If you “purchase” Intune for $11 per month per computer (when I refer to a computer I mean a desktop PC, laptop or netbook system) you can upgrade that system to Windows 7 Enterprise Edition if you have XP, Vista or another version of 7 already installed. A promoted benefit is the ability to upgrade to Windows 7 using existing hardware. This of course is a VERY bad idea, Windows 7 is designed to run on hardware that is 18 months or less old, Core 2 Duo type processors, 4 GB of RAM. These technologies were not readily available in XP and many Vista computers. Of course, if you are purchasing new computers from someone that will provide them with no operating system (OS) then you don’t have that worry and should save a few bucks on the systems too.

Since the overall product is internet based, it can be installed and used on computers that are not just at your office but scattered around the globe, such as laptops for your management and sales staff. This is a plus since each computer “reports in” to the Intune console when connected to the internet.

The Intune web based console reports the status of Windows updates, various alerts, provides “endpoint” protection updates. It lets you see the licenses on computers and issue reports of various types. It also allows an administrator to set computer usage policies, all good things to have.

For just $11 a month or just $132 per year, how can you go wrong? Microsoft even has a ROI (Return on Investment) “calculator” to prove its value.

Being the glass is half full type of guy, let’s go over how you could go wrong.

My primary issue with the calculator is Microsoft inserts some permanent and unrealistic numbers into the calculations. For example you only can see how this would work based on 100 computers, that is not realistic for who they are marketing to, users with 10 to 50 computers. I also fault Microsoft since they price your “average” IT expenses at $90,240 per year, way above what any of my clients spend, remove a “0” and you would still end up in our top 10 per year. I mean $902.40 (based on Microsoft’s number of 100 computers) in computers expenses per year per computer. That is way more than most of you would spend repairing a PC, let alone year after year. They also figure end user pay at over $76,000 per year, not in the Ozarks! Other figures and percentages are just as faulty.

Skipping the calculator, let’s cover some of the other features of this product. Intune manages Windows updates for you, of course you could just turn on the automatic updates on the individual computers but hey, let’s not get technical. If you really want to “control” Windows updates, you need a valid reason and you will need to know when to install which updates. Updates just cannot be left undone, if you are going to control which ones install, and when you want them installed, and you are not an IT professional, my question is “Why are you controlling them?” isn’t that beyond your expertise?

There are some alternative programs that will install and watch Windows and other program updates too. One such program is LogMeIn (LMI) Professional with its “Staging” features.

If you have 11 to 50 computers and need a domain (in my humble but amazingly accurate opinion, anyone with over 25 computers should seriously consider a domain), Windows SBS Server 2011 has the Intune features built in, with a web based connection similar to LogMeIn.

The malware protection offered with Intune is much better than what is offered with Office 365. As I wrote about previously, this version covers the entire computer, not just the email. By using Forefront, Microsoft’s server based security product, they up the ante on what is offered. This of course can be replaced by ESET for $59 for the first 2 years and $49 for the next 2 years. With Intune you can manage all subscriptions from the interface, with ESET you would need to buy the server edition to do that. Score 1 for Intune.

Health alerts are available from LMI, Windows Home Server (WHS) and SBS 2011, so I see no advantage there, the same is true with the security policies, though they are not provided by LMI.

Assisting remote users is available with the free version of LMI and of course with SBS 2011.

For those with 10 or less computers, considering a WHS is a good idea. Instead of being in the cloud with Intune, a WHS is located in your business. If you need remote access to manage the other computers you can run it via Remote Desktop, or install LogMeIn Pro ($70 or less a year) or use the FREE version of LMI.

In the next article I will “run the numbers” for you and we will compare the cost of Windows Intune compared to some other options.

Until we meet again, have a virus free week.

On top of that, it seems that this might occur on every page of web site and even when you go back. What a pain in the neck.

To disable (or even enable) this prompt you need to make one quick simple change in Internet Explorer.

1. Open IE

2. Go to the “Tools” part of the menu: normally the top left by “File”, “edit”, View”, but could be on the top right under the icon that looks like a gear, or by pressing the “Alt” and “X” keys on your keyboard at the same time.

3. On the new Window that appears, click on the “Security” tab (the 2nd tab on my test computers)

4. Click on “Internet Zone”, which was the default on all my test computers

5. On this page, click on the “Custom Level” located under the “Security level for this zone” part of the window.

6. A new window should have appeared, scroll down to the “Miscellaneous” section, its icons look like pieces of paper.

7. Click on “Enable” next to the radio button next to “Display mixed content”/

8. Select “Ok” then close and re-open IE.

9. Give it a test, all should be well, now go have a cold glass of sweet tea.

Until we meet again, have a virus free week.

Within the next 15 minutes I arrive at the customer’s site, power had come on about 10 minutes before I had arrived. I fired up the SBS server and found and installed the ESET removal tool. Unfortunately that still did not allow the computers to connect to the server.

By this time another tech showed up to lend a hand, praise the Lord! Since the customer had the new router I quickly swapped to it and made sure the router settings allowed DHCP. This prevented me from trying to change the Cisco ASA 5500 settings and it also allowed the customers computers to get on the internet for their cloud based program.

This however did not allow access to email, which was setup to go through Exchange on the SBS machine, they also could not access to their local programs. It turns out that the inexpensive Cisco / Linksys had installed Pure Networks, Network Magic, a program I used to see with AOL (AO Hell for most of us). This program of course would not uninstall in normal or safe mode, possibly because it is junk or maybe due to the canceled install by the previous technician. Revo uninstaller saved the day!

