Arizona State University
 Windows Networking User Group

  Search:
  

WNUG Menu

  • Resources - Links
  • Membership
  • Mailing List
  • Windows AD at ASU
    •


    Meeting Notes for November 6, 2003
      Announcements
      Gary reminded everyone about the voting for CCC nominations. The deadline will be November 14th.

      Robin made an announcement regarding the upcoming Firewall Project. Everyone should contact their UNCEL reps by November 19th to provide feedback on ports which will be closed at the border firewall. Look to the UNCEL web page to find your rep.

      Robin also announced that the CISCO scan is happening until 11/11/03.

      SFTP will be required effective 12/19/03. FTP is being shut off on all UNIX servers.

      Checkpoint SecureRemote
      Robin Manke-Cassidy went through some of the important configuration options of SecureRemote.

      Remember that this software is pre-configured for ASU. The software requires authentication and you will be presented a pop up once a day (except in a multi-user environment).

      She mentioned the ability to enable/disable the service in the event you do not need to use it all the time. The two services are:
      CheckPoint SecureRemote - leave as is
      Checkpoint Watch Dog - Change the service from "automatic" to manual and then stop both services.

      Other tips were given as to how to configure student's windows login to utilize auto local login feature, but use the SecureRemote login with your id.

      Also mentioned that if users are off campus, with routers at home, need to obtain the latest firmware.

      Robin opened up the group for questions on SecureRemote and noted a few problems. She stressed the importance of the ASU Security Web page (www.asu.edu/security) to find many of the questions/answers posted in the FAQ section of each product. Also mentioned was the "ASK COMM-Q" link to send problems so that the team is aware and can address the issues.

      Next, Kerio Firewall information was given. It was mentioned that it is important to install SecureRemote first, and then install the Firewall application.

      Kerio has been licensed and configured for the ASU community.

      Do not run the workstation version on a server. There is an enterprise version for servers. Someone did mention that if "logging" was not enabled, it would run.

      Kerio 4.0 is coming out and will include RPC port blocking. There will be no new config file for ASU until the new version is released. You can export your current configuration and then import the rules to all your users.

      Robin is trying to write documentation for the end user. More info will be provided when this is available.

      It is important to use ASU's config file and not download from the vendor site.

      Open comments were made that if your customers have a University sponsored computer; you have to take some responsibility for keeping the machines secure.

      Dave Lee and Sharon Bushart gave information on Useful Tools. Sharon will make sure that document gets posted on WNUG web site. Dave gave presentation on the "Google Toolbar". Also mentioned was "Spybot". Be sure to check on the licensing issues if any of these tools. Sharon use to use ADaware but now there is a cost involved.

      Robin gave and update on the Windows 2003 Upgrade Project for the ASU Forest. The Development Environment will set for forest prep weekend of Nov 14th. All DCs in the forest should be done by Dec 19th so that the Adv2 can be implemented. Schedules for QA and Production are also set. By May 15th, 2004, production should be able to be utilizing Adv2 if all goes well.

      Open Discussions
      Many questions were asked regarding Email issues. Ron Page was available to take questions. Some of the main points mentioned were:

      Exchange 2000 went native mode last Friday (10/31/03). There are no longer any 5.5 servers. This did have an affect on Mac clients. The protocol for finding the server was different. The fix was to re-establish the profile for the mac clients. This did not affect 2001 clients.

      Email delay from COX - Ron mentioned that any message bound for ASU.EDU was delayed. Changes were made on Tuesday (11/4/03) from COX. At one point there were 1700 messages queued.

      Other issues were brought up which Ron can look into. He suggests utilizing email-q@asu.edu if you aren't already.

      There were talks of the bulk of spam mail that may be coming due to the "do not call" list.

      Also mentioned was the problem after enabling the spam filter, having problems sending messages to multiple recipients.

      Problem reported with quota and bounced e-mail. Appears that the "deleted recovery" should not count against the user's quota, but until this was deleted, Robin's email was getting bounced.


      Next meeting - Thursday, December 4, 2003 9:30 - 11:30 Computing Commons Auditorium


       
      Updated February 8th, 2005