Microsoft Windows InTune: Computers Overview


image

This is the second screen in the Windows InTune Console:

Computers

On the left you can see a list of all the computer groups that I’ve created. These machines are on 3 different networks but they all appear in this one central view, which makes administration very easy!

Selecting a group on the left takes you into a new view where you can see much more granular detail on the machines. At the minute, I’ve only got one machine in each group but you get the idea Smile

image

The “View Properties” button takes you deeper into that machine, with more sections available to view:

image

The first few tabs are all quite self explanatory…but the final two are very interesting.

Hardware

This gives an amazingly detailed list of the hardware in and related to the machine. For my laptop, this information includes:

  • Model
  • Serial Number
  • BIOS Name & Version
  • CPU Name/Type/Speed
  • Number of disks
  • Disk model
  • Disk Size
  • Number of partitions
  • Network adapter
  • IP Address
  • MAC Address
  • Monitor Resolution
  • Printers (including Soft printers like OneNote)

and more. It’s similar to the free ware program CPU-Z (which you may be familiar with) in that it gets really deep into you machine to give you all the information you could possibly need!

Software

This gives a list of all software installed on the machine…in this case:

image

It then gives you an idea of the category such as Browser, OS, Utility etc and also tells you if it’s a Virtual Application.

You can export these lists to either .csv or .html files for use with other applications and systems.

This feature fits really well in to the whole Software Asset Management piece, as organizations will have a complete, current list of all software installed on all machines. It’s very quick to update with added/removed software which will enable companies to be confident of compliance at all times.

Groups:

Creating a group is very straight forward. It has 3 sections, each with just one selection to make:

image

Details = Group name (and an optional description field)

Parent Group = Choose which group this will link off from. Either “All Computers” or one of your own.

Members = Choose which machines to add to the group.

Done.

I’ll cover deploy software to machines etc in a later post.

Kaspersky & Hardware Based Anti-Virus


This is pretty interesting…Kaspersky have received a patent for Hardware based Anti-Virus!

The idea behind this is that it will:

“neutralize the most widespread type of threat – malicious programs that store themselves or infect files on a computer’s hard drive”

by scanning data that is written to the disk. Kaspersky’s news article gives a good insight into how it works:

“The patented device is installed between a drive (hard drive or SSD) and the computing unit (CPU and RAM) and is connected to the system bus or integrated into the disk controller. The hardware antivirus solution allows or blocks writing data to disk, providing threat alerts and information about its operation to the user (user dialog is possible if the hardware antivirus control utility is installed on the PC)”

Interestingly, it can work on it’s own or in conjunction with existing AV software. One area where Kaspersky expect it to be especially effective is against rootkits, which can often prevent AV software from even running. As Kaspersky Technology Expert Oleg Zaitsec says:

“solution has a distinct advantage over conventional AV solutions because it monitors all attempts to access a memory device while remaining inaccessible to malware. This is critical for fighting such sophisticated threats as rootkits and bootkits”

Resources

People often complain that Anti virus software uses a lot of system resources such as CPU and RAM, so putting more hardware in there is going to be even worse…right? Wrong…Kaspersky have given the unit it’s own CPU & RAM to prevent this, in fact you can even attach a separate power supply.

Uses

This will probably be most popular in non-desktop machines including servers and, as Kaspersky say, ATM’s etc.

You can see the Kaspersky announcement here and the Neowin article that alerted me to this here.

Microsoft Security Essentials: Thoughts on AV


Microsoft Security Essentials (MSE) is available to everyone and it’s getting very favourable reviews from most people. The only nay-sayers so far seem to be the dedicated AV companies such as Symantec.

I’m not going to bother analysing the comments as it’s pretty obvious that most AV companies will say:

a) It’s rubbish

or

b) We don’t care because ours is so much better

and I’ve got an older post about how good I find it to be.

I think Microsoft’s introduction of a very good, easy to use, free anti-malware solution is a blessing and a breath of fresh air for home users. Just like the corporate market, there are now:

  • Too many manufacturers
  • Too many products
  • Too many features in each one

The number of machines I’ve seen that have at least 2 overlapping programs installed is pretty high. This is usually down to all the FUD (Fear Uncertainty Doubt) causing people to panic a little bit and over-protect themselves…this often causes the machine to run poorly.

