O
ObiWan
Ok, maybe this isn't the right group for this kind of post
but I didn't find a better group, so I'm posting my whish
list right here
Here we go:
1) The MSAS should be able to retrieve connection settings from
IE (e.g. dialup or not, proxy settings and so on) and btw should
also allow the user to change such settings if needed
2) The updater should use the BITS service to download all the
needed stuff, this will allow having MINIMAL impact on the client
bandwidth
3) The update checks should use a "zero server impact" approach
for example, something like the DNS/UDP check already used by
the ClamAV antivirus, the latter uses a DNS "TXT" record to store the
version informations, this allows the clients to retrieve such infos
using
a small UDP query/answer and this in turn reduces the load on the
servers (no connections) and allows for a more frequent check; for
details, run this query "nslookup -type=TXT current.cvd.clamav.net"
as you may see the returned string contains the various version infos
and has MINIMAL impact on the server (and btw Microsoft DNS servers
should be able to handle such traffic w/o too many problems)
4) The update patterns should use a "diff" mechanism so that the files will
just contain the "differences" between the local version and the
current
pattern/program; an example of such a mechanism may be found looking
at this s/w http://www.pocketsoft.com/rtpatch.htm
5) The MSAS should incorporate an LSP filter which should intercept (at
least)
all the HTTP/S communications and check for any phishing/malware site
and btw, block access to such sites using a list (or a realtime list
either); this
may also be useful to filter/remove any HTTP exploit or similar
malware; for
more details see also http://www.privoxy.org
6) There should be a "corporate" version of MSAS, the latter should be GPO
aware (allow admin to define behaviours, disallow users from changing
the
settings and so on) and also have an update mechanism similar to WSUS
so that one may install a central update server and setup things so
that the
clients will use it to pick the updates; also, imVHo the "home" version
should
remain free, while the "corporate" one should be commercial
There's more, but I'll stop here for now
--
* ObiWan
Microsoft MVP: Windows Server - Networking
http://www.microsoft.com/communities/MVP/MVP.mspx
http://italy.mvps.org
DNS "fail-safe" for Windows clients.
http://www.ntcanuck.com
Newsgroups and forums
news://news.ntcanuck.com
http://forums.ntcanuck.com
408+ XP/2000 tweaks and tips
http://www.ntcanuck.com/tq/Tip_Quarry.htm
but I didn't find a better group, so I'm posting my whish
list right here
Here we go:
1) The MSAS should be able to retrieve connection settings from
IE (e.g. dialup or not, proxy settings and so on) and btw should
also allow the user to change such settings if needed
2) The updater should use the BITS service to download all the
needed stuff, this will allow having MINIMAL impact on the client
bandwidth
3) The update checks should use a "zero server impact" approach
for example, something like the DNS/UDP check already used by
the ClamAV antivirus, the latter uses a DNS "TXT" record to store the
version informations, this allows the clients to retrieve such infos
using
a small UDP query/answer and this in turn reduces the load on the
servers (no connections) and allows for a more frequent check; for
details, run this query "nslookup -type=TXT current.cvd.clamav.net"
as you may see the returned string contains the various version infos
and has MINIMAL impact on the server (and btw Microsoft DNS servers
should be able to handle such traffic w/o too many problems)
4) The update patterns should use a "diff" mechanism so that the files will
just contain the "differences" between the local version and the
current
pattern/program; an example of such a mechanism may be found looking
at this s/w http://www.pocketsoft.com/rtpatch.htm
5) The MSAS should incorporate an LSP filter which should intercept (at
least)
all the HTTP/S communications and check for any phishing/malware site
and btw, block access to such sites using a list (or a realtime list
either); this
may also be useful to filter/remove any HTTP exploit or similar
malware; for
more details see also http://www.privoxy.org
6) There should be a "corporate" version of MSAS, the latter should be GPO
aware (allow admin to define behaviours, disallow users from changing
the
settings and so on) and also have an update mechanism similar to WSUS
so that one may install a central update server and setup things so
that the
clients will use it to pick the updates; also, imVHo the "home" version
should
remain free, while the "corporate" one should be commercial
There's more, but I'll stop here for now
--
* ObiWan
Microsoft MVP: Windows Server - Networking
http://www.microsoft.com/communities/MVP/MVP.mspx
http://italy.mvps.org
DNS "fail-safe" for Windows clients.
http://www.ntcanuck.com
Newsgroups and forums
news://news.ntcanuck.com
http://forums.ntcanuck.com
408+ XP/2000 tweaks and tips
http://www.ntcanuck.com/tq/Tip_Quarry.htm