360ITAdvice - Real Challenges, Expert Solutions

Network storage for a photo/video studio awash in a pile of portable hard drives?

Tim Higgins — Fri, 18 Dec 2009 04:14:34 +0000

I operate a business, Cinevate, that designs and manufactures highly innovative tools for filmmakers. As a former IT analyst, I’ve been experimenting with NAS units, LAN topolology and affordable integrating into typical video and photo editing workflow.Stillmotion
is a highly successful studio based out of Toronto, Canada, that is raising the bar for wedding and corporate video world wide. With an award winning team of both photographers and cinematographers (sponsored by Cinevate, Canon and Steadicam), the team travels worldwide with a pile of equipment including from two to five MacBook Pro laptops. Once back in their studio, data that was backed up to external drives is often distributed via external flash drives for rough cutting and final processing. They estimate approximately 25TB now exist on a growing collection of external firewire or USB connected hard drives. They currently have only wireless connectivity in their studio. No LAN wiring, switches, servers or NAS units are currently present.
Stillmotion is looking for 50TB or so of storage that would be available to each laptop/workstation in their studio. At any time, they might have from two to six editors who would require access to the collection of video/photo data.
They would normally not edit from the storage directly, but rather archive projects there when done with editing on the Mac laptops or workstations.
Ideally all 50TB would be backed up offsite. Their budget is in the $15,000 area to start, keeping in mind that they are prepared to phase in storage beyond 25TB or so as required.

A way to stop people from bringing software into my network?

siteadmin — Fri, 11 Dec 2009 23:04:24 +0000

Group Policy is my favorite part of managing a Microsoft Windows network. I want to use the power of Group Policy to stop all the software that makes its way onto my network.

Everyone who logs onto a computer on my network wants to install things that I don’t want there. I have successfully stopped them from downloading off the internet through my firewall. My big problem now is CDs and USB drives. The software that we run prevents me from making everyone use a guest account. I’ve tried methods of blocking certain extensions on removable devices, but some crafty folks bring in files with text extensions and then rename them after copying the files onto their Documents folder.

What is the best method of stopping users from accessing executable-type files through removable devices or through non-approved folders? Is AppLocker the answer?

What is the best way to deploy Windows 7?

blair-briggs — Fri, 11 Dec 2009 22:42:13 +0000

There are so many imaging options out there. Which is the best way to ensure I have a standard deployment method?

Through the years, we have always relied on Ghost to image our computers, but now there are different and possibly better ways to deploy Windows on a corporate network.

Is the Microsoft Deployment Toolkit a better method of deploying Windows to workstations than the earlier methods (such as drive imaging)? Where can I find videos and tutorials that will teach me how to access all the features and functions of MDT? Will I need to obtain a Phd in MDT to be able to successfully use it?

How to setup a corporate firewall to work with DirectAccess?

blair-briggs — Fri, 11 Dec 2009 22:32:47 +0000

DirectAccess is a great technology with Windows 7 and Server 2008 R2, but I don’t have any servers outside my firewall. How to route? Our network is protected by a corporate firewall. All of our machines, including servers, are located inside the firewalls. The firewall stops all access to the capabilities of DirectAccess because the machines outside the firewall, cannot access the servers inside the firewall. What ports and services do I need to forward through my firewall to make DirectAccess work for someone outside my network? Will I have to forward anything else to allow access to files hosted on multiple servers?

How can we rid our network of a worm outbreak without taking our PCs out of commission?

larry-abrams — Tue, 08 Dec 2009 19:45:21 +0000

I am a partner for a large New York City Law Firm. On numerous occasions our network has become bombarded with worms that infect numerous, if not all, of the computers on our network. When this happens, cleaning the computers can be a nightmare as when we clean a computer, another infected computer will just infect it again. We have anti-virus programs on all of our computers and servers, but unfortunately new infections may sneak past them and we are left with a big mess that is very tough to clean up.