Then you have the the sheer number of vendors-who all say their product is the best:

  • Symantec/Norton
  • Panda
  • Eset
  • Kaspersky
  • AVG
  • Bullguard
  • Avast
  • F-Secure

and that’s not all of them. Yes-you could argue that Microsoft have made this worse by offering a real contender but I don’t think that is the case…I think it will streamline this situation of over-choice. Microsoft is obviously a well respected brand and so many people will choose MSE because they’re familiar with the name. As it’s all free-it can’t really be anti-competitive really can it? All it can be is easier and better for the average home user…and that should be everyone’s focus in the world of consumer security.

I’m pretty sure that non-web savvy people searching the internet for “free anti-Virus” often leads to them downloading the opposite-a package full of bloatware, trojans, key loggers and more. However, people going to:

http://www.microsoft.com/security_essentials

will stop all that.

The idea that people having a manufacturer’s free product at home leads to them purchasing that vendor’s corporate offering at work isn’t particularly true, in my opinion. I speak to a lot of customers who run AVG at home…but none of them use AVG at work-they go with Symantec, Mcafee, Microsoft etc. I’ve also spoken to people who, after using Norton at home (usually as bloatware on a new machine) have removed Symantec from the workplace due to the bad experience!

All in all, I see this making it easier & safer for everyone involved :-)

Microsoft Security Essentials


Microsoft Security Essentials (MSE), Microsoft’s free home user anti-malware tool, was today released in all it’s final glory to the world at large.

I’ve been running the beta for a few months now and I find it to be brilliant…it’s easy to install, easy to use, un-obtrusive and hasn’t let any nasties through (touch wood!). I was a Kaspersky user previously but I started to have some issues with the Windows 7 RC so MSE came along at just the right time :-) I’d definitely recommend that you give it a go, so download it from:

http://www.microsoft.com/security_essentials/

For more in-depth info and screenshots-see my July post here.

Microsoft Security Essentials beta


You  may have seen that, a few weeks ago, Microsoft announced the beta of Microsoft Security Essentials (MSE); their free anti-virus/anti-malware software aimed at home users. The beta was limited to 75,000 downloads so I registered within 20 minutes of it going live on MS Connect and got ready to download it…unfortunately the website had a different idea. It told me that I wasn’t eligible to download the beta and that was that-I logged out empty handed :-(

I kept checking over the following days to no avail while, at the same time, Microsoft emailed me to see how my trial was going…I couldn’t believe they were mocking me so! I just logged in now to see if there had been any update on my application for the Office 2010 trial-it’s gone from “Pending” to not being there anymore- but as an unexpected bonus the download for MSE was there :-)

I’ve just got it installed and had it run it’s first scan and it’s looking good. It was a quick 5/6 click install process and it was scanning already-very impressive…here are some screenshots:

Something I’m quite surprised to see is that MSE contains Real Time Protection, helping protect users from zero-day attacks even without pre-defined virus signatures; for a free product-that’s pretty cool!

The Settings tab allows you to:

  • Set scan schedule
  • Change the default actions
  • Turn Real Time Protection on/off
  • Exclude files & locations
  • Exclude File Types
  • Exclude Processes
  • Choose to scan archive files
  • Choose to scan removable drives
  • Change Microsoft Spynet access

Spynet is something I hadn’t heard of before and it is Microsoft’s Online Community that collects, collates and processes information on malware and how it is affecting user’s machines. There are 2 levels of “membership” availalable, Basic & Advanced where advanced sends back more information such as file names and locations of affected software etc. It’s default setting is Basic…although it does say that “…personal information might unintentionally be sent to Microsoft” which, while I don’t really mind will probably upset some people ;-)

I’ve only had it installed for about half an hour but so far, it seenms to be pretty comprehensive in what it covers as well as being clear and easy to use. The fact that it provides real time protection AND scans removable drives as well as the basic cover makes me consider if, honestly, there’s any need for home users to look elsewhere.

Microsoft’s Forefront Business security software shows they’ve got the skills in this area and a lot of other products (Norton, F-Secure etc) are notorious for slowing PC’s down until they’re nigh on unusable-so this seems like a great alternative. When it comes to Anti-Virus I’m a Kaspersky fan but MSE looks to be a worthy competitor…good work once again from Microsoft :-)