Educause Security Discussion mailing list archives
Re: Logon Disclaimer
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Wed, 25 Aug 2010 17:40:47 -0400
On Wed, 25 Aug 2010 16:51:54 EDT, "James Farr '05" said:
As part of the processes you may have to install (windows patches, antivirus, and other software that etc, section currently under construction.) not created or supported by Utica College. These settings and software are mandatory for any users wanting to access our network resources.
As my co-worker Randy Marchany likes to say, "Never write a policy you aren't able to enforce". If it's "mandatory", how do you enforce it? If I have a Linux laptop, does it pass your check for windows patches or not? For that matter, how does your system verify that a Windows box has current patches installed? If you're running an all-AD network, you can probably use GPO to push a monitoring agent package onto all nodes and then run something that asks the agent what the current levels are - but absent a pre-installed agent, it gets really tricky. And if you *are* an all-AD network, then you don't need the disclaimer because you should have already *pushed* the patches to the box. :)
Attachment:
_bin
Description:
Current thread:
- Logon Disclaimer Shaun Gray (Aug 25)
- Re: Logon Disclaimer Gina Mieszczak (Aug 25)
- Re: Logon Disclaimer Valdis Kletnieks (Aug 25)
- Re: Logon Disclaimer James Farr '05 (Aug 25)
- Re: Logon Disclaimer Valdis Kletnieks (Aug 25)
- Wi-Fi student administrative system James Farr '05 (Aug 30)
- Re: Wi-Fi student administrative system Solem, Vik P. (Aug 30)
- Re: Wi-Fi student administrative system Shalla, Kevin (Aug 31)
- Re: Wi-Fi student administrative system Jeff Holden (Aug 31)