Redmondmag.com

Going to the Bench: Replacing Bill Gates
AUGUST 2006
55
W W W. R E D M O N D M A G . C O M
Windows
Watch
Dog
1
25274 867 27
7
AUGUST
•
$5.95
08 >
Stephen Toulouse
Takes Us Inside the
Microsoft Security
Response Center 26
+
Beta Man Tests ISA Server 2006 14
What’s Your IT IQ? Take the Quiz and Find Out 39
Are you archiving all your company email yet?
On
ly
$
4
25 m 45
$ 2, ailboxes
;
f 29
ma or 250 5
for
ilbo
xes
Email Archiving
Archive all company email to SQL Server
And ease Exchange back-up & restoration too!
Email archiving solution for internal and external email
Download your FREE trial version from www.gfi.com/mrr/
!
Get your FREE trial version of
GFI MailArchiver for Exchange today!
GFI MailArchiver for Exchange is an easy-to-use corporate email archiving solution that enables you to archive all internal
and external mail into one or multiple SQL databases, heavily reducing reliance on PST files. Now you can provide users with easy,
centralized access to past emails via a web-based search interface and the ability to quickly restore emails through a OneClick
Restore process. GFI MailArchiver aids your company in fulfilling regulatory email storage requirements (such as the SarbanesOxley Act). GFI MailArchiver leverages the journaling feature of Exchange Server 2000/2003, providing unparalleled scalability
and reliability at a competitive cost. Use GFI MailArchiver to:
•
•
•
•
•
•
Archive all incoming and outgoing company email to multiple SQL databases
Significantly reduce storage requirements for email by up to 80%
End PST hell by storing email in SQL format
Provide end-users with a single, web-based location in which to search all their past email
Allow users to restore archived emails through a OneClick Restore
Help comply with Sarbanes-Oxley, SEC and other regulations.
Searching for an email
tel: +1 (919) 379 3397 | fax: +1 (919) 379 3402 | email: [email protected] | url: www.gfi.com/mrr/
Seamless failover.
Always connected.
Keeping Users Connected.
Keep your application servers zipped up and functional all of the time. Whether a single server or an
entire site fails, availability to critical business applications fails, along with the productivity of users
company-wide. No matter if you’re a start-up or a
Global 100, server downtime will kill your business.
With Neverfail, users are kept continuously
connected to their applications no matter
when, where, or why a failure occurs in the
server environment. Neverfail delivers cluster-class
disaster recovery, data protection and high availability
software solutions to every size company, and at a
significantly lower total cost and complexity. With
automatic failover response measured in mere
seconds rather than minutes, and no user or IT
management intervention needed, no one covers
your back better than Neverfail. Anything less is
a lesser solution. Designed for Windows-based
applications, Neverfail’s comprehensive suite of
award-winning software solutions will help ensure
that your productivity is never interrupted.
To make your business a more productive — and
profitable — enterprise, visit neverfailgroup.com
for your FREE server analysis and take the first
step to achieving true high availability. Or better
yet, call or email us today to join companies all over
the world who have chosen Neverfail for the most
effective disaster recovery, data protection and high
availability solutions in the industry.
Keeping Users Connected.
www.neverfailgroup.com
[email protected]
EXCHANGE • SQL SERVER • FILE SERVER • IIS • SHAREPOINT • BLACKBERRY • ORACLE • LOTUS DOMINO
THE ROAD TO RECOVERY...
...leads to Acronis
While many companies talk about backing up user data, at Acronis we believe that it
is the recovery of data that is most important. That is why we spend so much time in
development working on how to recover data faster.
Features:
• SnapRestore™ allows users to work while the system recovers in the background
• Universal Restore allows a system to be recovered to dissimilar hardware
• Full, Incremental, Differential, and file level backup
We understand it’s not how fast you backup, but
how fast you recover and become productive
that matters.
“Acroinis’ True Image solution offers
an unparalleled disk imaging and
disaster recovery solution that few
competing vendors can match.”
CRN Magazine April 2006
Download a Free evaluation at: www.acronis.com/fasteval
Redmond
AUGUST 2006
W W W. R E D M O N D M A G . C O M
Winner for Best
Computer/Software
Magazine 2005
THE INDEPENDENT VOICE OF THE MICROSOFT IT COMMUNITY
COVER STORY
Emergency
Response,
Microsoft Style
When malware strikes
Microsoft code, Stephen
Toulouse and the MSRC
team rush in to extinguish
the fire.
Page 26
REDMOND REPORT
11 Adesso Looks to Mobilize
Application Development
A Q&A with John Landry,
co-founder of Adesso Systems.
12 Beta Play
Microsoft betas extend SQL Server,
Visual Studio lines.
13 Keynote Strikes a Chord
Ballmer talks CRM and Security at
the Worldwide Partner Conference.
14 Beta Man
Déjà Vu: ISA Server 2006
COLUMNS
6
FEATURES
Barney’s Rubble: Doug Barney
Let’s Get Small
39 Back to Basics Quiz: Are
You the Master of Your
Windows Domain?
Are you a Domain Controller, a
Tech Plugger or an IT Idiot? Find
out how you rate!
46 Second Time Around
Windows Server 2003 R2 and the
new DFS.
55 Going to the Bench:
Can Redmond’s Backups Keep ’Em
in the Game? New management
team must fill the void left by Gates.
21 Mr. Roboto: Don Jones
Get Your Shell On
58 Never Again: Hong-Lok Li
Virtual Panic
61 Windows Insider: Greg Shields
Get a Grip on Those Gripes
Page 55
65 Security Advisor:
Joern Wettern
Bit by Bit
Page 46
ILLUSTRATION BY RALPH VOLTZ
ILLUSTRATION BY MARK COLLINS
72 Foley on Microsoft:
Mary Jo Foley
The Future at Microsoft Is …
Robotics?
REVIEWS
17 Put Your Tasks
on Automatic
Automate your task management
without learning a new language.
22 Redmond Roundup
To Server and to Virtualize
Virtualization on the server side
can add up to big savings in hardware costs.
ALSO IN THIS ISSUE
4
Redmond Magazine Online
8
[email protected]
71 Ad and Editorial Indexes
COVER PHOTO BY DANIEL SHEEHAN
Redmondmag.com
AUGUST 2006
RCPmag.com
It’s Ballmer’s World
M
icrosoft President Steve Ballmer still threw a few fist
pumps and spit-sprayed shouts aimed to get attendees’ attention during his keynote at last month’s Worldwide
Partner Conference. But the tone throughout leaned more
toward admonishing them to stick with the company’s
methods for sealing deals or be on the outside looking in.
Ballmer expects partners to focus on three key markets
Steve
for growth in the next year: unified communications, securi- Balmer
ty and search. You can read the juicy details and other
insights in a field report from Redmond Channel Partner Senior Editor Lee
Pender at RCPmag.com. FindIt code: RCPBallmer
ENTmag.com
Exchange 2007 Goes Unified
A
ccording to ENTmag.com Editor Scott Bekker, Exchange 2007 will be
one of Microsoft’s main battlefields for pushing forward unified communications.
In his special report on ENTmag.com, Bekker looks at how Microsoft will be
expanding its “Anywhere Access” theme by combining voice mail and fax into
e-mail inboxes to give users a single location to check all messages, plus
improved mobile communications.
Get all the details and dig deeper into what Beta 2 for Exchange 2007 will
offer at ENTmag.com. FindIT code: ENTExh2007
REDMONDMAG.COM RESOURCES
Resources
Enter FindIT Code
>> Daily News
>> E-Mail Newsletters
>> Free PDFs and Webcasts
>> Subscribe/Renew
>> Your Turn Editor Queries
News
Newsletters
TechLibrary
Subscribe
YourTurn
Questions with ...
Don
Jones
This month Redmond’s
Mr. Roboto talks with
us about his favorite
subject—scripting. Find
Don’s new PowerShell
Answers column on
MCPmag.com beginning in August.
FindIT code: MCPShell
Why scripting? Isn’t software
supposed to be easier to manage?
Sure, but infrastructure isn’t: The
systems that make things easier to
manage can take a lot of time to
manage.
What’s the answer to those who say,
“If I need to script, I might as well
hire a programmer”?
The Unix admins are laughing at you
right now. Scripting is an admin tool,
just like a mouse or keyboard. Use it.
What advantage does PowerShell
have over WSH?
It’s a bit easier to learn and much
more consistent, so a little effort
goes a long way.
FACTOID
80%
Chance that
Vista will be
released in January, according to Bill Gates.
— Redmondmag.com News story “Gates: 80
Percent Chance Vista Will Make January Deadline,” July 11, 2006. FindIT Code: RNews711
REDMOND MEDIA GROUP SITES: Redmondmag.com • RCPmag.com • ENTmag.com
MCPmag.com • CertCities.com • TCPmag.com • TechMentorEvents.com
4 | August 2006 | Redmond | redmondmag.com |
Barney’sRubble
Doug Barney
Let’s Get Small
M
icrosoft is prepping a new wave of software that
will undoubtedly bring in untold riches and
strengthen the company’s grip on desktop and
server operating systems, productivity suites and messaging.
But this very power means that these
products will define all of these categories for a decade or more to come. And
these programs are all very, very large. Is
that what we want?
Take Vista. This OS has some 50 million lines of code, an impressive or insane
number depending on how you look at it.
But what’s the cost? First, there’s complexity. A product this big is difficult to
build, tune, polish and, as we all
know, ship! It may also be
difficult to use, as feature
upon unnecessary feature bombard defenseless users who just
want to open a file or
visit a Web site.
Such
complexity
opens thousands upon
thousands of avenues for
hackers to cruise, and can
make plugging these holes darn
near impossible. And then there’s this little matter of hardware economics. With
XP, we’re to the point where PCs are
commodities—a wonderful thing as we
can spoil our kids with their own
machines, and the less advantaged can
buy a PC for the cost of a TV.
Vista changes all that with its hunger
for more RAM, hard drive, CPU power
and graphics. Will we see $500 Vista
laptops and $300 Vista desktops in the
near future? I doubt it.
Who asked for such a gargantuan
OS? Most folks I’ve heard from want
the opposite, a lean, mean, personalcomputing machine.
Which brings us to Office 2007. I have
no doubt this will maintain Microsoft’s
desktop monopoly, at least for Corporate America. Office 2007 integrates
tightly with tools such as Groove for
data sharing, and more importantly will
be the front-end to dozens of mainstream ERP, CRM, supply chain and
other core business apps.
But this is also a whale of a program,
one that flies in the face of what users
have been begging for—a simpler,
smaller, more stable and usable
set of productivity tools.
The new, improved and,
of course, far fatter server tools, Exchange
2007 and Longhorn,
are perhaps less of an
issue. Servers these
days are mighty powerful, and Microsoft
server products tend to be
stable, usable and popular
with those that run them.
But there’s this little disconnect.
Microsoft’s new mantra is Web services,
which to my mind means tight, component-based products that work well
over networks with varying bandwidth.
I’m not entirely sure how a monolithic
e-mail platform that requires a highend 64-bit server (Exchange 2007) can
serve as a tight, component-based product that works well over networks with
varying bandwidth. Of course, I never
majored in computer science, so I might
not be smart enough to understand how
it can do both.
If you can explain how huge apps can
become tight, efficient Web services,
e-mail me your explanations. I’m at
[email protected].—
6 | August 2006 | Redmond | redmondmag.com |
Redmond
THE INDEPENDENT VOICE OF THE MICROSOFT IT COMMUNITY
REDMONDMAG.COM
AUGUST 2006 ■ VOL. 12 ■ NO. 8
Editor in Chief Doug Barney
[email protected]
Editor Ed Scannell
[email protected]
Executive Editor, Reviews Lafe Low
[email protected]
Editor at Large Michael Desmond
[email protected]
Managing Editor Wendy Gonchar
[email protected]
Editor, Redmondmag.com Becky Nagel
[email protected]
Contributing Editors Mary Jo Foley
Don Jones
Greg Shields
Joern Wettern
Art Director Brad Zerbel
[email protected]
Senior Graphic Designer Alan Tao
[email protected]
Group Publisher Henry Allain
[email protected]
Editorial Director Doug Barney
[email protected]
Group Associate Publisher Matt N. Morollo
[email protected]
Director of Marketing Michele Imgrund
[email protected]
Senior Web Developer Rita Zurcher
[email protected]
Marketing Programs Associate Videssa Djucich
[email protected]
Editor, ENTmag.com Scott Bekker
[email protected]
Editor, MCPmag.com Michael Domingo
[email protected]
Editor, RCPmag.com Becky Nagel
CertCities.com [email protected]
Associate Editor, Web Dan Hong
[email protected]
President & CEO Neal Vitale
[email protected]
CFO Richard Vitale
[email protected]
Executive Vice President Michael J. Valenti
[email protected]
Director of IT Jerry Frazier
[email protected]
Director, Circulation and Abraham Langer
Data Services [email protected]
Director of Web Operations Marlin Mowatt
[email protected]
Director, Print Production Mary Ann Paniccia
[email protected]
Controller Janice Ryan
[email protected]
Director of Finance Paul Weinberger
[email protected]
Chairman of the Board JeffreyS. Klein
[email protected]
The opinions expressed within the articles and other contents
herein do not necessarily express those of the publisher.
PHOTO ILLUSTRATION BY ALAN TAO
Breakthrough Technology:
Maximum System Performance–Automatically
NEW
®
The Number One Automatic Defragmenter™
Fragmentation causes slowdowns,
freeze-ups and even total system
failures. As drive sizes, file sizes and CPU
speeds increase fragmentation becomes more
of a problem since disk drive speeds have not
kept up. This results in a performance
bottleneck. With data being constantly accessed,
fragmentation accumulates daily and affects all
servers, desktops, and storage systems. Manual
defragmentation is simply not a solution.
NEW Diskeeper 10 provides adaptive technology
designed to wring every last drop of performance out of
every computer on your network.
Diskeeper 10 “Set It and Forget It”® Features
• NEW! I-FAAST™ (Intelligent File Access Acceleration Sequencing
Technology), boosts file access and creation speeds up to 80%
(10-20% average).
• NEW! Core enhancements provide fast, thorough defragmentation.
• EXCLUSIVE! SmartScheduling™ customizes automatic
defragmentation based on individual usage patterns.
• NEW! Terabyte Volume Engine™ defrags large volumes, SANs,
RAIDs and NAS, quickly and thoroughly. Ideal for all servers including • NEW! Administrator Edition provides easy network-wide
configuration and deployment as well as reports on disk health, real
file, print, application, SQL, web, Exchange, and domain controllers.
time performance, reliability and fragmentation statistics.
• NEW! Enhanced I/O Smart™ transparent defragmentation ensures
uninterrupted system operation even during busy times of the day.
• NEW! Native 64 bit operating systems support.
Automatic defragmentation provides: increased performance,
reliability, reduced maintenance, longer machine life, faster
backups and faster antivirus and spyware scans. See for yourself!
SPECIAL OFFER
Try EVERY FEATURE in Diskeeper 10 FREE for 45 days
www.diskeeper.com/red2
(Note: Special 45 day trial only available at above link)
Your systems need Diskeeper, The Number One Automatic Defragmenter with over 20 million licenses sold!
Volume licensing and Government / Education discounts are available from your reseller or call 800-829-6468 code 4370
White papers, case studies and articles are available at http://www.diskeeper.com/redreports
©2006 Diskeeper Corporation. All Rights Reserved. Diskeeper, The Number One Automatic Defragmenter, I-FAAST, I/O Smart, SmartScheduling, Terabte Volume Engine, “Set It and Forget It”, and
the Diskeeper Corporation logo are registered trademarks or trademarks owned by Diskeeper Corporation in the United States and/or other countries. Windows is a registered trademark or
trademark owned by Microsoft Corporation in the United States and/or other countries. Diskeeper Corporation • 7590 N. Glenoaks Blvd. Burbank, CA 91504 • 800-829-6468 • www.diskeeper.com
[email protected]
Office Dinosaurs a Plenty
In June, contributing editor Mary Jo Foley in her Foley on
Microsoft column (see “Office Dinosaurs Unite”), openly admitted
to having an aversion to Microsoft’s idea of the “digital work style”
and the constant connectedness it brings. It appears that many of
you, ironically steeped in technology everyday, share her sentiments.
The following handful of letters illustrate some of your views:
Huns of Technology
As one who’s lived in an SCA [Society
for Creative Anachronism] household,
though not as a card-carrying anachronist, I have to say SCA folks are, in general, far more technically adept.
They don’t need an apology and are
probably flattered by being mentioned
at all in Foley’s column, and I’m sure
many will write, or send their minions.
SCAtians are very DIY types, which
makes them a good fit for today’s mercenary-like IT world. At least out of costume. Call them the Huns of technology.
All joking aside, what Foley says is
true, we really don’t see a functional reason to upgrade beyond Office 97—with
the possible exception of Outlook 2003.
My folks are not planning to use XML
features any time soon, and SharePoint
would create a huge new training challenge. We’re still having trouble getting
across how to use network drives.
What Microsoft has not done, that
would really help, is to implement document management and versioning in
the file system. SharePoint doesn’t
count. We don’t need a Web server (e.g.
additional infrastructure) to do basic
document management tasks, just a few
extra bits in the file system. As they say
“keep it simple.”
Thanks to Mary Jo for starting a very
enlightening discussion!
Rich Snow
Boston, Mass.
Life Without Microsoft
I, too, feel that there’s far too much
connectedness in this modern pastiche
of society. Frankly, once past Office 97,
I have little interest in more Offices. I
do databases, for most of my pro life
that means Access, and the last thing I
want to do is to re-learn, again, a new
database just so that Microsoft can have
I am not against Microsoft
but I have a life that does not
include it!
a revenue stream. I am not against
Microsoft but I have a life that does not
include it!
Angus Creighton
Richmond Hill, Ontario, Canada
No Fancy Shmancy
I’m with Foley on this one.
I despise the notion of being “always
available.” What happened to personal
time? When did my job jump from 44
hours a week to 168 hours a week?
I don’t mind not knowing about something until the next day. If people are
going to die or we’re going out of business, my home number is available.
Nor do I want to run the latest fancy
version of Office. I only reluctantly
upgraded to Office XP when I also reluctantly upgraded to Windows XP. The
only time I gladly upgraded Office was
when I went from Office 95 to Office 97.
The version of Office 95 I was running at
the time was designed for Windows for
Workgroups 3.11 and that probably had
something to do with it.
I have a cell phone because my department requires it. Before that, I had a
8 | August 2006 | Redmond | redmondmag.com |
pager. I liked the pager. You could take a
look at it and decide if it was something
you needed to handle right away or not.
With a mobile phone, you get hijacked.
Whether you’re standing in line at the
grocery store, washing your hands in the
bathroom or driving down the interstate,
if you answer your phone, you’re expected to immediately switch from whatever
mode your brain was in to “work” mode.
You’re at the mercy of your co-workers,
family, friends and vendors. That’s a situation I would really rather not be in.
Keep up the fight! I doubt Microsoft
or the business community in general
will slow down its “progress,” but it’s
good to know I am not the only one
who likes to take things slowly.
Jason R. DePriest, GSEC, GCFW
Memphis, Tenn.
10 Years Behind
Forget it. I’m with Mary Jo. I don’t have
a cell phone, Blackberry, laptop, wireless, GPS, etc. either. I do have a big
screen TV and surround sound, however (it’s a guy thing). But I digress …
Our entire office is still running
Office 97 so I guess we are 10 years
behind. Yet there seems no reason to
change, especially considering the cost
involved. Half of the office is still on
Windows 98 because I can’t get them to
upgrade to XP. I have one copy of office
2003 for conversion purposes and it
seems to suffice. Office 2007? Forget it!
Name Withheld by Request
Mentor, Ohio
When information
comes
together,
comes
together,
your software
software puts
puts
your
you at the top
of the
thefood
foodchain.
chain.
of
Information lives at companies that run EMC® software. As one of the world’s largest software providers, we help companies of all
sizes store, manage, protect, and share information. We can do the same for you—across applications, across platforms, across oceans.
Information lives at companies that run EMC software. As one of the world’s largest software providers, we help companies of all sizes
To learn more about how the full range of EMC software can help you and your company move up in the world, visit software.EMC.com.
store, manage, protect, and share information. We can do the same for you — across applications, across platforms, across oceans.
To learn more about how the full range of EMC software can help you and your company move up in the world, visit software.EMC.com
2
EMC, EMC, and where information lives are registered trademarks of EMC Corporation. © Copyright 2006 EMC Corporation. All rights reserved.
EMC2, EMC, and where information lives are registered trademarks of EMC Corporation. All other trademarks used herein are the property of their respective owners. © copyright 2006 EMC Corporation. All rights reserved.
RedmondReport
August 2006
INSIDE:
ISA Server 2006: Similar to
2004, but worth a look-see.
Page 14
Adesso Looks to Mobilize
Application Development
A Q&A with John Landry, co-founder of Adesso Systems.
BY ED SCANNELL
n 1995, shortly after IBM Corp. purchased Lotus Development Corp.,
IBM chairman Lou Gerstner
appointed Landry vice president, technology strategy. His mission: evaluate
disruptive technologies from edge companies so IBM could fit them into some
of its more prominent corporate strategies. But that wasn’t enough disruption
for Landry. That same year, during the
first joint IBM-Lotus sales and marketing meeting, Landry unexpectedly came
on stage dressed as Eva Peron to entertain the group while
Gerstner, his new boss
sitting in the front row,
perhaps wondered what
he had got himself into
in entrusting so much
responsibility to Landry.
Over the past several
years Landry has helped
launch a number of
small software companies, most touting products that threatened to
derail IT law and order. His latest venture, Adesso Systems, is no exception.
The technology allows IT developers
to create, customize, and deploy distributed and mobile applications as
quickly as low-level Web applications.
Landry sat down with Ed Scannell,
Redmond editor, this time in men’s
clothes, to discuss his venture.
big economic trends such as cheap storage and connectivity, although sporadic
connectivity. We already did that in
Notes, which was based on a replication
technology. So given that I know where
all the bodies are buried in replication
architectures in general, we decided the
right architecture for this is a replication model and to build it on a fully
distributed database architecture that
sits on top of existing database management systems. The distributed logic can
run on top of existing platforms but not
be part of the existing platform, allowing us to move information around in ways not
possible before.
Redmond: Where did you get the idea
for Adesso?
Landry: The initial idea was to build an
architecture that exploits some of the
Do you find that many users and
developers are ready to implement
this sort of distributed approach?
Given distributed is a tough concept
I
What is the secret
sauce involved in the
distributed logic?
We have essentially
mapped the global unique
identifiers [GUIDs] into
those [underlying] databases so we can identify
what data is underneath.
We can’t depend on the naming the
database gives us. So hooking up to
something like Oracle and SQL [Server] Express is fairly trivial for us. With
this distributed database layer you are
able to deal with phones and PDA
databases, laptops and desktops, all of
which can participate equally in this
distributed architecture.
for people to think about, we tried to
extract out just the things they really
need to build apps. In our definition
that includes tables, forms, views, filters
and components. The idea is to provide
a design capability that allows you to
very rapidly build apps that take advantage of a distributed architecture right
out of the box. If I build an expense
report system on Saturday, I can replicate it out to all users on Sunday.
Others claim they can do something
similar to this. What is unique about
Adesso?
For us, doing distributed is not just a
matter of moving the data, it is a matter
of also synching and replicating the
design, access control rules, schema,
and content control rules of the database. And this has to happen just
moments before the data is moved.
That is where it gets really hard.
What tools are you making available
for developers?
We have gone extreme on this. The
tool is also distributable, it is part of the
product. So if the administrator gives
you rights to design an application, or
just part of an application, with the tool
built in you can create or change the
design of something quickly and synchronize those changes to all users of
that application. They receive those
changes the next time they synch in.
One of the goals is to make distributed
mobile architectures as easy to build as
an Excel spreadsheet. Developers can
fly at any level [of the architecture] they
need to so a rookie user can build a
| redmondmag.com | Redmond | August 2006 | 11
RedmondReport
simple app and experienced developers
can build and extend it out with C#
DLLs or whatever they are using.
This product appears to do some of
the things that Microsoft’s WinFS file
system was intended do?
It does. Think of this as WinFS today.
At its core [WinFS] is a hybridization
of database technology with files. The
idea [with Adesso] is to let the distributed data base functions be attached to
the file system meaning I can correlate
a file with a record in the database that
Adesso is managing.
Have you shown this to Ray Ozzie at
Microsoft?
Ray likes it a lot. We have a good relationship with Microsoft and it’s getting
even better.
You’re essentially talking about marrying structured and unstructured
data with this product?
Yes. Using what we call crackers, we
can “crack” the metadata out of files
and map it to the relational database.
We can then use the Views capability in
the product on that data to organize,
sort and sequence it, as well as use that
data as a vehicle to synchronize intelligently. The idea is to have an intelligent
distributed file system hooked into distributed database functions.
Will you be positioning this as something that can compete in the composite apps market?
Yes. Any app you build in Adesso,
you can then take pieces of that
application like a form, view, or plugin and turn them into components
and export them into any other application. The more apps you make
the more components you have and
the easier it is to assemble applications. In some cases you can put
together a sophisticated business app
in 30 minutes.
What is Adesso’s business model?
How will you sell this, direct or
through partners?
This will be a big Web play. The development platform we are giving away.
You can download it off the Web and
start developing apps right away. If you
want to put that application back up on
the Web where other developers can
access it and blend it in with theirs.
They can go through our Web site
[Adesso Now Environment] to do that.
You can also host the application you
created there. We will charge you to do
that. That is how we will monetize our
intellectual property to make money
for ourselves and the developers. The
idea is to offer the development environment, hosting environment, and
billing environment all in one. We’ll
even send you the check every month.
The idea is to let all flowers bloom.
Ed Scannell ([email protected])
is editor of Redmond magazine.
Beta Play
Microsoft betas extend SQL Server, Visual Studio lines.
L
ost among the speeches by
Microsoft’s Ray Ozzie and Bob
Muglia on the company’s software and services vision at TechEd, and
the latest demos of key technologies
including Windows Live, was the beta
release of several products. Perhaps chief
among them was the Community Technology Preview (CTP) of SQL Server
Everywhere
and Visual Studio Team Edition for Database Professionals.
The CTP release of SQL Server
Everywhere is a subset of the fullblown version of SQL Server and is
being positioned as a way for admins to
provide an organized data store for
client systems when they’re offline.
Offering an example of its use at the
conference, company officials said an
NewsAnalysis
application could use SQL Server when
it’s connected to a network and then
switch over to a local data store that’s
provided by SQL Server Everywhere
when a user leaves the network.
The added product can also be used
purely in mobile situations by serving as
a data storage platform for Windows
Mobile and Pocket PC developers to
build on. The first beta release, however,
will not support Windows Mobile,
although it will when the finished version is shipped later this year.
The product, which will be offered for
free, supports databases holding up to
up to 4GB of information. It will work
with Windows XP SP2, Server 2003
and the recently shipped Vista Beta 2.
“This looks like it will be useful for
those enterprise guys with SQL Server
and who have a few important mobile
12 | August 2006 | Redmond | redmondmag.com |
applications they need to support. But I
don’t see it as a big play in most enterprises. It will go after a niche market,”
said Mike Drips, an independent consultant to several large companies in
the San Francisco area.
Visual Studio Team Edition
Microsoft also showed off Visual Studio
Team Edition for Database Professionals, promoting it as a way for programmers to collaboratively build database
applications. This release takes the
company one step closer to “Orcas,”
the next major release of Visual Studio
that ties together SQL Server 2005,
Windows Vista and Office 2007.
In the meantime, this latest release
will serve to supply database architects,
developers and administrators with a
foundation for undertaking tasks such
RedmondReport
Keynote Strikes a Chord
Ballmer talks CRM and Security at the WWPC.
I
n perhaps the least surprising
Microsoft product announcement
of the year, CEO Steve Ballmer
finally talked publicly about Microsoft
Dynamics CRM Live, a hosted version of its Customer Relationship
Management (CRM) application
at last month’s Worldwide Partner
Conference in Boston.
