The Desktop Environment:

Tools and Support May 15, 2014

Support Tools

LANDesk – Desktop Management - Kevin Morris

Symantec EndPoint Protection – Anti-Virus/ Firewall - Nelson Roman

FACTS – Knowledge Base - Tanya Thomas

Trustwave – Network Access Control – Donald Olivier

Active Directory – Network Services – Stephen Flynn

Service Desk Express – Service Management – Stephen Flynn

PERMISSION REQUEST

REMOTE SESSION

INVENTORY/QUERIES

SOFTWARE DISTRIBUTION

PATCH MANAGEMENT

Symantec Endpoint Protection 12.1

Symantec Endpoint Protection 12.1

What is Endpoint Protection?

• Symantec Endpoint Protection is an endpoint security solution created through a layered approach to defense. With unique, layered technology, it detects and removes more malware than any other product in its class. Derived from Symantec’s global intelligence network, our unique Insight and SONAR technologies enable faster scan, more accurate detection, and higher performance while utilizing fewer resources. With single management console, Symantec Endpoint Protection provides advance protection across multiple platforms both physical and virtual. – http://www.symantec.com

How are Fordham University computers protected from malware?

• All university desktops come with a managed installation of SEP

• All university laptops come with an unmanaged installation of SEP

• Fordham IT provide SEP software (unmanaged) free to all Students, Faculty and Staff for use on their Mac and Windows PCs

• The software can be found on the www.fordham.edu/it downloads page

What is the difference between the managed and unmanaged versions of SEP?

• Both installations will provide virus / malware protection to the computer

• For managed client installations, User Support manages the policies regarding Virus Protection and Firewall rules which protect the computer against malicious code and activity

• For unmanaged client installations, SEP reaches out to Symantec to download all new updates and virus definitions. The end user has control on what features and settings to enable, disable and configure

What is the difference between the managed and unmanaged versions of SEP?

Managed Client • A managed client communicates with a management server in the

Fordham network. The IT administrator configures the protection and the default settings, and the management server downloads the settings to the client.

• The user does not have the right required to configure the client. All the settings are locked or unavailable.

• The IT administrator manages the client, but User Support can change some client settings and perform some tasks. For example, User Support is able to run scans and manually retrieve client updates and protection updates.

• The IT administrator manages the client. User Support can change all the client settings and perform all the protection tasks.

Unmanaged Client • An unmanaged client does not communicate with a management

server and an IT administrator does not manage the client. • The user has all the right to configure the client. All the settings

are available to configure. • All administrative tasks can be run by the client. • It is self-managed client.

Symantec Endpoint Protection Manager (SEPM)

• User Support manages the settings and policies pushed down to computer through the SEPM

• User Support can monitor up to date protection of managed computers

• Reports can be generated to see protection status, what type of virus infections are on computers, how successful is SEP at blocking Viruses and Spyware and much more

• Firewall settings are set to block or allow certain ports that are needed or can cause a risk to the computer or network

• User Support can even push a new version of SEP when available from Symantec to computers without even stepping foot into the end users office

Symantec Endpoint Protection Manager (SEPM) Screenshot

Symantec Endpoint Protection Manager (SEPM) Screenshot

Symantec Endpoint Protection Manager (SEPM) Screenshot

FACTS Fordham Answers for Computer Technology & Support

Presented by Tanya Thomas

FACTS Fordham Answers for Computer Technology & Support

Presented by Tanya Thomas

Topics

What is FACTS? How to Access FACTS Open a ticket from FACTS View Ticket Status Questions

What is FACTS? • FACTS is a knowledgebase of

Frequently Asked Questions about Fordham IT Services and General IT solutions.

• It serves as a self-service portal providing solutions to end-users to resolve incidents, without having to contact IT Customer Care.

How to access FACTS?

1. Login to My.Fordham.edu 2. At the Home screen, scroll

down to FACTS – Online IT Support

FACTS Opening Screen

How to Search FACTS

Open a Ticket

View Tickets

View Tickets

QUESTIONS??

Thanks for your time!

