How to increase reboot rate after patching with powershell?

    After meeting with marketing department I usually need couple of hours to clean my brain after their specific terminology. Next script has been born after just another such meeting as a small revenge :). 

    Administrators have small problem, after patching procedure computer normally requires reboot. But usually we have boomerang effects, users are ignoring reboot requests, workstations keep working and so on.. Gentlemen, we need own jingle (grrr...this marketing again).

Websense Endpoint executable customization

    What i really don’t like in Websense is that endpoint client is not customizable. Ui and Stealth like black and white have pros and cons in both variants. Unfortunately there is no chance to disable one part in program without exe file modification. While all our requests are dropping in their Feature request list, lets figure out what we can theoretically do. Yeah, I aware about license agreement and product modification and so on, but that mod actually is good for our lab environment.

    Let's pretend that we have a task to hide something from tray icon menu. As you may know, right click on Websense shield shows menu with three options: Websense Endpoint, Set Encryption Password and Log Viewer, and Set Encryption option needs to be disabled.

Dc agent troubleshoot automation with powershell

    Everyone can be tired from dealing with inconsistent data, especially when that particular data is a main part in performance report for executives. As a perfect example here can be any report from Websense Web Security containing users from Windows Active Directory.

    In Websense products Dc Agent is responsible for collecting and recording this piece of information. In details XidDcAgent table contains pairs of IP : Domain\Username, Timeout and Timestamps. But sometimes user has got new IP address long time ago, but somehow user map is showing old information. Or company has mixed policies based on IPs and user names and user is complaining that regular recourse is not accessible...

    

    Sounds familiar?

Websense app replacement for stealth mode

    Nontrivial task for Security administrator can be reading data from client, or troubleshooting scenario, when a company policies dictates to use Endpoint in Stealth mode. Switching to UI mode from previous example has been prohibited as well.

   From first point parsing files such as XML config, sqlite format dbs is good idea but this case has couple disadvantages (for instance – yeah, we able to get Primary and Secondary servers, but who is an active at this moment, etc...)

   So, looks like we need our personal application to gather all necessary data. 

Websense endpoint, Stealth <> UI

Greetings, Websense lowers.

As a first post, let me provide some trick for Websense Data Security Endpoint management. Websense Data Security pretty new product from company. (conclusion was made from architecture analysis prospective).

As you may know Endpoint (client version) can be used in two ways.

UI – with an user interface, means tray icon is available for user.

Stealth – kind of hide everything, means no logs (assume user isn't able to look through crazy debug file) , no pop-ups, and etc...

Stealth mode is very good sometimes, but in real production brings more question than UI.

There aren't options: temporary disable blocking, versions check, profile info, server info.... even trouble-shooting is kind of headache.