
	The ZAG Technical Advisor
March 10, 2005 Volume 1, Number 2
In This Issue · Desktop Management Issues · Go To Assist Offering Relevant Links · ZAG Technical Services, Inc. · Symantec Antivirus · Software Update Services · Windows Update Service Contact Us http://www.zagtech.com info@zagtech.com	Technology Report: Desktop Management Issues In the not too distant past, administrators could focus the vast majority of their management time on servers. Servers were to be protected at all costs -- they were the crown jewels of the organization. Workstations, when affected by viruses and the like only led to pain that was localized to the user. They could be managed on a break fix basis. All of this, of course, has changed. Today there are three main factors, at a minimum, that need to be managed when it comes to desktops: virus protection, patch management, and spyware control. Antivirus Virus outbreaks led to the first fundamental change in how desktops are viewed. Management of workstations today is a core necessity. Every workstation is capable of spreading viruses across an enterprise. These machines can also do things such as take down a company’s Internet connection by flooding the firewall or Internet connection with virus borne traffic as it searches out new victims to infect, or flooding email servers with virus laden messages. Workstations need to be managed at a couple of different levels. The first is managing instances of antivirus on the workstations. No workstation should ever be allowed to be connected to the network without current antivirus protection. Central management of workstation antivirus updates is strongly recommended so that virus definitions can be quickly distributed from the management server in the event of a major outbreak. Firewall Protection Firewalls in the past were also relied upon to shelter workstations from Internet attack. This is also no longer sufficient. Various viruses that exploit problems with Internet Explorer security have infected Corporate Networks. Another cause for infection outbreaks is the prevalence of laptops. Many laptops may go home with employees, where they may not be protected by a firewall. They are then infected and brought back to the Corporate Network, where they are able to spread the infection from behind the firewall. Many of these instances exploit known bugs within Windows and are not a problem to patched machines. Therefore, the requirement is now put on IT to ensure that desktops are maintained current with patches and hotfixes. Software Update Services (SUS) There are several methods out there that will meet this requirement. One of the best early methods is to utilize Microsoft’s Software Update Services (SUS). SUS is a free product that distributes Windows updates to workstations locally on the LAN. The updates are only downloaded to the SUS server and then distributed to the clients. In Active Directory environments, the SUS instance can be forced on users, so that users don’t have a choice in being updated, and network security is therefore ensured. Windows Update Service (WUS) The successor to SUS will be Windows Update Service (WUS). Although currently in Beta, WUS is slated to be available the first half of 2005. The major benefit of WUS is that it will enable hotfix management of all Microsoft products. When first released, it will support Windows, Office, Exchange, SQL Server and MSDE products. It will support additional products as support is expanded. Another great benefit of WUS is that it will enable administrators to easily tell which systems have the required updates and which are missing updates. WUS will be used to update Windows 2000 and Windows XP . Administrators will also be able to run it in conjunction with SUS. Spyware The third step in protecting your desktops is to deploy an antispyware solution. Spyware programs track your travels on the Internet and report them to unscrupulous people that then use that information to send you advertisements and the like. Spyware can effectively shutdown your browser so that it no longer functions properly. There are several antispyware solutions available. Although only in Beta, ZAG has had very good results with Microsoft’s antispyware solution. The Beta version is currently free. Pricing information for the upcoming release of the product has not yet been made public. Summary Although the requirement to manage desktops has greatly increased, the tools to perform the necessary management have improved proportionally. Microsoft is preparing to release several more tools which will enable administrators to manage these tasks even more effectively. Administrators must keep on top of these tools to ensure their environments are protected. Go To Assist Offering To help with supporting desktops, ZAG has recently rolled out its Go To Assist offering. This tool allows ZAG to easily control a remote user’s desktop. This normally speeds up time to resolution of desktop issues dramatically. The cost for using this tool is very inexpensive. Security is also maintained with the Go To Assist offering. If you are interested, please contact us for further details. This email newsletter was sent to you as a service of ZAG Technical Services, Inc. If for any reason you do not wish to continue receiving them, please send an email to newsletter@zagtech.com and you will be removed from future mailings.

Technology Report:

Desktop Management Issues

Go To Assist Offering

This email newsletter was sent to you as a service of ZAG Technical Services, Inc. If for any reason you do not wish to continue receiving them, please send an email to newsletter@zagtech.com and you will be removed from future mailings.