TOPIC START EDITED ON 29-6-2010
There are several things i like to see in the new ADNM version....
Since there is a total blank about the development (Vince, please hire a PR manager) i dont know if the development already started so hereby a few items i would like to see:
0 TOP) Be able to choose where the mirror files are stored! (comply with the new way of 2008/win7 about the program files directory where programs only should be installed and not have data written) This includes making it possible to put on a network share....
1) Domain integratration for Windows where the computer catalog automaticly is buildup like the structure of the Organisational Units in Active Directory, instead of manually recreate the complete structure by hand and having to drag and drop the discovered computers in the appropriate container...
2) Apply settings in the style of Group Policies (ala GP in AD). That way its easier to maintain settings and see which AV Policy is applied to which container....
3) Windows integration with AD for usage/login rights of ADNM console. So we dont have to give every user a seperate username/password for login in the console and all the rights have to be set just 1 time inside the console to the appropriate AD groups that are divined in Active Directory
4) special integration for mobile devices possible? no experience with that now tho, but would be awesome to control the mobile device remotely... or when it is hooked up in the network (wifi/usb/bt) when the user is inhouse or hooked up with VPN or something....
5) Better support for different (read: new) operating systems since the current support for Win7 is there but thats because the support for Vista has been added early last year only (which is 2 years after the RTM release of the OS) maybe modular support for new OS, which would possibly be able to be used for linux (kernels) too
6) better documentation of ALL the features in the products and what certain settings do
7) better exchange integration, Avast is certified for Win7 because of a field trip to Redmond college.... this could also be done for Exchange and maybe sharepoint/MS SQL too?
8 ) i didnt really check into this one in the current ADNM but i would like to see PUSHING commands to the clients instead of the AMS waiting for the client to contact and notice a command....
9 ) make linux/mac clients managable via ADNM too (possibly port ADNM to linux/mac ? a lot of work i know)
10 ) make the engine/program updates process go through the normal way like the virus definitions do, instead of the way its done now by going to the windows software window click on uninstall the program and choose the update button instead of the uninstall button(thank you Yanto for the input)
11 ) during installation better support for SQL server databases. Right now you need to manually point to the databaseserver and databasename and pray2work, this could be better if the installer detects the databaseserver and the database instance that has been precreated by installing with namedspace in SQL. (WSUS can do this, why not Alwil, show MS who is boss!!)
12) have control over updates being rolled out to clients to test on a test machine before deployment (alla wsus)
in this thread for example: http://forum.avast.com/index.php?topic=54699.0
there is an update that causes some exe file to be flagged as a virus while the file itself is legit (to
the extend that it is a file from IBM from a specific program) same example for the update couple weeks ago which falsely identified and removed key files
this control could have several levels
1) auto update
2) auto download but wait for approval
3) manual download and approve
13) Make the mobile (PDA/smartphone) version manageable via ADNM (tho the future of the mobile version is unsure at this moment) (thank you SPI for the input)
14) If the option to have a secondairy server will be available again in this new version, make it possible to change settings easy so that a slave server (that gets the updates from the first AMS server) can be promoted to a master server without having to do all kinds of tricks or have problems popping up at clients.
15) Make definition and program updates available in a zip file for offline updating (mostly for secure networks that aint allowed internet access)
anybody with more great ideas?
maybe Alwil (VLK?) has some input this time in this thread or make a special beta forum for this one like done with the new avast 5 beta forum
16) Dont give out licenses in the ADNM console, while the program is not installed on that computer. Thnx to this thread i realised this wish: http://forum.avast.com/index.php?topic=57831.0
17) Make all management options accessible via one console
18) Add NAC support to avast. (Network Access Control (NAC) like Sophos or McAfee have it.)(thank you Yanto for the input)
19) This is a quoted collection from EDJ
- When you uninstall a netclient, it must be delete from the Computer Catalog.
- When a task is running in a netclient and the netclient is power off, ADNM must change the status of the task to "uncompleted" or something like this. Maybe, restarts the task when computer is on again.
- Automatic refresh, not F5.
- Console direct access from Internet, not opening ports. To give support to customers.
- Manual Mirror run from ADNM Console.
- Send an email alert when mirror is not updates in 24 hours.
- Improve reports.
- Can create MSI packages in a shared folder on other machine with a normal user.
- Improve time to install first mirror from Internet during installation.
- Improve access to remote virus chest to restore files, send infected files to ALWIL, etc.
- In PC properties a "Infected Files History".
- Can see the licenses number from the ADNM Console.
Thank you for the input EDJ....
20) See this message after a brainstorm from Scythe http://forum.avast.com/index.php?topic=54073.msg512281#msg512281
21) (actually a nobrainer but: ) Direct scanning of removable devices as in external harddisks and USB sticks and smartphones (basicly anything that can act as a disk)
22) Installer ROLLBACK feature. When cancelling the installation the installed parts remain on the system. If the installer removes the installed parts after
pushing cancel, a potential problem of having a crippled installation will be eliminated (thus no need for the special avast removal tool for a failed installation).
I dont agree tho with the console being accessible directly from the internet without opening ports. This is possibly a huge security risk when the password used is not set or the standard one or an easy to guess password.... it means the people logging in have almost direct access to your complete infrastructure (they see ip adresses, dns names, they control new (un)deployments)
this kind of access should be controlled and limited with a secured line like VPN or via RDS. Offering remote support to several customers from your own workstation is efficient but it should not compromise network security, via a HTTPS (since i believe v5 will be webserver based) is not an option since a hacker is already too far onto the network (discovered what antivirus u use, have a webserver he could hack, stuff like that) to be save....
< 27-01-2010 i will edit-in every point that people will put in the list, so that there will be one list complete at the start of the thread, so nobody has to scroll thru all the postings
28-01-2010 added point 12
18-02-2010 added point 13
xx-xx-2010 added point 14
10-03-2010 added point 15
30-03-2010 added point 16 and 17 and 18
19-04-2010 added point 19 (collection of points) and commentary/concern on one of the points
12-6-2010 added point 20 (the biggest explanation is for Scythe, there is another point on the bottom of the message)
28-6-2010 added point 21
29-6-2010 added point 22 coming from what i classify as a bug mentioned in this thread (sorry Evangelists only