Re: Symantec LiveUpdate and User Rights on Win2000

From: Alvin Chong (alvinchong_at_netvity.org)
Date: 05/27/05

Next message: Mihai Amarandei: "Re: Linking Password Length to Write-down probability"

Previous message: Adrian DuPre: "Suggestions for user password reset challenge questions?"
In reply to: Jason Lopez: "RE: Symantec LiveUpdate and User Rights on Win2000"
Next in thread: Paris E. Stone: "RE: Symantec LiveUpdate and User Rights on Win2000"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Jason Lopez" <jaylpz@sbcglobal.net>, "'Joe George'" <j.george@conservation.org>
Date: Sat, 28 May 2005 00:08:35 +0800

It is better to be in managed mode.

But make a Notebook Group,

Virus Definition Manager at Group Level -> Enable Continuous Live Update and
configure the number of days.

Once exceed the number of days, it would attempt to contact Live Update
servers via Internet at the specified intervals.
Only bad thing is there is no progress bar etc, totally transparent.

Normally I configure if more than 7 days, check at 15mins interval .

Hope this is helpful.

Alvin Chong

----- Original Message -----
From: "Jason Lopez" <jaylpz@sbcglobal.net>
To: "'Joe George'" <j.george@conservation.org>
Cc: <security-basics@securityfocus.com>
Sent: Friday, May 27, 2005 12:44 PM
Subject: RE: Symantec LiveUpdate and User Rights on Win2000

Just a suggestion:
With Symantec you are able to install an "unmanaged" version of the client.
The unmanaged version will allow the laptops (when connected to the
internet) go out and reach the live-update server.
Thx,
Jay

-----Original Message-----
From: Joe George [mailto:j.george@conservation.org]
Sent: Thursday, May 26, 2005 12:33 PM
To: security-basics@securityfocus.com
Subject: RE: Symantec LiveUpdate and User Rights on Win2000

Sorry, I should have provided more details. We do indeed have a centralized
managed server providing updates. The problem is when, a client (say one
with a laptop) leaves the office, their updates aren't being regularly
pushed. Without liveupdate ability while under user rights, this is
extremely troublesome for those who will be on travel for longer than 2-3
weeks (which is often the case here).

Thanks for your prompt input, Anthony.

Best regards,

Joe

-----Original Message-----
From: Bundschuh, Anthony D [mailto:ANTHONY.D.BUNDSCHUH@saic.com]
Sent: Thursday, May 26, 2005 3:26 PM
To: 'Joe George'; Bundschuh, Anthony D; security-basics@securityfocus.com
Subject: RE: Symantec LiveUpdate and User Rights on Win2000

You could setup a Symantec Central server. The users would not be able to
do live update, but the server would push out updates.

-----Original Message-----
From: Joe George [mailto:j.george@conservation.org]
Sent: Thursday, May 26, 2005 1:18 PM
To: Bundschuh, Anthony D; security-basics@securityfocus.com
Subject: RE: Symantec LiveUpdate and User Rights on Win2000

We do not want them to have power user rights either.

-----Original Message-----
From: Bundschuh, Anthony D [mailto:ANTHONY.D.BUNDSCHUH@saic.com]
Sent: Thursday, May 26, 2005 3:13 PM
To: 'Joe George'; security-basics@securityfocus.com
Subject: RE: Symantec LiveUpdate and User Rights on Win2000

You can add the users to the power users group. Power users can install
virus definitions.

-----Original Message-----
From: Joe George [mailto:j.george@conservation.org]
Sent: Tuesday, May 24, 2005 9:56 AM
To: security-basics@securityfocus.com
Subject: FW: Symantec LiveUpdate and User Rights on Win2000

Greetings all,

We are currently in the process of removing Administrative rights from end
users. As you may already know, when someone logs in with only User rights,
they are no longer able to install AV definitions through the LiveUpdate
feature. This is one of the most crucial things we'd like our clients to be
able to access in case they are on travel or working remotely. A
Trojan/virus has less of a chance of being initialized under user rights,
but it is important that the user be able to maintain the definitions if
needed. Is there a tweak out there?

Thanks in advance.

Best Regards,

Joe George
IT Analyst
Conservation International

Next message: Mihai Amarandei: "Re: Linking Password Length to Write-down probability"

Previous message: Adrian DuPre: "Suggestions for user password reset challenge questions?"
In reply to: Jason Lopez: "RE: Symantec LiveUpdate and User Rights on Win2000"
Next in thread: Paris E. Stone: "RE: Symantec LiveUpdate and User Rights on Win2000"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: Symantec LiveUpdate and User Rights on Win2000
... You could setup a Symantec Central server. ... do live update, but the server would push out updates. ... Symantec LiveUpdate and User Rights on Win2000 ...
(Security-Basics)
RE: Symantec LiveUpdate and User Rights on Win2000
... Symantec LiveUpdate and User Rights on Win2000 ... managed server providing updates. ...
(Security-Basics)
RE: Symantec LiveUpdate and User Rights on Win2000
... local admin access, they will be able to do what you ask without you giving ... Symantec LiveUpdate and User Rights on Win2000 ... managed server providing updates. ...
(Security-Basics)
RE: Symantec LiveUpdate and User Rights on Win2000
... With Symantec you are able to install an "unmanaged" version of the client. ... Symantec LiveUpdate and User Rights on Win2000 ...
(Security-Basics)