Options

I just got put in charge in all things bad

ChitownjediChitownjedi Member Posts: 578 ■■■■■□□□□□
in IT Jobs / Degrees
My Boss says, "You will now be in charge of our Anti-Virus software and all Viruses/Trojans, Maleware, on Desktops+Servers. I am to look over daily logs of any alerts of maleware on any system on the network (over 1200 managed pc's with Sophos Endpoint installed"

And on top I need to learn how to use the console to implement special settings for NAC (Network Access Control, HIPS (Host Intrusion Prevention Systems, Updates and system remediation, as well as configuring the Parking lot for guess wi-fi network users trying to authenticate without proper credentials.

This a good thing right? lol I just enrolled in WGU for B.S Security last week, and then today I was told about this... talk about coincidence.
· Share on FacebookShare on Twitter

Comments

  • Options
    darkerzdarkerz Member Posts: 431 ■■■■□□□□□□
    That's a resume gold lettering right there. :)
    :twisted:
    · Share on FacebookShare on Twitter
  • Options
    YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Great news! Congratulations, and good luck - Exploits are getting so clever
    · Share on FacebookShare on Twitter
  • Options
    doverdover Member Posts: 184 ■■■■□□□□□□
    Hell yeah that's a good thing!

    Congrats! I'm not familiar with Sophos but I've done similar with McAfee and Symantec. Only advice I have would be to thoroughly pilot test all the new implementations but particularly the HIPS component. McAfee's HIPS tended to eat the CPU on some of the older machines - depending on how many signatures were active. A well tuned signature set is a beautiful thing...low false positives.

    You'll have plenty of practical experience to draw on at WGU!

    Go get em.
    · Share on FacebookShare on Twitter
  • Options
    Mike-MikeMike-Mike Member Posts: 1,860
    sounds like a cool job
    Currently Working On

    CWTS, then WireShark
    · Share on FacebookShare on Twitter
  • Options
    chmodchmod Member Posts: 360 ■■■□□□□□□□
    Takes some time to tune things up, as someone said above you should have a test machine where you monitor the hips behavior because is very easy to screw things up when you add a signature o change policies. EPO is a great tool you just need time to learn it and i think the same applies for most of the tools.
    · Share on FacebookShare on Twitter
  • Options
    WiseWunWiseWun Member Posts: 285
    Security is the future. Good job!
    "If you’re not prepared to be wrong, you’ll never come up with anything original.” - Ken Robinson
    · Share on FacebookShare on Twitter
  • Options
    jibbajabbajibbajabba Member Posts: 4,317 ■■■■■■■■□□
    wow I seem to be missing something lol .. I was responsible once for the AV infrastructure in an oline casino and I hated it more than anything ... Going through logs and flaggin up outdated / failed PCs / Serevrs is one thing, then dealing with corrupt installs another ...

    Having said that - it was running all on Symantec which is bad on its own ..
    My own knowledge base made public: http://open902.com :p
    · Share on FacebookShare on Twitter
  • Options
    PurpleITPurpleIT Member Posts: 327
    jibbajabba wrote: »
    Having said that - it was running all on Symantec which is bad on its own ..

    No kidding - I curse Symantec any time I touch one of their products. Rule #1 with Symantec; if it works don't touch it! No upgrades, no reboots no funny looks or it will screw up in some totally random way.

    Rule #2, if for some crazy reason you do decide to upgrade from a working installation, make sure you wait until at least the first SP is out if you want any chance of a stable product.
    WGU - BS IT: ND&M | Start Date: 12/1/12, End Date 5/7/2013
    What next, what next...
    · Share on FacebookShare on Twitter
Sign In or Register to comment.