“This is the single most inevitable
announcement in the history of
Microsoft,” Ballmer bellowed to several
thousand conference attendees. He said
the upcoming service will be operated
and managed by Microsoft from within
its Windows Live data centers, and
claimed it will offer business partners
and developers another way to address
the CRM requirements of their users.
Microsoft will use the same code base
as the on-premise and partner-hosted
versions of Microsoft CRM. The news
came as something of a relief to those
who expected the company to scrap
most of the existing CRM code base
and build or buy other technology.
Company officials said they plan to
evolve the current code and offer true
multi-tenancy, allowing multiple customer instances of CRM to run
securely on the same infrastructure.
The product will also share the same
meta-driven configuration tools now
used in all versions of Microsoft CRM,
so business partners can develop prepackaged applications once and deploy
them across multiple environments.
Ballmer said CRM Live will be tightly
integrated with Microsoft’s Windows
Live and Office Live services.
Microsoft plans to debut the product in
North America sometime during the second quarter of 2007, and will offer it as a
range of different services on a monthly
subscription basis. There will be no limit
to the number of users the system can
support. Redmond will initially target the
product at small businesses.
Coopetition Call
Also in his keynote address, titled “The
Winning Choice,” Ballmer said
Microsoft would engage in coopetition
with partners and developers, meaning
the company would work with, and
compete against, them in areas
Microsoft has identified as major
opportunities. He asked attendees to
support Microsoft’s efforts and to “place
a bet” on the company and to get
trained on its strategic technologies.
“Search and portal, unified communications and security” are the areas where
partners will have to choose Microsoft or
competitors, Ballmer said. “Those three
businesses we want to build together.”
Ballmer acknowledged it might not be
comfortable for partners to choose. In
the security arena, for example, customers will face a choice of working with
companies like Symantec or McAfee, or
with Microsoft.
“Will you choose to work with us or
your traditional partners?” Ballmer
asked at the conference.
Ballmer promised a full-court press on
security as Microsoft introduces standalone security products for the first time.
In the past, Ballmer noted, Microsoft’s
security efforts focused on hardening the
core products. “Really this year, we will
enter the security market in full force,”
Ballmer said.
— E.S.
as change management, testing, offline
database projects and deploying databases. Company officials said they hope
to ship the finished version by the end
of the year.
Microsoft bolstered its Dynamic Systems Initiative (DSI) by making publicly available its System Center
Operations Manager 2007 beta, the
follow up to Microsoft Operations
Manager 2005. Operations Manager is
the first System Center product to use
the System Definition Model (SDM),
which can help deliver service-oriented
management for Exchange, SharePoint
and Active Directory, plus line-ofbusiness applications.
During his TechEd keynote Ozzie
showed off Microsoft Dynamics AX
Version 4.0 , which allows corporate
developers to create business mashups,
the ability to blend Web-based services
into rapid custom solutions that work
across “disparate systems and information silos,” Ozzie noted. He said the
new product’s server and services capabilities can be accessed directly from
Outlook and through RSS.
Version 4.0 is essentially a suite
of products to help streamline
business processes across a number
of server-based applications and services such as financial information, customer relationships and the supply
chain. The new release offers developers the chance to use Web services to
weave together structured and
unstructured data from several
sources to create a single workflow.
This makes it easier for developers
to gain a complete view of their
business processes.
— E.S.
| redmondmag.com | Redmond | August 2006 | 13
RedmondReport
BetaMan
Déjà Vu
ISA Server 2006 is similar to its predecessor, but
there’s enough new stuff to make it worth a look.
W
hen I first loaded Internet
Security Acceleration
Server 2006 (ISA 2006), I
thought I might have grabbed my old
ISA 2004 CD by mistake. The two versions look identical. If you’ve been following Microsoft’s firewall, you’ve
probably gotten used to seeing drastic
changes between versions. That’s not
the case this time around.
ISA 2006
Version Reviewed: Beta 2
Current Status: Beta 2 (early-2006)
Expected Release: Late ’06/early ’07
That first impression changed once I
spent a few days digging into ISA 2006.
This is a refined upgrade that adds
enough functionality to warrant a close
look by IT shops now running ISA 2004.
Microsoft put a lot of work into
improving server publishing with ISA
2006. Publishing servers is the process
of making the servers on your internal
network or in your demilitarized zone
(DMZ) available to Internet clients.
This is tricky business, because you
must walk a fine line between opening
enough ports to allow access while not
increasing your vulnerability. It is on
this fine line that ISA 2006 really shines.
Launch the correct wizard, fill in the
required information and ISA creates
a rule set for you. No more worrying
about which ports to allow. ISA 2006
includes wizards for publishing the
following:
• Exchange Web Clients—such as
Outlook Web Access (OWA),
RPC/HTTPS, Outlook Mobile Access
(OMA) and Exchange ActiveSync
• Mail Servers running RPC, IMAP,
POP3, SMTP or NNTP
• SharePoint Sites
• Web Sites
You can also publish non-Web/mail
server protocols such as DNS, FTP,
SQL, MMS, Telnet or RDP. There are
117 built-in protocols to work with, or
you can create a custom rule for any
protocol if you know the port number.
When publishing servers you can
choose to restrict access to authenticated users or allow all users full access.
ISA 2006 supports the following types
of authentication:
• Radius: Lets ISA grant domain
authentication without having to join
the ISA server to the domain.
• LDAP: Lets ISA authenticate users
via LDAP without a Radius server and
without joining the domain. You specify the domain controllers to use, and
whether you want to secure communications with LDAPS (Secure LDAP).
• Single Sign-On: Lets users authenticate once with ISA 2006, then access
any number of servers behind it without having to re-authenticate (seamlessly moving between SharePoint sites
and OWA, for example).
• Forms-based authentication: Now
lets you customize forms. There is also a
new level that uses a passcode/password
combination, where the passcode is for
ISA 2006 authentication and the password is for authentication delegation.
• Two-factor authentication: ISA 2006
uses forms-based authentication and a
client certificate for improved security.
• Delegation: ISA 2006 can delegate
14 | August 2006 | Redmond | redmondmag.com |
credentials using NTLM or Kerberos
authentication.
• Digital certificates: ISA 2006 can
assign digital certificates to a specific IP
address on a network adapter.
ISA sports other new publishing features as well. When publishing
Exchange servers, it asks which version of Exchange you’re running and
will only create rules for the features
supported in that version. The wizard
supports Exchange 5.5, 2000, 2003
and 2007. You can also publish a web
farm (groups of servers offering the
same data). In this case, ISA 2006
functions as a load balancer and distributes traffic across all machines in
the farm.
Figure 1. ISA 2006 lets you view and log
traffic as it passes through your firewall.
Next month we’ll look at some of
the other, more granular new features
like content compression and bandwidth control. —
Beta Man has gone under cover to give
you some of the earliest and most
unflinching takes on important software
under development at Microsoft.
ProductReview
Put Your Tasks on Automatic
Automate your task management without learning a new language.
AutoMate 6
Network Automation Inc.
Professional Edition: $995 per machine
Enterprise Edition: $2,995 per machine
Multiple machine packs and volume discounts available
213-738-1700
www.networkautomation.com
BY BILL HELDMAN
Here’s a simple question:
Why isn’t there a Visual
Studio-like interface for
scripting tasks? Why isn’t
there something that lets me
set variables, interact with
systems (whether they’re
logged in or not), run programs, post and retrieve
information from databases,
perform file transfers, connect to disparate systems
using terminal emulation,
interact with Microsoft
Excel and all sorts of other
REDMONDRATING
Documentation: 15% ___ 10
Installation: 10% _______ 10
Feature Set: 35% ________ 9
Performance: 30% ________ 9
Management: 10% ______ 9
Overall Rating: 9
________________________
Key:
1: Virtually inoperable or nonexistent
5: Average, performs adequately
10: Exceptional
Receiving a rating
of 9.0 or above, this
product earns the
Redmond Most Valuable
Product award.
cool admin tricks? Why does
the life of a system administrator have to be so darn
complicated? (OK, that was
actually several questions.)
It may seem like a simple
question, but there’s a lot
more to it than you might
think. It would be great if
there was a program that
instantly brought you a
plethora of visual task scripting capabilities. Better still if
it were organized in such a
way that it was intuitively
obvious what you needed to
do, without flying out of
town to a week-long training
class or having to learn a
specialized, complicated language. Yet it would still have
to be powerful enough to
meet all of your task creation, scheduling and
deployment needs.
Network Automation has
done all this with AutoMate
6. AutoMate is a handy tool
with a well-designed methodology for easily creating and
automating any system task
you could imagine.
Figure 1. Setting up a variable with AutoMate’s wizard-driven interface.
Step by Step
Let me give you an example
of how AutoMate works,
using a simple programming
task as a point of reference.
A programmer’s first effort is
typically a piece of code that
generates the message
Then I was taken to a second
interface called the Task
Builder. The Task Administrator and Task Builder are
the only two interfaces you’ll
need throughout your task
building efforts. You can keep
track of your tasks in Task
AutoMate is a handy tool with a well-designed
methodology for easily creating and automating
any system task you could imagine.
“Hello World.” Using AutoMate to recreate the process
of coding the Hello World
message would mean setting
up some kind of variable and
launching a popup.
First, I used a wizard to create a new shell for a task. I
simply highlighted the task
and selected Steps from the
Task Administrator menu.
Administrator and massage
them in Task Builder.
Once I had created the
shell for the “Hello World”
example, I went to the
Variables section of the Task
Builder Available Actions
pane. There I created a variable called “MyVariable” and
added the string “Hello
World” (see Figure 1).
| redmondmag.com | Redmond | August 2006 | 17
ProductReview
Figure 2. Once you’ve gone through all the options, you can run your task.
Next, I selected Dialogs and Message
Box from the Available Actions pane and
created a popup window (a “Message
Box” in Windows developer parlance).
This window would display the contents
of my variable. By hitting the Run button, I was able to successfully run this
quick little task (see Figure 2). If I had
created a more extensive task, I’d be able
to run it through its steps, set breakpoints at given intervals and debug my
automated script.
This kind of task scripting helps you
tap into the underlying power of exist-
ing Windows code.
You’re really just using a
simple “select your steps
and fill in the blanks”
technique. You don’t have
to sacrifice a thing in
terms of power or capability, though.
With either the Professional or Enterprise version of AutoMate, you
can do almost everything
you would want to do
from a programming
standpoint. It will help
you with file manipulation, securing tasks
through encryption,
administrator notifications, even utilizing secure FTP. The Enterprise
version adds terminal emulation,
SNMP capabilities and audit level
logging. With both versions, you can
use a variety of methods to set up
administrator notification.
ProductReview
Automating on Autopilot
There were only a couple
of very minor annoyances
I came across while using AutoMate.
When you create a new task, you have
to click the Steps button
or right-click the task and select Steps
in order to launch the Task Builder.
Toggling between Task Administrator
and Task Builder could be a source
of confusion.
The Available Actions pane is not
alphabetically sorted right out of the
box. When you choose to sort the list
alphabetically, however, it displays all
AutoMate’s intense automation
capabilities are invaluable. You
don’t have to learn an entirely
new language in order to get it
to build the tasks.
the available selections in a line
instead of grouping them in like categories as it does when they’re unsorted. Why can’t a person easily put the
list into alphabetical order? I don’t
really see this sorting issue as a major
problem. Once you start using the
system, you’ll easily memorize the
location of the various actions you
want anyway.
AutoMate isn’t the cheapest tool on
the block. You purchase licenses by
the machine, so if you want
to deploy tasks to a large number of
computers throughout an enterprise
network, you could get into the tens
of thousands in software costs—even
with the volume discounts.
On the plus side, I really like the
ability of AutoMate 6 to use sounds
and include recorded text playback.
This could be very useful if you need
to record training material so users
have some sort of human guidance as
they surf through a newly deployed
program. The speech is computer
generated, so use it sparingly or it
could become annoying.
Overall, AutoMate’s intense automation capabilities are invaluable. You
don’t have to learn an entirely new
language in order to get it to build the
tasks. AutoMate 6 is BASIC compatible, but you’ll probably never need to
actually go in and maneuver any code.
Also, you can easily modify any of its
numerous setup options.
AutoMate 6 lets you create tasks quickly and on the fly for your Windows
computers. If you want the robustness of
a full-task scripting program without the
hassle of working within a formal programming paradigm, AutoMate 6 is an
outstanding tool. —
Bill Heldman (bheldman@
comcast.net) is an instructor at Warren
Tech, a career and tech ed high school in
Lakewood, Colo. He’s a contributor to
Redmond, as well as to a number of
books for Sybex, including “CompTIA IT
Project+ Study Guide.”
Push Your E-mail.
Trash Your Middleware.
Using Exchange ActiveSync®
technology licensed directly from Microsoft.
Now available for the world’s
most popular smartphones.
RoadSync provides secure, wireless and direct push
synchronization of Corporate Outlook® E-mail, Calendar,
Contacts & Attachments—all in one affordable, scalable
and easy to manage package.
• No middleware server
• No service or subscription fees
• No cradle or desktop sync software
• Secure data transmissions and remote wipe
• Full reliable attachment support for Word, Excel
and PowerPoint® files with
Documents To Go by DataViz
• Office mobility without compromise
Learn how you can eliminate the hassles
associated with mobile e-mail.
Coming Soon for Windows Mobile 2003
Download a free Office Mobility Kit and receive
a 30 day trial. Save time, money and increase
your productivity today.
Call 1.800.733.0030 or visit www.dataviz.com/redmond
| redmondmag.com | Redmond | August 2006 | 19
Mr. Roboto
Automation for the Harried Administrator | by Don Jones
Get Your Shell On
B
y now you’ve probably heard about Windows PowerShell—Microsoft’s new automation buddy. If you
haven’t installed it yet, you really ought to log on to
www.microsoft.com/powershell and get rolling.
Now you’re probably thinking,
“Great. Yet another scripting language
to learn.” Well, not exactly. Sure, PowerShell has a scripting language, just
like the good ol’ Cmd.exe shell. The
difference is that you’re not required to
script to make the PowerShell useful.
In fact, by default, PowerShell won’t
even run scripts.
PowerShell is indeed a total replacement for the old Cmd shell. Fire up
PowerShell and you can run Dir, Net
Share, Copy and all your other
favorite command-line utilities. Of
course, PowerShell isn’t just a replacement for Cmd. It’s much better. For
example, need to know what Service
Pack a particular computer is running? Just run:
Get-WMIObject –class Win32_Operat
ingSystem
–namespace root\cimv2 –computer
DON-PC
–property ServicePackMajorVersion
NeedHelp?
What Windows admin task would you
like to see automated next? Send your
suggestions directly to Don at
[email protected].
You can also send them to
[email protected], just be
sure to include Mr. Roboto in the
subject line.
Assuming DON-PC is the computer’s
name, entering those commands will
get you the information you want. Wait
a minute—that’s not really any easier, is
it? It might seem quicker to use another tool instead of typing all those commands, but this is where PowerShell
really starts to shine.
That’s much less typing. Want to see
what commercial software products are
installed on your target machine?
Gwmi Win32_Product –co DON-PC
That’s super simple. In fact, all you
really need to know is what WMI
classes (like Win32_Product and
Win32_OperatingSystem) are available
for you to use. PowerShell will be
happy to list them all. Just run Gwmi
–list (just add –computer to check a
remote computer’s classes).
Of course, if you actually start scripting with PowerShell, you can bundle
up even more complex statements,
If you actually start scripting with PowerShell, you can
bundle up even more complex statements, control output
formatting and more.
First, you don’t need the –class argument name, because –class is the first
argument Get-WmiObject takes (just run
Help Get-WmiObject to check). The
default namespace is already root\Cimv2,
so you don’t need to specify that. Also,
PowerShell supports aliases, which are
like nicknames for commands. Run
Get-Alias to see them all. Notice that
Gwmi is aliased to Get-WmiObject.
So now we’re down to this:
Gwmi Win32_OperatingSystem –com
puter DON-PC
–property ServicePackMajorVersion
You get the same result with less typing. But hold on, it gets even better.
You only need to type enough of each
argument name to distinguish it from
any other arguments. Try this:
Gwmi Win32_OperatingSystem –co
DON-PC
–pr ServicePackMajorVersion
control output formatting and more.
You’ll see more PowerShell coming
your way in future months. Remember: even if you have no interest whatsoever in scripting (despite that being
a somewhat shortsighted, career-limiting view these days), PowerShell is an
excellent interactive, on-demand tool
for Windows administration.
PowerShell’s strength isn’t limited to
just Windows, either. Exchange Server
2007, Systems Center Operations Manager 2007 (the new name for MOM)
and most future Windows Server System products will base their entire
administrative architecture on PowerShell. That makes PowerShell a onestop shop for running your entire
Windows enterprise.—
Don Jones ([email protected]) is a
contributing editor for Redmond
magazine. He’s currently working on the
book, “Windows PowerShell: TFM”
(www.sapienpress.com).
| redmondmag.com | Redmond | August 2006 | 21
RedmondRoundup
To Serve and to Virtualize
Virtualization on the server side can add up to big savings
in hardware costs.
virtual machine, running on a powerful
“host” server capable of simultaneously
running a half-dozen or more (sometimes many more) virtual servers.
VMware GSX Server
and ESX Server
VMware is the oldest player in the virtualization market. It has two tools for
server virtualization—GSX Server and
ESX Server. Both have essentially the
same goal, which is to recreate a hardware environment in which you can
“install” Intel-compatible operating
systems and software.
For each virtual machine, VMware
creates a virtual keyboard, memory,
hard drive and any other resources typically associated with a physical
machine. The nature and extent of
these resources are dependent on the
host machine’s actual physical peripher-
In this Roundup REDMOND
1=
Virtually inoperable
or nonexistent
5 = Average, performs
adequately
10 = Exceptional
RATING
TING
L RA
RAL
OVE
VMware ESX Server
$1,000 Standard Edition
$5,750 Enterprise Edition
(price per two processors)
]
[20%
ion
mat
Auto
]
[20%
ion
ntat
ume
0%]
Doc
e [2
anc
orm
Perf
%]
0
2
ty [
ibili
Flex
]
20%
ity [
abil
age
Man
BY DON JONES
Server virtualization has evolved steadily since our last close look (see the
October 2004 Redmond Roundup,
“Virtual Servers in the Real World”).
Perhaps the biggest news in the virtualization world these days is that
Microsoft will include its “Hypervisor”
virtual computing technology in Windows Server. This software layer will
also work closely with processor-based
virtualization technologies forthcoming
from Intel and AMD.
The Hypervisor technology will
essentially replace Microsoft’s Virtual
Server 2005, while easing the migration
path for existing Virtual Server 2005
users. That day is at least a year away by
even the most optimistic estimates. The
need for server-class virtual computing,
however, is growing stronger by the day.
There are several distinctions
between server virtualization and workstation virtual computing, which
includes products like Microsoft Virtual
PC and VMware Workstation (see
“Living in a Virtual World,” July 2006).
While the workstation products are
good for software testing, server-class
virtual computing is geared for production environments.
One of the primary goals of server
virtualization is server consolidation.
The idea behind server consolidation is
reducing the number of physical boxes
in your data center without reducing
the number of logical servers. In other
words, you can still run that old Windows NT 4.0 machine you need to in
order to run a mission-critical legacy
application, but it won’t need dedicated
hardware. Instead, it will operate on a
VMware Inc. (an EMC Corp. company)
650-475-5000
www.VMware.com
9
9
8
8
7
8.2
7
9
8
8
9
8.2
8
5
9
8
9
7.8
Microsoft Virtual Server 2005 R2
Available as a free download
Microsoft Corp.
800-642-7676
www.microsoft.com
Virtuozzo for Windows
$1,250 per processor
SWsoft Inc.
703-815-5670
www.virtuozzo.com
22 | August 2006 | Redmond | redmondmag.com |
RedmondRoundup
als, memory, hard drive and so on. For
example, a physical machine with a
10GB hard drive could not run a virtual
machine with a 15GB hard drive.
Figure 1. VMware’s Resource Map view
gives you a look at physical resources
available for your virtual servers.
While the goals are similar, there are
major operational differences between
GSX and ESX. You can install GSX
Server over Linux or Windows. ESX
Server is itself an operating system and
installs on “bare metal.”
The idea behind ESX Server is to create a dedicated virtual hosting machine
that does nothing but host virtual
machines. There’s an obvious performance benefit with a single-purpose OS
like this, but it has its downsides as well.
For example, you can’t make ESX Server
a member of your Active Directory
domain. Nor can you manage it with traditional Windows management
tools (although VMware does provide robust management tools for
ESX Server).
GSX Server provides slightly
less robust performance, but it
runs on top of Windows, which
simplifies management. You can
use familiar tools to manage
your Windows or Linux-based
virtual machines.
You’ll appreciate that VMware’s product line works in a consistent fashion.
The tabbed user interface in VMware
Workstation, for example, lets you
work with multiple virtual machines
simultaneously. On the server side, the
administration client for GSX Server is
nearly identical.
Another nice touch
is that VMware has
created a VMware
Technology Network, or VMTN.
You can acquire virtual appliances
through the
VMTN. These are
essentially pre-built
virtual machines you
can download and
start using immediately, just as if you
purchased a preconfigured server from an OEM. Options
include Web and application servers,
database servers, operating systems and
so on. Companies providing these virtual
appliances include StillSecure, Oracle,
Zeus, Zimbra and Ubuntu.
VMware is introducing a new product
on the server side that will change its
lineup a bit. VMware Server was just
released. VMware is positioning Server
for “users new to server virtualization.”
It comes across as a “GSX Server Lite,”
particularly because it’s free.
VMware Server will eventually
replace GSX Server in the product
lineup, and is clearly a response to
Microsoft incorporating Hypervisor
into Longhorn. It will provide an easy
Figure 2. Virtual Server gives you a
complete status view for your virtual
machines, including I/O activity and
process or status.
migration path to ESX Server when
your needs grow. It will support up to
four virtual machines per processor
core versus ESX’s eight per core.
Because VMware Server is replacing
GSX Server, you’ll be able to purchase
technical support, even though the base
product will be free.
Overall, VMware’s offerings are tops
in terms of manageability. All of its
products support NIC teaming, virtual
machine clustering (including the ability to have different cluster nodes on
different physical hosts), support for
SANs, SAN path failover, hot migration of running virtual machines (called
VMotion, which lets you move a virtual
machine to a different host while the
virtual machine is running), centralized
management for multiple users (via
VirtualCenter) and more.
Microsoft Virtual Server
2005 R2
Virtual Server 2005 is Microsoft’s latest and greatest server-class virtualization product. It will also be the last.
Recently updated to R2, it will soon
fade away as its capabilities are rolled
into Windows Server through Hypervisor. Microsoft has already announced
the newest member of the System
Center family (which includes future
versions of both SMS and MOM)
called System Center Virtual Machine
Manager. This will be a centralized
management solution for data center
virtualization that will ship in late
2007 or early 2008.
Getting back to Virtual Server
2005, one of the biggest changes
to R2 is x64 host support. This
lets it run a crazy amount of virtual machines. With a four-way,
dual-core x64 box holding an
incredible 128GB of memory, I
was able to easily run a dozen
virtual machines with almost no
disk activity.
With the virtual machines’ disks
loaded into RAM, it was an amazing
experience. It reflected a level of per-
| redmondmag.com | Redmond | August 2006 | 23
RedmondRoundup
formance that until then, I had only
been able to achieve with VMware ESX
Server (which again is a dedicated operating system). The only limitation with
Virtual Server R2 is that the guest operating systems (those running on the virtual machines) can only be 32-bit.
With R2 also comes official tech support for running Linux virtual machines.
Virtual Server has always been able to
run Linux as a guest operating system,
but now Microsoft will help you if you
have any problems while doing so. R2
also has a few other useful updates, like
PXE boot capabilities for virtual network adapters and a Virtual Server
Migration Toolkit (for moving physical
machines into virtual machines).
My chief complaint with Virtual Server 2005 has always been its entirely
Web-based administrative interface. I
find it clunky and much less efficient
than VMware’s Windows-based interface. It’s extremely odd that Microsoft
Monitor your network & servers 24/7!
Only
$ 495
for 10
$ 1 IPs;
for 50,275
IP
s!
NEW: VERSION 7 OUT NOW!
Automated monitoring and alerting of all your critical server issues
GFI Network Server Monitor allows administrators to monitor the network for failures or irregularities.
GFI Network Server Monitor is easy to use and supports monitoring for:
•
•
•
•
•
•
•
•
•
Network and servers for software or hardware failures
Status of services
HTTP content, including web page content
Mail servers (includes advanced checks for Exchange Server)
Database servers (supports both SQL Server and MS Access as database backends)
Disk space, services and processes on servers and on users’ workstations
Internet link and SMTP gateways
GFI Network Server Monitor manager
UNIX/Linux services (via SSH)
IMAP, POP3 & SMTP; using special checks which mimic actual network administrator actions!
Download your FREE trial version from www.gfi.com/rnsm/
tel: +1 919 379 3397 | fax: +1 919 379 3402 | email: [email protected] | url: www.gfi.com/rnsm/
24 | August 2006 | Redmond | redmondmag.com |
wouldn’t deliver a Windows application
while their competition does. Microsoft
missed the mark on this one and R2
doesn’t change it in any way.
What Virtual Server lacks in an
administrative interface, it makes up for
in its scriptability and automation. It
has a robust Component Object Model
(COM) interface and comes with a
plethora of VBScript examples that
show you how to automate everything
involved in virtual machine provisioning and management.
Virtuozzo for Windows
Virtuozzo is a slightly different breed
of virtualization. Rather than creating
virtual machines with private virtual
hardware resources, Virtuozzo virtualizes the host operating system. In other
words, when you install Virtuozzo on
Windows Server 2003, your virtual
machines all run Windows Server
2003. This provides significantly less
flexibility, but has other advantages.
You can’t, for example, host legacy
Windows NT machines in Virtuozzo
while you’re simultaneously hosting a
Windows 2000 Server machine. On the
other hand, by not virtualizing the
hardware, Virtuozzo provides significantly better performance for virtual
machines. This lets you run a couple
dozen virtual machines on a single host
server. You could even run more. The
recommended maximum limit is 50.
Therefore, Virtuozzo is perfectly suited for something like consolidating a
Web farm onto one or two massive
host servers. It would also be good for
providing “dedicated” servers to Web
server hosting customers. Each virtual
machine essentially has a private copy
of the host operating system from
which to build. This helps keep
resources separate.
The robust management tools make
it easy to administer the Virtuozzo
environment. It’s easily on par with
VMware. In fact, Virtuozzo also supports cross-host migration of virtual
machines, virtual machine templates,
No More Interrogations –
Just the Facts!
Download Enterprise
Security Reporter
They’ll never second-guess you again.
Enterprise Security Reporter™ is an agent-less, fast, comprehensive discovery and
reporting solution for analyzing file security, group memberships and other security
settings on Windows servers.
Discover
Centrally audit security settings from Active Directory
and Windows servers across your enterprise.
Report
Utilize turnkey reports or create your own with our
intuitive Wizard-based report designer to view the
security configuration of your Windows environment.
Analyze
Compare two discovery “snapshots” to detect changes in
security that have occurred.
Notify
Schedule reports to be delivered via any SMTP-based
e-mail system.
Relax
You have all the answers with Enterprise Security Reporter.
DOWNLOAD a FREE, fully
functional trial version at
www.scriptlogic.com/passthetest
©2006 ScriptLogic Corporation. All rights reserved. ScriptLogic and the ScriptLogic logo are
registered trademarks of ScriptLogic Corporation in the United States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of
their respective owners.
www.scriptlogic.com
1-800-424-9411
Point. Click. Done!
RedmondRoundup
Figure 3. The Virtuozzo Management
Console lets you handle tasks like cloning,
starting and running your virtual servers.
cloning and physical-to-virtual migration tools. You can allocate resources—
like memory—between virtual
machines to help fine-tune performance. Like the other solutions reviewed
here, Virtuozzo offers x64 support,
meaning it can take advantage of the
enormous amounts of RAM you can
pack into an x64 server.
