LANDesk FAQs (Frequently Asked Questions)
- Why is OIT deploying the LANDesk Management Suite?
- Is LANDesk installation mandatory?
- Will LANDesk work on my MAC or other non-Windows computer?
- Will LANDesk change settings on my managed computer?
- What can OIT see on my computer after LANDesk is installed?
- Is OIT using LANDesk to monitor staff, faculty, or student behavior?
- I have sensitive information on my workstation. Is it vulnerable to snooping or tampering via LANDesk?
- Will LANDesk affect the performance of my workstation?
- Why Software Updates Management?
- What type of software updates will be managed by LANDesk?
- When will LANDesk software updates be installed?
- Will my workstation's performance be impacted when a software update is being installed?
- What happens if a particular software update is not compatible with my system/application?
- What information security polices apply to the usage of LANDesk?
WHAT IS LANDESK?
LANDesk is a computer management solution that allows our technical support staff to systemically perform a variety of campus-wide support and service tasks for those desktops computers on CCNY’s network. These support tasks include:
- Maintaining critical software updates and installations
- Automating the installation and maintenance of software on desktop computers
- Maintaining hardware and software inventory information.
The LANDesk Management Suite is composed of two main components: the server and the client. The server allows IT systems administrators to manage the distribution of software packages; make updates and installations; test distributions; analyze problems; and generate reports. The client component is a small software program that runs on each computer. Sometimes referred to as an agent, this small software program allows the LANDesk server to communicate directly with the desktop computers that it will be managing.
The addition of LANDesk to our systems administrator toolbox significantly enhances technical support. OIT staff can more proactively detect, diagnose, and remediate issues on CCNY networked-connected desktops—and in many cases can address those problems proactively and more efficiently.
The LANDesk agent, combined with software update management, can ensure that licensed applications are up-to-date with the latest security fixes. LANDesk can update a wide variety of products from many software developers, provided the installed versions are currently supported.
All computers with the LANDesk agent installed provide valuable inventory data—such as available storage, total RAM, and the relative age of hardware—about the computers they are installed on. This allows OIT staff to more effectively manage the college-wide computer management lifecycle, from acquisition, through years of deployment and servicing, to decommissioning.
By keeping track of installed software, LANDesk will enable OIT and your departmental IT support staff to proactively identity vulnerabilities and quickly counter recently discovered active security threats.
IT administrators using LANDesk can create customized, detailed reports regarding departmental hardware and software assets.
Maintaining up-to-date computer software updates is critical to safeguarding our campus-wide computing environment. Indeed, these two measures are so vital they are actively required by CUNY information security policy.
Most computer software released by computer developers contains vulnerabilities. Malicious attackers strive to exploit these vulnerabilities to gain remote access to your computer, to intercept your keystrokes (especially passwords), to capture information from web pages you’re browsing, to snoop on your social media, and to search and retrieve sensitive data stored on your hard drive. Without your awareness, these methods can be used to steal your identity and seize financial resources, and also turn your computer into a repository for illicit materials and attacks.
OIT maintains thousands of Windows, Macintosh, and Linux computers with dozens of installed software packages. Applying patches requires that they be downloaded, installed (often by a user with administrative privileges), and then, in many cases, the computer is required to be restarted. With dozens of software programs and packages (collections of programs) installed on most computer systems, it can be daunting to keep them up-to-date.
To maintain software functionality and security, it is imperative for the critical software patches to be applied in an orderly and timely manner. LANDesk functions as a software update aggregator, conveniently collecting and applying software updates in a relatively simple and comprehensive manner. Controlled distribution of updates will allow us to be more proactive in reducing security threats while adopting and enforcing standards to make management of our computer environment more effective. Furthermore, LANDesk’s inventory and reporting capabilities will help make allocating and maintaining computer resources more efficient.
No, installing LANDesk is not mandatory. However, every computer on CCNY’s network is required by CUNY information security policy to have up-to-date software and malware protection. LANDesk provides a method of automating the distribution of critical updates and validating that they have been applied. This helps immensely in maintaining business operations, inventory, security, and compliance with CUNY IT policies. Therefore, we highly recommend that LANDesk be installed on CCNY-owned computers.
