WSUS Server Console Error: Connection Error "An error occurred trying to connect the WSUS server"

Or, The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists,

Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC\.

Or, The WSUS administration console was unable to connect to the WSUS Server via the remote API

Or, WSUS on Server 2012 R2 - Error: Connection Error "An error occurred trying to connect the WSUS server"

Error Screenshot:

Descriptions: If you have noticed that WSUS server console is being crashed automatically after sometime and matching the error and event ID details as referred in this article, you are at the right place to get it fixed.

I was encountered with this problem and what I noticed is, after every reboot of the server wsus console was working fine for some time (may be 30 minutes to 1 hr), after that the console was getting crashed automatically and none of the client machines were able to receive any update from WSUS server.

I tried lot many things line, rebuilding database idex, re-installing WSUS server role on the same server with existing contents, wsus clean-up etc... But nothing worked.

When I checked the Application event details, I found below event ID and associated details regarding this issue.

Error Event ID (Application): 7032

The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists,

Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC\.

Reason: There could be many but in my case it was “WsusPool” IIS pool which was creating this problem. Yeah, when I checked WSUS IIS pool status, it was in stopped state. When I started this pool manually, the console started working fine.

Why this application pool was getting stooped automatically? The answer is, it was because of memory limitation on this specific IIS pool. You may be having enough memory available on the server but if there is any restriction or less memory available for the IIS pool, it would create problem.

Solution: Remove the restriction of memory limit from the WSUS app pool.

Steps:

Open IIS Manager > Go to Application Pool > Select the WsusPool > Click on Recycling from the Actions pane

Remove the check mark from “Private memory usage (in KB)” > Click Next

Leave the Check mark enabled on “Regular time interval” > Click Finish

Now Right Click on the “WsusPool” > Click Start

Try opening the WSUS console now, it should work...

Cheers, please write me back if you have any query or feedback.

Error 2203. An Internal Error Occurred” During Office 2010 Setup

Or, MS office 2010 installation error 2203 on windows server 2008

One my reader reported that, he faced this error while installing MS office 2010 on Windows Server 2008.

The below workaround resolved the problem...

This might help you too...

Login as Administrator > Click Start > type Run > Type msconfig and press Enter > In General tab click on Selective Startup > Uncheck the Load Startup Items check box > Go to Services tab, select Hide all Microsoft Services, and then click Disable All > Click OK, and then click Restart.

Once system is rebooted, you may try installing MS office again, it would be succeeded.

Cheers, Please write me back if you have any query or feedback on this..

Delete temp files using group policy logon script

Or, Logon script for deleting temp files from windows directory using group policy

Or, Temp file deletion group policy for windows machines

Description: You can create a .bat file using the script given below and can use it in group policy logon script section.

Steps:

Open Notepad > Paste this script (modify the folders path as per your requirements) > save this file as tempdeletion.bat

----------------------------------------------------------------------------------------------------------------------
set folder="%temp%"

cd /d %folder%

for /F "delims=" %%i in ('dir /b') do (rmdir "%%i" /s/q || del "%%i" /s/q)

set folder="C:\Windows\Temp"

cd /d %folder%

for /F "delims=" %%i in ('dir /b') do (rmdir "%%i" /s/q || del "%%i" /s/q)

set folder="%localappdata%\Microsoft\Windows\INetCache\IE"

cd /d %folder%

for /F "delims=" %%i in ('dir /b') do (rmdir "%%i" /s/q || del "%%i" /s/q)

-----------------------------------------------------------------------------------------------------------------------

In my case, I have taken following temp directory path in the above script:

%temp%

C:\Windows\Temp

%localappdata%\Microsoft\Windows\INetCache\IE

Once you have the .bat script ready with you, you can use this script as logon script in any GPO and link with any OU as per your requirements.

Cheers, let me know if you have any query or feedback.

Windows backup and restore types explained

Or, Understanding Windows backups types and concepts

Or, Different types of backups and restore methods used in backup technologies

Or, How many types of backups are and how restoration works

Descriptions: If you are new to backup administration and want to understand the fundamentals of different backup types and use cases, this article is for you. Guys, technically for Backup Administrators, there are three types of backup Full, Differential and Incremental but generally there are five type of backups as shown below.

1. Full or Normal Backup

2. Incremental Backup

3. Differential Backup

4. Copy Backup

5. Daily Backup

Full Backup: Full backup contains full data. Whenever you run Full backup, it takes backup of all selected files and folders every time. This type of backup consumes more disk space and takes longer time to complete.