Virtuozzo’s underlying technology is
impressive. Access to kernel-based
resources, for example, passes through
an abstraction layer that ensures if one
virtual machine crashes, it won’t take
the rest of the system down as well.
The bummer for Virtuozzo is simply
its lack of flexibility for running different operating systems on the same host.
Granted, that’s not its goal, but many
Windows enterprises are looking at
server consolidation as a slick way to
reduce hardware costs and overhead
while continuing to run legacy applications and older versions of Windows.
Virtuozzo can’t really help with that,
but if you have a number of homogenous servers you need to consolidate,
Virtuozzo’s worth a good look for its
performance and manageability.
The Virtualization Verdict
Today’s virtualization products are
increasingly mature and robust.
VMware’s GSX Server (and to only
a slightly lesser degree, the new
VMware Server) takes the cake for
its combination of manageability
and flexibility.
You can’t ignore Virtuozzo, but
because it can’t run multiple different
operating systems, you’ll find it suitable for a smaller range of server consolidation and virtualization scenarios.
Microsoft’s Virtual Server 2005 is
powerful, but its Web-based administrative interface is slightly lacking. It
does, however, offer best-in-class
automation capabilities through an
extremely detailed COM interface.
There are many scenarios for which
a company may need a virtualization
platform. Considering the differences
with these three, you should be able
to find one that suits your needs
quite closely.—
Don Jones ([email protected]) is a
contributing editor for Redmond magazine. He’s currently hard at work on his
new book, “Windows PowerShell: TFM”
(Sapien Press).
H'LUHFW6RIWZDUHFRP
7KHZHE·V EHVWGHDOV
RQJHQXLQHVRIWZDUH
0LFURVRIW2IÀFH
3URIHVVLRQDO(GLWLRQ
0LFURVRIW:LQGRZV;3
3URIHVVLRQDO(GLWLRQ
0DFURPHGLD
'UHDPZHDYHU
2QO\
2QO\
2QO\
0LFURVRIW:LQGRZV
+RPH(GLWLRQ
$GREH&UHDWLYH6XLWH
3UHPLXP
2QO\
2QO\
0LFURVRIW2IÀFH
$GREH$FUREDW
6WXGHQW 7HDFKHU(GLWLRQ 3URIHVVLRQDO(GLWLRQ
2QO\
2QO\
0LFURVRIW2IÀFH
6WDQGDUG(GLWLRQ
2QO\
26 | August 2006 | Redmond | redmondmag.com |
Emergency
Response,
Microsoft Style
When malware strikes
Microsoft code, Stephen
Toulouse and the MSRC team
rush in to extinguish the fire.
BY MICHAEL DESMOND
y name alone, you’d expect the Microsoft Security
Response Center (MSRC) to look like something
out of a Gene Kranz memoir—an amphitheater of
workstations like those arrayed before the legendary
NASA flight director. In fact, the MSRC is a benignlooking, oversized conference room buried in the heart
of Building 27 on Microsoft’s Redmond campus.
Stephen Toulouse sits at a long table in the MSRC, a bank
of wide-screen flat panel displays behind him. An MSRC
security program manager since 2002, Toulouse came to
Redmond to help Microsoft establish a more robust
response to the security events plaguing the software giant.
It’s been an up and down ride.
The MSRC was established in 1998, around the time the
CIH virus (also known as Chernobyl) started wiping out
files on users’ hard drives. A year later, the Melissa worm
hauled down networks across the globe. In rapid succession, attacks with names like VBS/Loveletter, Sircam, Code
Red, Nimda, and Klez piled up.
As it turned out, none of these prepared Microsoft for the
hard lessons it would learn at the end of January 2003.
B
| redmondmag.com | Redmond | August 2006 | 27
Emergency Response, Microsoft Style
Jan. 25, 2003
SQL Slammer
Toulouse will never forget the moment he first heard of
SQL Slammer. It was a Saturday morning, and the freshly
appointed MSRC manager was at a local auto shop, having
a new stereo system installed in his Jeep.
“I’m at the shop and over the radio I hear: ‘The Internet
was taken down today by a worm affecting SQL Server,’”
recalls Toulouse. “That was the first I heard of it.”
A few moments later, Toulouse was racing toward Redmond, the interior of his Jeep still torn open from the halffinished installation. He would spend the next two weeks
struggling to investigate and remediate a malware infection that completely overwhelmed his team.
“Our internal network was impacted,” Toulouse says.
“We had guys walking CDs over to microsoft.com servers
to get things to the right places, because we had to rely on
that rather than the network that night. It took close to
two weeks to stabilize the situation.”
Toulouse was tasked with cooking up a packaged update
tool that would automatically let users know if their systems were vulnerable. The orders he was given that day
were simple—don’t stop working, no matter what. “‘Even
if Bill Gates himself comes over and tells you to stop, you
tell him to talk to me,’” Toulouse remembers being told.
Over the next six months, the MSRC would release four
separate fixes for SQL Slammer. Toulouse singles out a few
key lessons from that early challenge. Among them:
• The recovery effort must start from a central core of
first responders
• All key stakeholders must be brought together. “Get all
the smart people in one room,” says Toulouse. “Let’s work
together so everybody is really steeped in it.”
• Updates must be packaged for automatic delivery and
execution to ensure remediation.
Perhaps most important, Microsoft management realized
there had to be a coherent, predictable and well-documented process. The initial response to Slammer was sloppy. Critical stakeholders were scattered across the
Redmond campus. Managers scrambled to produce code
updates. Staffers struggled to maintain communications
and Internet access throughout the event.
Microsoft customers struggled as well. They had no idea
what to expect from the MSRC in terms of guidance and
communication. Those struggles led to a lot of soul
searching at Microsoft.
After the event had passed, then-MSRC Director Mike
Nash went on a months-long road tour, talking to customers about Slammer and learning what they needed for
the next such event.
“I credit actually our customers with a lot of our response
process,” Toulouse says.
28 | August 2006 | Redmond | redmondmag.com |
“You get focused on security,
and where does it come from?
SQL Server. Someplace
completely unexpected.”
— Stephen Toulouse,
Program Manager,
Microsoft Security Response Center
That process today is called the Software Security
Incident Response Process, or SSIRP. The process
documents and codifies MSRC operations, replacing
ad-hoc improvisation with clearly defined roles and
milestones. SSIRP would quickly become the foundation
of all MSRC response activities.
Says Toulouse: “Because at Microsoft we turn nouns into
verbs, you hear, ‘Are we SSIRPing?’ or ‘Have we SSIRPed?’”
Mike Reavey is the operations manager at the MSRC and
the one who’s responsible for managing Microsoft’s
monthly Patch Tuesday releases. He’s the guy who helps
pull the switch that causes a scheduled update to jump the
tracks and be handled as a SSIRP event.
“If the train is on the track and is moving along, we know
the product team and will pull them in,” says Reavey, who
describes an escalation that affected a patch designed to fix
the CreateTextRange flaw in Internet Explorer. “We had
Is our
IT environment
safe?
Can you
prove it?
STOP ALL THE QUESTIONS ABOUT SECURITY!
Download Enterprise Security Reporter.
They’ll never second-guess you again.
•
•
•
•
Instantly view the security configuration of your Windows environment
Create and distribute reports automatically
Centrally audit security settings from Active Directory across the enterprise
Boost confidence of suspicious auditors and nervous CIOs
Know the State of Your Windows Security Instantly!
DOWNLOAD a FREE, fully functional trial version at
www.scriptlogic.com/passthetest
©2006 ScriptLogic Corporation. All rights reserved. ScriptLogic and the ScriptLogic
logo are registered trademarks of ScriptLogic Corporation in the United States and/or
other countries. The names of actual companies and products mentioned herein may
be the trademarks of their respective owners.
www.scriptlogic.com
1-800-424-9411
Point. Click. Done!
Emergency Response, Microsoft Style
Managed
Mayhem
Lessons from the MSRC
Come Together: Whether it’s crisis management or code writing or community relations,
there is a consistent effort made to, as
Toulouse put it, “put all the smartest people
into one room.” That effort has paid major
dividends at the MSRC.
Equip and Prepare: The MSRC isn’t an elaborate setup, but it does come equipped
with redundant Internet connections, ample
communications, and its own fleet of
servers and workstations.
Know Who’s Watching: When a bulletin or
patch is released, Microsoft knows malware
authors are watching. The MSRC limits the
detail in security bulletins to prevent enabling
an early attack, and tracks for exploits based
on previously published patch code.
Get Cultured: It took a famous 2002 Gates
memo—and the eruption of the SQL Slammer
exploit—to change the culture at Microsoft.
The result has been a remarkable transformation, leading to the development of programs
like the Security Development Lifecycle (SDL).
Seek Structure: Patch Tuesday changed
everything for Microsoft and IT managers
alike. By scheduling releases, Microsoft is better able to manage the process, while IT
managers are better able to plan around it.
Seek Advice: To help it deal with and anticipate future threats, Microsoft began sending
reps to Black Hat hacker events to glean
insights. Later, the company established the
Blue Hat Conference—an annual gathering of
security professionals and hackers.
Get Friendly: For years, Microsoft was known
for its stormy relationship with security
organizations, decrying criticisms of its software and offering an opaque window to
researchers reporting flaws to the company.
Today, Microsoft is more open and collaborative, even if friction still exists.
— M.D.
30 | August 2006 | Redmond | redmondmag.com |
an IE update in path, going through its weeks of testing.
We see an issue that gets posted on one of the [hacker]
lists. We see this. We alert to it. We actually knew about
CreateTextRange and were working on it already. This was
just a change in threat level.”
Using processes evolved out of the panic of SQL Slammer, the MSRC today is able to pull in affected product
teams and partners to assess the threat and respond. In the
case of CreateTextRange, the patch was able to launch as
scheduled, on Patch Tuesday, says Reavey.
Of course, not every flaw is so accommodating.
Aug. 11, 2003
Blaster
“2003. That year really marks a huge amount of information consumption, looking at best practices, and dealing
with incidents and learning from them to create the
processes we’re using today,” says Toulouse.
The Blaster worm was really the first test of the lessons
learned from SQL Slammer six months before. Blaster
tapped a flaw in Remote Procedure Call (RPC)-DCOM
present in Windows XP and 2000, directing infected systems to flood Microsoft’s Windows Update site with traffic.
“From mobilization to execution, we were able to move
much more quickly than Slammer, in a much more disciplined way. We had several contingency plans and a number of things in place to blunt that attack. We had no
interruption at all.”
Toulouse credits the four-stage MSRC process, which follows the steps below:
• Watch Phase: The MSRC constantly monitors mailing
lists, newsgroups, MSN traffic and input from security
researchers. Often, reports come in via the
[email protected] e-mail, which MSRC staffers monitor constantly for hints of trouble.
• Alert Phase: The MSRC alerts product teams, security
program managers and third parties such as the Global
Infrastructure Alliance for Internet Safety (GIAIS) group
of ISPs to help mobilize to a possible threat.
• Assess and Stabilize Phase: This is the process of
judging the threat and crafting the remediation. A threat
affecting very few users may be elevated to a SSIRP event
if the payload is destructive enough, for example.
• Resolve Phase: The final phase includes the release of
security bulletins, patch code, systems guidance, and other
remediation content. Once the resolution is complete, the
team returns to the watch phase, looking specifically for
issues with or related to recently released updates or bulletins.
With Blaster, the MSRC significantly stepped up communications—a key learning from the Slammer event—
IS YOUR
WEBSITE
HACKABLE?
FIND OUT WITH OUR
FREE SECURITY SCAN!
We will check your website for:
• SQL injection
• Cross site scripting / XSS
• Google hacking
• Directory traversal attacks
• Other web vulnerabilities
www.acunetix.com
FREE SECURITY AUDIT
Sign up for your free audit at: http://www.acunetix.com/security-audit/
Emergency Response, Microsoft Style
“It was a very large
event for customers.
It had the ability to
threaten customers’
ability to get
updates.”
— Stephen Toulouse,
Program Manager, Microsoft
Security Response Center
launching a series of webcasts and more detailed security
bulletins. The effort would soon extend to e-mail alerts,
RSS feeds, Web blogs and, ultimately, give rise to the formalized monthly updates known as Patch Tuesday.
“Five years ago I used to say we wrote the best bulletins no
one ever read. And now, everyone reads the bulletins,” says
Christopher Budd, security program manager in the MSRC.
“It’s a mainstream thing. To meet that broader audience
we’ve had to step up with broader communications.”
Despite the success, the stakes were high. Blaster hoped
to disrupt the Windows Update service, using a distributed denial of service (DDOS) attack to prevent
Microsoft from pushing patches out to millions of PCs
and servers. A botched implementation in the malware
made it easy for Microsoft to sidestep the attack. Still, the
vulnerability forced Microsoft to look closely at the
behavior of its own software—in this case, RPCDCOM—and ask some hard questions.
“Are you listening on the network? Why are you listening
on the network? Do you need to be listening on the network?” asks Toulouse in rapid succession. “Are you anonymous? Why are you anonymous? Do you need to be
anonymous? Blaster forced them fundamentally to rethink
some assumptions.”
Blaster motivated Microsoft to introduce a malware
removal tool as part of its response. It was the first time
Microsoft had taken such a step, and foretold broader solutions from Microsoft such as Microsoft AntiSpyware (now
called Windows Defender) and Microsoft OneCare.
32 | August 2006 | Redmond | redmondmag.com |
It led also to one other Microsoft innovation, says
Toulouse. “Blaster was one of the key things in the
decision to enable the firewall by default in [Windows]
XP SP2.”
April 30, 2004
Sasser
By the time the Sasser worm emerged, about eight
months after Blaster, the MSRC was in full stride.
The group had moved into its current digs—an expansive
conference area outfitted with redundant communications,
dedicated servers and workstations, and unfiltered connections to the Internet. Changes were also reaching far
beyond the walls of the MSRC conference area.
“There are dedicated security program managers with
product teams now. Their whole job is to work with
the MSRC,” says Toulouse. “To me, these changes are
really partly responsible for making the process work as
efficiently as it does today.”
In fact, it was this efficiency that helped Microsoft
stave off the worst effects of the Sasser worm, when it
struck on the last day of April 2004. Sasser was based on
a known vulnerability that had been patched just two
weeks earlier.
“We had the same things with Sasser as we did with
Blaster,” says Toulouse, “but they all occurred orders of
magnitude sooner.”
-…iʍÕÃÌÊ
`ˆÃ>Li`ʅiÀÊ
>˜ÌˆqۈÀÕÃÊ
ÜvÌÜ>Àit
iÀÊ*
ÊÀ՘ÃÊv>ÃÌiÀ]ÊLÕÌÊÅi½ÃÊ
iœ«>À`ˆâi`Ê̅iÊi˜ÌˆÀiÊVœ“«>˜Þ°
Þʅœ}}ˆ˜}ÊÃÞÃÌi“ÊÀiÜÕÀViÃp>˜`ÊvÀÕÃÌÀ>̈˜}Ê
ÕÃiÀÃp‡ÌÀ>`ˆÌˆœ˜>Ê>˜Ìˆ‡ÛˆÀÕÃÊ܏Ṏœ˜Ãʏi>ÛiÊ
ޜÕʏiÃÃÊ«ÀœÌiVÌi`°
˜ÃÌi>`]Ê}iÌÊÀˆÃœvÌÊ6ʘ̈‡6ˆÀÕÃÊÜvÌÜ>Ài°Ê
7ˆÌ…ʈÌÃÊi>ÃÞÊ>˜`ʈ˜ÌՈ̈Ûiʈ˜ÌiÀ v>Vi]Ê
ÀˆÃœvÌÊ6ʘ̈‡6ˆÀÕÃÊÜvÌÜ>ÀiÊ`œiؽÌÊLœ}Ê
`œÜ˜ÊÃÞÃÌi“ÊÀiÜÕÀViÃÆʈ˜ÃÌi>`]ʈÌÊܜÀŽÃÊ
µÕˆVŽÞÊ>˜`ÊÃi>“iÃÏÞÊLi…ˆ˜`Ê̅iÊÃVi˜iðÊ
>ÃÞÊ`“ˆ˜ˆÃÌÀ>̈œ˜
7ˆÌ…Ê6]Ê̅iÊ«ÀœÌiV̈œ˜ÊޜÕÊ
˜ii`ÊV>˜ÊLiÊVi˜ÌÀ>Þʈ˜ÃÌ>i`Ê
>˜`ʓ>˜>}i`]Êȓ«ˆvވ˜}Ê
>`“ˆ˜ˆÃÌÀ>̈œ˜°Ê̽ÃÊ>˜œÌ…iÀÊ
Ü>ÞÊ6ʘ̈‡6ˆÀÕÃÊÜvÌÜ>ÀiÊ
“>݈“ˆâiÃÊޜÕÀÊ«ÀœÌiV̈œ˜°
7ˆÌ…Ê“œÀiÊ̅>˜Ê{äʓˆˆœ˜ÊœÞ>ÊÕÃiÀÃÊ
ܜÀ`܈`i]ÊÀˆÃœvÌʈÃÊ̅iÊLiÃÌÊV…œˆViÊvœÀÊ
«iœ«iÊ>˜`ÊVœ“«>˜ˆiÃÊÃiiŽˆ˜}ʓ>݈“Õ“Ê
«ÀœÌiV̈œ˜Ê>}>ˆ˜ÃÌÊۈÀÕÃiÃ]ʅ>VŽiÀÃÊ>˜`Ê
ˆ`i˜ÌˆÌÞÊ̅ivÌ°Ê
ÊÀˆÃœvÌÊ܏Ṏœ˜ÃÊ>ÀiÊ>Û>ˆ>LiÊ
܈̅ÊӇÞi>ÀʏˆVi˜Ãið
,ÊÎä‡9Ê/,o
ÜÜÜ°}ÀˆÃœvÌ°Vœ“É`œVÉÀi`“œ˜`
"7Ê}iÌÊëÞÜ>ÀiÊ
«ÀœÌiV̈œ˜Ê܈̅Ê
i܈`œÊ>˜Ìˆ‡Ã«ÞÜ>ÀiÊ{°ä
*ÀœÌiV̈˜}ʈ˜vœÀ“>̈œ˜ÊȘViÊ£™™£
-iiÊ̅iÊVœ“«iÌiʏˆ˜iʜvÊ6Ê܏Ṏœ˜ÃÊvœÀʅœ“iÊ
ÕÃiÀÃ]ÊÓ>ÊLÕȘiÃÃiÃÊ>˜`ʏ>À}iÊi˜ÌiÀ«ÀˆÃið
/œÕ}…Êœ˜ÊۈÀÕÃiÃ]Êi>ÃÞʜ˜ÊÕÃiÀð
Emergency Response, Microsoft Style
“We had children born during
Sasser. I had a dog die during
Sasser. You can’t schedule
this—it’s not easy.”
–Stephen Toulouse,
Program Manager,
Microsoft Security Response Center
But Sasser also confirmed a troubling fact. When
Microsoft releases a bulletin or patch, malware writers are
watching. Closely.
“Actually creating the fix for a specific issue that comes in
usually doesn’t take that long,” says Budd. “But then it
widens. You fix the issue and then you fix surrounding or
similar issues. We know that when we release a security
update for an issue in component XYZ, that draws attention to that area.”
That’s exactly what happened with the April 13 patch,
which was part of security bulletin MS04-011. It’s widely
believed Sasser was produced by reverse engineering the
patch to access the vulnerability. Anyone who had failed to
deploy the MS04-011 patch found themselves in the
crosshairs of the worm.
34 | August 2006 | Redmond | redmondmag.com |
Making matters more difficult, patch coders must contend with almost outrageous complexity. “Ten versions of
Windows, 27 different languages,” says Budd. “That’s 270
different Windows updates.”
Testing that many permutations is a process that can take
weeks, or even months. The MSRC works with Microsoft
product teams to expedite and scale the proving process,
using a tightly automated, scripted process. But all it takes is
a single failure to send the coders scrambling to fix the fix.
“When you look at the breadth of people running Windows and you look at the infinite software combinations,
the law of large numbers starts to take affect,” says
Toulouse. “A million people—that is still a big number no
matter how you put it from a percentage standpoint. So
now you’re sunk. That’s why the goal and the focus have to
be around quality, and that takes time. There have been
updates that have taken many test passes.”
And even after release, the work is ongoing.
“There is also the post-release monitoring for customer
issues,” explains Reavey. “It honestly never ends … when
you think about it.”
Sasser also proved out the need for Microsoft’s Software
Development Lifecycle (SDL) program, which fundamentally changed the way code is written at Microsoft. Mike
Howard, senior security program manager at Microsoft,
says SDL is a critical foundation to secure systems.
“You can have all the established definitions you want—
encryption, firewalls—and all it takes is a bad implementation or bug in the code, and all that was laid bare.”
Howard, who co-authored the book “Writing Secure
Code,” says his group acts like an internal consulting
organization, working with different product teams to
deliver programmer training, specs, code review and testing, and other services.
Asked how big the change was for coders at Microsoft,
Howard smiles. “Just a little.”
The rigorous training and review—including automated
fuzz testing that helps find buffer overflow weaknesses—
has paid huge dividends. The number of security bulletins for SDL-enabled products like Windows Server
2003 and SQL Server 2005 are significantly lower than
earlier versions.
Dec. 27, 2005
WMF Zero-Day Exploit
SQL Slammer, Blaster and Sasser all shared a common
thread: They exploited previously known flaws in
Microsoft code—flaws that had already been patched.
The WMF Zero-Day exploit attacked from an unforeseen direction, infecting any system that so much as displayed a malformed WMF graphics file, whether in a
Š
5$'0,1
VXSHUVRQLFUHPRWHFRQWURO
ZZZUDGPLQFRPUDGPLQ
5$'0,1LVWKHPRVWVHFXUHDQGUHOLDEOHUHPRWHFRQWUROVRIWZDUHGHVLJQHGWR
PRQLWRUVXSSRUWRUZRUNRQUHPRWHFRPSXWHUVLQYLUWXDOO\UHDOWLPH5$'0,1KDV
SURYHQWREHLQFUHGLEO\IDVWDQGHDV\WRXVHDSSOLFDWLRQ5$'0,1LVDFRPSOHWH
UHPRWHFRQWUROVROXWLRQWKDWKDVDOOPLVVLRQFULWLFDOIHDWXUHV:LWKWKHLQYHQWLRQRI
'LUHFW6FUHHQ7UDQVIHUŒ7HFKQRORJ\5$'0,1UHPRWHFRQWUROVRIWZDUHGH¿QHVQHZ
VWDQGDUGVLQWKHLQGXVWU\
*HQHUDOFKDUDFWHULVWLFV
0LOLWDU\JUDGHVHFXULW\
3HUIRUPDQFH
6XSHUVRQLFYHKLFOHVSHFL¿FDWLRQV
)XOO\26LQWHJUDWHG17VHFXULW\V\VWHPZLWK
17/0YVXSSRUW
,3¿OWHUWDEOHWKDWUHVWULFWVUHPRWHDFFHVVWRVSH
FL¿F,3DGGUHVVHVDQGQHWZRUNV
6HUYHUSDVVZRUGSURWHFWLRQ
$GYDQFHGELW$(6HQFU\SWLRQIRUDOOVHQGLQJ
DQGUHFHLYLQJGDWD
$XWKHQWLFDWLRQEDVHGRQ'LI¿H+HOOPDQH[FKDQJH
ZLWKELWNH\VL]H
.HUEHURVVXSSRUW
&RGHWHVWLQJGHIHQVHPHFKDQLVPWKDWSUHYHQWV
WKHSURJUDP¶VFRGHIURPEHLQJDOWHUHG
6PDUWSURWHFWLRQIURPSDVVZRUGJXHVVLQJ
,QFRUUHFW6HUYHUFRQ¿JXUDWLRQVSUHYHQWLRQ
*HQHUDWLRQRIXQLTXHSULYDWHNH\VIRUHDFKFRQ
QHFWLRQ
6XSHUVRQLFIUDPHSHUVHFRQGVSHHGRQ/$1
IUDPHVSHUVHFRQGRUPRUHRQPRGHP
3RZHUSODQW'LUHFW6FUHHQ7UDQVIHU70
:HLJKW0E
)HUU\UDQJHXQOLPLWHG
:LQJVSDQYDULDEOHJHRPHWU\GHVNWRSVL]HG
7\SH0XOWLUROH6XSHUVRQLF5HPRWH&RQWURO
0DQXIDFWXUHU)DPDWHFK
'HVLJQHGE\'PLWU\=QRVNR
0DLGHQÀLJKW0DUFK
9LQWURGXFHG-XQH
6WDWXVDFWLYHVHUYLFH
1XPEHUEXLOWPLOOLRQV
3ULPDU\XVHUXSWRGDWHEXVLQHVVDOORYHUWKH
ZRUOG
8QLWFRVW86VTXDGURQGLVFRXQWVDYDLODEOH
$UPDPHQW
6HFXUHYRLFHDQGWH[WFKDWIHDWXUHV
)LOHFDUJRWUDQVIHU
7HOQHWDQGRWKHUXVHIXOWRROV
7ULYLD
1RFRPSHWLWLRQLQGXVWU\EUHDNWKURXJK
6XSHUVRQLF)36UDWLR
/RZHVWSURFHVVRUXVH
0LQLPXPWUDI¿FFRQVXPSWLRQ
8OWLPDWHVHFXULW\VWDQGDUGV
3ULFHUDQJH
2SHUDWLRQDOKLVWRU\
FRPSDQLHVRI)RUWXQHOLVWZLWKZLGH
JHRJUDSKLFVSUHDG
1RUWK$PHULFD
6RXWK$PHULFD
(XURSH
$XVWUDOLDDQG2FHDQLD
$VLD
$IULFD
7\SLFDOFRPEDWXVH
&RUSRUDWH
6PDOODQGPHGLXPEXVLQHVV
+HOSGHVNSURYLGHUV
7HOHFRPPXWLQJ
(GXFDWLRQDO
+RPH
‹)DPDWHFK,QWHUQDWLRQDO&RUSRUDWLRQ
5DGPLQŠDQG5HPRWH$GPLQLVWUDWRUDUHUHJLVWHUHGWUDGHPDUNVRI)DPDWHFK,QWHUQDWLRQDO&RUS
Emergency Response, Microsoft Style
Web browser, an e-mail message, or even the Windows
image editing program.
Microsoft had no warning that the exploit was coming,
and the sneak attack plunged the MSRC into brief disarray. The MSRC initially said a patch would be released on
Patch Tuesday—two weeks away—then reversed direction
and said a patch would come early. It arrived on Jan. 5,
2006, the Thursday before Patch Tuesday.
In fact, WMF had IT professionals clamoring for the bad
old days, when Microsoft would release a patch as soon as it
was ready, rather than on a predictable, monthly schedule.
Recalls Budd: “We would build the updates and write the
bulletin, and when they were ready, we posted them. We
heard from customers. The randomness of the process—
we were just throwing a hand grenade into their inbox.”
But when Microsoft announced that a WMF fix would
arrive on Patch Tuesday, the industry howled. Budd, however, says Microsoft moved the WMF fix forward (‘out of
band’ in Microsoft parlance) when the code came together
more quickly than expected.
“That was a case of where, due to the targeted nature of
the fix and relatively esoteric nature of the functionality,
we were able to … achieve confidence more quickly than
we thought,” says Budd.
The early release did little to stem criticism, which
reached a crescendo in the days after Microsoft’s initial
pronouncement.
“We face a lot of opinion around timing. There’s nobody
more dedicated and more driven about getting these
updates out than the MSRC,” says Toulouse, who points to
the bigger picture issue with patches. “We cannot introduce a new problem into customer systems. They’ll distrust the updates—they will not apply them.”
It’s a real concern. Yet the MSRC faced the issue—for the
first time—of a third-party authored patch gaining the recommendation of respected security organizations like The
SANS Institute. For Johannes Ullrich, CTO of the SANS
Institute, the critical nature of the flaw left his organization
little choice.
“The WMF thing—it was bad, people were exploited,”
says Ullrich. “If the exploit is already known and out there
I don’t see harm in [releasing a beta patch]. Do it and at
least be able to help people.”
