Managing Macs in an Enterprise - PowerPoint PPT Presentation

1 / 34
About This Presentation
Title:

Managing Macs in an Enterprise

Description:

LANrev 4.0.4 Sqlite Databases. ServerCommandDatabase. ... Sqlite Command Line Tool. Shell Scripts. Perl Scripts. Format of the ... SQLITE='/Users/admin ... – PowerPoint PPT presentation

Number of Views:48
Avg rating:3.0/5.0
Slides: 35
Provided by: wwwos
Category:

less

Transcript and Presenter's Notes

Title: Managing Macs in an Enterprise


1
Managing Macs in an Enterprise
  • National Laboratories Information Technology
    Summit
  • June 2007
  • Brian Wallace
  • Technical Specialist

2
History of Mac Management at Oak Ridge National
Laboratory
  • Self managed
  • Security Requirements
  • Passwords
  • Login Banners
  • Screen Savers
  • Virus Software
  • Backups

3
Defense in Depth (DiD) Project 2006
  • Initial Tools
  • Apple Remote Desktop (ARD)
  • Virex and ePolicy Orchestrator (ePO)
  • Active Directory (A/D)
  • XServe Servers
  • Early Problems
  • ARD Performance
  • A/D Authentication
  • Reporting

4
Defense in Depth (DiD) Project 2007
  • Deployment of LANrev
  • Apple Remote Desktop and LANrev Comparison
  • LANrev Server/Admin/Agent Components
  • Agent Deployment
  • Reporting with LANrev
  • Builtin Reports
  • Custom Reports

5
Defense in Depth (DiD) Project 2007
  • Cyber Security Report (CSR) System
  • General Overview of System
  • How LANrev Feeds Data to CSR

Network Registration
Microsofts SMS
RedHat Patch Server
ePolicy Orchestrator
Syslog
CSR
Active Directory
Password Management
SSH Access By Core IT
LanRev
Apple Remote Desktop
Pointsec
Virex
6
Future Work
  • New Intel XServer Servers
  • Patch Updating
  • Disk Imaging
  • Good/Bad Software Reporting

7
LANrev Admin Program
8
LANrev Admin Program
8

9
LANrev Admin Program
9

10
LANrev Admin Program
11
LANrev Admin Program
11

12
LANrev Admin Program
12

13
LANrev Admin Program
14
LANrev Admin Program
15
LANrev Admin Program
16
LANrev Admin Program
17
LANrev Admin Program
18
LANrev Admin Program
19
LANrev Admin Program
20
LANrev Networking
LANrev Server Software Distribution
Server Staging Server
LANrev Server
LANrev Admin
LANrev Admin
Internal Ethernet Network LANrev Agent
Internal Wireless Network LANrev Agent
External Network LANrev Agent
21
LANrev Database
  • LANrev 4.0.4 Sqlite Databases
  • ServerCommandDatabase.db
  • ServerDatabase.db
  • Tables Used for Reporting
  • agent_info
  • agent_processes
  • commandqueue_history
  • hardware_info
  • heartbeat
  • installed_software_info
  • network_adapter_info
  • software-info

22
LANrev Reporting
  • Cron Job Runs on LANrev Server Daily
  • Scripts Access the LANrev Database
  • Extracted Data is Formatted and Copied to a
    Central Server for the Cyber Security Report
    (CSR) System
  • Software Tools
  • Sqlite Command Line Tool
  • Shell Scripts
  • Perl Scripts
  • Format of the Report Data
  • MAC Address
  • Date
  • Report Specific Data