Example: If you have schedule “Full Backup” to be executed on Monday of every week and total data size of the selected files/folders is 100GB, then every week you need 100GB of HDD space or tape media space to store this backup data.

Note: To restore complete data from full backup, you need only last recent “Full Backup” set.

Differential Backup: Diff backup contains only those data which was modified or created after “Full Backup”.  Every time you run differential backup, it compares itself with last recent full backup and backs up only those files/folders that was modified or created after last recent full backup.

Example: Your last full backup was completed on Monday with 100GB backup data and your next diff backup is scheduled to be executed on next Sunday. So, in next diff backup, only those files and folders will be backed up which has been modified or created after last full backup (Monday) and before diff backup execution (Sunday).  Suppose only 2 GB of data was modified after full backup, so in this diff backup only 2GB of data will be backed up not 102GB (100GB+2GB).

Note: To restore data from “Full Backup” + “Diff Backup” scenario, you have to have one set of last recent full backup and last recent “Diff backup”.

Incremental Backup:  Incremental backup contains only those data which was modified or created after full backup but in separate backup sets. Every time you run incremental backup, it compares itself with its last backup (whether is it full or incremental).

Example: If your last full backup was completed on Monday with 100GB backup data and your next incremental backup is scheduled to be executed on next Sunday. So, in next incremental backup, only those files and folders will be backed up which has been modified or created after last backup full/incremental backup.  Suppose only 2 GB of data was modified after full backup, so in this First incremental backup only 2GB of data will be backed up not 102GB (100GB+2GB).

Next incremental backup will be backing up only those data which would be modified or created after last incremental backup. Means, if data modified between last incremental backup is upcoming incremental back is only 3GB, then the upcoming incremental backup will have only 3GB data backup.

Note: To restore complete data from “Full Backup” + “Incremental Backup” Scenario, you have to have Last recent full backup and all incremental backup sets with you.  This backup combination consumes lesser disk or tape space and take lesser time to complete but complex to restore.

Daily Backup: When you simply copy files/folders to a different location rather than original on daily basis, is called daily backup.

Copy Backup: when you simply copy your files/folder to different location rather than original on your need basis, is called copy backup.

Cheers, Please write me back if you have any query on this.

Outlook blocked access to the following potentially unsafe attachments: xlsx or pdf or ppt or doc

Or, Outlook blocking attachments as “potentially unsafe file”

Or, Excel/pdf/ppt blocked in outlook client, opening file in web mail (OWA)

Problem Descriptions:

Suddenly user’s started reported that they are unable to receive attachments in their outlook application as its being blocked by outlook with error “Outlook blocked access to the following potentially unsafe attachments”. Files are being downloaded from web mail OWA with no issues.

Cause:

A knows/announced bug in MS patch KB3203467

https://support.office.com/en-us/article/Outlook-known-issues-in-the-June-2017-security-updates-3f6dbffd-8505-492d-b19f-b3b89369ed9b?ui=en-US&rs=en-US&ad=US

Solution:

A quick solution/workaround of this problem is to remove the bug oriented reported patch KB3203467 immediately from the affected machines and take a reboot.

Security Update for Microsoft Outlook 2010 (KB3203467) 32-Bit Edition

Security Update for Microsoft Outlook 2010 (KB3203467) 64-Bit Edition

Once you will remove this patch from the affected machine, your all attachments will come back to normal status.

Cheers, Please write me back if you have any query or feedback on this.

PowerShell script to export disk usage report of multiple computers

Or, Disk usage report PowerShell script

Or, PowerShell script for disk usage report with .txt file input

Or, Export disk usage report to CSV for multiple windows computers

Descriptions: Disk usage report for storage optimization or to keep track of disk usage trends is one of the important routine task for every administrator. In this article, we would be exploring the PowerShell script to get disk usage report of multiple windows machines in to excel or CSV file.

In this article, we will prepare the scenario and logical environment, lastly we will run the PowerShell script to get the CSV report in desired folder location.

What has been covered in this script?

This script is designed for getting disk usage report of windows machines listed in ServersList.txt text file. It will keep only last 30 days report in the folder DiskUsageReports.