BUT… (Don’t you just hate that word) the network became really instable, machines dropping off the network, locking up all kinds of mischief. Fortunately I just happened to look at the gigabit switch and boy-oh-boy were the lights blinking in a frenzy. One by one I unplugged LAN cables at the switch until the lights went back to the normal blinking pattern. Ok, it was LAN plug 38, now to trace that throughout the building. As luck would have it in the next room was a Ricoh copier / printer / FAX and it was connected to port 38. The yellow NIC light was blinking at a billion and one miles per second and the green NIC light was off. Hmmm, ok, the NIC is upset with all that has been going on. Turn off the copier, wait 3 minutes, turn it back on, SOP (Standard Operating Procedure). No luck, the NIC immediately went back into its conniption fit. Fine, be that way, I just won’t connect it to the network.

Well, the network was stable again, that was good news. The SBS server was still not allowing access, that was the bad news. After delving into the settings John found that the NIC and some network settings were screwy and that was the ugly. After some research it was concluded that the ESET security software had “manipulated” some settings and not released them. Then apparently Network Magic had “manipulated” some other settings and “adjusted” the NIC. He had to manually delete both sets of those settings, remove the NIC from the hardware list, reboot the server and then reconfigure the NIC and some network settings, reboot the server again and presto, it was back on the network and internet.

So we are back to where the customer was 30 hours ago, no anti-virus security on the server but the network was up and running, programs and email could be accessed and work could be performed.

Since the customer had been using POP email, the inability to use Exchange was a problem but not critical.
After 2 months of ESET not being able to solve the issue we ramped up our complaints asking for higher level techs, our (my business) was never responded to and the customer rarely heard from ESET. The growing problem was instability on the network. Finally ESET plainly stated “not our problem”. This was exceptionally frustrating for us, a company that is an authorized dealer, and that ESET had been so good for so long in the past with service…

We luckily found an ESET removal tool (yes, like the Norton removal tool) on their site, yet their tech support apparently did not know about it. Once we used it the server and network became stable and Exchange started working (with some configuration changes). Our concern was that this was an active Exchange server, and that viruses Trojans et al could, and would, infect the system.

Since the customer had bought a 2 year license for ESET and with security a concern the customer wanted to reinstall ESET. The problem was now ESET tech support was responding with junk answers and questions and only responding once a week. Another 2 plus months later, with everything stable and much fussing at ESET the customer’s in house computer person convinced ESET to help out. ESET employees remoted in to the SBS 2008 server and installed their software.

While on the phone with the customer, the ESET technician claimed that they had not been quick to respond because they knew of a SBS 2008 issue, yet they never told us or our customer, who had been constantly attempting to contact them, about a known issue. Why not? More crappy service from ESET tech support?

That evening, after ESET installed their “new” version of the software, the customer installed the two latest Microsoft updates and rebooted the server. This was done remotely since it was late at night and some people actually want to go home.

The next morning all heck broke loose, no computers could get to the internet or the server. Since ESET was installed the customer called ESET and they recommended removing it again. The customer’s in house person did uninstall ESET but it did not solve the issue. Once again, ESET tech support did not tell the customer that they needed to run a removal tool. With the network down ESET had only one recommendation, “it must be your router”, a call to our tech support and the customer’s failure to tell of the ESET reinstall let to the same conclusion. This is why complete information is so necessary. The customer went off to Staples to buy a $70 Linksys router, can you say “oh crud!” After returning, the customer installs the new routers included disk into the server (double- oh crud!!).

By then one of our techs gets there and cancels the Cisco/Linksys software installation. Again, without knowing ESET had been reinstalled and removed, the tech spends about an hour trying to configure the SBS server to connect via Microsoft’s tools when “bam” there is a loud “pop” and all power goes out. After about 10 minutes of no power the tech updates the customer and leaves. Once out the front door, he connects with me where we spend about 45 minutes going over the status of the job. As I query him about ESET he lets me know he was not informed about the install and or uninstall.

In his recent white paper, entitled “Fraud Trends in 2010,” Rick Van Luvender, Director of First Data’s InfoSec Incident Response Center, has forever characterized this thriving underground economy as Fraud-as-a-Service, or FaaS.

Here, RRN.Com excerpts an overview of the threat from Van Luvender’s presentation, which may be downloaded in its entirety by clicking here.
“At the center of FaaS are the online fraud forums, where individuals, groups, and organizations active in the trade of fraudulent goods and services gather to collaborate, offer their skills, and buy and sell stolen goods,” Van Luvender writes. “A popular means of trading stolen information, web-based forums post advertisements that are visible to anyone visiting and often only require registration with a user name. In order to attract visitors, many forums even offer tutorials, how-to guides, or even specialized venues for goods from specific countries or regions.”

“In the FaaS model, the forums provide the opportunity for access to specialists who can help design methods for harvesting (or stealing) data such as malware, skimmers, and botnets,” Van Luvender continues. “Because no fraudulent act is finished until there is a cash-out on the stolen data, to help complete the transaction, ‘cashiers’ and ‘money mules’ are available for hire to act as intermediaries in converting information into true currency. These contractors will transfer funds from stolen accounts into legitimate currency for a commission on the amount transferred, or will help validate CVV2 numbers against their corresponding credit card number and expiration dates for nominal fees. Criminals can even request cashiers for specific locations, nationalities, or gender to match the identity of the victim in order to minimize suspicion when withdrawing funds.”