23
LANrev Reporting
(run nightly by cron)
lanrev_report
Mac Admin Account Scripts
(1 of 7 report scripts)
mac_admin
sqlite3 sql_admin
mac_admin1
mac_admin2
mac_admin3
mac_admin4
24
lanrev_report
!/bin/sh lanrev_report - Report Mac DiD
data mac_admin.txt Mac admin
account data. mac_ard1.txt Mac ARD
data based on software inventory.
mac_ard2.txt Mac ARD data based on
processes. mac_filevault.txt Mac
FileVault account data. mac_lanrev1.txt
Mac LANrev data based on software inventory.
mac_lanrev2.txt Mac LANrev data based on
processes. mac_notebook.txt Mac notebook
data. mac_os.txt Mac OS version
data. mac_virus1.txt Mac virus data
based on software inventory.
mac_virus2.txt Mac virus data based on
processes. Written by Brian Wallace, Oak
Ridge National Laboratory History 02/09/2007
- Created file. 02/22/2007 - Added
admin account data. 02/27/2007 - Added
FileValut account data. 03/14/2007 -
Added OS version data. 03/28/2007 -
Added notebook data. Variables HOME/User
s/admin/Documents/LANrev SCP/usr/bin/scp
Create Mac admin account data HOME/mac_admin
Create Mac ARD data HOME/mac_ard1 HOME/mac_
ard2
25
lanrev_report
Create Mac FileValut account
data HOME/mac_filevault Create Mac LANrev
data HOME/mac_lanrev1 HOME/mac_lanrev2
Create Mac notebook data HOME/mac_notebook
Create Mac OS version data HOME/mac_os
Create Mac virus data HOME/mac_virus1 HOME/mac
_virus2 Copy data to home1.ornl.gov
Note Uncomment mac_1 for software inventory
data and mac_2 for process data SCP -p
HOME/mac_admin.txt didit_at_home1.ornl.gov/usr/loca
l/adm/macdid/mac_admin.txt SCP -p
HOME/mac_ard1.txt didit_at_home1.ornl.gov/usr/local
/adm/macdid/mac_ard.txt SCP -p
HOME/mac_ard2.txt didit_at_home1.ornl.gov/usr/local
/adm/macdid/mac_ard.txt SCP -p
HOME/mac_filevault.txt didit_at_home1.ornl.gov/usr/
local/adm/macdid/mac_filevault.txt SCP -p
HOMWordE/mac_lanrev1.txt didit_at_home1.ornl.gov/us
r/local/adm/macdid/mac_lanrev.txt SCP -p
HOME/mac_lanrev2.txt didit_at_home1.ornl.gov/usr/lo
cal/adm/macdid/mac_lanrev.txt SCP -p
HOME/mac_notebook.txt didit_at_home1.ornl.gov/usr/l
ocal/adm/macdid/mac_notebook.txt SCP -p
HOME/mac_os.txt didit_at_home1.ornl.gov/usr/local/a
dm/macdid/mac_os.txt SCP -p HOME/mac_virus1.txt
didit_at_home1.ornl.gov/usr/local/adm/macdid/mac_vi
rus.txt SCP -p HOME/mac_virus2.txt
didit_at_home1.ornl.gov/usr/local/adm/macdid/mac_vir
us.txt
26
mac_admin
!/bin/sh mac_admin - Dump Mac admin account
data from LANrev database. Written by Brian
Wallace - Oak Ridge National Laboratory
History 02/27/2007 - Created file.
03/29/2007 - Added uniq command.
04/12/2007 - Added reverse sort and
mac_admin4. Variables HOME"/Users/admin/
Documents/LANrev" SQLITE"/Users/admin/Documents/L
ANrev/sqlite3" LANREVDB"/Library/Application
Support/LANrev Server/ServerDatabase.db" SORT/usr
/bin/sort UNIQ/usr/bin/uniq RM/bin/rm Get
admin account data SQLITE "LANREVDB" lt
HOME/sql_admin gt HOME/mac_admin1.dat Split
admin account data HOME/mac_admin1 Edit
admin account data HOME/mac_admin2 Format
admin account data HOME/mac_admin3
Reverse sort admin account data SORT -r
HOME/mac_admin4.dat gt HOME/mac_admin5.dat
Remove old admin account data HOME/mac_admin4
Sort admin account data SORT
HOME/mac_admin6.dat gt HOME/mac_admin7.dat
Remove duplicate admin account data UNIQ
HOME/mac_admin7.dat HOME/mac_admin.txt
Remove work files RM HOME/mac_admin?.dat
27
sql_admin
.separator "\t" attach "/Library/Application
Support/LANrev Server/ServerCommandDatabase.db"
as main2 select a.PrimaryMACAddress,
substr(b.last_modified,1,10),
quote(b.CommandResultParameters) from
main.heartbeat a, main2.commandqueue_history
b where a.AgentSerialb.AgentSerial union
all select b.MACAddress,
substr(c.last_modified,1,10),
quote(c.CommandResultParameters) from
main.agent_info a, main.network_adapter_info
b, main2.commandqueue_history c where
a.idb.agent_info_record_id and
a.AgentSerialc.AgentSerial and
b.AdapterName not like "Parallels" and
b.MACAddressltgt"" .exit
28
mac_admin1
!/usr/bin/perl mac_admin1 - Split LANrev
Unix Shell Script database records Written
by Brian Wallace, Oak Ridge National
Laboratory History 03/14/2007, Created
file. file_in "/Users/admin/Documents/LANre
v/mac_admin1.dat" file_out "/Users/admin/Docum
ents/LANrev/mac_admin2.dat" open(IN_FILE,