Toulouse says the MSRC was on top of the threat, releasing bulletins, blogs and guidance to help sidestep the
threat in advance of a patch. Still, the WMF event revived
some of the historical antagonisms between Microsoft and
the security community.
“Our relationships with security researchers have not
always been pleasant—there were times when it was a little
rocky,” Toulouse admits. But he’s quick to point out that
the level of collaboration with researchers, hackers and
others has improved dramatically over the years.
Ullrich agrees, though he looks for more progress
going forward.
36 | August 2006 | Redmond | redmondmag.com |
“The thing that struck me during the WMF episode
was that they didn’t really seem to have the hacker mind.
They approach it with kind of the attitude of, ‘as long as
it’s not yet done in the wild it doesn’t exist,’” says Ullrich. “There obviously seems to be quite a bit of confusion in their organization when something like WMF
comes out.”
A Whole New World
If the MSRC has done one thing since its inception, it’s to
impose order on a chaotic environment.
“We’ve eliminated as much of the surprise as we can,”
says Budd, singling out the bulletins that detail upcoming
patch activity the Thursday before release. “We give them
as much information as we can, for high-level planning,
without jeopardizing security.
“The regularity lets us de-emergency-ify the process. In
this arena, boring actually is a virtue. We want to make it
as boring as possible. The regularity lets us make it as boring as possible.”
But as the MSRC evolved, so did Microsoft. A company
that once pushed deep application and OS integration at
every turn is today obsessed with securing code and ensuring the integrity of programmatic links.
“If you had a developer at Microsoft 10 years ago, that
developer was going ‘cool feature, cool feature, cool feature,’” Toulouse says. “Now that developer is thinking,
‘I’ve got a cool feature, used correctly it could do this. But
now I have to consider what could happen if it’s used
another way.’”
The SDL program is the most dramatic symptom of
this change. In fact, the effort has been so successful that
malware writers are shifting to softer targets. Specifically,
end users.
“You are probably going to see fewer and fewer Internetwide attacks. I think what you’re seeing now is a move
from the operating system to the application layer, with
really targeted attacks,” says Toulouse. “What we’re starting to see are more and more targeted attacks and more
social engineering.”
New challenges lie ahead. Zero-day exploits. Sophisticated phishing- and social engineering-based attacks.
Toulouse has no doubt that security concerns and events
will have him racing into Redmond in the middle of the
night many more times.
“I can tell you how long it takes to get to this room from
my home at three in the morning, hitting all the green
lights,” Toulouse laughs.
“In the end, it’s a journey, not a destination. We will continue to make mistakes and we will continue to learn from
our mistakes.”—
Michael Desmond ([email protected]) is the editor
at large for Redmond.
You do it all the time.
Do you think
the bad guys won’t?
Sunbelt Messaging Ninja:
Kill viruses, spam, and bad attachments
Other attachment filters don’t filter
attachments: They filter extensions.
Anyone can change extensions. And the bad
guys don’t need an FAQ to show them how. It’s
an easy trick—at least it was. Until now. Meet Sunbelt Messaging
Ninja—the new all-in-one, best-of-breed, third-generation
messaging security solution: Ninja is a plug-in framework that
integrates best-of-breed
antivirus, antispam,
and SMART* attachment-filtering modules
on your Exchange
server. Full control:
The policy-based plugin architecture allows you powerful, granular control. You can finally
rule with an iron fist. SMART attachment filtering: Ninja features
the first flexible policy-based attachment filter that isn’t fooled by extensions. It looks inside files to determine their true identity. Your policies
decide what
happens to all
attachments
SM
based on criAttac ART ™
hmen
teria such as inbound and outbound
t
email direction and internal or external
recipients. Dual-engine antivirus:
Ninja combines the power of two high-quality
AV engines: Authentium and BitDefender. Dual-engine antispam:
Ninja’s spam filtering decimates junk mail with both Cloudmark (which
includes antiphishing) and Sunbelt’s own heuristics-based iHateSpam
engines. And, of course, it also supports RBLs and SPF.
FREE attachment filter: For a limited time you can have Ninja’s
attachment filter for FREE. It’s full-featured. Not crippleware. All you
have to do is download it at www.sunbelt-software.com/ninjared.
TM
FREE
Filter
Sunbelt Software Tel: 1-888-NTUTILS (688-8457) or 1-727-562-0101 Fax: 1-727-562-5199 www.sunbelt-software.com [email protected]
*Suspicious Mail Attachment Removal Technology™
© 2006 Sunbelt Software. All rights reserved. Sunbelt Messaging Ninja, SMART and Suspicious Mail Attachment Removal Technology are trademarks of Sunbelt Software. All trademarks used are owned by their respective companies.
Back to Basics Quiz:
Are You the Master of Your
Windows Domain?
BY DOUG BARNEY
& MICHAEL DESMOND
Y
ou may be a genius with
AD, a master crafter of
applications and a conqueror of collaboration. In
all the excitement, though,
you may be forgetting
something. With so many
products, technologies and outright
threats to wrestle with, it can be easy
even for seasoned IT pros to forget
the fundamentals.
So put down the plan for that big
Web 2.0 project for a minute, and
take a moment to make sure you’ve
covered all your IT bases with this
quick quiz.
Backup and Recovery
Do you perform regular data backups?
Yes [5 points]
No [0 points]
Does your backup strategy involve off-site
tape rotation for disaster recovery purposes?
Yes [5 points]
No [0 points]
If Yes, is the off-site location far enough away that it
won’t be hit by a region-wide disaster?
Yes [5 points]
No [0 points]
Do you incorporate special, additionally scheduled
backups for archival purposes?
Yes [5 points]
No [0 points]
Do you perform periodic restores to verify backup
data? If so, how often?
Never [0 points]
Monthly [5 points]
Quarterly [4 points]
Bi-annually [3 points]
Annually [1 points]
Do you have an information lifecycle management
(ILM) strategy that includes offsite backup for
disaster recovery?
Yes [5 points]
No [0 points]
Does your backup strategy extend to remote offices?
Yes [5 points]
No [0 points]
Password Policy
Do you require complex passwords with a mix of numbers and symbols?
Yes [5 points]
No [0 points]
If not, do you require passphrases of greater than 15
characters that include spaces?
Yes [5 points]
No [0 points]
| redmondmag.com | Redmond | August 2006 | 39
Back to Basics Quiz: Are You the Master of Your Windows Domain?
Do you specify a minimum number of characters for
passwords? If so, how many?
No minimum [0 points]
4-6 [2 points]
7-13 [3 points]
14 or more [5 points]
Do you require end users to change their passwords?
Never [0 points]
Every month [5 points]
Every two months [4 points]
Once a year [2 points]
If so, does this password change policy also affect
Unix users?
Yes [5 points]
No [0 points]
Have you presented user training on information
security, social hacking, and the importance of strong
passwords and protection of data?
Yes [5 points]
No [0 points]
Have you hired a professional security company to
perform a security assessment involving penetration
testing?
Yes [5 points]
No [0 points]
If Yes, have you incorporated the suggestions of that
testing into your operations?
Yes [5 points]
No [0 points]
Do you incorporate policies that enforce screen
saver locks when users walk away from their
machines?
Yes [5 points]
No [0 points]
Have you deployed anti-virus software across the
enterprise? What platforms have you deployed to?
Not deployed [0 points]
Clients only [2 points]
Clients and servers [3 points]
Clients, servers, and gateways
[5 points]
How often are virus signatures updated?
Hourly [5 points]
Daily [4 points]
2-3 times per week [3 points]
Weekly [2 points]
Monthly [1 points]
Not updated regularly [0 points]
Have you deployed anti-spyware software?
Yes [5 points]
No [0 points]
Do you have a proven ability to remove spyware if
machines are infected?
Yes [5 points]
No [0 points]
Does anti-virus and anti-spyware protection extend to
company laptops not regularly attached to the network?
Yes [5 points]
No [0 points]
Do you employ a spam filter?
Yes [5 points]
No [0 points]
Have you secured both your externally facing and
internal SMTP servers against unauthenticated relay?
Yes [5 points]
No [0 points]
Malware Management
Are users trained in how to minimize spam (such as
do not reply)?
Yes [5 points]
No [0 points]
What rights level do most of your end-users operate at?
Administrator [0 points]
Power User [3 points]
Limited Rights [5 points]
Is your company in compliance with the Can-Spam Act?
Yes [5 points]
No [0 points]
Have you implemented a plan to adopt leastprivileged user rights?
Yes [5 points]
No [0 points]
Have you deployed an asset management system
that automatically inventories machines for licensed
software?
Yes [5 points]
No [0 points]
Do you have proof of ownership of all your software
licenses?
Yes [5 points]
No [0 points]
Vendor Management
Do you have rules for buying from a startup?
Yes [5 points]
No [0 points]
Do you look at the finances of smaller vendors you buy
from?
Yes [5 points]
No [0 points]
Do you require source code in escrow from less secure
vendors?
Yes [5 points]
No [0 points]
Do you make sure that mission critical tools are only
bought from financially secure vendors?
Yes [5 points]
No [0 points]
Does your IT team have a plan to either support a
product if the vendor goes under or a plan to switch to
another tool?
Yes [5 points]
No [0 points]
Online Application
Management
Do you prohibit or manage public network IM traffic
and clients on your network?
Yes [5 points]
No [0 points]
Do you monitor and/or filter IM traffic?
Yes [5 points]
No [0 points]
License Management
Are you comfortable that you are in compliance with
software licensing?
Yes [5 points]
No [0 points]
40 | August 2006 | Redmond | redmondmag.com |
Do you have a way of controlling what IM clients are
installed on local machines?
Yes [5 points]
No [0 points]
Back to Basics Quiz: Are You the Master of Your Windows Domain?
Do you prohibit or manage remote access applications
like VNC or GoToMyPC on your network?
Yes [5 points]
No [0 points]
Is your monitoring system tuned to eliminate or
reduce false positives and false negatives?
Yes [5 points]
No [0 points]
Do you get Microsoft Security Bulletins as soon as
they appear?
Yes [5 points]
No [0 points]
Do you prohibit or manage peer-to-peer on
your network?
Yes [5 points]
No [0 points]
Do you have a policy in place such that system
administrators know what to do when a page occurs?
Yes [5 points]
No [0 points]
Does your patch management policy include service
level agreements including metrics for time-to-patch
and compliance percentage?
Yes [5 points]
No [0 points]
Do you have a standard for peer-to-peer?
Yes [5 points]
No [0 points]
Do you have an out-of-band notification system for
your employees to notify them of issues when the email system is down?
Yes [5 points]
No [0 points]
Do you have a way of controlling what is installed?
Yes [5 points]
No [0 points]
General Security
Active Directory
Does your backup solution include backups of your
Active Directory database?
Yes [5 points]
No [0 points]
Do you have a plan in place for an AD restore in case of a
lost object, domain controller, domain or forest?
Yes [5 points]
No [0 points]
Have you appropriately locked down Domain Administrator rights to as few people as possible?
Yes [5 points]
No [0 points]
Do you have a policy to ensure your Schema Admins
and Enterprise Admins group remains empty of users
until they require access for a particular purpose (least
privileged policy)?
Yes [5 points]
No [0 points]
Management and
Monitoring
Do you incorporate automated systems management
in your network (like Altiris or SMS) that includes an
inventory function?
Yes [5 points]
No [0 points]
Do you have a monitoring solution in your network
that incorporates pager or phone notification when
systems go down or hard drives die?
Yes [5 points]
No [0 points]
When was the last time you performed a risk/security
assessment?
Less than one year ago
[5 points]
One to two years ago
[3 points]
Two to four years ago
[2 points]
More than four years ago
[1 points]
Never [0 points]
Do you have a security policy? Is it documented and
are end users aware of points relevant to them such as
acceptable use?
Yes [5 points]
No [0 points]
Do you have a short-cut path for highly critical patches
in your process?
Yes [5 points]
No [0 points]
Do you have IDS/IPS to augment your firewalls?
Yes [5 points]
No [0 points]
Do you have an action plan in place to handle
extended emergencies?
Yes [5 points]
No [0 points]
How Good Are You?
Add up your score and see where you fall:
[305 to 241]
Domain Controller: You’ve mastered your
domain and you’re ready to take on new
challenges. Do you have your eye on the
CIO’s office?
Do you have a patch management policy?
Yes [5 points]
No [0 points]
[240 to 181]
Human Firewall: Your network is in good
hands. Security is solid and operations are
efficient, but there’s always room for some
fine-tuning.
Does your patch management policy include provisions for laptops not necessarily attached to your
network or users’ home machines attached to work
via VPN?
Yes [5 points]
No [0 points]
[180 to 121]
Tech Plugger: You’ve made a fair showing,
but your techniques and tactics need
improvement.
Are your wireless networks protected with strong
encryption?
Yes [5 points]
No [0 points]
Do not use wireless networks
[5 points]
42 | August 2006 | Redmond | redmondmag.com |
[120 to 61]
Security Slacker: You had better pick it up or
you’re going to get picked off. Your network
is low hanging fruit for hackers.
[60 to zero]
IT Idiot: You need to find another line of
work—please.
Citrix Education
Has Rolled Out New,
Advanced Certifications...
...and IT professionals
everywhere are celebrating.
With advanced certifications and training, IT professionals
now can provide the best access experience by:
• Designing and building the most efficient Citrix environments
• Providing optimal support for Citrix Access SuiteTM products
• Drastically reducing implementation costs
Citrix’s advanced certifications are among the most highly
respected in the industry:
Citrix Certified Enterprise AdministratorTM 4.0 (CCEA)—
provides extensive preparation for build, test, rollout and
support of all Citrix Access Suite products.
Citrix Certified Integration ArchitectTM 4.0 (CCIA)—
provides advanced preparation to analyze the existing IT
environment, and design for a successful implementation of
the Citrix Access Suite.
Get rolling with our most advanced certifications and
more at www.citrix.com/edu/redmond
C I T R I X
E D U C A T I O N
©2006 Citrix Systems, Inc. All rights reserved. Citrix ® , Citrix Access Suite TM , Citrix Certified
Enterprise Administrator TM and Citrix Certified Integration Architect TM are trademarks or
registered trademarks of Citrix Systems, Inc. in the United States and/or other countries.
All other trademarks and registered trademarks are the property of their respective owners.
Microsoft will be
unleashing a new
wave of technologies:
Will you be ready?
Join IT managers and network administrators for TechMentor’s
focused training — by expert instructors — on integrating,
managing, securing and troubleshooting Microsoft Windows
server systems.
Technical Training at Every Level of Experience
TechMentor delivers in-depth technical training designed to
help you get the most out of your network. Experts will cover
these topics and more:
> Active Directory
> Command-Line Scripting
> Disaster Recovery
> DNS
> Group Policy
> VBScript
> Vista
> Wireless Security
Tips, Tips, Tips
Bringing real-world experience to the conference, TechMentor
instructors actually USE the technology they teach about. You’ll
walk away with hundreds of tips and step-by-step instructions
that you can apply immediately.
“I'd stopped going to conferences several years ago because of
weak technical content. This conference is NOT a sales pitch for
anyone. It gave me the real-world technical info and examples I
need to be successful.”
— B. Hogan, TriZetto
Save $200. Register Today!
TechMentorEvents.com
OCTOBER 9-13, 2006
LAS VEGAS
Network and
Certification Training
for Windows Professionals
100+ Sessions, 6 Tracks
KEYNOTE
SPEAKERS
Exchange/
SQL
Server
MCSE
MCSA
Bill Boswell, Microsoft
Scripting
and
Automation
Security
Mark Minasi, MR&D
System
and
Network
Troubleshooting
PRESENTED BY:
Second
Time Around
Windows Server 2003 R2
and the new DFS.
BY GARY OLSEN
W
hen Microsoft released Windows
Server 2003 R2, more commonly
referred to as simply “R2,” it posed a
challenge to IT managers. After all,
the far-reaching release has created
a storm of interest and confusion.
With the much-anticipated Longhorn Server OS now at beta 2 and
looming large in planner’s minds,
many IT managers struggle to place R2 in the context of
the Windows Server release life cycle.
They needn’t worry. Since 2003, Microsoft has worked to
make its OS and software releases conform to predictable,
two-year intervals. Two years after the initial shipment of a
new product, an R2 release is scheduled to extend features,
roll up bug and security fixes, and provide a fully updated
foundation for new releases. Two years after that, according
to the roadmap, a full-version release of the software is due.
46 | August 2006 | Redmond | redmondmag.com |
“Windows Server Release Cycle” on p. 48 shows the
overall life cycle as Microsoft currently defines it.
Thus, the next major release of Windows Server will
be Longhorn, followed by Longhorn R2 two years
later, and followed next by Blackcomb. There are
currently R2 releases for System Management
Server (SMS), Virtual Server, Small Business
Server (SBS), and Windows Storage Server
(WSS). Microsoft says all products should have
an R2 release.
By definition, R2 releases are a big deal, but
few are as big as Windows Server 2003 R2. In
addition to an extensive set of feature upgrades affecting
everything from storage management to Active Directory
administration, IT managers will welcome the addition of
powerful Windows SharePoint Services. But no single feature looms as large as the newly minted distributed file
system and replication technology cooked into R2.
ILLUSTRATION BY RALPH VOLTZ
| redmondmag.com | Redmond | August 2006 | 47
Second Time Around
Touring R2
No doubt about it, Windows Server 2003 R2 is a significant release. This version has a large number of product
add-ons that greatly expand the reach of the original Windows 2003 Server OS. It offers IT managers ample reason
to consider an upgrade ahead of the long-awaited Longhorn Server OS.
no compelling maintenance reason to commit to or avoid
an upgrade. Down the road, you’ll be able to upgrade to
Longhorn Server from either Windows Server 2003 or R2
when the next-generation server OS is released, probably
in the second half of 2007.
Installing R2 is a straightforward process. The software
comes as a two-CD set. The first CD is simply Windows
Windows Server Release Cycle
4 YEARS Major Releases
2 YEARS Release Updates
Windows Server 2003
Blackcomb
“Longhorn”
Windows Server 2003 R2
In fact, when I first installed R2, the long list of add-ons
reminded me of the old Windows NT 4 Option Pack,
which at the time combined product add-ons such as
Routing and Remote Access Services and Terminal Services. With Windows Server 2003 R2, IT managers will
encounter an impressive list of add-ons, including:
• Active Directory Application Mode (ADAM)
• Identity Management for Unix (NIS)
• Active Directory Federation Services (ADFS)
• Distributed File System (DFS)
• DFS Management
• DFS Replication Service (DFSR)
• DFS Replication Diagnostic and Configuration Tools
• File Server Management
• File Server Resource Manager
• Hardware Management
• Print Management Component
• Storage Manager for SANs
• Microsoft Services for NFS (formerly included in Services for Unix)
• Subsystem for Unix-based Applications
• Windows SharePoint Services
Many of these add-ons were separate downloads from
Microsoft, others are completely new, and some have morphed from existing products. Note that Services for Unix
(SFU) has now been wrapped into the R2 components.
From a licensing standpoint, R2 is included with the
Software Assurance (SA) or the Enterprise Agreement
(EA) license. If you don’t have either the SA or EA agreements, you can purchase R2 as a new server license. There
are no new Client Access Licenses (CALs) for R2 because
it uses the Windows Server 2003 CAL. R2 shares a support
lifecycle with Windows Server 2003, which is scheduled to
sunset in 2013.
It’s worth noting that R2 is not a required update, it’s
entirely optional. Because service packs and hot fixes are
compatible between Windows Server 2003 and R2, there’s
48 | August 2006 | Redmond | redmondmag.com |
“Longhorn” R2
Server 2003 plus Service Pack 1, which enables IT shops
to quickly bring their machines up to grade to support the
move to R2. If your systems are already at Windows Server
2003 SP1, you can ignore the first CD and simply install
from the second CD.
The second CD contains all the components previously
listed, adding them to the Windows Components displayed
in the Add or Remove Programs area of the Control Panel.
These are not installed by default, however. You need to
open Add or Remove Programs and click Windows Components to see the components made available by the R2
setup. Check the components you want installed, as you
would for any other component (see Figure 1).
The New DFS
For all the new features in R2, one stands out from the
crowd: the new Distributed File System (DFS). DFS has
been widely used in Windows environments to provide an
orderly namespace, as well as redundant file resources.
Figure 1. The new Distributed File System component is
selected for installation.
Second Time Around
However, the replication engine behind this functionality,
called the File Replication Service (FRS), has been fraught
with problems since its inception in Windows 2000. FRS
has staggered from hotfix to hotfix and is a more stable
technology today, but it remains far from reliable.
With the R2 release of Windows Server 2003, it appears
Microsoft has decided to start from scratch. Using a completely new approach, it re-wrote the replication engine from
the ground up. There’s no connection at all to the old FRS.
The confusing part of this is that the new replication
engine named DFS or, as it is sometimes called, DFSR, only
replicates DFS namespace data. The old FRS is still used to
replicate SYSVOL, because Microsoft didn’t have time to
incorporate DFSR for replicating SYSVOL under R2. Of
course, FRS is also used to replicate DFS namespaces built
As indicated in this list, nothing has changed with respect
to SYSVOL data. FRS replicated this data in Windows
2000 and 2003, and continues to replicate it in Windows
Server 2003 R2. In addition, for compatibility purposes,
R2 supports DFS namespaces built in Windows 2000 and
2003 by using FRS for replication. So if you upgrade a
Windows Server 2003 DFS server to R2, the DFS functionality and management will still be the same and work
Migration Walk Through
Let’s say we have an existing DFS Namespace called SalesData that is hosted on
Windows Server 2003 servers. After the R2
upgrade, we can open the Distributed File
System snap-in and still see and manage
that namespace—there’s nothing to install
or change. If we want to take advantage of
the new DFSR in R2, how do we migrate the
data from the old namespace to the new?
It’s simple. Let’s say the namespace SalesData is hosted on four Windows Server 2003
servers, named SRV1, SRV2, SRV3, and SRV4.
The migration steps are as follows:
1
Upgrade each server to Windows Server
2003 R2, and then install Distributed File
System via the Add or Remove Programs
interface. R2 supports FRS and the legacy
DFS namespace, so the existing DFS structure will continue to work as it did before
the R2 upgrade.
2
in Windows 2000 and 2003, because the new replication
engine is not available in those older operating systems.
Clear as mud, right? Perhaps the best way to explain the
DFS, DFSR and FRS relationship is with a quick summary
of key points. We can then dig in a little deeper with some
examples:
• R2 DFS/DFSR is installed as a Windows component
• FRS is the old replication service and is still used to
replicate SYSVOL data in R2
• FRS is also used in R2 to replicate legacy (Windows
2000 and 2003) DFS namespaces
• DFSR is a much more efficient replication engine than
the legacy FRS
• The Legacy DFS and new R2-based DFS use different
replication topologies
• DFSR will be used to replicate SYSVOL data beginning with Longhorn
50 | August 2006 | Redmond | redmondmag.com |
Once the servers are upgraded to R2
and the R2 DFS, open the DFS Management snap-in on one server and add the
existing SalesData namespace. The namespace will be displayed in the snap-in. There
is no need to reconfigure the namespace
unless you want to add new servers.
3
At this point you need to configure the
replication. There is a very intelligent
wizard that guides you through this part.
While I’ve been able to follow the prompts
to a successful configuration, you should
of course test your configuration in your
lab first, to ensure that the setup will meet
your requirements.
That’s it! You’re now using the new DFS
for namespace and replication. Again, this
does not affect SYSVOL, as it will continue
to use FRS.
— G.O.
Second Time Around
as it did prior to the upgrade to R2. FRS will still be used
to replicate this legacy DFS data.
Upgrading to the new DFS is simple. Once the second
CD of the R2 installation media is installed, the Distributed
File System shows up as a Windows Component in Add or
Remove Programs under the Control Panel. Just check the
box and install it as you would any other component.
With the R2 release of Windows Server
2003, it appears Microsoft has decided to
start from scratch. Using a completely new
approach, it re-wrote the replication engine
from the ground up.
Technology Change Up
Moving up to R2 doesn’t replace the old replication
engine with the new one. Rather, the legacy DFS and R2
DFS replication topologies exist side by side, as independent services for specific missions. Each DFS is managed by
its respective snap-in, with the legacy DFS from Windows
2000 and 2003 being managed by the Distributed File
System snap in, just as it was prior to the upgrade. The R2
DFS, meanwhile, is managed and configured by the DFS
Management snap-in, which is created when you install
R2 DFS.
Keep in Mind:
Installation of the R2-based DFS component
modifies the Active Directory schema. Make
sure you use proper change control procedures before installing the component.
The new R2 DFS brings plenty of benefits in large part
because Microsoft built the new DFSR replication engine
from scratch. The crown jewel of the new DFS is definitely a technology called Remote Differential Compression
(RDC). RDC allows only the changed bytes in a file to be
replicated, as opposed to sending the whole file. The result
is vastly reduced bandwidth requirements.
For instance, if I change the title on one slide in a 3.5MB
PowerPoint file, FRS would have to send the entire file.
DFSR only sends the bits reflecting the change to the title
text. According to Microsoft, this can slash the amount of
data transferred from 3.5MB to just 16KB. On a standard
DSL connection, the time to transfer data reflecting the
edit drops from over a minute for the entire file to less
than a second for the 16KB of changed bits. Extrapolate
that to hundreds or thousands of files that exist in some
DFS environments, and you get a sense of the impact this
improvement can have.
DFSR also fixes a long-running nuisance of DFS—namely, the difficulty it had replicating data that changed frequently. While some shops got around the limitation by
deploying more bandwidth, this brute-force solution was
both expensive and tricky to manage. For example, IT
managers had to specifically set aside the bandwidth for
DFS replication rather than other tasks. With RDC in R2,
you can replicate dynamic data extremely efficiently using
much less bandwidth.
One of the more welcome advancements in the replication
space with R2 has more to do with vocabulary than technology. The new DFS eliminates ill-defined terms like Link,
Target, Root and Root Replica, which made little sense to
anyone who didn’t use DFS on a regular basis. The new
management tool, shown in Figure 2, uses common-sense
terms like “Sending Member,” “Receiving Member,” “Sending Site,” “Receiving
Site” and “Schedule Topology,” along
with the connection status.
There isn’t space here to print all the
features and details about DFS under
R2, but believe me it’s easy and intuitive
to manage. Remember that DFS now is
an umbrella term that refers to namespaces and replication. I recommend
highly that you move to the new DFS. If
you use DFS now and are debating
about whether to upgrade to R2, this
would be excellent justification.—
Figure 2. The new Distributed File System (DFS) uses common-sense terminology to
describe replication processes.
52 | August 2006 | Redmond | redmondmag.com |
Gary Olsen ([email protected]), MCSE, is a
consultant with HP Services, supporting
Windows NT and Windows 2000 and
consulting on Active Directory design
and deployment.
Knowledge is
a degree that
incorporates
life’s curriculum.
Move forward with an IT degree online from Capella University. Capella is an accredited university offering hands-on, real-world experience. And you
can apply to earn credit for real-world experience, training, certifications (such as CCNP®, MCSE, CISSP®, and PMP®), and previous education. To learn
more, call 1-888-CAPELLA or visit www.capella.edu.
Capella University is accredited by The Higher Learning Commission and a member of the North Central Association of Colleges and Schools, 30 N. LaSalle Street, Suite 2400,
Chicago, IL 60602-2504, (312) 263-0456; www.ncahigherlearningcommission.org. Capella University, 225 South 6th Street, 9th Floor, Minneapolis, MN 55402. © 2006 Capella University
ch:
Can Redmond’s Backups
Keep ’Em in the Game?
eplacing legends is a tricky business. But it’s
a business Microsoft must carry off over the
next two years if it hopes to weather the 2008
retirement of the greatest legend in the industry,
Bill Gates.
Gates has already stepped aside as chief software architect, succeeded by Ray Ozzie. Long-time friend Steve
Ballmer will remain as president and CEO and will be the
one to step into Gates’ iron boots once he leaves for good
in July 2008.
