Expert Profile
Lowell Heddings
OWNER of HOW-TO GEEK
My background in Windows and web programming has given me a unique perspective on how things "really” work. I started HowToGeek.com in 2006 because of my frustration with other how-to sites. The goal is to be the best source of how-to articles anywhere, easy enough for beginners but useful enough for geeks. In just three years, HowToGeek.com has become a trusted source of information, attracting more than 2.5 million unique visitors a month.
Contributions
4
Improving the Working Environment with Unified Communications
How System Center Helps Reduce IT Costs
IT Innovation in a Challenging Economy
Learn More
Featured Resources
Expert Blogs
Forefront
Enterprise Under Assault
SQL Server 2008 R2
SQL Server 2008 and Windows Server 2008: A Love Story
System Center
Facts You Should Know About Hyper-V and System Center
Windows Server 2008 R2
Windows Server's Top 5 Benefits for Today's Workforce
Unified Communications
Top Ten Reasons to Move to Exchange Server 2010 in 2010
Subscribe
My Answers
How can we rid our network of a worm outbreak without taking our PCs out of commission?
Second, you need to lock the machines down so that users are running on standard user accounts without access to install software. This will help cut down on the amount of stuff that can get through.
Third, the easiest way to deal with these scenarios is to start using System Images for the PCs, with a software package similar to Ghost. This way you build a single image and can easily re-deploy to PCs, wiping them clean of any crap on them.
To make that strategy succeed, you'll need to migrate user data from the desktops to the servers instead, so they aren't wiped when the PC is reloaded. You can do that with roaming profiles and exchange server, or just turning your PCs into thin clients with a Citrix environment.
These aren't the only answers, and I'm sure the other guys will contribute - this is just the strategy I've used in the past.
How to keep systems secured and protected from threats delivered such as drive-by downloads
Generally the people that are clueless enough to install one of those hijackware apps are also the same ones that shouldn't be installing new software in the first place.
The other plan, since you are running an enterprise system, is to use some content-filtering solutions on the firewall. Websense or similar solutions will pretty much prevent people from going to questionable sites in the first place, and while as the owner of an ad-supported site I cringe to tell you this - you can also block ads directly that way for the entire network.
Maximizing the number of VMs on a server?
In my experience, servers very rarely chew up a lot of CPU unless they are very heavily utilized, and RAM isn't an issue when dealing with ESX server on a powerful box - we've always been able to run a ton of VMs at once, even with a lot of activity on each.
The performance issue almost always comes down to disk access - we would have SQL Server boxes returning results in 10x the time they should have because so many of the applications were reading from the disk (internal RAID array) at once.
Moving everything to a SAN and keeping the worst offenders segmented helped make everything run smoothly across the board.
Will Internet Explorer implement established web standards?
Best bet is to make it work in Firefox, Chrome, Safari, and Opera.... and then use the conditional comment hack to serve up a separate stylesheet for IE. Using jQuery solves most of the Javascript problems as well.