Prerequisites:

1. Administrative privilege to run the script

2. List of servers/computers name or IP in a text file

3. Basic knowledge of PowerShell commands

Prepare the environment – Get Ready

Create a root folder and three child folders like:

1. Root folder name: DiskUsage

2. Child folders name: DiskUsageReports, DiskUsageReportScript, and ServersList

A reference screenshot is given below:

Prepare a text file with Name ServersList.txt and place it in ServersList folder. This text file should contain the list of windows machines you wish to export disk usage report.

You can use name or IP as shown in below screenshot:

Finally, create the PowerShell script with following commands.

Simply copy and paste the given commands in PowerShell ISE windows and save it as .ps1 file under DiskUsageScript folder with name DiskUsageReport.ps1

===============================================================

$OldReports = (Get-Date).AddDays(-30)

Get-ChildItem D:\DiskUsage\DiskUsageReports\*.* | `

Where-Object { $_.LastWriteTime -le $OldReports} | `

Remove-Item -Recurse -Force -ErrorAction SilentlyContinue 

$LogDate = get-date -f yyyyMMddhhmm

$File = Get-Content -Path D:\DiskUsage\ServersList\ServersList.txt

$DiskReport = ForEach ($Servernames in ($File))

{Get-WmiObject win32_logicaldisk <#-Credential $RunAccount#> `

-ComputerName $Servernames -Filter "Drivetype=3" `

-ErrorAction SilentlyContinue

}

$DiskReport |

Select-Object @{Label = "Server Name";Expression = {$_.SystemName}},

@{Label = "Drive Letter";Expression = {$_.DeviceID}},

@{Label = "Total Capacity (GB)";Expression = {"{0:N1}" -f( $_.Size / 1gb)}},

@{Label = "Free Space (GB)";Expression = {"{0:N1}" -f( $_.Freespace / 1gb ) }},

@{Label = 'Free Space (%)'; Expression = {"{0:P0}" -f ($_.freespace/$_.size)}} |

Export-Csv -path "D:\DiskUsage\DiskUsageReports\DiskReport_$logDate.csv" –NoTypeInformation

=======================================================================

It should look like the below one:

Now you are done friends, just run the PowerShell script and get the report you need...

Steps: Run the prepared PowerShell Script

Right Click on the .ps1 script file and Click on Run with PowerShell

Now go to DiskUsageReport folder, you should have your CSV report ready there..

Cheers, Please write me back if you have any query or feedback.

How to fix unquoted service path vulnerabilities?

Or, Unquoted service path vulnerability

Or, Mitigate unquoted service path vulnerabilities

Descriptions: Unquoted service path vulnerabilities are rated as highly critical vulnerability in windows. Don’t worry it is really very easy to fix.

If you have the vulnerability scan report with you, the report contains following information about this reported vulnerability:

Vulnerability Name: Microsoft Windows Unquoted Service Path Enumeration

Vulnerability Synopsis: The remote Windows host has at least one service installed that uses an unquoted service path.

Vulnerability Description: The remote Windows host has at least one service installed that uses an unquoted service path, which contains at least one whitespace. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service.  Note that this is a generic test that will flag any application affected by the described vulnerability.

Vulnerability Solution: Ensure that any services that contain a space in the path enclose the path in quotes.

IMP Note: There are two stages to fix this vulnerabilities, 1. finding the unquoted path on the affected server and 2. Fixing the unquoted paths.

Steps-1: How to find the unquoted service paths

Login to affected server with administrative privileges > run CMD as Administrator > run the following command:

wmic service get name,displayname,pathname,startmode |findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """

Once the command is executed successfully, you will be able to see one or more unquoted service paths. Result may look like the below reference screenshot:

Copy all the result to a text or excel file and move to the step-2.

Steps-2: Fixing unquoted service path vulnerabilities 

Search for the unquoted registry entry of the affected service under HKLM\System\CurrentControlSet\Services registry path > Double Click the Image Path key > fix comma like “servicepath” at the beginning and end of the path

Examples:

Unquoted service path: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

Quoted service path: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

The correct quoted service path image reference:

Cheers, Please write me back if you have any query or feedback..

PowerShell command to export AD uses created in last 7 days in to a CSV file

Or, Exporting AD users created in last 7 days to CSV file using PowerShell command

Or, Get AD users report created in last 7 days with the help of PowerShell

Descriptions:  If you are looking for exporting AD users created in last 7 days or any custom days in a CSV file/report, this article is for you my friend. In my case, I am going to export users created in last 7 days.