Finding someone to fill Gates’ shoes is going to be
a tough trick. In fact, few believe that one or two
executives—even proven ones like Ballmer and Ozzie—
can fill all the roles Gates plays at Microsoft. A management team that can work cooperatively with Ballmer and
Ozzie, however, may succeed.
Fab Five
There are five key players coming off Microsoft’s upper
management bench who could make that happen: They are
Craig Mundie, chief research and strategy officer, Steven
Sinofsky, senior vice president of Windows and Windows
Live, Antoine LeBlond, corporate vice president, Office
Productivity, Bob Muglia, senior vice president, Server and
Tools Business, and Kevin Johnson, co-president (with Jim
ILLUSTRATION BY MARK COLLINS
New management
team must fill the
void left by Gates.
BY ED SCANNELL
Allchin who is retiring in December) of the Platforms and
Services Division.
Whether these five, along with Ballmer and Ozzie,
possess the right combination of talent, chemistry and
humility to work effectively together will only be discovered in time. But some observers are optimistic. They
believe these young managers could help the company
more quickly enter the age of Web-based development.
“[It has] grown to be an enormously successful company,
but there are a lot of changes afoot involving software
architectures as well as the way software is going to be
delivered and paid for. It may not be a bad thing to have
some new people coming that have something other than a
PC view of the universe,” says Gordon Haff, principal IT
advisor with Illuminata Inc.
Gates’ transition could also help liberate the new management team from the enormous amount of legacy code still
living in current versions of Windows. Industry watchers
believe that the new managers will accelerate development
around more innovative Web-based products that can be
delivered significantly faster.
“These younger managers will agonize a lot less about cutting loose or reshaping existing products or at least not
putting so many
| redmondmag.com | Redmond | August 2006 | 55
resources into them and moving forward into Web-based
areas,” Haff says.
Sinofsky figures to play a central role in guiding
Microsoft into the new age of software development, even
as he helps get the long-overdue Vista to market. Sinofsky,
who joined the company in 1989 right out of college, has a
reputation as a disciplined, no-nonsense manager. Over the
past decade, he’s delivered a new version of Office every
two to three years without fail.
Users and business partners like Sinofsky’s tough, goaloriented reputation, but will his experience with Office
be enough?
“We know he knows applications but how smart is he
about Windows development and operating systems architectures in general? I suppose if he has been about the
company for 17 years he could pick that up quickly and he
better, given the state of Vista,” says one New York-based
Microsoft business partner who did not
want to be named.
Another key figure is Craig Mundie, who
will work closely with Gates on the company’s research and incubation efforts over
the next two years. He will also work with
Microsoft General Counsel Brad Smith on
intellectual property and technology
efforts. Mundie joined the company in
1992 to create and run the Consumer Platforms Division, and was the driving force
behind Microsoft’s Trustworthy Computing Initiative.
“He has been high up there for a long time in terms of
influencing research, and he would have been a good candidate for the CTO job too. The question is will he and
Ballmer see eye to eye on maintaining Microsoft’s commitment to research as well as development,” says Dwight Davis,
vice president and practice director with Summit Strategies.
Antoine Leblond, who also joined Microsoft in 1989, has
a reputation for pushing the envelope on innovation and
emphasizing Web development. He’s responsible for features in Word such as background spell checking, HTML
file formats and Visual Basic for Applications. As director
of Office development, Leblond will be responsible for the
technical design and development strategy of Office,
Microsoft’s largest revenue generator.
and decision making there every day,” says Will Zachmann,
president of Canopus Research in Duxbury, Mass.
Zachmann and others note there is ample evidence that
no matter how much luck and skill goes into assembling a
management team, when a leader as entrenched as Gates
leaves, the possibility for political jousting is always present.
“Guys from time to time on the technical side of the house
at Microsoft have tried to pull an Al Haig thing. Ray has
vision and talent but you can imagine an old palace guard
there setting the stage for corporate infighting. Think of the
Greek armies after the death of Alexander,” Zachmann says.
During this transition, Microsoft’s upper management
must maintain a broad perspective. In the past, the company
has allowed its field of vision to narrow to development on
Windows and Office.
“There has been a tendency with those in leadership
positions at Microsoft to get myopic. The worst thing
about being myopic is you think you
actually know what is going on, and that
is when you make mistakes,” says Melinda Ballou, program director of application life-cycle management at IDC.
“The problem with visionaries new or
old at Microsoft is their only experience
within the enterprise comes from within
the womb of the Microsoft environment,” says Mike Drips, an independent
IT consultant working with large
accounts in the San Francisco area.
Gates’ transition could
also help liberate the
new management team
from the enormous
amount of legacy code
still living in current
versions of Windows.
Paging Al Haig
Despite stepping away from day-to-day management at
Microsoft, industry observers say Gates has remained a
formidable presence. He continues to preside over product
reviews, amp up energy levels, and bring together the talent and resources to complete mission-critical initiatives.
“You have some very creative talents in that team, but
they are opinionated and may have very different views on
things. The real issue is putting them all together as you
will no longer have this integrating point of coordination
56 | August 2006 | Redmond | redmondmag.com |
Change Management
Despite the growing competitive pressures and continued
product delays, some analysts believe Microsoft is in a
fine spot.
“There is so much advantage to momentum and presence, and Microsoft still has both. You can point to Vista
delays and growing competition from multiple directions,
but I still think there will be a lot of forward momentum at
Microsoft, regardless of who is at the helm,” says Summit
Strategies’ Davis.
The new management team might ease the task by using
Gates’ departure as an opportunity to change Microsoft’s
corporate personality. Some believe the emerging powersto-be should take the opportunity to present a softer,
more-friendly image to the outside world. But which managers might lead such a transformation is unclear.
“With Gates gone the company can’t afford a lack of personality, but it has to change the one it has,” says Dana
Gardner, principal analyst with InterArbor Solutions Inc.
“It can now change it quickly but the question is what that
personality going to be. If it is schizophrenic with different
personalities that are hard to identify, it could be a long
and difficult period for them.” —
Ed Scannell ([email protected]) is Redmond’s editor.
The Most Universal Three Letters Since URL
At HP, a PMP® [credential] is a stamp of
approval. Our major reason for focusing
on project management certification is customerbased: We want to make sure we’ve got the best
project managers. Customers across countries
and industries ask us, what kind of project managers do you have? What
kind of certification do they have? We can tell them that the majority of our
project managers are certified. HP values certification. We have four levels of
project managers, and the top three require a PMP certification.
Ronald L. Kempf, PMP | Director, HP Services Project Management Competency Development & Certification
®
Making project management indispensable for business results.
www.pmi.org/pmpredmond.htm
®
Project Management Institute
© 2006 Project Management Institute, Inc. All rights reserved. “PMI”, the PMI logo, “PMP”, and “Making project management indispensable for business results” are registered marks of the Project Management Institute, Inc.
NEVER
AGAIN
By Hong-Lok Li
Virtual Panic
still vividly remember the day. I came into work in a good
I
mood on a sunny summer morning in Vancouver, and was
getting ready to do a regular check of the firewall log. As
an IT Manager at the University of British Columbia, I
managed a network of 400 nodes and supported applications on a variety of platforms. These ranged from large
HP/Compaq and IBM
enterprise servers at
the top end, to
Windows Server
2003, Novell
Netware 6.X,
Unix and Citrix servers in
the mid-range,
all the way
down to Windows and Macintosh desktops at
the client.
That sunny summer day started going
badly when my assistant
reported that she had
received more than 20 calls
from users at different departments
(including Payroll). Users complained
that they either could not log in to the
Novell server or their Microsoft Outlook e-mails were extremely slow. My
assistant mentioned that she had tried to
reset (delete and recreate) the Outlook
profiles of a few users, but this restored
normal operation for just a few minutes.
I checked both the Novell server and
Exchange 2003 server—everything was
functioning properly. A review of the
server log and multiple virus scans produced nothing. I turned my attention to
the network traffic monitoring software, which showed that the network
was unexpectedly busy.
“What could be causing it?” I
wondered desperately, as I
stared at the switches in
the machine room. The
phone calls were piling up and the situation was getting
worse with pay
day the next day
and the payroll
systems still
down. I tried
to hide my
growing frustration as I
patiently
explained to
managers that we
were working hard
on the problem.
I was approaching the point
of outright panic when suddenly I
remembered there had been a power
outage the day before.
Our network employed a gigabit
backbone and high-speed switched
Ethernet connections at both the core
and the edge. Ethernet switches located
in floor distribution wiring closets
divide the network into 10 geographic
sections. The result is a tree structure
starting from the switch and expanding
to every wiring floor closet and eventually workstation.
The network, however, had been
implemented with virtual local area
58 | August 2006 | Redmond | redmondmag.com |
network (VLAN) technology, to
provide flexibility. By layering a
logical network structure atop the
physical network, client computers
could participate in a departmental
subnet regardless of physical location.
Just as important, the virtualized
structure compartmentalized traffic,
preventing congestion.
Remembering the power outage, I
quickly went through the settings for
each routing switch. I soon discovered
that a Cisco 2900 routing switch had
ceased retaining its VLAN settings
since the power failed. As a result,
three VLANs had collapsed into a single default VLAN, and the unmanaged traffic was choking the network.
Once I discovered the problem, it
took me 20 minutes to reconfigure the
switch and restore the network to
normal operation.
It was a difficult yet challenging day,
no doubt. From this “Never Again”
experience, I learned that problems can
often arise from forgotten events, and
that the solutions we employ to boost
productivity can fail in ways that
destroy productivity.—
Hong-Lok Li, MCSE 2003, MCSA,
MCDBA, MCSD, is an information
technology manager at the University of
British Columbia, in Vancouver, Canada.
What’s Your Worst
IT Nightmare?
Write up your story in 300-800 words
and e-mail it to Michael Desmond at
[email protected].
Use “Never Again” as the subject line
and be sure to include your contact
information for story verification.
ILLUSTRATION BY MARK COLLINS
Get noticed
for the right reasons
Not standing out as the professional you are? Increase your career opportunities and earning power. Get your
CAPM® credential — the globally recognized certification for IT professionals with project responsibilities. You’ll
catch the eye of management with your proficiency in project management application.
Start getting noticed. Earn your CAPM® credential, brought to you by the organization that furthers careers in
project management: Project Management Institute.
®
Making project management indispensable for business results.
www.pmi.org/capmredmond.htm
®
Project Management Institute
© 2006 Project Management Institute, Inc. All rights reserved. “PMI”, the PMI logo, “CAPM”, “PMP”, and “Making project management indispensable for business results” are registered marks of the Project Management Institute, Inc.
When it comes to disaster, it’s not IF, but WHEN. And too often, it’s when you least expect it.
Get High-Availabilty and Disaster Recovery “In-One”
With Double-Take ®
Double-Take delivers real-time data replication combined
with fail-over so you have high-availability and disaster
recovery for your Windows Servers -- safely and securely.
It is your job to keep servers up, data available and prevent
downtime. Failure to protect mission critical data and
applications can set your business back by weeks, months or
worse. Disaster recovery is now one
of the highest IT priorities.
This is the reason that hundreds of Fortune 500 companies
worldwide use Double-Take to ensure their business continuity.
Three levels of data compression allow
more data to be replicated and
increase performance and scalability.
In today’s business climate, you
have to have a tested plan and reliable tools in place for
Double-Take gives you the peace of mind your data is safe
the moment your server (or site) goes down. Double-Take
and your job secure.
is that tool.
Sold more than all other High-Availability tools combined, it is
even certified for W2K Datacenter. No other HA tool is. A whole
department sitting on their hands can cost thousands of dollars
per minute. The ROI of Double-Take is a no-brainer.
Don’t wait. Download a free
30-day eval copy right now
and start protecting your
data and applications.
Download Your Free Eval Copy Today
www.sunbelt-software.com Tel: 1-888-NTUTILS (688-8457) or 1-727-562-0101
Fax: 1-727-562-5199 Email: [email protected]
WindowsInsider
Greg Shields
Get a Grip on Those Gripes
E
ver get just flat out pissed off about something in IT? I
sure do. Often, the problem is that there is little we can do
to fundamentally change what is bugging us. Or is there?
This month we’re giving you the
chance to sound off on the issues that
irk you the most. In sifting through
dozens of responses, which again
proves systems administrators can be a
vocal bunch, we learn a lot about what’s
bothering you. Airing out some of these
issues may inspire other administrators
to grapple anew with some of their
thornier problems.
We’ll start off with IT Specialist
Jeremy Soto in Heidelberg, Germany,
who has a beef with software packaging.
“Poor installation and upgrade packages
are the worst,” he writes. “Why don’t all
vendors use just one install engine like
InstallShield or MSI that supports truly
quiet installs and provides options for
single file installation? When I attempt
to do a background network installation
[using tools like Systems Management
Server or Altiris], some of these packages are a major challenge.”
Software companies take note: If
you’re still creating your own custom
installation applications that don’t support silent installation, meet me after
class. Jeremy’s rant is a valid one.
Admins who use software management
systems struggle with them all the time.
If you don’t yet support a silent installation, please make it a high priority in
your next release. And make sure you
post the silent command-line switches
prominently on your Web site where
people can find them.
A Question of Semantics
Kyle Beckman, Systems Support Specialist from Atlanta, Ga., has a problem
with the wording in the Windows
Group Policy. “I don’t understand why
Microsoft has so many double negatives
for the wording in Group Policy. ‘Allow
access’ to something seems the most
understandable way to do it.”
Group Policy wording is extremely
precise, but Kyle’s impression is correct.
Interpreting the meaning of the setting
Software\Microsoft\Windows\
Currentversion\Policies\Explorer, this
creates a new DWORD value named
NoStrCmpLogical. Once you do this, then
set the data to 1.
Liar, Liar Pants on Fire
Peter Cousins is in technical support in
England and asks the age-old question,
“Why do users lie during the diagnostic
process [when we’re trying to fix their
computer]? Either way they lose,” he
Interpreting the meaning of a Group Policy setting
sometimes requires the skill of a master logician.
sometimes requires the skill of a master
logician. What exactly happens when
you Disable the Do Not Process The
Run Once list? Only the help file knows.
Ron Elstun is a CAD Systems Administrator from Littleton, Co., who has an
interesting problem actually created by
Microsoft. Why, he asks, did the company change its Windows XP file sorting? He notes that Windows 2000 and
earlier versions sort the following files
[character-by-character] in this order:
11200.dwg
220.dwg
31.dwg
But with XP, the files sort numbers as:
31.dwg
220.dwg
11200.dwg
“This drives me crazy,” he says, “since
I work with CAD files that are named
with numbers 99 per cent of the time.
The first two or three numbers determine the type of drawing (electrical,
mechanical, piping, etc.).”
This gripe actually has a fix. There’s a
registry key you can modify to revert the
sorting algorithm back to the old Windows 2000 sort-by-character style. To do
this, in the registry key type the following: HKEY_LOCAL_MACHINE\
says. “If their lying ensures you can’t
identify the problem, then their computer remains broken. If you identify
the fault, then you know they have lied!
So why do they do it?”
It’s been said that a job in technical support is equal parts scientist, investigator
and psychologist. Our user population
has a very real belief that IT’s looking
over their shoulder and that any problem
with their computer could be an RPE—
Resume Producing Event. Consequently,
they’re given incentive to make up stories about how their computer broke.
On the other hand, we in IT can be a
little holier-than-thou when we’re trying to fix someone else’s machine. It’s
difficult to bite your tongue when you
know that someone’s really screwed the
pooch, but it’s also our job to get it
fixed. In response, we sometimes decide
to play the role of psychologist. So get
them on the couch, have them tell you
about their mother and figure out the
real reason for the problem.
Role Playing
David Jackson from Chicago has a beef
with how companies don’t match roles
with titles. “What bothers me is how
companies classify jobs inappropriately.
| redmondmag.com | Redmond | August 2006 | 61
WindowsInsider
A software developer should be paid as
a developer, and a DBA should be paid
as a DBA. Too often companies use job
titles that don’t match the tasks performed, and then use those titles as an
excuse to pay less than market value.”
Salary.com reports the national average
for median salary of a DBA is $83,952,
while for a Web Software Developer
that figure drops to $68,970. What’s
notable here is that most Web software
developers also deal with databases in
writing their code.
Sites like Salary.com are interesting
because while their data has given
ammunition to job seekers, they also
supply that same ammunition to
employers. This means both sides
of the negotiating table can escalate
the debate.
Fun-House Mirror
Lastly, I have one gripe about disaster
recovery as it relates to storage area
networks (SANs). High-end storage
manufacturers sell high-reliability disk
arrays that cost millions to implement.
Unfortunately, the little guys with five
or 10 servers in their networks are still
stuck with the same old RAID options,
namely RAID 1 and RAID 5.
What I’d like to see out of the major
server manufacturers is a poor-man’s
equivalent of EMC’s Business Continuity Volume, also referred to as the “third
mirror.” Imagine this scenario: You set
up all your servers as a RAID 1 mirror
for the system and apps drive, but
instead of stopping there, you add a
third disk into that two-disk RAID 1 set.
This disk is also in the mirror set, but it
mirrors itself to the primary pair perhaps once a day at three in the morning.
Why is this cool? Well, if during the
day some vulnerability’s concept code
stops being conceptual and you get
hacked, a regular RAID 1 isn’t going
to help you. Once the virus infects
the machine, the RAID controller
conveniently copies the virus to both
disks in the mirror. This usually means a
reinstall for you.
But if you had our “third mirror” in
place, the fix would involve little more
than restarting the server with the third
drive as the primary. This would effectively and immediately take you back in
time to that last snapshot at three in the
morning. The solution would take a
few more hard drives, but a few more
hard drives is a lot cheaper than a
whole SAN.
Still royally ticked off and want to
vent? Drop me a line. It’s a hard world
out there, and we systems administrators have to stick together. —
Greg Shields, MCSE: Security, CCEA, is a
senior consultant for 3t Systems in Denver,
Colo. (www.3tsystems.com). A contributing
editor to Redmond magazine and a popular speaker at TechMentor events, Greg
provides engineering support and technical
consulting in Microsoft, Citrix and
VMware technologies.
When information comes together,
better backup is only the beginning.
EMC NetWorker helps you shape a recovery management strategy that covers everything.
A small office. A large data center. A common need: enterprise-wide recovery management to protect against user error,
data loss, system outages, or a catastrophic event. EMC® NetWorker™ has you covered, from simple, secure backup and
recovery executed at record-breaking speed to integrated snapshotting and continuous data protection (CDP). So now
you can centralize, automate, and accelerate backup and recovery—and reduce risk and cut costs across the board.
Read our white paper, “Enhanced Focus on Disk-Based Data Protection and Recovery,” at software.EMC.com/networker
and see what NetWorker can do for you. Or learn more at software.EMC.com/recoverymanagement.
EMC2, EMC, and where information lives are registered trademarks and NetWorker is a trademark of EMC Corporation. © Copyright 2006 EMC Corporation. All rights reserved.
SecurityAdvisor
Joern
Roberta
Wettern
Bragg
Bit by Bit
W
hen Windows 2000 hit the streets six years ago, it
kept your data confidential with something called
the Encrypting File System (EFS). This worked
well, but created almost as many problems as it solved.
You can’t use EFS to encrypt many of
your system files, for example. This
leaves some data unprotected, including
paging and hibernation files. Also,
recovering EFS-encrypted data can be
difficult if not impossible when the
profile for the user who originally
encrypted the files is lost or inactive.
These limitations led many companies
to disable EFS altogether.
BitLocker should make file encryption
easier and more effective. One of the new
security features coming in the Enter-
is also helpful for desktop computers or
servers. (Longhorn, the next version of
Windows Server, will also include BitLocker.) After all, desktop computers and
servers are also susceptible to data theft.
File system permission rules won’t prevent unauthorized data access if someone
starts the computer with a different
operating system.
BitLocker also has a feature to help
companies needing to decommission
computers, like leased computers up for
return. Normally, you’d have to erase
BitLocker lets you encrypt your entire system
partition. This prevents unauthorized hard drive access
without locking you out of your own data.
prise and Ultimate editions of Vista,
BitLocker lets you encrypt your entire
system partition. This prevents unauthorized hard drive access without locking
you out of your own data. With the
release of Vista only a few months away,
now is the time to evaluate whether or
not this is the right tool for you.
Laptop computers are the most obvious candidate for an encryption system
like BitLocker. Every day, hundreds of
laptops are lost in taxicabs. The recent
theft of a laptop containing the personal
data of more than 26 million people
from a Department of Veterans Affairs
employee made national news. The cost
of replacing the hardware pales in comparison to the havoc wreaked by leaked
information.
BitLocker applies strong encryption to
your computer’s entire system drive. You
won’t have to worry who might access
data on a lost or stolen laptop. BitLocker
all data from the hard disk before
returning the computer. With BitLocker, you can skip this tedious step. Simply leave the drive as is, because no one
will be able to read the data. A better
practice, however, is to use BitLocker’s
secure deletion capability. This quickly
removes all data from the drive.
What You’ll Need
BitLocker uses a startup key to encrypt
data, and Microsoft enforces some
stringent hardware requirements to
protect the key. BitLocker encryption
keys are typically stored on a Trusted
Platform Module (TPM) chip. A TPM
chip functions like a smartcard built
into the motherboard.
It’s essentially a small computer that
stores private keys and performs some
basic encryption tasks. A TPM blocks
any attempt to retrieve this key or other
confidential information. Access to TPM
BitLocker Tips
B
itLocker can be dangerous,
so plan carefully before
using it for encryption. Make
sure you’ve planned your recovery
strategies, including procedures to help
remote users who lose access to data
on their laptop.
• Disable BitLocker until you’re ready.
Use Group Policy to disable BitLocker
until you’ve planned and practiced
your recovery strategy.
• Store recovery keys centrally. Use
Group Policy to store recovery keys
in Active Directory so administrators
can get to them to quickly restore
access to data in an emergency.
• Buy compatible computers. If you’re
buying new laptop computers now,
make sure they have a TPM chip that
complies with version 1.2.
• Learn about BitLocker now. Microsoft
has created many documents to
define and describe BitLocker, including detailed deployment guides. You
can access this information at
www.microsoft.com/technet/
windowsvista/security/bitlockr.mspx.
— J.W.
functions is controlled by a PIN or biometric authentication.
The TPM will prevent any access after
a pre-determined number of unsuccessful attempts. BitLocker requires the
TPM chip be permanently attached to
the computer—normally to the motherboard—and that it meets at least version
1.2 of the TPM specification.
Many laptop computers (and a few
desktop models) have this chip, but
older models may not or they may have
an outdated TPM. Make sure your
computer meets Microsoft’s current
TPM requirements.
| redmondmag.com | Redmond | August 2006 | 65
SecurityAdvisor
BitLocker Bits
T
here are numerous overviews,
deployment guides and
technical references about
BitLocker on the Microsoft Web site:
• An executive overview gives a
thorough rundown on how BitLocker
works and how it can help secure
drives on lost or stolen devices.
• A step-by-step guide walks you
through the drive encryption process
using BitLocker.
• Technical overviews explain how it fits
within the Trusted Platform Model.
• A list of client host requirements
explain what you need to run BitLocker.
To learn more about BitLocker, go to
Redmondmag.com. FindIT code: MSBL
Fortunately, you’re not completely
out of luck if you don’t have a current
TPM chip. You’ll be able to use a USB
storage device to hold your encryption
keys (although the current beta does
not yet support this). If you choose this
option, your computer’s BIOS must be
able to access USB devices before the
operating system has started up. Of
course, using a USB stick means you
have to remember to bring it along
when you travel. You also must take
care to store it into a safe place. A TPM
is more convenient because it’s always
in the computer.
Encryption Essentials
Encrypting your system drive is
fairly straightforward. You may have
to create a separate partition of at
least 1.5GB. BitLocker needs that
space to hold some startup files and
have a temporary space for setup.
Once the encryption process starts,
plan on going out for dinner or
watching a movie. It can take more
than an hour.
Once the drive is encrypted, you can
restart your computer. If everything
proceeded as planned, you’ll be
prompted for a PIN or USB stick
before Vista starts. This will unlock the
startup key used to decrypt the data on
the system partition.
After this, you won’t even notice BitLocker is there until the next time you
restart your computer. There will be a
very small impact on system performance, but it’s unlikely you’ll even notice
any slowdown.
Recovery Options
If things go wrong with BitLocker,
there’s a risk you may lose access to all
data on your hard drive. Microsoft provides several safeguards to protect
against this, but it’s up to you to put
them in place.
Simplify Active Directory Management with WinRadarTM.
WinRadar is an Active Directory administration tool that allows you to
remotely manage client systems through a domain controller interface.
With its wide range of built-in features, you will eliminate the need to
write scripts or create tools.
WinRadar v2
- Centralized AD Management
Download a
- Remote Process Termination
FREE 30-Day Trial
- Hot Fix & Service Pack Viewer
of WinRadar v2 Today!
- Bulk User Updating
www.cns-software.com/rd
- Advanced Export Feature
- Client Software Removal
- Wake-On-LAN (WOL)
SPECIAL OFFER: Order today and
receive an instant $200 rebate
TM
Tools by Administrators for Administrators
1-866-344-6267
[email protected]
©2006 CNS Software, LLC. All rights reserved. WinRadar, the CNS Software logo, and tag line are trademarks or registered trademarks of CNS Software, LLC in the United States and/or other
countries. The names of actual products mentioned herein may be the trademarks of their respective owners. Instant rebate not redeemable for cash, may not be combined with any other offer,
available for a limited time only. See website for details.
LEAST PRIVILEGE COMPLIANCE
IS NOW IN YOUR HANDS
In today’s corporate environment, it’s not an option. DesktopStandard’s Group Policy extensions
take you beyond built-in Windows security management, giving you the power to limit rights and privileges to
the least required for authorized tasks. Reduce the complexity of managing your distributed desktop environment while increasing security and compliance. Find out how at www.desktopstandard.com.
© 2005 DesktopStandard Corporation. All rights reserved.
desktopstandard
™
manage with standards.
FREE
WEB
SEMINARS
Available On-Demand — Tune in Today!
➤ Is Your Network Safe from Internet Worms?
Learn New Techniques for Protecting Your Network
from the Latest Threats
➤ Disaster Recovery for Your Windows-based Applications
➤ The Top Five Most Deficient Security Compliance Controls
➤ Fighting the Insider Threat
Brought to you by:
Visit: Redmondmag.com/techlibrary/webcasts
SecurityAdvisor
First, BitLocker creates a recovery
key when you encrypt the drive. You
have a number of options for storing
this key, whether on a separate USB
stick or simply by writing it down. If
you use Active Directory, you can also
configure a policy that automatically
copies the key into Active Directory.
If BitLocker can’t decrypt the drive
because it can’t access the TPM (if
something happens like you install the
drive in a different computer or lose
the USB key), you can enter the
recovery key and things should be
back to normal. Just make sure you
don’t store the recovery key with your
laptop, or you’ll effectively lose any
protection that BitLocker provides.
Because of the potential recovery
and support issues, you should learn
how to handle any recovery scenarios
before using BitLocker. For example,
you may have to help a user on a business trip who is having a panic attack
because he lost his USB stick or
another who can’t get at his presentation after having the motherboard on
his laptop replaced.
Don’t Ditch EFS Just Yet
BitLocker is easier to use and more
comprehensive than EFS. It transparently encrypts all files on your system
disk, including the swap and hibernation files. And you won’t have to
configure files or directories for
encryption.
However, as BitLocker only encrypts
data on the system disk, you still have
to use EFS to protect any files stored
on a different partition. Also, BitLocker
might not be practical if you share a
computer with other users. Imagine
having to share the PIN for the TPM
with multiple users or handing a USB
device back and forth.
BitLocker doesn’t protect any files
while the computer is running, whereas EFS can prevent unauthorized
access to specific files, while still per-
mitting access to other files for normal operations. You can think of BitLocker as protection for when
someone steals your computer, and
EFS as protection against unauthorized access to specific files while your
computer is running.
The security benefits of BitLocker are
obvious. However, there will also be
many cases of people inadvertently
locking themselves out from their data
because they made a tactical error that
prevents BitLocker from decrypting
their data. Plan your recovery strategies
first so you won’t become a victim of
your own security. —
Joern Wettern ([email protected]),
Ph.D., MCSE, MCT, Security+, is the owner
of Wettern Network Solutions. He has written books and developed training courses on
numerous networking and security topics. He
helps companies implement network security
solutions, teaches seminars and speaks at
conferences worldwide.
