G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin,nz.comp (More info?)

If your PC is not connected to a domain, you see in the SP2 Security Center:
* A list of alert settings for the popup warnings
* Pop up warnings appear in the taskbar system notification area such as
"Your antivirus may be out of date."

As soon as you connect your PC to a domain, all these warnings disappear.

Microsoft in its infinite wisdom has not heard of domain users who aren't
plugged into the domain all the time, such as laptop users, or network
outages, or any other circumstance in which users of machines which are
plugged into the network might have their machines fail to continue to be
updated with automatic updates, or fail to receive antivirus updates.

It has apparently not occurred to Microsoft that
* since users can disconnect their machines from the network and still log
in, if the machine is not connected to the domain for an extended period it
might not receive automatic updates and thus be vulnerable
* if the antivirus updating is not working for some reason, the machine's
antivirus product could still become out of date with no warning to the
user.

It's a little much to expect any support from MS either for what is a new
product. There appears not to be one single security document or any useful
information on the Security Center.
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin,nz.comp (More info?)

Schooltech wrote:

> If your PC is not connected to a domain, you see in the SP2 Security Center:
> * A list of alert settings for the popup warnings
> * Pop up warnings appear in the taskbar system notification area such as
> "Your antivirus may be out of date."
>
> As soon as you connect your PC to a domain, all these warnings disappear.
>
> Microsoft in its infinite wisdom has not heard of domain users who aren't
> plugged into the domain all the time, such as laptop users, or network
> outages, or any other circumstance in which users of machines which are
> plugged into the network might have their machines fail to continue to be
> updated with automatic updates, or fail to receive antivirus updates.
> (snip)

You can turn it on again with a Group Policy setting.

From a previous post by me:

If the computer is member of a domain, the Security Center is
default disabled, and you will see this entry in the Application
event log (Source: SecurityCenter, Event ID: 1807):

"The Security Center service has been stopped. It was prevented
from running by a software group policy."

For a domain computer, this is normal and by design, the Security
Center is default turned off (and you will get the message mentioned
above in the event log). There is a Group Policy setting available
if you want to turn it on (domain wide or just for your computer
using Start/Run--> gpedit.msc).

Take a look at the chapter for the Security Center in
06_CIF_Maintenance.DOC

Security Center
What settings are added or changed in Windows XP Service Pack 2?
Group Policy settings (page 26 for me)


06_CIF_Maintenance.DOC ("Changes to Functionality in Microsoft Windows XP
Service Pack 2, Part 6: Computer Maintenance") can be downloaded from here:

http://www.microsoft.com/downloads/details.aspx?FamilyID=7bd948d7-b791-40b6-8364-685b84158c78&DisplayLang=en

Note: WinXPSP2_Documentation.zip contains all the .doc downloads...


> It's a little much to expect any support from MS either for what is a new
> product. There appears not to be one single security document or any useful
> information on the Security Center.

In addition to the "Security Center" chapter in 06_CIF_Maintenance.DOC:

Frequently asked questions about Windows Security Center
http://support.microsoft.com/?kbid=883792



--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

"Schooltech" <schooltech@education.nz> wrote in message
news:41fee7c7$1@clear.net.nz...
> If your PC is not connected to a domain, you see in the SP2 Security
> Center:
> * A list of alert settings for the popup warnings
> * Pop up warnings appear in the taskbar system notification area such as
> "Your antivirus may be out of date."
>
> As soon as you connect your PC to a domain, all these warnings disappear.
>
> Microsoft in its infinite wisdom has not heard of domain users who aren't
> plugged into the domain all the time, such as laptop users, or network
> outages, or any other circumstance in which users of machines which are
> plugged into the network might have their machines fail to continue to be
> updated with automatic updates, or fail to receive antivirus updates.
>
> It has apparently not occurred to Microsoft that
> * since users can disconnect their machines from the network and still log
> in, if the machine is not connected to the domain for an extended period
> it
> might not receive automatic updates and thus be vulnerable
> * if the antivirus updating is not working for some reason, the machine's
> antivirus product could still become out of date with no warning to the
> user.
>
> It's a little much to expect any support from MS either for what is a new
> product. There appears not to be one single security document or any
> useful
> information on the Security Center.
>
>

That's because they assume that most domains are run by professionals who
will take their own precautions to ensure that the systems are up-to-date
(and possibly, these professionals will want to do their own testing before
deploying patches through something like SUS or SMS.) The automatic updates
+ security center features in SP2 is really geared toward pure home users,
but as others have mentioned, system admins can turn its components on or
off on domains.