Steps:

Run Windows PowerShell as Administrator > run the commands mentioned below to get the CSV output/report

AD users created in last 7 days

Get-ADUser -Filter "Name -like '*'" -Properties Name, Title, Office, Created | where {$_.Created -gt $(Get-Date).AddDays("-7")} | select Name, Title, Office | Export-Csv D:\temp\ADReport.csv

Cheers, Please write me back if you have any query or feedback on this.

Exporting inactive AD users to CSV file using PowerShell command

Or, PowerShell command to export inactive AD uses in to a CSV file

Or, Get inactive AD users report with the help of PowerShell

Descriptions:  If you are looking for exporting inactive AD users in to a CSV file/report, this article is for you my friend. In my case, I am going to export users whoever are inactive since 30 days.

Steps:

Run Windows PowerShell as Administrator > run the commands mentioned below to get the CSV output/report

Inactive AD users since 30 days

Search-ADAccount -UsersOnly -AccountInactive -TimeSpan 30 | ?{$_.enabled -eq $True} | Get-ADUser -Properties Name, EmailAddress, Department, Description, lastLogonTimestamp | Select Name, EmailAddress, Department, Description,@{n='lastLogonTimestamp';e={[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | Export-Csv D:\temp\funytest.csv

Cheers, Please write me back if you have any query or feedback on this.

Exporting AD users to CSV file using PowerShell command

Or, PowerShell command to export AD users in to a CSV file

Or, Get AD users report with all fields or selected fields with the help of PowerShell

Descriptions:  In this article, we are going to try some useful PowerShell commands to export AD users reports. You have choice to select many properties values, less properties values or all properties value as per your need.

Steps:

Run Windows PowerShell as Administrator > run the commands mentioned below to get the CSV output/report

AD user’s reports with some most commonly used fields

Get-ADUser -Filter '*' -Properties * | Select -Property EmailAddress,GivenName,Surname,DisplayName,Title,Department,Office,OfficePhone,MobilePhone,Fax,StreetAddress,City,State,PostalCode,Country | Export-CSV "D:\temp\ADusers.csv" -NoTypeInformation -Encoding UTF8

AD Users report with less fields

Get-ADUser -Filter '*' -Properties * | select -Property SamAccountName,DisplayName,EmailAddress | Export-CSV "D:\temp\ADusers2.csv" -NoTypeInformation -Encoding UTF8

AD users reports with all available fields

Get-ADUser -Filter '*' -Properties * | Export-CSV "D:\temp\ADusersAllFlds.csv" -NoTypeInformation -Encoding UTF8

The reference screenshot is given below to see how the commands should look like on PowerShell.

Cheers, Please write me back if you have any query or feedback on this.

Automate windows servers event logs archival to network shared folder

Or, How to configure windows event logs archival path to shared folders?

Or, Archiving windows event logs to alternate path or network shared folder?

Or, Automate AD security logs archival in windows server.

Or, Move archived windows logs to network shared folder - can we automate this?

Descriptions: If you repeat it, automate it... this is the theme that works in most of the task automation process. In this article also, we are going to automate a routine task and that is ‘Windows event logs archival’. You can say it like 'archival of archived event logs to network shared shared folder' as well.

Yes, most of the administrators do it manually which is very time consuming and is always at the risk to be missed. If you are reading this article, I know you are one of the lazy administrator like me and want to get rid of this daily/weekly hustle. So let’s start it….

Scenario Details: I have an AD/Active Directory server where I have set auto archival of security event logs. Very often, the C:\ drive of the AD server reach to 90% or even 100% sometime that is really a worry point for me.

IMP Notes:

1.  By default archived logs are saved in C:\ drive of windows server at path C:\Windows\System32\winevt\Logs

2. We are going to move archived event logs to network shared folder with the help of PowerShell script

3. Auto archival of event logs are set to archive the security logs if the log file size is reached 1GB.

4. The archived event logs appears like Archive-Security-2017-06-03-xx-yy-zz.evtx

Stage-1: Prepare the PowerShell script

Copy and paste the below PowerShell command in a Notepad file > update parameters as per your environment > save this notepad file as .PS1 file

-------------------------------------------------------------------------------------------------------------------------------

$path = “C:\Windows\System32\winevt\Logs”

$extn = “Archive-Security*.evtx”

$size = 1GB

$dest = “\\fileserver01\ADlogsArchival”

get-ChildItem -path $path -recurse -ErrorAction "SilentlyContinue" -include $Extn |  where-Object {$_.Length -gt $size} | Move-Item -Destination $dest

---------------------------------------------------------------------------------------------------------------------------------

IMP Note:  Replace required path and size details with the one applicable for your environment.

