KB article where this exact scenario is discussed. http://www.sophos.com/support/knowledgebase/article/3090.html
  16. No need to go into too much detail here as this is beyond the scope of this session. If they are interested in this process, they need to attend one of the imaging sessions.
  17. http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx Hash Rules A hash rule is a cryptographic fingerprint that uniquely identifies a file regardless of where it is accessed or what it is named. An administrator may not want users to run a particular version of a program. This may be the case if the program has security or privacy bugs, or compromises system stability. With a hash rule, software can be renamed or moved into another location on a disk, but it will still match the hash rule because the rule is based on a cryptographic calculation involving file contents. A hash rule consists of three pieces of data, separated by colons: • MD5 or SHA-1 hash value•File length•Hash algorithm IDIt is formatted as follows: [MD5 or SHA1 hash value]:[file length]:[hash algorithm id] Files that are digitally signed will use the hash value contained in the signature, which may be SHA-1 or MD5. Files that are not digitally signed will use an MD5 hash. Example: The following hash rule matches a file with a length of 126 bytes and with contents that match the MD5 (denoted by the hash algorithm identifier of 32771) hash of 7bc04acc0d6480af862d22d724c3b049— 7bc04acc0d6480af862d22d724c3b049:126:32771 Certificate Rules A certificate rule specifies a code-signing, software publisher certificate. For example, a company can require that all scripts and ActiveX controls be signed with a particular set of publisher certificates. Certificates used in a certificate rule can be issued from a commercial certificate authority (CA) such as VeriSign, a Windows 2000/Windows Server 2003 PKI, or a self-signed certificate. A certificate rule is a strong way to identify software because it uses signed hashes contained in the signature of the signed file to match files regardless of name or location. If you wish to make exceptions to a certificate rule, you can use a hash rule to identify the exceptions. Path Rules A path rule can specify a folder or fully qualified path to a program. When a path rule specifies a folder, it matches any program contained in that folder and any programs contained in subfolders. Both local and UNC paths are supported. Using Environment Variables in Path Rules. A path rule can use environment variables. Since path rules are evaluated in the client environment, the ability to use environment variables (for example, %WINDIR%) allows a rule to adapt to a particular user's environment. Important: Environment variables are not protected by access control lists (ACL). If users can start a command prompt they can redefine an environment variable to a path of their choosing. Using Wildcards in Path Rules. A path rule can incorporate the '?' and '*' wildcards, allowing rules such as "*.vbs" to match all Visual Basic® Script files. Some examples: • "\DC-??login$" matches \DC-01login$, \DC-02login$•"*Windows" matches C:Windows, D:Windows, E:Windows•"c:win*" matches c:winnt, c:windows, c:windirRegistry Path Rules. Many applications store paths to their installation folders or application directories in the Windows registry. You can create a path rule that looks up these registry keys. For example, some applications can be installed anywhere on the file system. These locations may not be easily identifiable by using specific folder paths, such as C:Program FilesMicrosoft Platform SDK, or environment variables, such as %ProgramFiles%Microsoft Platform SDK. If the program stores its application directories in the registry, you can create a path rule that will use the value stored in the registry, such as %HKEY_LOCAL_MACHINESOFTWAREMicrosoftPlatformSDKDirectoriesInstall Dir%. This type of path rule is called a registry path rule. The registry path is formatted as follows: %[Registry Hive][Registry Key Name][Value Name]% Note: Any registry path rule suffix should not contain a character immediately after the last % sign in the rule. • The registry path must be enclosed in percent signs ("%").•The registry value must be a REG_SZ or REG_EXPAND_SZ. You cannot use HKLM as an abbreviation for HKEY_LOCAL_MACHINE, or HKCU as an abbreviation for HKEY_CURRENT_USER.•If the registry value contains environment variables, these will be expanded when the policy is evaluated.•A registry path rule can also contain a suffix path such as %HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerShell FoldersCache%OLK* This registry path rule identifies the folder that Microsoft Outlook XP uses to store attachments before launching them. The attachment folder always starts with the letters "OLK" so the rule uses wildcard matching. As an example, this rule matches the following path: C:Documents and SettingsusernameLocal SettingsTemporary Internet FilesOLK4Important When you set a path rule, you should check the access control list (ACL) entries on the path. If users have write access to a path, they can modify its contents. For example, if you allow C:Program Files, any power user on the machine can copy software into the Program Files folder. Path Rule Precedence. When there are multiple matching path rules, the most specific matching rule takes precedence. The following is a set of paths, from highest precedence (more specific match) to lowest precedence (more general match). • Drive:Folder1Folder2FileName.Extension•Drive:Folder1Folder2*.Extension•*.Extension•Drive:Folder1Folder2•Drive:Folder1one Rules A rule can identify software from the Internet Explorer zone from which it is downloaded. These zones are: • Internet•Intranet•Restricted Sites•Trusted Sites•My ComputerCurrently this applies to only Windows Installer (*.MSI) packages. It does not apply to software downloaded in Internet Explorer.
  18. This slide is HIDDEN. Only use this slide if time permits and the audience is sufficiently advanced.