AdvertisingSales
RedmondResources
Matt Morollo
Associate Publisher
508-532-1418 tel
508-875-6622 fax
[email protected]
West/MidWest
East
AD INDEX
Advertiser
Page
URL
Acronis Inc.
2
www.acronis.com
Acunetix
31
www.acunetix.com/security-audit/
AvePoint, Inc
16
www.avepoint.com
Capella University
54
www.capella.edu
Citrix Education
43
www.citrix.com
CNS Software
66
www.cns-software.com
Dataviz, Inc.
19
www.dataviz.com
DesktopStandard
67
www.desktopstandard.com
Devon IT
C3
www.ntavo.com
Diskeeper Corporation
77
www.diskeeper.com
Dorian Software
37
www.doriansoft.com
Dan LaBianca
JD Holzgrefe
eDirectSoftware
25
www.edirectsoftware.com
Director of Advertising, West
818-674-3417 tel
818-734-1528 fax
[email protected]
Director of Advertising, East
804-752-7800 tel
253-595-1976 fax
[email protected]
EMC Corporation
9,64
www.emc.com
Famatech
35
www.famatech.com
GFI Software
24
www.gfi.com
Grisoft
33
www.grisoft.com
IBM Corporation
49,51,53
www.ibm.com
iTripoli Inc.
20
www.itripoli.com
SALES
Bruce Halldorson
Western RegionalSales Manager
CA, OR, WA
209-473-2202 tel
209-473-2212 fax
[email protected]
Danna Vedder
Microsoft Account Manager
253-514-8015 tel
775-514-0350 fax
[email protected]
Tanya Egenolf
Advertising Sales Associate
760-722-5494 tel
760-722-5495 fax
[email protected]
CORPORATE ADDRESS
1105 Media, Inc.
9121 Oakdale Ave. Ste 101
Chatsworth, CA 91311
www.1105media.com
MEDIA KITS: Direct your Media Kit
requests to Matt Morollo, associate publisher, 508-532-1418 (phone), 508-8756622 (fax), [email protected]
REPRINTS: For all editorial and advertising reprints of 100 copies or more, and
digital (Web-based) reprints, contact
PARS International, Phone 212-221-9195,
e-mail: [email protected], Web:
www.magreprints.com/QuickQuote.asp
LIST RENTAL: To rent this publication's
e-mail or postal mailing list, please contact our list manager Worldata:
Phone: 800-331-8102.
E-mail: [email protected]
Web site: www.worldata.com/101com
Postal Address: 3000 N. Military Trail,
Boca Raton, FL 33431-6375
Redmond (ISSN 1553-7560) is published
monthly by 1105 Media, Inc., 9121 Oakdale
Avenue, Ste. 101, Chatsworth, CA 91311.
Periodicals postage paid at Chatsworth,
CA 91311-9998, and at additional mailing
offices. Complimentary subscriptions are
sent to qualifying subscribers. Annual subscription rates for non-qualified subscribers are: U.S. $39.95 (U.S. funds);
IT CERTIFICATION
& TRAINING – USA,
EUROPE
MaxSP
18
www.maxsp.com
Al Tiano
Network Automation
63
www.networkautomation.com
Advertising Sales Manager
818-734-1520 ext. 190 tel
818-734-1529 fax
[email protected]
The Neverfail Group
C2,1
www.neverfailgroup.com
Project Management Institute 57,59
www.pmi.org
Quest Software
C4
www.quest.com
Redmond Magazine
68
www.redmondmag.com
PRODUCTION
SAPIEN Technologies, Inc.
69
www.sapien.com
Kelly Ann Smith
Scriptlogic Corporation
29
www.scritplogic.com
SoftTree Technologies, Inc.
62
www.softtreetech.com
Special Operations Software 15
www.specopssoft.com
Production Coordinator
818-734-1520 ext. 164 tel
818-734-1528 fax
[email protected]
Canada/Mexico $54.95; outside North
America $64.95. Subscription inquiries,
back issue requests, and address
changes: Mail to: Redmond, P.O. Box 2063,
Skokie, IL 60076-9699, e-mail
[email protected] or call 866-2933194 for U.S. & Canada; 847-763-9560 for
International, fax 847-763-9564.
POSTMASTER: Send address changes to
Redmond, P.O. Box 2063, Skokie, IL
60076-9699. Canada Publications Mail
Agreement No: 40039410. Return Undeliverable Canadian Addresses to Circulation Dept. or DHL Global Mail, 2-7496 Bath
Rd, Mississauga, ON, L4T 1L2, Canada.
© Copyright 2006 by 1105 Media, Inc. All
rights reserved. Printed in the U.S.A.
Reproductions in whole or part prohibited
except by written permission. Mail
requests to "Permissions Editor," c/o
Redmond, 16261 Laguna Canyon Road,
Ste. 130, Irvine, CA 92618.
The information in this magazine has not
undergone any formal testing by 1105
Media, Inc. and is distributed without any
warranty expressed or implied. Implementation or use of any information contained
herein is the reader's sole responsibility.
While the information has been review for
accuracy, there is not guarantee that the
same or similar results may be achieved in
all environments. Technical inaccuracies
may result from printing errors and/or
new developments in the industry.
St.Bernard Software
5
www.stbernard.com
Sunbelt Software
10,38,60
www.sunbelt-software.com
TechMentor Conferences
44,45
www.techmentorevents.com
The Training Camp
70
www.trainingcamp.com
TNT Software
41
www.tntsoftware.com
EDITORIAL INDEX
Company
Page
URL
Adesso Systems Inc.
11
www.adessosystems.com
Advanced Micro Devices
22
www.amd.com
Apple Computer Inc.
58
www.apple.com
Cisco Systems Inc.
58
www.cisco.com
Citrix Sytems Inc.
58
www.citrix.com
EMC Corp.
22
www.emc.com
HP
58
www.hp.com
IBM Corp.
11, 58
www.ibm.com
Illuminata Inc.
55
www.illuminata.com
Intel Corp.
22
www.intel.com
Network Automation Inc.
17
www.networkauomation.com
Novell Inc.
58
www.novell.com
Oracle Corp.
11
www.oracle.com
SWsoft Inc.
22
www.virtuozzo.com
This index is provided as a service. The publisher assumes no liability for errors or omissions.
| redmondmag.com | Redmond | August 2006 | 71
Foley on Microsoft
By Mary Jo Foley
Microsoft’s Future Is … Robotics?
W
hile I’m a fan of futuristic/geeky projects as much
as anyone, I just didn’t feel all that wowed about
Microsoft’s announcement earlier this summer
(late June) that it was launching a development platform for
folks building robots. That is, until I
had a chance to chat with Tandy Trower, the general manager in charge of the
Microsoft Robotics Studio product.
Microsoft historians may know Trower as a 24-year-plus Microsoft veteran
who has worked on a variety of
Microsoft projects, ranging from Visual
Basic to Microsoft Agent technology.
He has also served as a member of
Chairman Bill Gates’ strategic planning
staff during his tenure. It was in that
capacity that Trower discovered the
robotics community and its growing
prominence in the tech landscape.
“There were a number of robotics
community leaders coming to us saying
they wanted to interact with us,” Trower says. “Bill asked me to spend several
months with the leaders and find out
what was going on.”
Trower found that the robotics community was keen on welcoming
Microsoft as an active participant. Two
years ago, he assembled a 60-page document on the state of the robotics
industry and formulated a number of
plans that Microsoft potentially could
pursue in this space.
After reading Trower’s findings, Gates
and his research lieutenants, Rick
Rashid and Craig Mundie, all agreed
that Microsoft needed to jump on the
robotics bandwagon. They decided to
allow Trower to create a robotics project that would be incubated inside
Microsoft Research.
Trower and his team of nine began
building a programming model/frame-
work that would be of use to developers
working on anything from a Lego
robot to an industrial-scale robot. In
October, the team showed off to Gates
what they were building. On June 20,
Trower’s band introduced the first
Community Technology Preview
(CTP) test build of that framework.
What’s interesting is that the new
robotics programming framework is
based on many of the distributed programming model techniques developed
by the BigTop/BigWin team. That was
another incubated project, favored by
Mundie, which aimed to deliver a grid
computing-based operating system.
While Microsoft is mum on the status of
this skunk-works effort, I’ve heard from
sources that the company decided to kill
off BigTop earlier this year. But it seems
that the spirit of BigTop lives on in
Microsoft’s Robotics Studio.
What persuaded the Microsoft power
elite, which had just shunned a gridcomputing initiative, to back Trower’s
robotics play? Two words: The future.
Trower believes that robots are the nat-
GetMoreOnline
For more on Microsoft Research, the
Microsoft Robotics Studio and for an
introduction to Microsoft’s Robotics
Studio Application Model, log on to
Redmondmag.com.
Find IT code: Foley0806
redmondmag.com
72 | August 2006 | Redmond | redmondmag.com |
ural successor to PCs, and he’s convinced his bosses to adopt his view, or
so it would appear.
To make it happen, Trower knows
that robots must evolve beyond the
limited capabilities they possess today.
The new programming framework
coming out of the Robotics effort is
intended to do just that.
“It goes beyond robotics. There are
implications for other areas,” he says.
The framework could help Microsoft
and others develop “remote presence”
kinds of applications that could, for
instance, help monitor aging adults who
need around-the-clock care, Trower says,
via some kind of “telepresence devices.”
Robotics programmers could develop
new kinds of security sensors or maintenance applications for mundane chores,
such as cutting lawns and cleaning pools.
While the Robotics Design Studio is
Microsoft-developed code, the company is taking pains to make it work with
non-Microsoft languages including
JavaScript, Carnegie Mellon’s Alice language and others, Trower says.
“The perception is that Microsoft
focuses only on our core businesses,”
Trower notes. “Robotics is still five to
10 years away from realizing its full
potential, but Microsoft’s executives
understand this. This is an investment
in the future.”
Indeed it is. And the future, at least
according to Microsoft, can be boiled
down to one word. Robotics. Do you
think the Redmondites are right? Or are
they off on a wild goose chase? Write to
me at [email protected].—
Mary Jo Foley is editor of Microsoft Watch,
a Web site and newsletter (MicrosoftWatch.com) and has been covering
Microsoft for about two decades. You can
reach her at [email protected].
NTA Thin Client Terminals. Forward-Thinking IT Transformation.
“Anyone?”
Still paying for PCs? NTA Thin Client Terminals
for server-based computing are far more affordable,
functional, and secure. And easier to maintain with
no client applications to load or hard drives to fail.
These Terminals—ICA, RDP, and PXE capable; plugand-play—run Windows®, UNIX®, Linux, and mainframe
applications directly from data center servers. Use as
is or with the NTAVO Secure Access Appliance to
integrate your IT systems. Contact Devon IT today.
D E VON
IT
N TAVO . C O M
1 .888.524.9382
[email protected]
© 2006 Devon IT, Inc.
©2005 Quest Software, Inc. All rights reserved. Quest and Quest Software are trademarks or registered trademarks of Quest Software.
All other brand or product names are trademarks or registered trademarks of their respective holders. 06/2006/IRedmond
Smart E-mail.
Get top marks in e-mail management.
With intelligent archiving from Quest Software.
Pop quiz: how do you meet e-mail compliance requirements while
reducing the cost of messaging data storage and increasing productivity?
The correct answer: with e-mail archiving solutions from Quest Software.
Quest® Archive Manager is the versatile solution that helps your organization
address e-mail compliance requirements and much more. Discover and retrieve
data easily with powerful searching tools. Access and leverage the knowledge
locked up in e-mail with secure information sharing. And reduce ongoing
operational costs through efficient storage management capabilities.
Go to the head of the class with the smart choice in e-mail archiving —
Archive Manager from Quest Software.
—————————————————————————————————————
To learn more, read our new white paper “E-mail Controls and
Regulatory Compliance — What You Need to Know,”at:
www.quest.com/intelligent
—————————————————————————————————————
Stop by booth #701 at Tech Ed Boston
for a chance to win up to $10,000
Application Management | Database Management | Windows Management
OCTOBER 9-13, 2006
LAS VEGAS
Network and
Certification Training
for Windows Professionals
Knowledgeable, Accessible Instructors
» Learn from Mark Minasi, Todd Lammle, Derek Melber and others.
Real-World Training
» Learn the new features of Windows Vista.
» Improve your network security.
» Diagnose and repair common network problems.
Peer Networking
» Problem solve with peers during networking events.
Certification Prep
» Upgrade your skills to Windows 2003 with the MCSA and MCSE tracks.
Sponsors and Exhibitors (as of June 30)
TechMentorEvents.com
OCTOBER 9-13, 2006
LAS VEGAS
Network and
Certification Training
®
for Windows Professionals
100+ Sessions, 6 Tracks
Exchange/
SQL
Server
KEYNOTE
SPEAKERS
MCSE
MCSA
Scripting
and
Automation
Bill Boswell, Senior Consultant
with Microsoft Consulting
Services, Author
Security
System
and
Network
Troubleshooting
Register by September 1
and Save $200
TechMentorEvents.com
Mark Minasi, Best-Selling Author,
Popular Technology Columnist,
Commentator and Keynote Speaker
Microsoft will be unleashing a new wave
of technologies: Will you be ready?
J
oin network administrators and IT managers for TechMentor’s focused training—by
expert instructors—on integrating, managing, securing and troubleshooting Microsoft
Windows server systems.
Technical Training at Every Level of Experience
TechMentor delivers in-depth technical training designed to help you get the most out of
your network. Experts will cover these topics and more:
» Active Directory
» Command-Line Scripting
» Disaster Recovery
» Group Policy
» VBScript
» Vista
» Wireless Security
Tips, Tips, Tips
Welcome to TechMentor
Bringing real-world experience
to the conference, TechMentor
instructors actually USE the
technology they teach about. You’ll walk away with hundreds of tips and step-by-step
instructions that you can apply immediately.
2
Who Should Attend
Exhibit Hall
> Network and Systems Administrators
> IS/IT Managers and Directors
> Network and System Engineers
> MCPs, MCSAs and MCSEs
> Security Specialists
> IT/Systems/Technical Analysts
> Help Desk/Desktop Support
> Consultants
Evaluate the newest products and solutions for
Windows networking professionals in the TechMentor
Exhibit Hall. Leading vendors will be on hand to explain
and demonstrate the very latest breakthroughs in their
technologies.
Keynote Presentations
Bill Boswell
Senior Consultant with Microsoft
Consulting Services, Author
What's Ahead for a Windows
Datacenter
Mark Minasi
Best-Selling Author, Popular Technology
Columnist, Commentator and Keynote
Speaker
Hastening La Vista: Microsoft Delivers
The Next Windows
Wednesday, October 11
11:45am-2:00pm
Exhibit Hall Open and Lunch
5:30-7:30pm
Exhibit Hall Open & Reception
6:00-7:00pm
One-On-One Consulting Hour
6:30-7:30pm
Meet the Editors of Redmond magazine
Thursday, October 12
11:45am-2:00pm
1:00-1:45pm
Exhibit Hall Open and Lunch
Vendor Presentations
Table of Contents
Instructors
Program-At-A-Glance
Course Descriptions
Registration and Travel
October 9-13, 2006 • LAS VEGAS
3
4–5
6–17
18–19
Instructors
sultant specializing in Identity Management, Rights Management, and Public
Key Infrastructure deployments. Paul’s background includes Microsoft technologies, Lotus Notes, Sun Microsystems, IBM AIX, UNIX and Linux. He has
held roles in technical training, consulting, subject matter expert for
Microsoft Learning Products, support and help desk.
Dmitri Daiter, MCSE, a Principal Exchange Engineer for Zenprise Inc., is a
systems engineer/architect with over 12 years of experience in the IT industry. Dmitri’s specialization is architecting and managing network and messaging infrastructure based on Microsoft products, but his expertise spans a range
of technologies. Dmitri had several successful network and messaging infrastructure deployment and migration projects from Exchange 4.0 to 2003.
Currently he is focusing on messaging troubleshooting automation and tools.
Anil Desai, MCSE, MCSD, MCDBA, is an independent consultant based in
Austin, TX. He specializes in evaluating, implementing, and managing solutions based on Microsoft technologies. Anil has designed and managed hundreds of SQL Server databases. He has worked extensively with Microsoft’s
server products and the .NET development platform. Anil is the author of
books on the Windows Server Platform, SQL Server, Virtualization, AD, and IT
management. He is a conference presenter and magazine contributor.
Jeff Hicks, MCSE, MCT, is a Senior Network Engineer with Visory Group, as
well as principal consultant of JDH Information Technology Solutions. He has
been in the IT industry for over 14 years, doing everything from help desk
support to project management. He is currently a contributing editor to
ScriptingAnswers.com.
Eric Johnson, MCSE, MCDBA, MCSD, is a database administrator for a
Fortune 500 company. Eric has 10 years of IT experience and has been working with Microsoft SQL Server since version 6.5. Eric has managed and
designed databases of all shapes and sizes. He has delivered numerous SQL
Server classes and Webcasts. He is the VP of Marketing for the Colorado
Springs SQL Server Users Group and author of the 4-part series, Tour de SQL,
published in Redmond magazine.
Don Jones is the owner of ScriptingAnswers.com, a contributing editor to
Redmond magazine, and a columnist on CertCities.com and MCPMag.com.
Don has written more than a dozen information technology books, including
Managing Windows with VBScript and WM (Addison-Wesley). Don is also an
independent technology consultant, with a focus on security and automation in Microsoft-centric environments.
Todd Lammle, CCNA, CCNP, CEH, CEFI, FCC, RF Licensed, has been
involved in computers and networking for over two decades. He has
worked for companies such as Xerox, AAA and IBM to consult on both
bounded and unbounded media technologies, as well as unlicensed IEEE
specifications. He’s been consulting on the new 802.11j (4.9Ghz) for
Homeland Security, as well as providing prevention techniques for hacking
and forensic technologies. Todd has written more than 50 Sybex study
guides. Todd is President of GlobalNet Training and CEO of RouterSim, LLC.
Rhonda Layfield, MCT, NT/2000/2003 MCSE, MCSE: Security, began her
network support career in 1982 serving in the US Navy, where she worked
for 7 years in communications with a top secret clearance. Since then, she
alternates between consulting (including a network support role at
Microsoft) and training (currently teaching MCSE bootcamps). Some of her
clients include Dow Jones, US Airforce, IBM, Duke Energy, Wachovia and EDS.
Darren Mar-Elia, MVP, directs DesktopStandard’s product engineering group.
He has 18 years of experience in IT systems and network administration architecture with companies such as Quest Software, Charles Schwab and Wells Fargo
Bank. He is currently a member of the JP Morgan Partners Technology Advisory
Board. He created and maintains gpoguy.com and has written and contributed
to eleven books on Windows including The Windows Group Policy Guide
(Microsoft Press). Darren is a frequent speaker on Windows infrastructure topics.
Derek Melber, MCSE, CISM, MVP, is the Director of Education and
Certification at DesktopStandard. Derek is a nationally known speaker, trainer and author, focusing on Active Directory, Security, and Group Policy.
Derek’s latest works include The Group Policy Guide (MSPress) and Windows
XP Professional ExamCram2 Second Edition (QUE).
conferences’ highest attendee evaluation scores. He won CertCities.com’s
“Favorite Technical Author” reader poll for the third year running.
Jeremy Moskowitz, MVP, MCSE, founder of Moskowitz, Inc.
(www.Moskowitz-inc.com), is an independent consultant and trainer for
Windows technologies. He runs GPanswers.com and WinLinAnswers.com
forums to answer Group Policy and Windows/Linux Integration questions.
He authored Group Policy, Profiles and IntelliMirror (SYBEX). His latest book
is Practical Windows & Linux Integration: Hands-on Solutions for a Mixed
Environment (SYBEX). Jeremy frequently contributes to Redmond magazine.
Sekou Page, MCSE, CISSP, has over 10 years of experience in the IT field. He
is Exchange 5.5/2000, IIS, and Active Directory Design Certified. Sekou specializes in Active Directory and Exchange migrations and has lead over 50
successful migrations, over 30 of which were in Exchange 2003. His expertise also includes infrastructure architecture/optimization and security.
Currently Sekou is the Principal Exchange knowledge architect at Zenprise.
Keith Parsons is Managing Director of the Institute for Network
Professionals and is Editor-in-Chief for NICs. He holds 36 technical certifications and has earned an MBA in Qualitative Analysis from the Marriott
School of Management. He is author (or editor) of a dozen technical publications and has developed six technical certifications for companies such as
Network Associates, Verisign, and IBM.
Beth Quinlan, MCT, MCSE, MCSA, CISSP, is a trainer/consultant who has
specialized in Microsoft infrastructure technologies and security design for
over 12 years. Beth is in her 4th worldwide tour for Microsoft Product Teams.
She trains internal Microsoft engineers, partners and customers on ISA
Server 2004, Antigen, Exchange Hosted Services and RMS. Beth has spoken
at events for Microsoft and others, written courseware, developed hands-on
labs and recently authored ISA Server 2006 Reviewer’s Guide.
Steve Riley is a product manager in Microsoft’s Security Business Unit. In 1998
he joined Microsoft Consulting Services to design highly-available network architectures, develop hosting platforms for custom and off-the-shelf applications,
and deploy complex multi-site VPNs. As a security consultant, he worked with
customers to conduct security assessments and risk analysis, deploy technologies for attach prevention and intrusion detection, and assist with incident
response efforts. He is a frequent speaker at conferences worldwide.
Bruce Rougeau, MCSE, MCP+I, MCT, Citrix Certified MetaFrame
Administrator, began designing and implementing a three-tier architecture in
1998. A recent thin client implementation was deployed using Citrix’s
WinFrame utilizing 1,000 Windows-based terminals and fewer than 20 PCs.
Currently he works for EDS as an infrastructure architect focusing on networks,
Web servers, thin client computing and 32-way Intel Data Center solutions.
Greg Shields, MCSE: Security, CCEA, is a senior consultant with 3t Systems
in Denver. A contributing editor to Redmond magazine, Greg has experience
with architecting and administering enterprise collaboration systems using
Microsoft, Citrix, and VMWare technologies. His recent projects include
architecting a multi-company, collaborative software development environment, deployment of an enterprise patch management system using SMS,
and authoring best practices with its use. Greg is a dynamic speaker and
technical trainer.
Bharat Suneja, MCT, MCSE: Messaging, MCSE: Security, Security+, has over
10 years of experience architecting and managing exchange environments
ranging from mid-size companies to large service providers. His expertise
spans Active Directory and security. Bharat has worked in industries including ecommerce, ISP/ASP, IT firms and software. Bharat is a writer and contributing editor for IT publications and was a technical reviewer for Exchange
Server 2003 24 Seven (by Jim McBee).
Richard Taylor is a speaker, consultant, and trainer. He has worked as an
instructor for training centers, a consultant for firms such as Honeywell, MCI,
and Lockheed Martin and is an Intel systems engineer where he developed
and implemented programs to improve factory automation systems. Rick
also worked for Nestlé supporting one of the largest single AD domains
worldwide. He was responsible for maintaining the functionality of servers in
South America, the U.S. and Canada.
Joern Wettern, Ph.D., MCSE, MCT, Security+, is the owner of Wettern
Mark Minasi, MCSE, is author of Mastering Windows Server 2003, the latest
in a series of books on Microsoft networking that have sold over a million
copies. He has been a columnist for several industry magazines. Mark is a frequent conference keynote and breakout speaker and regularly garners those
Network Solutions, a consulting and training firm. He has written books and
developed training courses on a number of networking and security topics.
In addition to helping companies implement network security solutions, he
regularly teaches seminars and speaks at conferences worldwide.
TechMentorEvents.com
Instructors
Paul Adare, the Chief Technology Officer of IdentIT Inc., is a security con-
3
Crash Courses
CC3
Monday, October 9, 2006
G
O DEEP! TechMentor takes you in-depth with 3-1/2 hour
crash courses on Networking, Troubleshooting, Vista,
Linux/Windows Interop and more. Get a jump on your training with these pre-conference courses led by expert instructors.
CC1
VMware Workstation & Server
Crash Course
8:00-11:30am
Greg Shields
If you’ve heard all the virtualization hype and not had time to learn
it, now’s your chance! Focusing on VMWare’s suite of products for
virtualizing servers and workstations, Greg will guide you swiftly
through the tools and the technology while pointing out the pitfalls and the promise. You’ll learn the basics of deploying, managing, and troubleshooting Virtual Machines using VMWare’s
Workstation and ESX Server. You’ll discover the best ways to secure
your server hosts and rapidly deploy new Virtual Machines. You’ll
analyze system sizing tricks and performance optimizations that
prevent bottlenecks and resource overuse. And, you’ll leave with
proven solutions for virtualizing your entire server infrastructure at
a very affordable price.
CC2
Networking Crash Course
8:00–11:30am
Todd Lammle
TCP/IP? IPv6? Internetworking? Hubs, switches and routers? Have
you always wanted to understand what these terms really mean in
a compact, easy to understand format? Take the plunge into this
high octane, half-day course and leave soaked in everything about
basic networking. You’ll be fully equipped with a thorough, realitybased knowledge of networking. This course opens with the very
basics of computers and networking, then glides upward through
TCP/IP addressing, routing protocols and even basic wireless technologies-priceless for anyone trying to get a running start in the
networking arena.
Crash Courses, MCSA
MCSA – Microsoft Certified
Systems Administrator Track
6
M
icrosoft Certified System Administrators (MCSAs) are the
frontline, in-the-trenches workers in most organizations.
They’re the system administrators, the ones who keep
the servers humming along, who manage users, groups and
resources. If this is you, it’s time to get busy and add a title to your
arsenal that will give you a leg up on your peers and demonstrate
your expertise to the boss. The MCSA Track is fast-paced, presenting all the vital information necessary to prepare you for the MCSA
exams. The instruction removes all redundancy in the exam curriculum and accelerates the learning process by providing only the
information needed, without any sales propaganda. This track has
been updated to include a new session that will quiz the students
by going through a database of Microsoft questions targeted at the
70-290 exam. This is a jam-packed week with a lot of material to
cover and a dynamic instructor to aid you in navigating the MCSA
maze. This track is led by popular “certification slam session”
instructor Bruce Rougeau who has been teaching MCSA/MCSE certification courses for the past 10 years.
NOTE: TechMentor does NOT guarantee that you will obtain a certification
after completing the certification tracks. You will be taught the test objectives, but successfully passing the tests involves more than just your training.
Vista Crash Course
8:00–11:30am
Mark Minasi
Windows Vista’s on the way with a bunch of cool new features. So
get ready for another round of “Just HOW do I do this thing I used
to be able to do in two clicks?” In this course, Mark Minasi helps
you get past “fear of flying”—flying off the handle, that is, when it
first takes you a half hour to find the Properties page for your network adapter. You’ll find this session is the fastest way to translate
your “XPertise” to the newest Windows so that you can, well, sit
back and enjoy the Vista!
CC4
Linux/Windows Integration Crash
Course
8:00–11:30am
Jeremy Moskowitz
Linux is coming to your enterprise, and you’ll have to support it. Are
you ready? Could you reboot, troubleshoot, change rights, install
new Linux software? Better take a crash course. Since you’re getting into Linux, you’ll want single sign-on from the corporate Active
Directory. In the second half of the session, we’ll describe and
demonstrate how Active Directory can be the focal point of your
authentication network, provide some tips on how to configure
Linux clients and how Samba (an application which makes Linux
play nicely with Windows) fits into the picture. If you’ve got Linux
and Windows and lot of questions, this session is for you.
CC5
Troubleshooting Group Policy Crash
Course
8:00–11:30am
Derek Melber
If you run Active Directory, you use Group Policy. Even with the
default Group Policy Objects, other issues will arise. Knowing
what’s under the hood will go a long way toward troubleshooting.
