Monday, May 13, 2019

Using Group Policy to Deploy Software Packages (MSI, MST, EXE)

Group Policy is a feature of Windows Server using which admins can install software on all user computers. It can be done remotely without manual intervention. GPO is short for Group Policy. It becomes so popular among companies because it can make deployment clear and easy due to the technology of group policy. 


1. Deploy Windows MSI or MST package Using Group Policy Software Installation
YouTube GPO Deployment Video:

Friday, May 10, 2019

Install ESXi 5.1/5.5/6.0 into Mac Mini 3.1 (Later 2009)

It is not new to install ESXi on Mac Mini for technical person . There are lots of benefits to do this. I have been used ESXi 5.5/6 on my Mac Mini 5.1 for many years now. Just recently I have got two Mac Mini 3.1  to play at my home and I was wondering if it is possible to get ESXi on them.

I have two types of Mac Mini 3.1, one is regular with one hard drive and one optical drive. Another Mac Mini 3.1 is server version. There is no optical drive but two hard drive installed.

The result is surprising and working very well although I had a small hiccup on storage adapter. First thing I did is to upgrade the RAM from 4G to 8G which is maximum you can have. You can not start installing process if you only have 4G RAM. I did not try 16G RAM since no one succeed that by googled online. It is enough to get me run 2-3 VMs anyway.

Monday, May 6, 2019

Cyber Security Architecture with NIST Cyber Security Framework















Saturday, April 27, 2019

Using NXLog to Collect Windows Event Logs

There are a lot of syslog collectors for Windows, but when it comes to stability and features, NXlog has the best chances to fulfill all the requirements.

Windows EventLog allows multi-line messages, so this text is a lot more readable and nicely formatted by spaces, tabs and line-breaks as can be seen in Event Viewer. Because syslog only reads/writes single-line messages, this formatting must be stripped of the EventLog message. In doing so, we lose the meta-data. NXlog is capable of reading these fields, recognize the structure and forward these remotely (or act on them for alerting purposes), thus sparing you time and resources. So, if you use the NXlog framework (client/server) there will be no need to spend time writing patterns to extract usernames, IP addresses and similar meta-data.

Windows Server Configuration Tips and Tricks

Building a lab to test some Windows services , AD, DNS, DHCP, ADCS, etc. in my VMware ESXi 6 environment, to get it running smoothly and reduce some headache, I used following tricks to make my life easier.

Most of work has to be done by Group Policy Management Editor. If you are running in a domain environment, create this setting accordingly in a GPO, otherwise configure the local GPO (gpedit.msc):

Edit Default Group Policy
Launch Group Policy Management

Friday, April 26, 2019

Understanding Ping Command

The ping command operates by sending Internet Control Message Protocol (ICMP) Echo Request messages to the destination computer and waiting for a response. How many of those responses are returned, and how long it takes for them to return, are the two major pieces of information that the ping command provides.

ping /?

Sunday, April 7, 2019

Deploy Symantec Endpoint Encryption 11.2.1 and Configure SEE to Encrypt Client Machines

Symantec Endpoint Encryption protects sensitive information and ensures regulatory compliance. It encrypts all files on the hard drive, sector-by-sector, for maximum security. It supports Windows, Mac, tablets, self-encrypting drives, and removable media (USB drives, external hard drives, and DVDs).

I had a chance to install it in my lab environment for a testing. This post is kind of recording all steps including all mistakes I had made, especially in the YouTube video.


1. Pre-Installation System Requirements:

1.1 OS Requirements

  • Microsoft Windows Server 2016 Datacenter, with updates
  • Microsoft Windows Server 2016 Standard, with updates
  • Microsoft Windows Server 2012 R2 Datacenter, with updates
  • Microsoft Windows Server 2012 R2 Standard, with updates
  • Microsoft Windows Server 2008 R2 Enterprise SP1 (Deprecated in SEE 11.2.1 MP1)
  • Microsoft Windows Server 2008 R2 Standard SP1 (Deprecated in SEE 11.2.1 MP1)

Saturday, April 6, 2019

Basic Steps to Deploy and Config Symantec DLP 15.5 with Installation Videos


I were working on Symantec DLP project and had some experience with it. This post is going to review what I have been done and how I managed to install it in my home lab environment. It will not be alike a step by step installation tutorial since Symantec documents have explained details enough. It mostly high level lists all related steps. But I recorded my screen with what I have done and what kind of issues I have met , and how I resolved it. All are in those YouTube videos for future references, which will be helpful if you have same lab project for Symantec DLP products.

The Symantec Data Loss Prevention suite is designed to meets the needs of large enterprises, as well as small and medium-sized enterprises. The product covers a variety of areas, including endpoint data in use, network data in transit, and files and databases at rest. Symantec Data Loss Prevention addresses on-premises, mobile and cloud data and can be deployed on both physical servers -- Windows Server, Red Hat Enterprise Linux and others -- and cloud infrastructures, such as AWS.


1. Download Installation Files from Symantec File Connect

You will need a Serial Number to download all DLP related software from Symantec File Connect web site : https://symantec.flexnetoperations.com/control/symc/registeranonymouslicensetoken