Stage-2: Schedule this PowerShell script in windows task scheduler

Create a task in windows task scheduler > in Action tab fill in the details like this...

Program/script: PowerShell.exe

Add arguments (optional): -ExecutionPolicy Bypass C:\DoNotDelete\pscript\LogArchival.ps1

Note: replace the script path with the one applicable for your environment.

That’s it guys, archival of archived logs will take place automatically on scheduled time defined by you in the task scheduler. You can enjoy your coffee now onward and the script will take care of your task...

Cheers, please write me back if you have any query or feedback on this.

How to enable or disable OWA in bulk on O365

Or, O365 PowerShell command to enable to disable OWA for bulk users

Or, Disable or Enable OWA for all users in O365

Or, Disable or Enable OWA for single user in o365

Descriptions: Disabling OWA help you to block the outlook web access for targeted users. One of the very common daily administrative task for an exchange administrator is to enable or disable OWA for users (single or bulk). In this article we will explore the easiest way of doing this task using O365 PowerShell.

There are some cases where people wants to disable or enable OWA for single user as well as for multiple or all users.

IMP Note: Disabling OWA only block the access of Outlook Web Access in O365. All other applications will remain accessible if you login to office.com.

Steps: Disabling or Enabling OWA for using PowerShell or GUI

Connect to office365 server PowerShell admin console with administrative privilege.

Run the below command to disable OWA for “All Users”

Get-Mailbox | Set-CASMailbox -OWAEnabled $false

Run the below command to enable OWA for “All Users”

Get-Mailbox | Set-CASMailbox -OWAEnabled $true

Run the below command to Disable OWA for “Single User”

Set-CASMailbox -Identity xxx@yourdomain.com -OWAEnabled $false

Run the below command to enable OWA for “Single User”

Set-CASMailbox -Identity xxx@yourdomain.com -OWAEnabled $true

To enable or disable OWA for single user using GUI, follow the below steps:

Go to EAC > Click on Recipients > select any Mailbox > Go to mailbox Properties > Go to Mailbox features > Under Email Connectivity, see for Outlook on the web > Click Disable to disable the OWA and Click on Enable to enable OWA

Cheers, Please write me back if you have any query or feedback.

Adding all Distribution List to a single Distribution List O365 PowerShell

Or, Making all DLs the member of a Global DL in O365

Or, How to add all DLs to a single global DL

Or, Creating a global DL containing all other DLs as member

Descriptions: In this article we are going to learn “How to add all other DLs in a Global DL member list”. Guys, this is something very common requirement across all type of organizations where people want to have a DL containing all other small DLs as a member, so that a Single mail can be sent to everyone by sending that to one DL instead of sending that to multiple DLs.

Yes, there is another way to achieve this requirement and that it creating a Dynamic DL which may by default contain all active mailboxes/users as a member. But, we will discuss about this latter in a separate detailed article.

Steps:

Connect to office365 server PowerShell admin console with administrative privilege.

Run below command to export all the DLs in to a CSV file

Get-DistributionGroup -ResultSize unlimited | select displayname,PrimarySmtpAddress | Export-CSV d:\temp\DLs.csv

Run below command to import and add all the DLs to specified global DL

Import-Csv D:\temp\DLs.csv | foreach {Add-DistributionGroupMember -Identity allDLs@domian.com -Member $_.displayname}

IMP Notes:

1. You can change the path as per your environment for exporting and importing the CSV file.

2. Do not modify anything in the exported CSV file.

3. DLs whichever are exported in the CSV file, would be added to the specified global DL. In my case it is allDLs@domain.com

Cheers, please write me back if you have any query or feedback.

Top 10 ways to prevent an IT security breach

Or, Top 10 IT security breaches prevention approaches

Eliminating security breaches completely is an impossible task, however there are many things that employees can do to mitigate the threat. In this article, I am going to share ten easy-to-implement policies (created by looking at some high profile security breaches of the past) which, if followed to precision, will drastically reduce the chance of a security breach.