For example, in our latest situation we were hit with a worm that spread throughout our network, but would not allow us to update Windows until the infection was removed. As you can imagine, this made it extremely difficult to patch the holes that were allowing the worms and malware through in the first place, thus our computer kept re-infecting themselves after we would clean them.

Can you suggest the proper method for cleaning up these types of network-wide infections? What procedure should we use that would cause the least amount of downtime to our employees? If you could provide this in a step-by-step approach it would be appreciated.

How to keep systems secured and protected from threats delivered such as drive-by downloads

blair-briggs — Sat, 05 Dec 2009 17:09:19 +0000

I work with a very large enterprise company that has a very distributed environment (international with many small remote locations).

In today’s world, the use of the Internet is crucial to day to day business operations. Even with firewalls and anti-virus software, users still get infected with virus’s and malware. Most notable is the drive by downloads and related vectors of infection. The most common example would be the rouge, fake anti-virus programs.

As we look forward to windows 7 in the enterprise along with the enhancements that cloud computing bring to the anti-virus software, is there a better way to sandbox or secure the browser model from drive by downloads and similar vectors of attack?

How do you get everything you have in Novell with all Windows native products?

blair-briggs — Sat, 05 Dec 2009 16:57:47 +0000

We’re a school with multiple locations, currently using Novell, but wanting to move to MS. Unfortunately, there is no way to get everything we have with Novell from MS.

Novell comes with Zen, which has a number of features that do not come standard with Windows. One is an image deployment method. Microsoft has come a long way in this, but it’s not nearly as simple as it is with Zen. Remote control access to computers — Windows users need to rely on products like VNC or websites like Dimdim. Remote access to files — Novell has netstorage, and while Windows now has DirectAccess, schools do not have the ability to upgrade every piece of equipment to Windows 7 and Server 2008 R2. Finally, login password policies — Grace periods after a certain number of incorrect attempts, only allow a single user login at a time.

How do I tell a school that it is better to switch to Microsoft when they get all these things with Novell? If they switched, they would have to rely on third-party software and pay a lot extra for the features.

Tracking the ‘privileged behavior’ of external vendors and out-sourcing experts to meet gov’t regs?

daniel-petri — Thu, 03 Dec 2009 11:34:45 +0000

I work with a large consulting firm, West Coast, U.S.

Some of my clients are required to meet regulations related to the government, health and financial markets (such as Section 404 of the Sarbanes Oxley Act). While most issues have been covered by my colleagues, I have still one issue that remains unanswered, and I seek advice.

As more and more external vendors and out-sourcing experts are connecting to our networks, I would like to generate daily reports about what these privileged users are doing on my servers and applications, especially high risk activities like privileged user behavior, direct access to sensitive data stores, user privilege escalation, failed logins, and failed database operations.

To demonstrate compliance and ensure security best practice, organizations need to have comprehensive, trustworthy database security controls that protect access to data and control changes to it. However, using Windows logging/auditing or firewall logs can show me who has connected, but not what they did once they connected.

We are looking into a solution that will help us meet these regulations and automate these controls.

Any advice will be greatly appreciated.

Help! Designing a cloud-based, SaaS application?

Patrick Houston — Wed, 02 Dec 2009 14:30:00 +0000

I am looking to design a cloud based, SaaS software for end-to-end customisable HRM solution (going through the entire employee life-cycle: from resume screening to pre-hire to payroll management to exit). I have no experience in SOA or cloud computing as I have only worked on traditional client-server model of software. I would like to know how to go about designing a flexible and scalable cloud- based software which can be offered as a service. I dont know where to start! Help!

Calculating legs for an unbalanced binary tree?

Patrick Houston — Mon, 30 Nov 2009 16:42:31 +0000

We have unbalanced binary tree, growing at speed of 5,000 new records in a day. Database is MSSQL 2005.

We are using stored procedures (looping) to count legs for each ID. We want to know what should be the best method to do such calculations?