--
Colin Nash
Microsoft MVP
Windows Shell/User
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin,nz.comp (More info?)

Schooltech wrote:
> If your PC is not connected to a domain, you see in the SP2 Security Center:
> * A list of alert settings for the popup warnings
> * Pop up warnings appear in the taskbar system notification area such as
> "Your antivirus may be out of date."

> As soon as you connect your PC to a domain, all these warnings disappear.

really?
again I must be special... if I turn off the firewall I get it, and Im
sitting on a domain here.
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin,nz.comp (More info?)

"Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@hydro.com> wrote in message
news:OiUK7fACFHA.3416@TK2MSFTNGP09.phx.gbl...
> Schooltech wrote:
>
> > If your PC is not connected to a domain, you see in the SP2 Security
Center:
> > * A list of alert settings for the popup warnings
> > * Pop up warnings appear in the taskbar system notification area such as
> > "Your antivirus may be out of date."
> >
> > As soon as you connect your PC to a domain, all these warnings
disappear.
> >
> > Microsoft in its infinite wisdom has not heard of domain users who
aren't
> > plugged into the domain all the time, such as laptop users, or network
> > outages, or any other circumstance in which users of machines which are
> > plugged into the network might have their machines fail to continue to
be
> > updated with automatic updates, or fail to receive antivirus updates.
> > (snip)
>
> You can turn it on again with a Group Policy setting.
>
> From a previous post by me:
>
> If the computer is member of a domain, the Security Center is
> default disabled, and you will see this entry in the Application
> event log (Source: SecurityCenter, Event ID: 1807):
>
> "The Security Center service has been stopped. It was prevented
> from running by a software group policy."
>
> For a domain computer, this is normal and by design, the Security
> Center is default turned off (and you will get the message mentioned
> above in the event log). There is a Group Policy setting available
> if you want to turn it on (domain wide or just for your computer
> using Start/Run--> gpedit.msc).

OK I looked in gpedit.msc as this is per computer - only for a few computers
not all

Turn on Security Center (computers in Windows domain only)
Administrative Templates \System\ Security Center
N/A Not configured
On, Off

The problem is that there is not a Security Center under System

Are there new admin templates I need to install on SP2 computers to access
these settings?
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin,nz.comp (More info?)

Schooltech wrote:

> OK I looked in gpedit.msc as this is per computer - only for a few computers
> not all
>
> Turn on Security Center (computers in Windows domain only)
> Administrative Templates \System\ Security Center
> N/A Not configured
> On, Off
>
> The problem is that there is not a Security Center under System
>
> Are there new admin templates I need to install on SP2 computers to access
> these settings?
Hi

I see that the documentation is in error, you should find it here:

Administrative Templates\WINDOWS COMPONENTS\Security Center



--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin,nz.comp (More info?)

"Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@hydro.com> wrote in message
news:OvOfzmFCFHA.2380@tk2msftngp13.phx.gbl...
> Schooltech wrote:
>
> > OK I looked in gpedit.msc as this is per computer - only for a few
computers
> > not all
> >
> > Turn on Security Center (computers in Windows domain only)
> > Administrative Templates \System\ Security Center
> > N/A Not configured
> > On, Off
> >
> > The problem is that there is not a Security Center under System
> >
> > Are there new admin templates I need to install on SP2 computers to
access
> > these settings?
> Hi
>
> I see that the documentation is in error, you should find it here:
>
> Administrative Templates\WINDOWS COMPONENTS\Security Center
>

Thanks that works perfectly

My comments about support of Security Center relates to the fact that I
searched the Windows XP Knowledge Base, but was not able to find a single
article relating to the Security Center.