This session will go into the finer points of troubleshooting Group
Policy files, folders, permissions, and storage. You’ll learn about
creating, modifying and applying Group Policy, from both the
client and server standpoint. When you’re done with this crash
course, you’ll be able to quickly and efficiently resolve any Group
Policy issue.
M5
MCSA: Attended and Unattended
Installs and Upgrades
Monday 12:30–2:00pm
Bruce Rougeau
After a course overview, you’ll move right into troubleshooting an
attended or unattended installation or upgrade of Windows XP and
Windows 2003. You’ll use tools such as Remote Installation
Services, Sysprep and Setup Manger. Then you’ll migrate user settings and files using the Files and Setting Transfer Wizard, ScanState
and LoadState.
M11
MCSA: Data Access, File System, and
Printing
Monday 2:15–3:45pm
Bruce Rougeau
You’ll learn techniques for planning, creating and monitoring a data
access strategy for providing access to files, folders and shares—
including NTFS permissions, Share permissions, WebDav, compression and encryption. Other topics covered include configuring and
providing access to Offline files, synchronization, creating and
managing printers and print jobs for local printers, remote printers,
printer sharing and Internet printers.
M17
MCSA: Windows 2003/XP System
Configuration and Backup Strategies
Monday 4:00–5:30pm
Bruce Rougeau
You’ll learn how to install, configure, remove, troubleshoot and
monitor devices and configure driver options for driver signing.
Learn how to use tools like regedit to search and modify the reg-
October 9-13, 2006 • LAS VEGAS
istry. You’ll also get into configuring hardware profiles, power management for mobile users and using Scheduled Tasks to schedule
backups or other routine events.
MCSA: Configuring Routing and
Remote Access
Bruce Rougeau
Wednesday 4:00–5:30pm Bruce Rougeau
This session will be a complete introduction to Active Directory,
including all the buzz words and all the steps for creating a multilevel domain forest. You’ll examine the different groups by defining
the scope and membership for each then explore possible implementations based on the Microsoft terminology. You’ll also learn
about managing user objects via a GUI or scripts.
Secure, efficient remote access is becoming more critical in these
days of telecommuting.This session is all about configuring and troubleshooting remote access, including routing and remote access.
MCSA: Active Directory, Part 2
This session will cover Microsoft questions for the 70-290
Managing and Maintaining a Windows Server 2003 Environment
exam. You’ll go through each test objective by covering questions
from Microsoft Readiness and Review materials.
T11
Tuesday 8:30–10:00am
W23
Tuesday 10:15–11:45am
Bruce Rougeau
This session will introduce the concept of GPOs and scenarios for
using them. Then you’ll learn how to use Resultant Set of Policy and
Group Policy Management Snap-ins to resolve conflicts between
GPOs. You’ll also learn about GPO Filtering, Loopback processing,
Block Inheritance, Override and WMI filtering.
T17
MCSA: 70-290 Exam Prep
Th5
Thursday 8:30–10:00am Bruce Rougeau
Th11
Thursday 10:15–11:45am Bruce Rougeau
MCSA: Disk Management
Tuesday 1:45–3:15pm
MCSA: Troubleshooting RAS Policies
and Capturing Passwords with
Network Monitor
Bruce Rougeau
Hardware management is the theme for this session. You’ll learn
about managing basic and dynamic disks, monitoring hardware
devices with Device Manager and the Control Panel, optimizing
server disk performance with RAID, defragmentation and monitoring disk quotas. The session will also cover different RAID options,
how to recover from a disk failure, the command line tool diskpart
and the value Microsoft sees that it brings to the table.
RAS policies can be tricky to implement.You’ll learn about the various
settings and see a live demo exploring various variations. You’ll also
leave knowing how to go home and start sniffing your local networks
with Microsoft’s complimentary Network Monitor. You’ll learn how it
works, and how to use it to monitor and troubleshoot network issues.
Th17
MCSA: Role-Based Security and
Security Templates
Thursday 2:15–3:45pm
T23
MCSA: Terminal Services and Remote
Troubleshooting
Tuesday 3:30–5:00pm
Bruce Rougeau
This session starts with configuring and troubleshooting Remote
Desktop, then moves on to other areas of remote management,
including Terminal Services. Other topics covered include usage of
Terminal Services Administrative tools and managing and troubleshooting print queues. Learn how to use the Remote Desktop
group and limitations in an Active Directory environment.
W5
Wednesday 8:30–10:00am Bruce Rougeau
W11
MCSA: TCP/IP Configuration and
DHCP Issues
Wednesday 10:15–11:45am Bruce Rougeau
Learn how to configure TCP/IP, manage and troubleshoot DHCP
leases, Relay Agents, databases, scope options, server options and
reservations. You’ll also troubleshoot APIPA addressing and TCP/IP
configuration issues.
W17
Th23
MCSA: Performance Monitoring and
System Recovery Strategies
Learn how to monitor your most critical resources by creating a
system baseline that includes CPU, disks, network, processes and
pagefile performance counters. You’ll also learn about the boo
sequence for Intel systems and explore options for backing up and
restoring your systems using automated system recovery (ASR)
procedures; restoring data from shadow copies; planning, deploying
and monitoring system backups; and restoring a failed system.
You’ll emerge with an understanding of Windows backup, safe
mode, system restore and recovery console.
MCSA: DNS Configuration and
Troubleshooting
Wednesday 2:15–3:45pm Bruce Rougeau
You can’t be an effective administrator if you don’t understand
name resolution—specifically DNS. Learn the ins and outs of DNS,
Bruce Rougeau
Security means different things to different people. In this course,
you’ll go through the different types of servers and discuss the various security measures you can take for each. Then you’ll learn how
to use GPOs and security templates based on computer roles to
configure Registry and file permissions, account policies, audit policies, user rights, security options and system services. The next part
is deploying templates using GPOs and scripting.
MCSA: Web Services and Service
Pack and Hotfix Assessment and
Deployment
Thursday 4:00–5:30pm Bruce Rougeau
Each MCSA should be able to install and configure an IIS server. In
this session, you’ll learn how to install IIS, create virtual directories,
explore IIS 6.0 architecture, set security parameters and set up IIS
for self-monitoring. You’ll also learn how to make IIS more functional by enabling features disabled by default.
F5
MCSA: IPSec Security Principles
Friday 8:30–10:00am
Bruce Rougeau
Learn how to increase security with IPSec, which IPSec mode to
use, how to select an authentication method, and how to configure
IPSec authentication, encryption level and the appropriate IPSec
protocol. You’ll also get into troubleshooting IPSec with IP Security
Monitor and IPSec logging and learn how to plan and implement
security for wireless networks.
F11
MCSA: Certificate Strategy and
Planning
Friday 10:15–11:45am
Bruce Rougeau
Finish your week’s training with a discussion of planning, implementing and managing certificates. Learn how to deploy, manage
and configure SSL certificates for wireless networks, plan and configure authentication, plan for digital signatures, install and configure Certificate Services, plan a multi-level certificate authority (CA)
hierarchy, and archive and recover keys and revoked certificates.
You’ll also learn how to back up and restore your CA.
TechMentorEvents.com
MCSA
T5
MCSA: Active Directory, Part 1
configuring DNS server options, zone options, DNS forwarding, and
monitoring and troubleshooting DNS.
7
MCSE – Microsoft Certified
Systems Engineer Track
H
olding the Microsoft Certified Systems Engineer (MCSE)
title says a lot about you: it’s difficult to get, and shows that
you’ve got top-level design and administration skills. It’s
also a credential that can add sparkle to your resume. But you have
to come prepared for this rigorous course: The MCSE Track is aimed
at administrators or system architects with substantial (at least a
year or more) Windows 2000 Server or Windows Server 2003 experience. This intense week will prepare you to take tests necessary to
obtain Microsoft’s highest-level administrative certification. Led by
well-known author and trainer Derek Melber, the course offers a
sequential path through the test objectives you’ll be required to
know. Be ready with your laptop and goggles: this course flies!
NOTE: TechMentor does NOT guarantee that you will obtain a certification
after completing the certification tracks. You will be taught the test objectives, but successfully passing the tests involves more than just your training.
M6
MCSE: Physical and Logical Devices
Monday 12:30–2:00pm
Rick Taylor
Hard drives are the most important physical and logical devices on
a Windows system. With basic disks, dynamic disks, volumes, partitions and troubleshooting, there’s a lot to know. Don’t forget about
handling drivers, driver signing and driver rollback. You’ll learn
about disk quotas, defragmentation, removable drives and how the
operating system detects and handles these devices.
M12
Monday 2:15–3:45pm
Derek Melber
MCSE: RAS and Remote
Administration
Monday 4:00–5:30pm
Rick Taylor
This session will dig deep into remote access services, covering protocols, security, RAS clients and permissions. RAS policies—the
heart of RAS security—will be demystified so you can fully understand how to create and manage them.You’ll also learn about other
remote access topics like Remote Desktop, Remote Assistance,
Terminal Services for administration (which has new names and
interfaces for Windows Server 2003) and tools like the MMC and
how to use the Adminpak for administration.
T6
MCSE: Name Resolution
Tuesday 8:30–10:00am
Rhonda Layfield
MCSE
Have you said goodbye to WINS yet? If you haven’t, you’re not
alone. Not only do we still get to support WINS, but now Active
Directory requires DNS. Most Active Directory issues end up being
DNS issues, so if it’s not set up properly for AD, bad things happen
and they happen fast. This session will help prepare you for DNS’s
requirements, options and recommended configurations for Active
Directory.
8
T12
MCSE: Manage Users, Computers, and
Groups
Tuesday 10:15–11:45am
T18
Derek Melber
With roaming profiles and mandatory profiles, controlling them is
very important. If you have roaming profiles, you then need to
MCSE: Networking Concepts and
Principles
Tuesday 1:45–3:15pm
Derek Melber
This session starts off with thorough coverage of IP and subnetting.
You’ll learn about supernetting, CIDR and subnet masking to the
nth degree.You also get up to speed on all areas of DHCP and DHCP
design criteria (including the DHCP relay agent and DHCP scope
options), NAT, demand-dial routing and wireless connections and IP
troubleshooting.
T24
MCSE: Network Security
Tuesday 3:30–5:00pm
Rick Taylor
When it comes to network security, there are plenty of options
within Windows Server 2003. You’ll get reacquainted with old
friends like SMB signing and port filtering, learn how to secure
authentication and how to use certificates to increase network
communication security.You’ll also get into IPSec—an abyss of settings and options you’ll learn to decrypt—and the new and
improved Windows Firewall, which you can control almost 100%
through GPOs.
W6
MCSE: Resource Access
Permissions aren’t the same as back in the Windows NT days.
They’ve grown up and have true inheritance, control over permission denial and granularity unlike anything before. With changes to
how ownership is handled (or given away) and default share permissions, you’re dealing with a brand new structure for handling
resources in Windows Server 2003. If you missed the key changes
with the encrypting file system (EFS), you’ve missed one of the
biggest improvements in Windows Server 2003.
M18
know what is stored in them to save time and drive space. If you
have users changing from one computer to another, tools like the
File and Settings Transfer Wizard and User State Migration Tool
(USMT) will help you migrate their information. You’ll also learn
about the new types of groups available in Active Directory and
best practices on how to use and nest them.
MCSE: IIS and IIS Security
Wednesday 8:30–10:00am
Rick Taylor
Windows Server 2003 now has a distinct product for running a Web
server—IIS. You’ll learn the new features of IIS including overlapping recycling, real-time editing of the XML metabase, Application
Pools, Web Service Extensions, and the key architectural changes
that improve stability, security and performance for your Web
servers.
W12
MCSE: Active Directory, Part 1
Wednesday 10:15–11:45am Derek Melber
Active Directory takes you on a quest to understand the terminology and structural components. You’ll learn both in this session,
starting with the key concepts and the structural components of
Active Directory and how they work together. You’ll cover domains,
trees, forests, sites, trusts, organizational units (OUs) and more.
Without a core understanding of how Active Directory works, you
will never be successful on any of the MCSE exams dealing with
Active Directory. You’ll get all of the answers here.
W18
MCSE: Active Directory, Part 2
Wednesday 2:15–3:45pm Derek Melber
Active Directory is too big a topic to fit into one session. This second session will present the more difficult topics, such as FSMOs,
universal group caching, replication design, organizational unit
(OU) design, Active Directory security and delegating administrative control. You’ll also learn how to secure domain controllers and
account policies, and ensure that all authentications are secure.
W24
MCSE: Managing and Monitoring
Performance
Wednesday 4:00–5:30pm
Rick Taylor
Although Task Manager has been around a long time, it has several
new features for you to learn. There’s also the System Monitor
(a.k.a. Performance Monitor), which is ideal for baselining and troubleshooting network, application or system problems. You’ll also
learn the ins and outs of Software Update Services (SUS), and how
it should work with GPOs. Event Viewer is still essential for monitoring, but the audit policy needs to be set up to fill the security
October 9-13, 2006 • LAS VEGAS
logs. You’ll also see Microsoft Baseline Security Analyzer (MBSA),
which is constantly being upgraded with new features.
Th6
MCSE: Introduction to GPOs
Thursday 8:30–10:00am
Derek Melber
Group Policy Objects can be complex to understand, design, and
implement. This session will cover the key aspects of Group Policy
Objects, including GPO precedence, delegation, enforcement,
blocking policy inheritance and GPO filtering. You’ll also learn
about the key aspects of GP settings, including security controls,
logon and authentication components, software restrictions, desktop standardization and software distribution.
Th12
MCSE: Disaster Recovery and
Backups
Thursday 10:15–11:45am
Rick Taylor
Learn how to navigate the myriad options for troubleshooting,
backup and recovery. There are still familiar tools like Last Known
Good and NTbackup, as well as new options like Automated System
Recovery and Volume Shadow Copy. For Active Directory, there are
also System State and authoritative restores, the Recovery Console,
tombstoning and emergency management.
Th18
MCSE: Introduction to GPOs
(repeat session)
Thursday 2:15–3:45pm
Derek Melber
Group Policy Objects can be complex to understand, design, and
implement. This session will cover the key aspects of Group Policy
Objects, including GPO precedence, delegation, enforcement,
blocking policy inheritance and GPO filtering. You’ll also learn
about the key aspects of GP settings, including security controls,
logon and authentication components, software restrictions, desktop standardization and software distribution.
Th24
MCSE: Advanced GPOs
Thursday 4:00–5:30pm
Derek Melber
This session will take you on a tour of advanced GPO techniques
and tasks, like custom GPO settings, ADM templates and new security settings. You’ll use security templates to secure a group of
computers and ensure the computers always get these settings.
You’ll also learn how to delegate control to all aspects of GPO
management using the new features of the GPMC.
F6
MCSE: PKI and Certificates
Friday 8:30–10:00am
Rick Taylor
Windows Server 2003 PKI can deploy an enterprise public key infrastructure fairly simply, but understanding the correct hierarchy for
your Certificate Authorities (CAs) is essential. You’ll learn the correct design of PKI and your CAs, as well as how to issue and manage the certificates required for the multitude of certificate-using
applications. There are plenty of new PKI enhancements as well,
including certificate enrollment, qualified subordination and custom certificate templates.
F12
MCSE Review Session
Friday 10:15–11:45am
Rick Taylor
Do you still have burning questions about Microsoft technologies,
exams, or the exam process? This is the time for those questions.
We’ll open up the floor to your questions, and guide you through
some summary activities to help solidify your knowledge from the
week. We will look at a few archived Microsoft questions that give
you a clear understanding of the type of questions you’ll be up
against when you sit for the exams. Remember, “There are no stupid questions.” Bring your questions to this session.
MCSA: Windows Server 2003 Core Requirements
(70-270, 70-290, 70-291), 2nd Edition By James Chellis, ISBN: 0-7821-4452-7
($119.97 retail, $60 for TechMentor attendees, courtesy of Sybex/Wiley)
• Includes the two Study Guides: MCSA/MCSE Windows Server 2003 Network Environment
Management and Maintenance Study Guide (70290), and MCSA/MCSE Windows Server
2003 Network Infrastructure Implementation, Management and Maintenance Study Guide
(70291)
• As well as one additional backlist Study Guide: MCSA/MCSE Windows XP Professional
Study Guide, Third Edition (70270), 078214412-8, Paper/CD
• Plus two bonus CDs featuring an evaluation version of Windows Server 2003 and two
additional bonus exams for each title.
MCSE: Windows Server 2003 Certification Kit
• MCSA/MCSE Windows Server 2003 Network Environment Management and Maintenance
Study Guide (70290)
• MCSA/MCSE Windows Server 2003 Network Infrastructure Implementation, Management,
and Maintenance Study Guide (70291)
• MCSA/MCSE Windows Server 2003 Network Infrastructure Planning and Maintenance
Study Guide (70293)
• MCSA/MCSE Windows Server 2003 Active Directory Planning, Implementation, and
Maintenance Study Guide (70294)
• Plus two bonus CDs featuring an evaluation version of Windows Server 2003 and 300
additional practice test questions
TechMentorEvents.com
MCSE
(70-290, 70-291, 70-293, 70-294) 2E By James Chellis, ISBN: 0-7821-4453-5
($159.96 retail, $80 for TechMentor attendees, courtesy of Sybex/Wiley)
9
Exchange/SQL Server
T16
C
all this the “Windows back-end” track. Learn the ins and
outs of two mission-critical applications, Exchange Server
2003 and SQL Server 2005—installation, management and
troubleshooting will be some of the areas covered. If you have
responsibility for these servers, or need to get up to speed on
either, this is the track for you. Respected industry veterans will
give you the skills you need to tackle these complex servers.
M4
Overview of Exchange Server 2007
Monday 12:30–2:00pm
M10
Messaging Hygiene in Exchange 2003
& Beyond: Exchange 2003, 2003 SP2,
Exchange 2007
Monday 2:15–3:45pm
Bharat Suneja
Exchange Server 2003 and Exchange Server 2003 Service Pack 2
include Messaging Hygiene tools you can use to protect your
organization from unsolicited commercial email (UCE). You’ll learn
what these features offer and how to configure the different components of the Messaging Hygiene framework. Learn how to avoid
common pitfalls when using different filtering mechanisms like
Connection Filter, Sender ID Filter, Sender Filter, Recipient Filter and
Intelligent Message Filter—and get a preview of what Exchange
Server 2007 has in store for Messaging Hygiene.
M16
Designing Exchange for Performance
Monday 4:00–5:30pm
Sekou Page
You’ve got Exchange up and running and everything seems fine—
until someone says “e-mail is slow.” Troubleshooting Exchange performance begins with making sure you have a well designed infrastructure. Factors like the type and number of servers in your environment, user load and behavior and your overall IT infrastructure
can all contribute to how you design and tune your systems. You’ll
learn how to architect an Exchange environment and design servers
for maximum performance.
Exchange/SQL Server
T4
10
SMTP Virtual Servers and SMTP
Connectors: How to Configure SMTP in
Exchange Server 2003
Tuesday 8:30–10:00am
Bharat Suneja
Exchange Server 2000/2003 uses SMTP as a transport and forms
the backbone of an Exchange message routing topology. Learn how
SMTP works in Exchange 2003 and how to configure it properly.
You’ll learn how SMTP virtual servers and SMTP connectors work
and how to configure SMTP in different topologies. You’ll learn best
practices and get the answers to many frequently asked questions
about SMTP configuration.
T10
Clustering Exchange with Exchange
Server 2003 & 2007
Tuesday 10:15–11:45am
Bharat Suneja
High Availability clustering is a solution to the higher uptime needs
demanded by SLAs in some organizations. In this session, you’ll
learn how clusters provide higher uptime, how to set up an
Exchange cluster using Windows Server 2003 and Exchange Server
2003, planning and deployment considerations, considerations for
managing clustered Exchange servers and get a sneak preview of
the new clustering features coming in Exchange Server 2007.
Tuesday 1:45–3:15pm
Sekou Page
DNS is often considered a “black box.” Once it’s configured and
working, it’s hard to figure out why it “breaks” or what might be
wrong. The focus of this session is troubleshooting DNS issues as
they relate to Microsoft Exchange. There will be a group discussion
on approaches to take when troubleshooting connectivity, zone
integrity, performance, Active Directory DNS and name resolution.
By thoroughly understanding the different classes of DNS issues
and the appropriate troubleshooting processes, we’ll take the mystery out of DNS issues.
Bharat Suneja
Exchange Server 2007, the next major version of Exchange, brings
many new features, functionality and new ways of performing
management tasks. This session provides an overview of all the new
features coming in Exchange Server 2007.
Troubleshooting DNS for Exchange
T22
Disaster Recovery Planning for
Exchange
Tuesday 3:30–5:00pm
Sekou Page
You never know when disaster will strike. In this session, you’ll learn
some of the ways to prepare your Exchange environment for an
emergency, looking at the entire Exchange infrastructure from
mailbox servers and infrastructure to individual mailboxes and
messages. You’ll also learn some of the best ways to avoid disaster
altogether by careful environment planning and architecting.
W4
Exchange and Active Directory
Availability Issues
Wednesday 8:30–10:00am
Dmitri Daiter
When you implement your Exchange infrastructure, it is important
to make sure that all the Active Directory related services and
servers are available and not only available but available “nearby”
(through a fast connection) and have necessary performance
capacity. DNS servers, Domain Controllers, Global Catalog servers,
and Kerberos servers need to be available for Exchange server to
work properly and even to start. We will consider issues that will
arise if there are problems with Active Directory availability.
W10
Client Side Exchange Troubleshooting
Wednesday 10:15–11:45am Dmitri Daiter
When it comes to running Exchange, keeping your users happy is
your goal. You’ve got a handle on troubleshooting server side issues,
but when it comes to troubleshooting client side issues, it’s like stepping into the “Wild West.”You never know what to expect. In this session you’ll learn techniques for troubleshooting client side issues.
From Outlook to OWA and mobile devices, you’ll learn everything
you need to be successful when working on client side issues.
W16
Troubleshooting SMTP for Exchange
Wednesday 2:15–3:45pm
Sekou Page
Exchange has become the most critical business communication
tool. If e-mail goes down, the impact on business transactions and
productivity is detrimental. At the core of all email communication
is Simple Mail Transfer Protocol (SMTP). This session will provide
an in-depth look at SMTP—examining common configurations and
problems and address some of the well known (and not so well
known) methods of troubleshooting SMTP problems.
W22
Architecting a Highly Secure
Messaging Environment
Wednesday 4:30–5:00pm
Sekou Page
The security of your mail infrastructure is critical. With the threat
of worms, viruses and hackers (both external and internal), securing your mail system is no easy task. Although Windows 2003 and
Exchange 2003 have made improvements over previous versions,
your mail system is far from safe. In this session, you’ll learn best
practices for securing your Exchange infrastructure from top to
bottom and examine some of the common mail system exploits
and how to avoid them.
October 9-13, 2006 • LAS VEGAS
Th4
SQL Server 2005 Reporting Services
Thursday 8:30–10:00am
Eric Johnson
Refined in this release of SQL Server, Reporting Services is a powerful, easy to manage reporting platform. This presentation will cover
the tools you need to design, manage, and view reports. In addition,
we will look at SharePoint integration, report subscription, integration with SQL Server Management Studio, and much more.
Th10
Monitoring and Optimizing SQL
Server 2005 Performance
Thursday 10:15–11:45am
Anil Desai
Monitoring and optimizing SQL Server performance is essential.
This session will include walkthroughs and demonstrations of SQL
Profiler, Query Analyzer, Windows System Monitoring and the
Database Engine Tuning Advisor. You’ll learn how to troubleshoot
slow queries, find bottlenecks on busy servers, design indexing
strategies, manage blocking and deadlocks, and use of partitioning
and index-related enhancements to optimize performance.
Th16
SQL Server Integration Services
Thursday 2:15–3:45pm
Eric Johnson
SQL Server Integration Services (SSIS) is the new extraction, transform, and load (ETL) tool in SQL Server 2005. SSIS replaces and
improves upon Distributed Transaction Services (DTS) from previous versions. Now a truly powerful enterprise level ETL tool is available with SQL Server. SSIS provides graphical tools for designing,
building, and debugging SSIS packages. This presentation will provide an overview of SSIS and a look into the many functions for
merging, cleaning, and aggregating data. In addition, we will look at
options for scheduling and running SSIS packages both with and
without SQL Server.
Th22
your SQL Server installations, including managing logins, creating
database users and managing server- and object-level permissions.
F4
Replication in SQL Server 2005
Friday 8:30–10:00am
Eric Johnson
In this session, we will dive into the challenge of configuring, using,
and troubleshooting replication. Topics will include snapshot replication, transactional replication, merge replication, and the newlyminted peer-to-peer replication. We’ll look at how replication
works and how to make the best use of it in your environment.
Additionally, we will look at new tools and enhancements that will
allow you to more effectively manage and troubleshoot SQL Server
Replication.
F10
SQL Server 2005 Data Protection and
High Availability
Friday 10:15–11:45am
Anil Desai
SQL Server 2005 includes many new features to help ensure that
your database servers stay up and running, even under the worst of
circumstances. This presentation will cover SQL backup and recovery, including new enhancements that make the process more reliable and walkthroughs of real-world backup and recovery plans.
There will also be live demonstrations of the high-availability features in SQL Server 2005, including database mirroring, log-shipping
clustering, database snapshots, replication and how to select the
most appropriate high availability technology for a given scenario.
Securing SQL Server 2005
Thursday 4:00–5:30pm
Anil Desai
BONUS!
Each attendee will receive the complete set
of all course notes*. This CD will be handed
out during the conference.
(*excludes crash courses)
TechMentorEvents.com
Exchange/SQL Server
Relational databases are where an organization’s most sensitive and
important assets are often stored. Therefore, it’s only fitting that
systems administrators and DBAs do their part to protect systems.
SQL Server 2005 uses a multi-layered security model that involves
security principals, securables and permissions. It’s consistent and
straight-forward, once you understand how all the pieces fit together. This presentation will cover details you’ll need to know to secure
11
Scripting and Automation
“C
hoose your weapon” with this year’s Scripting and
Automation track, where industry guru Don Jones
will introduce you to all the right tools for the right
job: VBScript, command-line (batch) scripting, and even
Microsoft Shell (MSH, or “Monad”), Microsoft’s newest scripting
shell for Windows and server automation. You’ll even find a session or two that don’t involve any scripting whatsoever, giving
you automation tools that you can start using right away, with
zero experience and zero learning curve. Take the entire track and
become a true Automated Administrator, able to leverage a variety of technologies to increase productivity, efficiency, and even
your job satisfaction. All sample scripts and other tools will be
provided (via download) for your convenience (bring an extralife battery if you plan to follow along on your laptop). Don’s
quick-moving and occasionally whimsical style is famous for
making difficult scripting concepts easy to grasp even for someone with absolutely no prior experience; step right up and learn
about the automation technologies that will truly set you apart
from the masses as a professional, enterprise-class Windows
administrator!
M3
VBScript Fundamentals, Part 1
Monday 12:30–2:00pm
Don Jones
Learn the core VBScript language, including how Windows Script
Host (WSH) works, how VBScript handles and manipulates data,
how to add looping and logic to your scripts, and even how to
modularize your script code. This is the place to start if you have
absolutely no prior VBScript experience, as you’ll be treated to a
step-by-step introduction to the language, shown how to use the
documentation effectively, and even shown a few tricks for
“scripting without scripting.” This session is an absolute must for
anyone planning to take other scripting courses in this track.
Scripting and Automation
M9
12
VBScript Fundamentals, Part 2
Monday 2:15–3:45pm
Don Jones
Continue your VBScript education by learning to work with the
COM objects that provide access to Windows’ administrative functionality. You’ll learn how to manipulate files and folders, how to
map drives and printers, and even how to manipulate the registry
and other Windows shell components. Most importantly, you’ll finish learning the basics of VBScript, preparing you to begin working
with more advanced technologies like Windows Management
Instrumentation and Active Directory Services Interface. Pre-requisite: Completion of VBScript Fundamentals I.