"ltfile_in") or die "Error opening input file
file_in\n" open(OUT_FILE, "gtfile_out") or die
"Error opening output file file_out\n"
Process results from LANrev Unix script
command foreach line (ltIN_FILEgt)
chomp(line) Split LANrev database
records if (line /(.?)\t(.?)\t(.
?)/) mac 1 date
2 result 3
printf(OUT_FILE "s\n", mac)
printf(OUT_FILE "s\n", date) if
(result /X'(.?)'/)
hex 1 plist hex)
s/(a-fA-F0-92)/chr(hex(1))/eg
printf(OUT_FILE "s", plist)
else printf(OUT_FILE
"\n")
close(OUT_FILE) close(IN_FILE) exit
29
mac_admin2
!/usr/bin/perl mac_admin2 - Edit LANrev Unix
Shell Script database records Written by
Brian Wallace, Oak Ridge National Laboratory
History 02/27/2007, Created file.
04/09/2007, Added check for result
header. file_in "/Users/admin/Documents/LAN
rev/mac_admin2.dat" file_out
"/Users/admin/Documents/LANrev/mac_admin3.dat" o
pen(IN_FILE, "ltfile_in") or die "Error opening
input file file_in\n" open(OUT_FILE,
"gtfile_out") or die "Error opening output file
file_out\n" Process results from LANrev
Unix script command mac "" date
"" result "" eor 1 foreach line
(ltIN_FILEgt) chomp(line) MAC
address if (line /............
/) mac line next
Date if (line
/....-..-../)
date line next
Start of result if (line
/(.?)ltstringgt(.?)/) result
2 if (result eq "Mac Admin
Accounts") eor 0
next Next result
or end of result if (eor 0)
if (line /(.?)lt\/stringgt(.?)/)
mac "" date
"" result "" eor
1 else
result line printf(OUT_FILE
"s\ts\ts\n", mac, date, result)
close(OUT_FILE) close(IN_FILE) exit
30
mac_admin3
!/usr/bin/perl mac_admin3 - Create data file
of Mac admin accounts Written by Brian
Wallace, Oak Ridge National Laboratory
History 03/14/2007, Created file. file_in
"/Users/admin/Documents/LANrev/mac_admin3.dat" f
ile_out "/Users/admin/Documents/LANrev/mac_admin
4.dat" mac "" date "" admins
"" admin "" uid "" flag
0 open(IN_FILE, "ltfile_in") or die "Error
opening input file file_in\n" open(OUT_FILE,
"gtfile_out") or die "Error opening output file
file_out\n" Process the Mac admin
accounts foreach line (ltIN_FILEgt)
chomp(line) Get MAC address, date
and admins if (line
/(.?)\t(.?)\tadmin\80(.?)/)
mac 1 date 2
admins 3 flag 1
Get admin names
while (flag) if
(admins /(.?),(.?)/)
Next admin account
admin 1
admins 2
else
Last admin account
admin admins flag
0
Check for possible UCAMS account
if (length(admin) 3)
uid admin
else uid
""
Write record for admin account
printf(OUT_FILE "ssss\n", mac,
date, admin, uid)
close(OUT_FILE) close(IN_FILE) exit
31
mac_admin4
!/usr/bin/perl mac_admin4 - Remove old Mac
admin account data Written by Brian Wallace,
Oak Ridge National Laboratory History
04/12/2007, Created file. file_in
"/Users/admin/Documents/LANrev/mac_admin5.dat" f
ile_out "/Users/admin/Documents/LANrev/mac_admin
6.dat" open(IN_FILE, "ltfile_in") or die
"Error opening input file file_in\n" open(OUT_F
ILE, "gtfile_out") or die "Error opening output
file file_out\n" Process the Mac admin
accounts last_mac "" last_date
"" last_account "" old_data
1 foreach line (ltIN_FILEgt)
chomp(line) Get MAC address, date
and account if (line
/(.?)\(.?)\(.?)/) mac
1 date 2 account
3 if (!old_data)
printf(OUT_FILE "sss\n", last_mac,
last_date, last_account)
if (mac ne last_mac)
Start of new data
old_data 0
else if (date ne
last_date)
Start of old data
old_data 1
last_mac mac
last_date date last_account
account if (!old_data)
printf(OUT_FILE "sss\n", last_mac,
last_date, last_account) close(OUT_FILE) cl
ose(IN_FILE) exit
32
LANrev Reporting
Mac Virus Software
Admin Accounts
Mac OS Version
ARD Client
Mac Notebooks
Active Directory
FileVault on Notebooks
LANrev Client
33
More In-Depth Presentations related to ORNLs
Defense in Depth Project
  • Network Enhancements for Defense in Depth at
    ORNLClark Piercy
  • Managing Unix/Linux at ORNL Brett Ellis
  • Defense in Depth Reporting at ORNL Steve Parham
  • Managing Macs in an Enterprise Brian Wallace
  • Quarantine Controlling Network Access Using
    DHCPJames Calloway
  • Network Access Control at ORNLPaige Stafford

34
Questions
  • Brian Wallace
  • Oak Ridge National Laboratory
  • wallacebs_at_ornl.gov
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Managing Macs in an Enterprise" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!