Re: Checking for AV software on students machines

[Craig Blaha <blaha () TCNJ EDU>]

The College of New Jersey briefly discussed expanding our EPO license to
cover students and requiring an agent on student owned machines. We
decided against it because of the support issues it could raise. I'm
interested in how other people are dealing with the issue of mandatory
anti-virus, patches, agents, etc. creating issues (either real or
imagined) with a student machine. Do you charge for service, require
students to sign a waiver, etc?

Thanks,
Craig Blaha

Antivirus Administrator wrote:

> Hi all.
>
> I was informed of this recent discussion and joined this list to provide
> you with information about how we are doing things here at The
> University of Tennessee.
>
> Here is an overview of registration process.
>
> 1. We now truly have a private network. Students are required to
> register each semester. The computers only able to access our security,
> antivirus, DHCP, and DNS servers. There is currently discussion of
> forced re-registration for all computers, possibly more frequently.
>
> 2. When a Windows XP/2000 box attempts to register, the user is
> forwarded to a page to download an executable which is our "registration
> security tool".
>
> 3. This tool performs a series of checks on the registering system. It
> then applies service packs, hot fixes, McAfee AV & EPO, autoupdate
> repair and configuration, local security policies, and anything else we
> want the tool to do to the system.
> The software is only installed if needed (based on initial checks) to
> reduce registration time for properly configured systems.
> The tool is web based for efficiency and will only download the software
> that is required.
>
> 4. ***KICKER*** Only after it has been successfully executed does this
> tool update an internal database with all hardware (MAC) addresses that
> exist on the machine attempting to register.
>
> 5. The tool then guides the user through the registration process.
>
>
> If a Windows 2000/XP system attempts to register and is not found in the
> internal database, the system is always redirected to the security tool
> download page.
>
>
> On another note...
>
> For those of you using the EPO software, the system compliance profiler
> is a very useful tool to check for patches and any other registry
> settings or file versions. It is my hope to fully implement this with
> the new version of the EPO due to be released this year (currently in
> beta).
>
>
> Hope this is the info everyone needed.
>
> --
> I. W. Woodle (Wes)
> OIT Customer Technology Support
> LaDS/FRP/Antivirus Administration
> University of Tennessee, Knoxville
> (865)974.9600 iwoodle () utk edu
>
> **********
> Participation and subscription information for this EDUCAUSE
> Discussion Group discussion list can be found at
> http://www.educause.edu/cg/.


--

   *Craig Blaha*
   /Associate Director
   Information Policy, Security and Web Development/
   The College of New Jersey
   PO Box 7718
   Ewing, NJ 08628
   www.tcnj.edu

--------------------------------------------------------------
Reminder: E-mail sent through the Internet is not secure.
Do not use e-mail to send confidential information
such as credit card numbers, changes of address, PIN
numbers, passwords, or other important information.
Your e-mail message is not private in
that it is subject to review by the College, its officers,
agents and employees.
--------------------------------------------------------------

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.