Home page logo

nanog logo nanog mailing list archives

Large-Scale Manageability [Was: Re: [ok] Re: WMF patch]
From: "Fergie" <fergdawg () netzero net>
Date: Wed, 4 Jan 2006 23:40:11 GMT

A few dozen?

Try >10,000. Or 20,000. Or more.

Believe me -- I am glad I'm a network plumber -- I don't envy
the administrative job of managing an enterpise boat-load of MS
desktops -- it's a nightmare.Bbut it would perhaps be more of a
nightmare if they were not MS.

I've seen the scope firsthand, and I repect those folks immensely.

The problems here are many, and needless to say, we shouldn't
be trying to re-hash the debate on the appropriate desktop
enterprise OS, etc. -- that's a dead-end.

What _is_ handy is that that there nice tools available to roll
out patches to each end-system in a manageable fashion.

Now -- if only the patch were available...  :-)

And keeping users' from surfing the web and _not_ clicking on
exploit web pages is an exercise left for the reader (without being
a network nazi)...

- ferg

-- Fred Heutte <aoxomoxoa () sunlightdata com> wrote:

I understand the frustration Valdis has with the Microsoft situation.
I've done my share of patching and updating and crawling under
desks and wrestling with Exchange Server and all the rest,
and fortunately (for my sanity) I'm not managing a few dozen
M$ desktops anymore.  

My observation had more to do with the posturing of the "security" 
vendors (anti-virus, firewall, IDS, etc.) and the broad range of 
highly important experts who are all clamoring for attention on 
this and on all the other everyday security issues out there.  
There is certainly a need for security services and products and 
activities, but I am just not enamored of the "security mindset."  
This is just a part of what our job is so let's get on with it.  

And if we can convince the PHBs that moving off of Windows is 
(1) feasible, which is obvious; (2) manageable for them, which is 
not so clear, so much the better.  I've broken my hammer pounding
this particular nail, so having failed at moving management away
from Windows, I moved myself away from management.  


"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/

  By Date           By Thread  

Current thread:
  • Large-Scale Manageability [Was: Re: [ok] Re: WMF patch] Fergie (Jan 04)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]