For more information on the CUNY Information Security Policy requirement see the CUNY Information Technology Security Procedures, Section 20.
WILL LANDESK WORK ON MY MAC AND OTHER NON-WINDOWS COMPUTER?
In addition to Windows, there are LANDesk clients for Macintosh OS X, as well as for some Linux distributions (e.g. Red Hat, Fedora, CentOS, and OpenSuse). LANDesk only supports each developer’s software life cycle; therefore, end-of-life operating systems and applications are not supported. LANDesk’s capabilities vary for each of the different operating systems, but inventory reporting works across all platforms.
For more information on supported operating systems see LANDesk’s compatibility matrix.
WILL LANDESK CHANGE MY USER SETTINGS ON MY MANAGED COMPUTER?
No, the LANDesk agent does not modify user settings, it communicates exclusively with the LANDesk server to ensure that software on the managed computer is up to date, and protected from malicious software. Additionally, local IT administrators can use the agent to perform hardware and software inventory scans; this will not change any configuration settings on the device.
Using LANDesk, OIT will only acquire inventory information about the hardware components and installed software applications. CUNY Information Security policy imposes strict limits on OIT’s ability to monitor computer users’ activities.
At the present time CCNY has decided not to deploy LANDesk Remote Assistance, which would allow our technicians to remotely login to computers. If at some future time this feature is enabled, OIT will broadcast a campus-wide email notification. IT administrators and technicians will be subject to the CUNY Acceptable Use of Computing Resources restrictions on monitoring. Furthermore, it is CCNY’s practice to require user consent for each remote assistance session.
WILL LANDESK AFFECT THE PERFORMANCE OF MY COMPUTER?
CCNY’s LANDesk administrators customize the LANDesk agent to minimize the network bandwidth and processing resources it uses. The impact on system performance should not be noticeable. However, many software updates are large and require time and system resources to install; many also require restarting the computer for the updates to be applied. To receive the functional and security benefits of these vital updates, it is imperative that the computer be restarted as soon as possible after they are installed.
The inventory contains detailed information about all of the hardware components and software applications installed on your computer. It can be used to determine how much and what kind of memory is in your computer, what operating system you have, and the versions of the software that you use. This information is vital for troubleshooting computing problems, planning long-term purchasing, discovering security vulnerabilities, and reconciling annual inventory audits.
OIT will use LANDesk to maintain licensed Windows and Macintosh desktop and server operating systems. We will also be distributing critical and security updates on software licensed by the college, including Internet browsers, and Adobe products. Some software packages may be maintained using more traditional methods due to configuration challenges or limitations in LANDesk.
To maintain order and consistency with minimal disruption to business operations, software updates will be installed on CCNY computers within a scheduled maintenance window during non-work hours.
Installed updates often require the computer to be restarted in order to take effect. You will have an opportunity to defer this restart for up to two days by clicking the Remind Me button (see image below). After the second day, a dialog box will partially obstruct the screen until you have rebooted your system. Furthermore, a reboot will occur after the second day if you are logged out for more then 30 minutes during the maintenance window from 11PM - 5AM.
Occasionally, there may be a need to immediately perform out-of-cycle software update installations to protect against severe, imminent security threats or to accommodate software installation requests.
The performance impact of updating software will depend on the type and quantity of software updates being applied. However, the impact will be equal to that of installing the software updates via the Windows Update site or other methods that provide software updates.
To minimize user inconvenience, you are allowed the opportunity to defer software reboots for up to two days. To receive the functional and security benefits of these vital updates, it is imperative that the computer be restarted as soon as possible after critical software updates have been installed.
Before LANDesk updates are deployed, your local IT systems administrators are advised to perform basic tests of selective critical software updates to assess whether there are severe compatibility issues with software installed in your area. Unfortunately, not every scenario can be tested.
What information security policy applies to the usage of LANDesk protection?
The device management provision of the CUNY Information Security Policy: Information Technology Security Procedures require that “all devices that are allowed to connect to University networks and systems that support administrative, business, and academic activities and operations must be maintained at current anti-virus/malicious code protection at all times. In addition, security updates to operating systems must be applied on a timely basis after appropriate testing.”
To access this CUNY policy, click this link CUNY Information Technology Security Procedures.