Symantec is the company that release Symantec Antivirus and Norton Antivirus, some of the most popular antivirus and anti-malware software on the market for both home and the enterprise.

Posts

Installing Software In Safe Mode

Whenever someone hires me to repair a malware-infested computer my first step is to shut it down and boot into Safe Mode.  “But Brian,” you say, “I can’t install software in safe mode! What if I have to install AVG, Avast, MalwareBytes, or HijackThis?” Well, do I have a surprise for you!

Symantec, makers of fine security software for as long as I can remember, has a little guide on their website explaining how to enable the Windows Installer Service, and thus enable installation of software, from within Safe Mode and Safe Mode with networking. Check it out!

First Impressions of Windows Deployment Service

A few months ago we decided to deploy Windows Vista in two recently renovated labs at SUN Tech. Originally I used Symantec Ghost Solution Suite to image the labs.  If you’ve ever done imaging, you’ll know what a “bad image” looks like: sometimes they don’t boot at all, other times they seem stable until weeks later they begin to blue screen for no rhyme nor reason. This was my experience with Symantec Ghost and Vista and the reason I forced myself to learn Windows Deployment Services. I may later chronicle my entire journey, but here are a few quick observations.

1. Windows Deployment Services Setup is More Complicated than Ghost.

While I applaud Microsoft for releasing a lot of wonderful deployment tools free with  (or at least bundled into the price of) Windows Vista and Server 2008, as always they provide very little free assistance with those tools.  You will not be off the ground running with WDS as fast as you can be with Symantec Ghost. Though installing WDS is simple (add the Deployment Services server role, configure the Boot Server Host Name option #066 on your DHCP server), making it useful takes some time.

You need to add boot images by locating the boot.wim file on your Vista or Server 2008 installation media. You need to add installation images using the source.wim from the same disks.  You then have to assign the appropriate boot files and images for each architecture (x86, x64, and Itanium). At this point you can network boot to deployment services and run the installation over the network, but you can’t do “ghosting” in the classic sense of the word. You still have to create a “capture image” from the boot image you loaded previously and then use it to capture your customized installation.
[ad name=”rc_article_content”]
Ghost installation is significantly less complicated. You install the software from a wizard. You create a floppy, CD, or network boot image using the Ghost Boot Disk Wizard, then you use it to boot to the machine you want to ghost or use to create a ghost image. You set up a session on the server, type the session name on the client, and off you go. Getting up and running with PXE booting in Symantec Ghost can get a bit tricky, but you can literally start creating ghost images within five minutes of inserting the installation disk.

2. Image Creation is Slower in WDS than Symantec Ghost.

When I was creating my images with Symantec Ghost, I was always pleased with the time it took to create a ghost image. After creating my reference machine (and running Sysprep) I would boot into the DOS boot client and it would upload 15GB drive image in about 15 minutes. This includes a full install of Windows Vista Business Edition, Microsoft Office 2007, Adobe Creative Suite CS3, and a few other applications critical to our organization.

Windows Deployment Services, on the other hand, takes about an hour to create the same image. This gets aggravating when the upload completes and you realize that you forgot to include an application, or find some other issues with the image that requires you to recreate it. Nothing is more aggravating than recreating an image because you forgot some critical tweak needed by your end users.

I don’t know for sure, but I think the difference in image creation speeds lies in the difference between Symantec and Microsoft’s imaging formats. Symantec’s images are an entity unto themselves. That is, they are a byte-for-byte clone of a hard disk.  Because they work on a byte level, they can often be difficult to work with when you need to add something to an image.

Microsoft’s WIM (Windows Imaging Format) is an altogether different beast. A WIM file can contain multiple Windows installations. In fact Windows Deployment Services stores all of it’s installation images in a single WIM. WIM is a file-base image format which remains aware of the files that it contains. It will never store the same file twice.  So if you have twenty images hosted on WDS, all with Windows Vista Business and Office 2007 installed, you will save significant amounts of space because the redundant files will not be stored multiple times. While this conserves a lot of space, I tend to think that the checks necessary to search a monolithic WIM file for matches may cause the considerable slow down in ghosting speed.

3. Image Deployment is Slower on WDS than Symantec Ghost.

The same criticisms of the WIM format apply during image deployment as well. While Symantec Ghost simply dumps bytes directly back to the hard disk, Windows Deployment Services formats, expands the image, installs the image’s files, and even goes out to Windows Update to download and install system updates before rebooting.
[ad name=”rc_article_content”]
I also noticed that after the reboot into the new operating system that the Vista version of Sysprep takes significantly longer to complete than on Windows XP.  However this can’t really be blamed on Windows Deployment Server, but on some of the structural changes and improvements Microsoft made with the Vista Architecture. Which leads me to my next point…

4. Sysprep is a Whore, but She is my Mother.

The above quote, adapted from the words of St. Augustine, perfectly reflects my feelings on Sysprep.  This tool, provided by Microsoft as a way to make a Windows image “generic” and thus usable on multiple computers, has caused me seemingly infinite amounts of pain and frustration, yet its the best tool that I’ve got.