Trustwave

Network Access Control

FORDHAM UNIVERSITY

COMPREHENSIVE ENDPOINT CONTROL

32

Presenter Donald Olivier

Manager Of User Support

Trustwave

Network Access Control

FORDHAM UNIVERSITY

COMPREHENSIVE ENDPOINT CONTROL

33

Presenter Donald Olivier

Manager Of User Support

Agenda: - Overview of NAC (Network Access Control). - Features/Use case of Trustwave NAC. - How is Trustwave Used Today? - Questions will be answered at the end.

Presenter Donald Olivier Manager Of User Support 34

Trustwave

Network Access Control

OVERVIEW: • Trustwave Network Access Control (NAC) is used within the university to

secure, protect, and monitor the Wi-Fi network access. • Trustwave provides secure access by validating that each device on

boarding has been checked with current updates for AV, OS patches and FW enabled.

• This help prevent the spread of malware and other threats that can negatively impact the university network and or expose our infrastructure to potential harm.

35 Presenter Donald Olivier

Manager Of User Support

Trustwave

Network Access Control

Key features of Trustwave Network Access Control: • Agent-less deployment for seamless deployment and monitoring • Complete protection for all endpoints, managed and unmanaged • Automated detection and restriction of non-compliant devices • Automated policy enforcement across all devices • Analysis of every packet from every device • Ongoing security checks throughout device's connection • Unified view of endpoint activity

36 Presenter Donald Olivier

Manager Of User Support

Trustwave

Network Access Control

How Trustwave is used: - To securely allow students, guest, faculty & staff to bring personal

or university devices, authenticate through portal with either Guest or ACCESSIT ID, sanity check the device.

- Authentication is required on a the 1st of each month for all devices with the exception of devices that have been exempt.

Presenter Donald Olivier Manager Of User Support 37

Trustwave

Network Access Control

• Thank you for participating in this Learn IT. • If you have questions we will answer them at the end of the

presentation.

38 Presenter Donald Olivier Manager Of User Support

Trustwave

Network Access Control

Active Directory

Overview

You log into your computer with your AccessIT ID & password

Your screen saver activates and locks your screen after 30 minutes, keeping your data confidential while you are away from your desk

You have the option of having your documents safely stored on a network drive, P is your personal drive; S is for files shares

The network drive provides a backup if they are ever lost or corrupted

Access to new University service is done though Active Directory

What Is New

Service Enterprise Printing

Active Directory allows for the creation of network print queues.

Enterprise Printing Overview

Print queues can be available University wide or limited to a location.

Usage of the printers can be open or restricted to select groups or individuals (departments, offices, etc.)

Enterprise Printing will uses Canon multi-function devices and HP printers.

Canon multi-function devices are already deployed throughout the University and can be added as network print queues.

Canon maintains these devices -- including toner and paper for a fixed per page charge.

Enterprise Printing Objectives

Provide a wide range of services – Print, Scan and Copy

Printing – Anytime and Anywhere

Greater selection of quality printers is available

Green initiative – print delivery can be done when the individual wants to print

Security of printed materials – printing on demand ensures confidentiality of the documents printed

Cost saving on toner and ink cartridges – volume discounts

Active Directory allows for the creation of network print queues.

Eliminate costly desk top printers.

Service Desk Express (SDE)

Also known as Magic

Service Desk Express (SDE)

Also known as Magic

SDE – Who Uses

Service Request Ticketing System used by Fordham IT and our Business Partners.

Started as a Help Desk ticket package. Overtime usage has grown beyond Fordham IT.

Currently being used by:

Academic Affairs

Development & University Relations

Enrollment

Facilities

Finance

Graduate School of Business

Library

Primary usages

Services Request Tickets

System of record for University computer assets

Tracking of leased equipment for timely replacements

The Future of SDE

Application is older as is coming to end of life.

The University is in the process of evaluating other applications. The current applications available provide increased capabilities for internal usage as well as client usage. These include

Availability on different device platforms i.e. tablets and phones

Self Service that allows the client greater capabilities for service ticket creation and updating

Greater integration with other University applications

Automated work flow