Home Blogger Tips Use PowerShell to export, back up SCVMM service templates

Use PowerShell to export, back up SCVMM service templates


Rubbish Removal Service

Cleaning is a daily task. We all love to see our home and everything inside it to be sparkling clean all the time. We maintain proper rules and other etiquettes to maintain it. The major problem comes when we have a big event in our house, or we change or residence. We have to deal with a lot of unwanted garbage and rubbish that is generated in the process. There could be rejected items or leftover things which need to be thrown away as soon as possible but don’t have any clue about how to get rid of them. We obviously cannot dispose of them off to anywhere we want or throw them in our backyards. A proper rubbish removal service can come to your rescue at this time.

The rubbish that is generated that requires such service can be of various natures. Some are toxic; some cannot be recycled while other can get rotten and produce foul smell or litter that would disturb the people around it. A proper service team can help you to identify the types of waste while they remove it. They take proper precaution so that no harm can come to you or your belongings while removing. The wastes are also collected without any spillage and to the last remaining bit so you don’t have to worry about the residual waste.

Another thing to remember while selecting such services is to look for what is the technique they are using to dispose of the waste. You should also have a conversation about the dumping area where they are going to take the wastes to avoid any future harassment. The different types of wastes need different handling and carrying containers too, so you should keep your eyes open about that too. Whether it is the bio-degradable container, or a steel one if you are in any doubt feel free to ask them.

One of the most important types of waste that we come across nowadays is e-waste. It is nothing but the unused or rejected components of computers, printers or laptop or even mobile phones. These can create a lot of environmental hazards if not disposed of in a very controlled manner. The e-wastes are known to wreck havoc for the soil fertility to our health, thus these cannot be dumped with the general rubbish. Be sure to ask for their accountability while disposing of such wastes.

Once you have all of these covered there are a few things that you should be checking first before allowing a rubbish disposal team on your grounds. You should always ask for their certifications and authenticity in the profession and check for the reviews beforehand. Consult them beforehand and ask them about the techniques and methods they are going to employ. Ask for the cost heads and the material costs that you have to bear. Also be clear about the charges they will present before you and must always compare before you finalize one. Checking with the local government authority for the same could help you to choose the service perfect for your requirement.

File Integrity Monitoring – FIM Agent Versus Agentless FIM


The incessant escalation, both in malware sophistication and proliferation, means the need for fundamental file integrity monitoring is essential to maintain malware-free systems. Signature-based anti-virus technologies are too fallible and easily circumnavigated by zero-day malware or selectively created and targeted advanced persistent threat (APT) virus, worm or Trojan malware.

Any good security policy will recommend the use of regular file integrity checks on system and configuration files and best practice-based security standards such as the PCI DSS (Requirement 11.5), NERC CIP (System Security R15-R19), Department of Defense Information Assurance (IA) Implementation (DODI 8500.2), Sarbanes-Oxley (Section 404), FISMA – Federal Information Security Management Act (NIST SP800-53 Rev3) specifically mandate the need to perform regular checks for any unauthorized modification of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons at least weekly.

However, file-integrity monitoring needs to be deployed with a little-advanced planning and understanding of how the file systems of your servers behave on a routine basis in order to determine what unusual and therefore potentially threatening events look like.

The next question is then whether an Agentless or Agent-based approach is best for your environment. This article looks at the pros and cons of both options.

Agentless FIM for Windows and Linux/Unix Servers

Starting with the most obvious advantage, the first clear benefit of an Agentless approach to file integrity monitoring is that it doesn’t need any agent software to be deployed on the monitored host. This means that an Agentless FIM solution like Tripwire or nCircle will always be the quickest option to deploy and to get results from. Not only that but there is no agent software to update or potentially interfere with the server operation.

The typical Agentless file-integrity monitoring solution for Windows and Linux/Unix will utilize a scripted, command-line interaction with the host to interrogate the salient files. At the simplest end of the scale, Linux files can be baselined using a cat command and a comparison done with the subsequent samples to detect any changes. Alternatively, if a vulnerability audit is being performed in order to harden the server configuration, then a series of grep commands, used with regex expressions, will more precisely identify missing or incorrect configuration settings. Similarly, a Windows server can be interrogated using command line programs, for example, the net.exe program can be used to expose the user accounts on a system, or even assess the state or other attribute associated with a user account if piped with a find command e.g. net.exe users guest |find.exe /i “Account active” will return an “Account active Yes” or “Account active No” result and establish if the Guest account is enabled, a classic vulnerability for any Windows server.

Agent-Based File Integrity Monitoring

The key advantage of an Agent for FIM is that it can monitor file changes in real-time. Due to the agent being installed on the monitored host, the OS activity can be monitored and any file activity can be observed and changes recorded. Clearly, any Agentless approach will need to be operated on a scheduled poll basis and inevitably there will be a pay-off between the frequency of polls being regular enough to catch changes as they happen, and the limiting the increased load on the host and network due to the monitoring. In practice, polling is typically run once per day on most FIM solutions, for example, Tripwire, and this means that you risk being anything up to 24 hours late to identify potential security incidents.

The second major advantage of an agent-based file-integrity solution is that the host does not need to be ‘opened up’ to allow monitoring. For example, all critical system and configuration files will always be protected by the host filesystem security, for example, the Windows System32 folder is always an ‘Administrator Access Only’ folder. In order to monitor the files in this location, any externally scripted interaction will need to be provided with Admin rights over the Host and this immediately means that the host needs to be made accessible via the network and an additional User or Service Account needs to be provisioned with Admin privilege, potentially introducing a new security weakness to the system. By contrast, an Agent operates within the confines of the Host, just pushing out File Integrity changes as they are detected.