Educause Security Discussion mailing list archives

Re: Remaining XP Machines

From: "Mclaughlin, Kevin (mclaugkl)" <mclaugkl () UCMAIL UC EDU>
Date: Sat, 1 Mar 2014 03:56:51 +0000

Hi All:

We are using Bit9 for XP SP3  and Symantec Critical System Protection for XP SP1 and XP SP2 that we can't migrate.

-Kevin

________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Cheryl O'Dell 
[cherylo () UNL EDU]
Sent: Friday, February 28, 2014 7:10 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Remaining XP Machines

Hello,

We too have been identifying, notifying, and working with users with Windows XP machines still in service.  We’ve made 
good progress, but have several exceptions due to being tied to special instruments and old software.  We are moving 
them off of the network.  Our administration made the determination to not let Windows XP machines login to our SAP 
instance.  As of today, we don’t have any plans to block from our network – but have warned users if they continue to 
use Windows XP and (when) we see bad traffic, we will then have to block it.  I’m focusing on telling the users that 
they need to worry about being able to use their Windows XP machine after April 8, not because of our security team, 
but because their data/machine/service will be at risk and if/when malware is introduced, they won’t be able to use it 
anyway.


Cheryl O’Dell, CISSP
Sr. Information Security Analyst
University of Nebraska/Lincoln
126 501 Building, 68588-0203
(402) 472-7851
cherylo () unl edu<mailto:cherylo () unl edu>

Information Technology Services
Reliable. Resourceful. Relevant.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bohlk, 
Christopher J.
Sent: Friday, February 28, 2014 2:51 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Remaining XP Machines

Hi All,

I was wondering if you have determined how you will handle any XP machines that have not been removed or upgraded after 
the EOL?  Do you plan on denying them access to the network using technical controls?  If so, how long a period after 
the EOL are you planning on implementing such controls?

Thanks,
Chris

Chris Bohlk, CISSP, C|EH
Pace University
Information Security Officer
Information Technology Services (ITS)
235 Elm Road, West Hall 212A
Briarcliff Manor, NY 10510
(914)923-2649  Office

Current thread:

Remaining XP Machines Bohlk, Christopher J. (Feb 28)
- Re: Remaining XP Machines Ryan Skelton (Feb 28)
- Re: Remaining XP Machines Cheryl O'Dell (Feb 28)
  - Re: Remaining XP Machines Mclaughlin, Kevin (mclaugkl) (Feb 28)
- <Possible follow-ups>
- Re: Remaining XP Machines Mertz, Brian E (Feb 28)