On Windows XP you could avoid dealing with the quirks of Microsoft’s Sysprep utility by running Symantec’s Ghost Walker utility after deploying an image. This would recreate the security identifiers on each destination machine. When I moved to Vista I found that I couldn’t work around Sysprep because there are other processes that must be run and other identifiers that need to be recreated, such as those generated by Microsoft Key Management Services and Windows Server Update Services. With Vista, I haven’t been able to avoid Sysprep on Ghost or Windows Deployment Services.

Having said that, Sysprep on Windows XP was a cinch. You used the Setup Manager to create an unattend.ini file, you ran sysprep, and you rebooted. The Vista version of Sysprep provides a level of customization long sought after by IT workers like me, but while the platform has grown more powerful one’s chances of screwing something up have grown exponentially. The unattended.ini file has turned into unattended.xml, and while you could edit it by hand you certainly wouldn’t want to.

Instead of the user-friendly, wizard-based Setup Manager that we once used to use to create our unattended setup configurations Microsoft now provides a tool available for download called the Windows Automated Installation Kit (WAIK) as a paltry 180MB download. At least the tool provides a “Check for Errors” option, because you’re going to need it. Unattended Vista installations are complicated, error-prone, and problems are difficult to diagnose when you inevitably run into them.

4. Windows Deployment Services Finally MultiCasts.

I avoided WDS and it’s previous incarnation known as RIS mostly because it has never supported multicasting, which is critical when you are ghosting more than just a handful of machines. When you install the Deployment Services Role on Server 2008 it also installs the Transport Server supporting role, which allows you to select an image for multicasting within Windows Deployment Services. You can configure the multicast session to begin at a certain time, after a specific number of clients connect, or when you explicitly press the button to start it. The multicasting feature is what made me finally consider WDS as an alternative to Symantec Ghost.

5. Windows Deployment Services Delivers on the Promise of “One Image to Rule Them All.”

More a feature of the WIM imaging format than Windows Deployment services, you really can deploy the same images to a variety of hardware. Though often promised and long sought-after by IT professionals, deploying an image to hardware different than that which it was created on has never worked particularly well; and using the same image on a desktop and portable was simply unheard of.  However the new version of Sysprep and the WIM format finally make this dream a realty. Vista’s version of Sysprep removes the HAL (Hardware Abstraction Layer) which prevented images from working on both desktops and laptops.  The WIM format makes it simple to add drivers to an installation image using the commands “Imagex” and “Peimg” provided by the WAIK.

Sysprep also makes it simple to store all your drivers in a single location which can be searched during the hardware detection phase.  You can even provide a UNC path to a network share and credentials for access.

6. Windows Deployment Services Updates Your Computers Before Booting Them.

Though this feature can be turned off in your Sysprep configuration, Windows Deployment Services will actually go out to the Internet and install available updates to your PC before it reboots into the downloaded image.  It ads a few minutes to deployment time, but saves you the bother of updating your images when a new patch is released by Microsoft.

7. Windows Deployment Services Just Works Better with Vista

Maybe this isn’t a selling point for the Vista-haters out there, but I’m a fan of the operating system. The fact I couldn’t create a single Windows Vista image in Symantec Ghost that didn’t blue screen or have other unexplainable issues really hurt my confidence in their product and convinced me to research and consider Windows Deployment Services.

8. Symantec Ghost is Expensive.

I’m not sure what the price is today, but I know we were paying several thousand dollars annually to keep our version of Symantec Ghost current and legal for our 300 computer network. If you have a license for Server 2008, you already own Windows Deployment Services, and all of it’s supporting tools are available as free downloads from Microsoft.

Summary

In a perfect world there would exist a program that acted much like a hybrid of Ghost and WDS. Ghost wins hands down in the speed department, both for ease of installation and speed of imaging operations. Ghost has, however, always been lacking in the realm of image customization. The WIM image format used by WDS gets a gold star for its extensive configurability, and for the tools that Microsoft has made available to make this possible. Symantec needs to play catch-up and make their software work better with Windows Vista.  They might even consider using the WIM format if they can do that and still keep their edge on speed. All things considered, the prices and feature set of WDS is what I need right now, and I won’t be switching back to Symantec Ghost any time soon.

A Word About Total Protection Software

My friend Dan over at Outsmart Technology wrote a fantastic article about choosing the right antivirus package. As a followup to Dan’s article and my own article yesterday explaining what a virus is and how your computer actually becomes infected, I wanted to voice my opinion about so-called “total protection” packages being sold by the top names in personal computer security. That opinion is, stated bluntly, that their software is bloated, junky, and not worth your money.

Read more