[THIN] Re: Trend Micro Office Scan 7.3 vs Server Protect
- From: "Euan Cooper" <euan.cooper@xxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Fri, 15 Jun 2007 11:46:37 +1200
As I mentioned - still early testing, but there is an option checkbox in the
management console "Privileges and Other Settings" called "Do not allow users
to access the client console from the system tray or Windows Start menu" that
turns the pccntmon.exe process on or off - this option also removes the Office
Scan icon from the system tray.
This option can be set globally - which will then effect all computers on the
office scan server or it can be set individually - with us only having 4
production & 1 test TS box this probably wouldn't be a significant issue - with
large installations it could be.
-Ec
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of
Jeremy Saunders
Sent: Friday, 15 June 2007 10:45 a.m.
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Trend Micro Office Scan 7.3 vs Server Protect
This is good news Euan. It means they've finally resolved the issue, and it's
time to phase out ServerProtect altogether.
Thanks for letting us know about version 8.
Cheers.
Kind regards,
Jeremy Saunders
Senior Technical Specialist
Infrastructure Technology Services
(ITS) & Cerulean
Global Technology Services (GTS)
IBM Australia
Level 1, 1060 Hay Street
West Perth WA 6005
Postal: PO Box 525, West Perth WA
6872
Visit us at
http://www.ibm.com/services/au/its
P: +61 8 9261 8412 F: +61 8 9261 8486
P: (Reception) +61 8 9261 8420 E-mail:
M: TBA jeremy.saunders@xxxxxxxxxxx
"Euan Cooper"
<euan.cooper@hbrc
.govt.nz> To
Sent by: <thin@xxxxxxxxxxxxx>
thin-bounce@freel cc
ists.org
Subject
[THIN] Re: Trend Micro Office Scan
15/06/2007 05:20 7.3 vs Server Protect
AM
Please respond to
thin@xxxxxxxxxxxx
g
I have installed Office Scan 8.0[1] on our test TS and there is no pccntmon.exe
process that I can see - there is a single system process
called ntrtscan.exe which looks like it does the real time scan. I
did try downloading eicar.zip from the trend site on my test box and Office
scan was all over it[2]. Early days of testing and I'm still a way off
committing to deployment on production servers but so far looking good.
-Ec
1 I know the subject line says 7.3 but earlier in the week when searching the
trend
site for docs/guidelines for Office Scan on TS I found they had released 8.0
2 like a donkey on a waffle
pccntmon.exe
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of
Jeremy Saunders
Sent: Friday, 15 June 2007 12:25 a.m.
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Trend Micro Office Scan 7.3 vs Server Protect
That's true Rick. I personally set a policy to remove the process from the RUN
key on all my deployments, but customers are not always comfortable with that,
because it means that you're disabling real-time scanning. I guess you could
then run a Scheduled Task an an Administrative user to execute the PccNTMon.exe
process. But I've not tried that.
Cheers,
Jeremy.
"Rick Mack"
<ulrich.mack@gmai
l.com>
To
Sent by: thin@xxxxxxxxxxxxx
thin-bounce@freel
cc
ists.org
Subject
[THIN] Re: Trend Micro Office Scan
14/06/2007 06:14 7.3 vs Server Protect
PM
Please respond to
thin@xxxxxxxxxxxx
g
Hi Jeremy,
But that's why we've got group policies.
In your TS server OU group policy under machine configuration > windows
settings > security settings > file system, and add file > pccntmon.exe.
Just set the ACL on pccntmon.exe to admin read/execute only and remove users.
It's also a great way to get rid of stuff like the Altiris agent, ctfmon.exe
etc on your terminal servers.
regards,
Rick
--
Ulrich Mack
Commander Australia
On 6/14/07, Jeremy Saunders <jeremy.saunders@xxxxxxxxxxx> wrote:
I don't know about that. There were definitely some engine issues with
ServerProtect that caused some issues over the years, but it's a lot less
intrusive than OfficeScan. OfficeScan runs the PccNTMon.exe process in
every session, which is its version of the real-time scan monitor. In my
opinion OfficeScan uses more resources overall. I guess it depends on
your
particular environment as to whether or not this really matters.
Cheers.
Kind regards,
Jeremy Saunders
Senior Technical Specialist
SBC SITES ONLY GOOGLE SEARCH: http://www.F1U.com
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use
the below link:
//www.freelists.org/list/thin
************************************************
SBC SITES ONLY GOOGLE SEARCH: http://www.F1U.com
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use
the below link:
//www.freelists.org/list/thin
************************************************
SBC SITES ONLY GOOGLE SEARCH: http://www.F1U.com
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation mode use
the below link:
//www.freelists.org/list/thin
************************************************
SBC SITES ONLY GOOGLE SEARCH: http://www.F1U.com
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************
Other related posts:
