If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Secure Out of the box?
wipe it out.
all your computers should be from a very similar image when given out, so they are easiest to maintain. Ideally, all have the same hardware too. Preloaded systems often have systray (always running) junkware and services that really cut performance (hey, you need a faster processor and more memory!)... -----Original Message----- Hello All, I have a couple of questions for all Windows XP security guys here. We (my company) purchased 30 brand new machines from Dell. Before you introduce those machines to your network,which if these two option would you do and why? a. Boot them up and add them to the domain and do all extra configurations to the machine as you along with the end user? b. Wipe out a machine, re-install a clean copy of Windows XP and Office XP, do all OS and Office updates, do the nessesary changes to the registry for misc items, then extract an image of the machine. Now do the same step above and and install production applications and reimage so you can keep one with clean WinXP and another one with all production apps. Then deploy to all new and future workstations. Is this me the only one thinking this way or is there's anyone outthere that thinks this is a MUST do for any organization in order to mantain platform consistency? I just don't believe in all the 3rd party applications that comes preloaded with vendords PC. Thanks HecG . |
Ads |
#2
|
|||
|
|||
Secure Out of the box?
"GX" wrote in message . com... Hello All, I have a couple of questions for all Windows XP security guys here. We (my company) purchased 30 brand new machines from Dell. Before you introduce those machines to your network,which if these two option would you do and why? a. Boot them up and add them to the domain and do all extra configurations to the machine as you along with the end user? b. Wipe out a machine, re-install a clean copy of Windows XP and Office XP, do all OS and Office updates, do the nessesary changes to the registry for misc items, then extract an image of the machine. Now do the same step above and and install production applications and reimage so you can keep one with clean WinXP and another one with all production apps. Then deploy to all new and future workstations. Is this me the only one thinking this way or is there's anyone outthere that thinks this is a MUST do for any organization in order to mantain platform consistency? I just don't believe in all the 3rd party applications that comes preloaded with vendords PC. Thanks HecG HecG- Plan B is the only way to go, and here is some required reading for securing Windows XP. SP2 will be much more secure out of the box, until then pay attention to security issues! Windows XP Security Guide http://www.microsoft.com/downloads/d...displaylang=en Good Luck! PS |
#3
|
|||
|
|||
Secure Out of the box?
If you're deploying a bunch of workstations with virtually identical
hardware, I'd use ghost - set up a machine as you wish, patch it, install whatever you need, take it out of the domain, create a ghost image to the server, run ghost to deploy it to the workstations, change the names as you need to, run ghostwalker to change the SIDs, and then rejoin to the domain. GX wrote: Hello All, I have a couple of questions for all Windows XP security guys here. We (my company) purchased 30 brand new machines from Dell. Before you introduce those machines to your network,which if these two option would you do and why? a. Boot them up and add them to the domain and do all extra configurations to the machine as you along with the end user? b. Wipe out a machine, re-install a clean copy of Windows XP and Office XP, do all OS and Office updates, do the nessesary changes to the registry for misc items, then extract an image of the machine. Now do the same step above and and install production applications and reimage so you can keep one with clean WinXP and another one with all production apps. Then deploy to all new and future workstations. Is this me the only one thinking this way or is there's anyone outthere that thinks this is a MUST do for any organization in order to mantain platform consistency? I just don't believe in all the 3rd party applications that comes preloaded with vendords PC. Thanks HecG |
#4
|
|||
|
|||
Secure Out of the box?
One or another variation of your plan B.
Your issues in deployment will all stem from what is on the machines, so you do want to exercise control over the base image that defines what you will support. RIS works nicely for fresh or imaged installs. If your purchases are large enough, the major vendors will take your image and lay it on for you. -- Roger Abell Microsoft MVP (Windows Server System: Security) MCSE (W2k3,W2k,Nt4) MCDBA "GX" wrote in message . com... Hello All, I have a couple of questions for all Windows XP security guys here. We (my company) purchased 30 brand new machines from Dell. Before you introduce those machines to your network,which if these two option would you do and why? a. Boot them up and add them to the domain and do all extra configurations to the machine as you along with the end user? b. Wipe out a machine, re-install a clean copy of Windows XP and Office XP, do all OS and Office updates, do the nessesary changes to the registry for misc items, then extract an image of the machine. Now do the same step above and and install production applications and reimage so you can keep one with clean WinXP and another one with all production apps. Then deploy to all new and future workstations. Is this me the only one thinking this way or is there's anyone outthere that thinks this is a MUST do for any organization in order to mantain platform consistency? I just don't believe in all the 3rd party applications that comes preloaded with vendords PC. Thanks HecG |
Thread Tools | |
Display Modes | |
|
|