1. Stringent password policy

As cliché as it sounds, securing passwords (including changing default passwords and not re-using old passwords) goes a long way to averting security breaches. Create a specific policy for securing passwords; such as including special characters, minimum length, expiration dates, no repetition and no password sharing.

Many devices and applications in large enterprises are protected by default passwords. You’d better believe that attackers are also aware of this and can exploit it. Be sure to change those default passwords!

2. Disable old, unused or inactive user accounts

Old, unused and inactive user accounts can all become the source of a security attack. Security breaches are easier to pull off in an unclean Active Directory. The easy way to counter this is to ensure that whenever employees (either regular or contractual) leave the organization, make sure to disable their accounts – especially the ones that had privileged access.

3. Automate security

Automate your security initiatives. Use systems that automatically check password settings, unused/stale user and computer accounts, server settings and firewall configurations. Systems like this are vital because to be vigilant in all these areas requires a tremendous amount of time and man-power without them. There is an abundance of third-party solutions on the market today that can offer this service in an affordable way.

4. Enable auditing and examine logs

Good administrators know the importance of auditing, and will monitor system logs regularly and meticulously. As I am covering the best ways to avoid security breaches in this article, I’m going to be putting particular stress on security logs, as they are the first line of defense.

Let’s say, for example, you have a folder containing a set of highly important project files with non-owner file access enabled, and while reviewing the Windows server security log, the administrator comes across a file access event log. That should immediately raise alarm bells and you should be able to determine who accessed the file and for what purpose.

5. Encrypt Data

All sensitive information in your organization (whether it’s on your desktop, laptop or a portable storage device) should be encrypted. That way, even if someone manages to get access to the devices, data will still remain inaccessible. There are many third-party file encryption solution providers on the market to satisfy this requirement.

6. Do regular network scans

Doing regular network scans and comparing them against an active baseline inventory can help thwart a security breach. This will help you detect when and where a rogue app on the network was installed. You can do this using the NetView: a built-in Microsoft command. Third-party applications can also be used to scan the network; these apps are typically in a GUI format and are more informative.

7. Monitor outbound network traffic

Attackers these days use advanced and sophisticated malwares to avoid detection. One way of exposing them is to monitor outbound network traffic. Alarms should be raised when the amount of outbound traffic is abnormally high. Most firewall applications can monitor outbound traffic and deliver scheduled reports.

8. Apply patches and update systems regularly

One way to stop security breach attempts originating from outside the network's perimeter is by keeping operating systems and applications up to date. If the operating system and applications are updated regularly, they are more likely to be able to deal with attacks.

Using a product like Microsoft Baseline Security Analyzer (MBSA) can do this for you. It is an app released by Microsoft that evaluates missing security updates and less-secure security settings within Microsoft Windows in order to tell you when an update is required. It is an effective way to ensure that hardware and software in the network have the latest patches.

9. Devise and implement a disaster recovery plan

Irrespective of the size the organization, a disaster recovery plan is vital in providing continuity in the case of disasters. After an attack, instead of panicking, employees will have a step-by-step guide to follow that will help bring systems back to normal. There are many consultants available that can help you create a resilient disaster recovery plan that is specific to your requirements.

10. Raise awareness

Create an overall atmosphere of heightened security in the organization. All employees, whether a junior help-desk or a senior administrator, need to be aware of the risks their job profiles carry (and how such risks can be mitigated).

The Conclusion

These points raised in this article are intended to make you aware of the security risks your organization faces every day and the best ways to overcome them. However, this is only the first step. Use this guide to implement a layered security approach and devise policies, procedures and audit solutions that can mitigate security threats. If you have any questions about any of the above given points, or any points you feel should be on this list, let me know in the comments below.

Author

"Ajit Singh, Marketing Manager for IT auditing, security and compliance vendor, Lepide - www.lepide.com"

Explained - WSUS update "classification" list

Or, Understanding update classifications in WSUS server

Descriptions:

Update classifications represent the type of update category, for example, Critical Updates and Security Updates. This classifications criteria plays very important roles when deciding what kind of updates you are actually going to approve for your end user’s computers.

Security and critical updates categories are most commonly preferred categories for windows machines patching.

Note: Downloading Update by “Classification” or “Product” does not mean installing them to any computer. Patch installation take place on any machines only when administrator approves it or if any automatic patch approval rule is applied for any machine or machines group.

Please refer the below list of WSUS update classification category.

Patch Downloading Configuration by Classification

Cheers, Please write me back if you have any query or feedback on this.