M15
VBScript Debugging and Error
Handling
Monday 4:00–5:30pm
Don Jones
Stop banging your head against the wall and stomp those bugs—
or, better yet, prevent them from happening at all! You’ll learn the
experts’ secrets for preventing VBScript bugs, as well as techniques
for gaining better insight into your scripts’ execution to help eliminate bugs quickly. You’ll also learn VBScript error handling techniques, a valuable way of giving your scripts the intelligence to
anticipate problems and deal with them, rather than crashing unexpectedly at the first sign of trouble. Don will even provide you with
several debugging tools and show you how to use commercial
script debuggers, giving you a complete arsenal in the war on bugs.
Prior VBScript experience, or completion of earlier VBScript sessions in this track, is highly recommended.
T3
VBScript and Windows Management
Instrumentation (WMI)
Tuesday 8:30–10:00am
Don Jones
Use VBScript to tap into Windows’ most powerful administrative
technology: Windows Management Instrumentation (WMI). Learn
to inventory configuration settings, perform basic configuration
changes—all remotely, of course—and utilize WMI testing and
development tools like Wbemtest. You’ll also learn how to read
the sometimes-complex WMI documentation, and to use script
templates to create effective administrative scripts faster and
more easily. Bring your WinXP laptop and follow along with the
in-class samples and demonstrations. Pre-requisite: Prior VBScript
experience, or completion of both VBScript Fundamentals sessions.
T9
VBScript and Active Directory Services
Interface (ADSI)
Tuesday 10:15–11:45am
Don Jones
Reach out and manage Active Directory, local security accounts,
and even local services by using ADSI, the Active Directory Services
Interface. You’ll learn how to write and test ADSI queries, how to
use script templates to create scripts more quickly, and how to dig
up difficult-to-find ADSI and related documentation. You’ll learn to
create users, manage organizational units, tap into groups, and
even perform tricks with local services like file and print sharing.
Pre-requisite: Prior VBScript experience, or completion of both
VBScript Fundamentals sessions.
T15
Writing Inventory Scripts
Tuesday 1:45–3:15pm
Don Jones
A “nearly scriptless scripting” session: Learn (or review) the very,
very basics of Windows Management Instrumentation (WMI) and
see how to piece together template scripts (provided) to inventory
a huge variety of information from desktop and server machines on
your network. Think of this as “script assembly” rather than actual
coding; you’ll use a series of easily-modified templates, as well as
the Microsoft WMI documentation and WMI Wizards and
“Scriptomatics,” to produce useful inventory tools that work with
Active Directory, databases, files, and more. Absolutely no prior
scripting experience required.
T21
VBScript and Databases
Tuesday 3:30 – 5:00pm
Don Jones
Leverage the power of Access, Excel, and even SQL Server from
within VBScript. You’ll learn to use ActiveX Data Objects (ADO)
to uniformly access almost any database imaginable, using them
to store the results from your scripts, drive your script’s activities, and much more. Includes an introduction to basic SQL language queries that make ADO work, and helps you bypass the
confusing parts of ADO that don’t pertain to administrative
scripting. Pre-requisite: Prior VBScript experience, or completion
of both VBScript Fundamentals sessions. Also assumes basic WMI
and ADSI scripting skills.
W3
Windows PowerShell (“Monad”)
Scripting, Part 1
Wednesday 8:30–10:00am
Don Jones
Welcome to Microsoft Windows PowerShell (WPS, formerly codenamed “Monad”), Microsoft’s answer to Unix shell scripting and
one of the most powerful new ways to automate Windows administration. In this “fundamentals” session, you’ll learn what Windows
PowerShell is and how it works. You’ll also learn just enough of
Microsoft’s .NET Framework (which WPS is built on) to understand
WPS and use it effectively. You’ll learn the very basics of the WPS
scripting language, too, and see how WPS cmdlets can be used from
within a script. This is the perfect introduction to Windows
PowerShell. You will need to obtain the latest Windows PowerShell
software independently if you wish to follow along; it will not be
provided in class.
October 9-13, 2006 • LAS VEGAS
Windows PowerShell (WPS) Scripting,
Part 2
Wednesday 10:15–11:45am
Don Jones
Learn how to write fully-functional Windows PowerShell (WPS)
scripts, work with advanced cmdlets, and even learn about the
broad variety of cmdlets initially available with WPS. You’ll learn
more about the WPS scripting language, including its object-oriented nature and how to write more complex, powerful scripts. You’ll
dig slightly deeper into Microsoft’s .NET Framework to see what
makes WPS tick, and you’ll be able to write complete, fully-functional WPS scripts to help automate administrative tasks in your
environment. Pre-requisite: Completion of Windows PowerShell
Scripting I session. You will need to obtain the latest WPS software
independently if you wish to follow along; it will not be provided in
class.
W15
Command-Line Scripting, Part 1
Wednesday 2:15–3:45pm
Jeff Hicks
Think you need to be a VBScript guru to automate administrative
tasks? Think again. With the help of an old friend, the C:\ prompt,
you can take advantage of the command line’s power and versatility. This session will introduce you to command line scripting so
you can leverage the vast number of free command line utilities to
manage your servers and desktops. You’ll learn to customize the
command line to suit your needs, master basic command line syntax and techniques, and begin building batch files. You’ll also learn
the top three commands every Windows administrator should
know. Bring your Windows XP laptop and follow along with the inclass samples and demonstrations. Absolutely no prior scripting
experience required.
W21
Command-Line Scripting, Part 2
Wednesday 4:00–5:30pm
Jeff Hicks
This session continues our exploration into the power of the command line. Learn how to integrate VBScript and command line
scripting, manage Active Directory without a management console,
and leverage the power of WMI without having to know WMI! The
session will wrap up with our rapid fire Top 10 Command Line
Tricks, which are sure to fire you up to start using the command
line. Bring your Windows XP laptop and follow along with the inclass samples and demonstrations. Pre-requisite: Command-Line
Scripting I or previous command line experience.
Th3
Windows PowerShell (WPS, formerly
code-named “Monad”) Scripting
Overview
Thursday 8:30–10:00am
Don Jones
Caught up in other TechMentor tracks? Here’s a chance to learn
about Windows PowerShell (WPS, formerly code-named “Monad”)
the new scripting and automation shell from Microsoft. You’ll learn
what WPS is, how it works, and the very basics of the WPS scripting language, to. You’ll see how WPS cmdlets can be used from
within a WPS script, and see several pre-written WPS scripts in
action. This is a great overview for WPS if you’re working hard to
keep up with the latest technologies, and recognize that scripting
and automation will be a major resume item over the next few
years. This session is an overview for those unable to attend the
Windows PowerShell (WPS, formerly code-named “Monad”)
Scripting I and II sessions.
Th9
VBScript with a GUI: HTML
Applications (HTAs)
Thursday 10:15 – 11:45am
Don Jones
Extend your VBScript skills and learn to make “real” Windows applications using nothing more than VBScript and simple HTML tags.
You’ll learn to make completely standalone applications that utilize
WMI, ADSI, and other scripting-related technologies in an HTML
Application, or HTA. You’ll also learn an easy-to-use “script-to-HTA”
conversion process that minimizes both debugging and application
complexity. The perfect way to make your scripts more accessible
to junior technicians and even end-users. Prior VBScript experience,
or attendance in earlier VBScript sessions, is highly recommended,
as is a strong familiarity with basic HTML tags and formatting. If
you plan to follow along on your laptop, have a WYSIWYG HTML
editor installed.
Script Without Scripting
Th15
Thursday 2:15–3:45pm
Jeff Hicks
A “nearly scriptless scripting” session: Learn to use a variety of tools
that can produce ready (or nearly-ready) to run administrative
scripts with just a few mouse clicks. You’ll learn about Wizards,
“Scriptomatics,” and a variety of other tools, and learn the bare
minimum necessary to convert the VBScript code they produce
into useful administrative tools. You’ll also learn about (and receive
a copy of) Don Jones’ “VBScript Toolkit,” an extensible graphical
wizard capable of producing a variety of ready-to-run administrative scripts. This is the perfect, last-minute way to pick up some
scripting skills, on the quick. It’s also a great way to review key
scripting concepts and see additional scripting uses. Absolutely no
prior experience required.
Th21
Automating Windows Desktop
Administration
Thursday 4:00–5:30pm
Jeff Hicks
A “no scripting required” session: Learn to automate a number of
top desktop administration tasks—tasks for which, in many cases,
Windows lacks built-in tools—without writing a single line of
script code. You’ll be introduced to a variety of free tools—including ready-to-run scripts, command-line tools, GUI tools, and
more—that handle the otherwise difficult “en masse” administration of desktop machines, including service management, local
account management, desktop inventories, and much more. All
tools are provided to you in-class and you’re welcome to follow
along on your laptop as you learn to use them. For script-based
tools, a brief overview of the script will be provided so that you
have a starting point for later modification and customization.
Absolutely no prior scripting experience required.
F3
Top Tricks of the Scripting Pros
Friday 8:30–10:00am
Don Jones
Learn the tricks the experts use to make scripting faster, easier, and
more efficient. You’ll learn how to leverage the features available in
most commercial script editors, as well as freely-available tools, to
write scripts faster, help prevent script bugs, work with databases,
and much more. Attendees at this session (must attend entire session) will also receive a large package of script snippets that Don
himself uses to script more quickly. You’ll essentially be taking
home Don’s own bag of tricks to use in your scripting projects. Very
demo-based, so feel free to bring your laptop and follow along.
Moderate prior scripting experience is recommended in order to
realize the full benefit of this session.
F9
Advanced VBScript Tips, Techniques,
and Practices
Friday 10:15–11:45am
Don Jones
Wrap up your new scripting skills with advanced techniques and
capabilities that will serve you for years to come: Master advanced
modularization techniques, including advanced functions and subroutines as well as Windows Script Components. Learn about
remote scripting, script security, security contexts, and other security-related concepts. Learn how to make standalone command-line
tools using your VBScript tools, and how to automate Windows GUI
applications using VBScript. Prior VBScript experience, or completion
of earlier VBScript sessions in this track, is highly recommended.
TechMentorEvents.com
Scripting and Automation
W9
13
Security
S
ecurity is kind of like the weather: everyone talks about it,
but no one does anything about it. This is your chance to do
something about it. This week-long track will take you from
soup to nuts, giving you the basics of network and server security,
through various Windows security topics, to several days of handson work in forensics and hacking training. Some of the top experts
in Windows security will be teaching, including popular Redmond
magazine “Security Advisor” columnist Joern Wettern, Microsoft
security guru Steve Riley and noted speaker, author and trainer
Todd Lammle.
M2
Anonymous Computer Usage
Monday 12:30 – 2:00 pm
Todd Lammle
This unique session will show you how to connect to PCs and
sleuth problems using tools hosted on the Ultimate USB Security
Stick. The USB memory stick is loaded with powerful security, hacking, and forensic programs—everything you need to help troubleshoot and secure client PCs, even if you lack Administrative
rights. During the session, you’ll use the software on the USB stick
to work through practical exercises and try out new computer
setup and recovery techniques. You’ll also learn how to secure your
PC against others who might try to use these tools to access your
hardware. You’ll learn how to use USB-hosted apps to run everything from Web browsers and email clients to productivity applications—all without leaving a trace behind on the computer. This is a
great session that will help manage trouble no matter where you
find it. NOTE: Ultimate USB Security Stick is required for this class.
Go online for details.
M8
Network Analysis
Monday 2:15–3:45pm
Todd Lammle
You already know that network analysis involves sniffing packets
and tracing networks. But did you know that you can do all this
with tools hosted on a USB stick? In this session, you’ll get to experience—hands-on—live network analysis. And because you’ll be
working with portable software, you’ll be able to employ these
techniques on any almost any system—all you need are the tools
on the Ultimate USB Security Stick. You’ll learn how to see everything that’s typically leaked from most networks—you’ll locate
passwords, identify suspicious traffic patterns, and view and capture packets on the fly. To ensure you’re equipped to handle today’s
changing networking environments, we’ll also show you how to
perform these tasks both wired and wirelessly. NOTE: Ultimate USB
Security Stick is required for this class. Go online for details.
M14
Security
14
T8
Computer Forensics
Tuesday 10:15–11:45 am
Keith Parsons
Computer forensics analysis is a crucial discipline for any enterprise
IT department. Whether assessing system vulnerabilities or investigating a suspected attack, you need to be able to recognize and
assess malicious, unapproved, and unauthorized activity. In this session, we’ll show you the tools, the techniques, and critical, strategic
steps needed to take to track down suspect activities. Review file
activity and USB drive usage, find local passwords, and check for
key logger software—all via tools hosted on the Ultimate USB
Security Stick. You’ll master streamlined and elegant approaches
and leave the session equipped to track down vulnerabilities and
attacks. NOTE: Ultimate USB Security Stick is required for this
class. Go online for details.
T14
Wireless Security, Part 1
Tuesday 1:45–3:15pm
Todd Lammle
The first of a two-part program, Wireless Security shows you how
to precisely secure your wireless LAN (WLAN) and Metropolitan
Mobile Network (MMN), for both corporate and home networks.
This valuable and informative course will teach you the beginnings
of WLAN security, and review the benefits and drawbacks of security methods in use today. We’ll also look ahead to next-generation
security methods so you can make well-informed decisions about
WLAN security policies!
T20
Wireless Security, Part 2
Tuesday 3:30–5:00pm
Keith Parsons
Following up on the first part of this two-part session, we’ll explore
the dark side, using wireless tools to help us think and act like a
WLAN hacker. You’ll see how vulnerable your wireless LAN might
be—and what you need to do to protect it. No matter what you’ve
heard, you really can secure that wireless network. We’ll perform
hands-on exercises in-class like “war driving”, MAC spoofing, turning your laptop into an access point, and more. Just bring your own
laptop, with either an internal or external wireless NIC, and take
the plunge into hands-on wireless security! NOTE: Ultimate USB
Security Stick is required for this class. Go online for details.
W2
What You Can Do Now to Secure
Your E-Mail
Wednesday 8:30–10:00am Joern Wettern
Social Engineering
Monday 4:00–5:30 pm
Keith Parsons
Social engineering is the practice of obtaining confidential information by manipulating legitimate users. A talented hacker will often
use the telephone or Internet to trick people into revealing sensitive information—such as a password or credit card number—or
get them to do something that’s normally against policy. And just
like that, a savvy hacker can punch right through many of your
most sophisticated, technical defenses. This session will help you
recognize and defend against social engineering-based attacks.
T2
Security USB Stick you’ll use in this session. This is a mission-critical seminar if you’re serious about protecting your intranetwork
from hackers and crackers! NOTE: Ultimate USB Security Stick is
required for this class. Go online for details.
Penetration Testing
Tuesday 8:30–10:00am
Keith Parsons
Do you know if your systems and networks are adequately secure?
There’s really only one way to find out—perform penetration testing to find out what a hacker might be able to see, find, or even
steal from your systems. This session will teach you solid ethical
hacking techniques and provide the skills you need to determine if
your network and its hosts are vulnerable to hacking exploits. Best
of all, all the tools for the session can be found on the Ultimate
Securing your e-mail against viruses, spam, hacker attacks and other
threats can seem like a gargantuan task. However, there are some
simple steps you can take today to provide effective protection for
your e-mail infrastructure. Many of these steps require little of your
time and may be accomplished with the software you already have.
In this session you will learn how to:
• Design your e-mail infrastructure to provide secure client access
without turning your firewall into Swiss cheese
• Configure DNS so spammers leave you alone
• Implement effective strategies for configuring Exchange Server
and anti-spam software
• Use Microsoft technologies to block viruses that spread via e-mail
• Reduce administrative workloads and the impact of your security
measures on users
October 9-13, 2006 • LAS VEGAS
Securing Content with Windows
Rights Management Services
Wednesday 10:15–11:45am
Paul Adare
Learn how to secure content within the enterprise using Windows
Rights Management Services (RMS). This session includes high-level
overviews of deployment considerations for an enterprise-wide
implementation of RMS, as well as detailed discussion on architectural guidance, design, scalability, availability, and reliability for
organizations of all sizes. An emphasis is put on understanding the
end-to-end planning and process so attendees can accurately
scope the amount of time and resources needed to implement RMS
as rapidly and cost-effectively as possible.
W14
Securing Web Applications with ISA
Server 2006
Wednesday 2:15–3:45pm
Beth Quinlan
If you are an IT professional responsible for providing remote users
with secure web access to internal resources, then this session is for
you! ISA Server 2006 will help you protect web-based applications,
services and data across all network layers with stateful packet
inspection, application-layer filtering and comprehensive publishing tools. A key differentiator of the product is its high level of integration with mission-critical business applications and services,
such as IIS, SharePoint Portal Server, Active Directory, and Exchange
Server. The session will show you how to use ISA Server 2006 to
enable a smoother user experience for published web applications,
document libraries, and content while improving security and easing your administrative burden.
W20
Windows Vista System Integrity
Technologies
Wednesday 4:00–5:30pm
Steve Riley
For most of the history of computing, operating systems have lived
in their own little bubbles of trust. Every part of an operating system pretty much assumed that every other part was exactly what
it claimed to be and performed only what it claimed it could do.
Recent attacks, though, have shown that such implicit trust is no
longer suitable for computers. A far more trustworthy operating
system is one where the principle of least privilege is enforced
throughout and where all operations are verified before taking
action. Windows Vista will ship with several new system integrity
technologies, including code integrity, secure startup, service hardening, mandatory integrity control, and Internet Explorer protected mode. Steve Riley will explore how these technologies work to
thwart malware attempts to take over your computer.
Th2
Making the Best Use of Group Policy
to Secure Your Network
Thursday 8:30–10:00am
Beth Quinlan
Are you responsible for implementing security policy on Windowsbased computers in your company’s network? Do you need to find an
easy way to implement these policies? If so, take a closer look at the
Windows Group Policy feature. Commonly used to configure client
desktops, Group Policy is also a powerful way to enforce security policy. This session will show you how to:
• Identify different security settings.
• Use the powerful Group Policy Management Console to ease the
administrative burden associated with security policy implementation.
• Easily document and report on security settings that have been
deployed to computers and users in your network.
• Become aware of the important new policy settings in Windows
Vista, and outline considerations for Group Policy in future versions
of Windows client and server operating systems.
Th8
Windows Vista Networking, Firewall,
and IPsec Improvements
Thursday 10:15–11:45am
all-new from the ground up. The TCP/IP stack has been rebuilt for
performance and security. There is support for the strong end-system model, a redesigned filtering engine, improved automatic performance fine-tuning, increased resiliency against TCP/IP-based
denial-of-service attacks, and full IPv6 support. The firewall
includes all Windows XP SP2 functionality plus outbound filtering,
enforcement of service hardening communications, an automatic
no-exceptions mode for unpatched systems, and more. IPsec’s
enhancements include simplified policies to speed connection
time, a redesigned user interface, user-based policies, applicationaware policies, more troubleshooting and diagnostic tools, and
much more.
Th14
Effective Computer Lockdown
Thursday 2:15–3:45 pm
Joern Wettern
Administrators often struggle to configure computers so they can
only perform limited tasks, while remaining protected against configuration changes by users. The challenge grows for shared systems like Internet kiosks, where user data must be purged between
log ins. In this session, you will learn how to use Microsoft’s Shared
Computer Toolkit to perform important lockdown tasks for shared
systems, whether it’s a tightly-protected public kiosk or a shared
client PC in the enterprise.
Th20
Microsoft Certificate Lifecycle
Manager Deep Dive
Thursday 4:00–5:30pm
Paul Adare
Get a detailed description and demonstration of the key design elements of the Microsoft Certificate Lifecycle Manager. You’ll learn
how these elements can be leveraged to simplify deployment of
digital certificates and smart cards in your organization. You’ll also
gain a better understanding of how to customize CLM, taking an indepth look at how implementing policies and work-flows can positively impact the end-to-end lifecycle of digital certificates and
smart cards. You’ll also see how end-user self service functionality
can be used to reduce cost and overhead for IT departments. This
session benefits IT administrators/implementers, IT decision makers, and IT architects alike.
F2
Security Myths Debunked
Friday 8:30–10:00am
Joern Wettern
There’s a lot of bad advice out there—especially in the area of network and systems security. In some cases, the bad information has
been repeated so often that it is now accepted as common knowledge. In this session, Joern will debunk some of the most egregious
security myths. You will learn that some configurations may make
you feel good, but really don’t do a thing to enhance security. Most
important, your improved understanding will help create a more
secure network. Some of the topics covered are:
• Why hardware firewalls can be less secure than software firewalls
• How a DMZ can lower the overall security of your network
• Why Network Address Translation is not a security technology
• When complex passwords are a bad idea
• Why it’s impossible to secure your network—and why it’s still
worthwhile to do it
F8
Attacker Trends and Techniques:
An Update
Friday 10:15–11:45am
Steve Riley
The bad guys keep getting better. They’re constantly changing
their tactics and inventing new techniques to cause harm. Why do
they do this? What motivates someone to—commit computerrelated crimes? How have the attacks changed and improved, and
what kinds of attacks can we expect to see in the future? Steve
will help you understand the latest in attacker trends and techniques, so that you can plan appropriately and implement effective processes and technologies to mitigate their threats.
Steve Riley
Security
W8
What’s new with Windows Vista? Its networking components are
TechMentorEvents.com
15
System and Network
Troubleshooting
T1
Tuesday 8:30am–10:00am
Y
ou can pick up any old book and learn how to install a new
system. But knowing how to fix that system when it breaks
takes real experience down in the trenches. Properly troubleshooting a failing server means getting it back up fast—and in
some cases, fixing it before it ever went down. Sign up for the
System and Network Troubleshooting Track and learn the very best
tips, tricks, and real world solutions to the thorniest problems.
Featuring instructors with real-world experience in complicated
environments and sessions that run the gamut of your Windows
network, you will leave with solutions you can immediately implement in your company’s network. Led by popular instructor and
Redmond magazine contributor Greg Shields, the System and
Network Troubleshooting Track is your fast-track to results!
M1
Patch Management 101: Tools &
Techniques to Keep your Network Safe
Monday 12:30–2:00pm
Greg Shields
Applying patches is like changing the oil in your car. You don’t really have to do it every month or every three months. But if you
don’t, you’ll eventually be sorry. What’s makes it worse is the combination of hundreds of patches times hundreds or thousands of
machines makes doing it every month a logistical nightmare. In this
session on patch management strategies, we’ll discuss some tried
and tested best practices used by successful companies for managing this expensive and time-consuming monthly activity. Don’t
miss this session! Your network will thank you.
System and Network Troubleshooting
M7
16
Understanding and Troubleshooting
User Profiles
Monday 2:15–3:45pm
Darren Mar-Elia
Has there ever been a Microsoft technology more problematic than
user profiles? How about roaming user profiles? This session will
look in-depth at the different types of profiles, how user profiles
work, the challenges of using roaming profiles and how you can
troubleshoot and resolve common profile issues. We’ll look at tools
and techniques for troubleshooting remote profile problems and
best practices for ensuring the minimum of profile problems within your environment.
M13
The Accidental DBA’s Guide to
Microsoft’s Mandatory Databases –
MSDE & SQL Server Express
Monday 4:00–5:30pm
Getting Down & Dirty with Group
Policy Functionality
Mark Minasi
Microsoft has released tons of free network management utilities
over the years. But recently they’ve all had one thing in common:
they need a real-live SQL Server to run. And unless you want to
shell out a few kilobucks for SQL Server 2000 or 2005, then you’re
going to be using the Microsoft SQL Server Desktop Engine (MSDE)
or its successor SQL Server 2005 Express Edition (SSX). They’re just
like SQL Server... except that they don’t have any GUI administration tools. In this comprehensive talk, Mark solves the plight of the
“accidental DBA” with a top-to-bottom look at what MSDE/SSX
are, how to install then, how to secure them and run them, including 25 “cookbooks” to solve common problems and perform basic
maintenance. SQL administration’s not just for DBAs any more, so
who better to make it easy than master elucidator Mark Minasi?
Darren Mar-Elia
There are a lot of moving parts in Group Policy. Ensuring a functional Group Policy deployment means learning how Group Policy
is structured, how its processed and where things can go wrong.
This session will focus on increasing your understanding of Group
Policy internals and processing. You’ll get inside knowledge on the
most problematic areas of policy and learn how to deal with them
should they arise in your environment using the logs and tools that
are provided in the box.
T7
What’s New with Group Policy in
Windows Vista
Tuesday 10:15–11:45am
Darren Mar-Elia
There are a number of significant advances coming for Group
Policy in Windows Vista. From the subtle changes like the new
Group Policy client service to the big ones, like the total overhaul
of ADM files, this session will expose you to the good stuff in Vista
GP and will describe how you can take advantage of it in a mixed
Vista and XP world. We’ll also walk through some of the new policy areas supported in Vista, like power management, pushed printers and USB device lockdown.
T13
Using, Troubleshooting, and
Customizing the Security
Configuration Wizard
Tuesday 1:45–3:15pm
Greg Shields
As of late 2005, SANS reports an average of 15 minutes between
attacks on Internet-facing servers. This means that within 15 minutes another bad guy will attempt to hack your network. Under
this constant stress, you’ve got to be smart about securing your
servers. Get smart with the SCW, a comprehensive but complicated tool for taking the guesswork out of this task. In this broad and
very deep session we’ll discuss how to properly use the SCW and
we’ll delve deep into its customizable XML back-end. You’ll take
away the code you need to make it protect all your network assets.
T19
Be Gone Ye’ SpyWare! Ridding IE of
SpyWare for Good
Tuesday 3:30–5:00pm
Greg Shields
Passwords going where? Give money to whom? I just won what?
Who writes this stuff anyway? You don’t have to know who writes
it, but you do have to get it out of your network. SpyWare and its
annoying brothers, AdWare and MalWare, are a growing threat to
the Internet, and the tools to get rid of it are immature at best. In
this session, we’ll look at what’s available for excising it as well as
examining the mechanics of a SpyWare infection. You’ll leave this
session having learned the tricks to make yourself your own
SpyWare scanner.
W1
The Good, the Bad and the Really Ugly
about Microsoft’s FRS
Wednesday 8:30–10:00am Rhonda Layfield
Is Windows File Replication Service giving you heartburn? Do you
love it when it works and hate it when it doesn’t? In this deeply
technical session, you’ll troubleshoot failed Group Policy Objects
by understanding how they’re replicated with FRS and learn all the
steps FRS takes in transferring files across the network. Learn about
tools that can help you monitor and troubleshoot your FRS environment.
October 9-13, 2006 • LAS VEGAS
The Windows Troubleshooter’s Guide
to DNS
Wednesday 10:15–11:45am
Greg Shields
DNS has been around since the dawn of the Internet, but many
Windows administrators still don’t fully understand it. As the backbone of Active Directory, it’s also a necessary evil for connecting
your intranet. In this session, we’ll sort the truths from the
untruths, learn how to keep it healthy, and how to troubleshoot it
when it’s not. You’ll leave with a better understanding and a greater
respect for your network’s biggest three letter four-letter word.
W13
Top Tricks for Monitoring and
Analyzing System Performance
Wednesday 2:15–3:45pm
Greg Shields
Solving the most difficult system problems often means comparing its performance during the problem with how it behaved before
the problem ever occurred. Keeping an eye on your systems’ performance is the most overlooked responsibility of a systems
administrator. No more! In this session, you’ll learn about the best
tools – both free and non-free – for monitoring, managing, and
alerting on system performance issues. We’ll discuss how to use
performance indicators as a measurement for solving problems,
and you’ll come away knowing how to watch your performance
logs for signs of trouble.
W19
Finding and Fixing the Nastiest
Active Directory Problems
Wednesday 4:00–5:30pm
Mark Minasi
AD’s pretty reliable—quite reliable, in fact—sometimes things go
wrong anyway. Domain controllers can get disconnected from other
DCs, leading to replication problems and group policy failures. DNS
can get stupid, leading to... well, leading to a wide variety of troubles. Administrators can be distracted while changing something in
AD, laying waste to entire sections of AD—and creating a need for
fast repair. And even IF none of those things happen, Active
Directory is just a database, and even the best database needs a bit
of database administration. Join battle-scarred AD veteran Mark
Minasi in an examination of what can go wrong with AD, what to do
about it, and maybe even have a few laughs in the process.
Th1
Windows Authentications Revealed
Thursday 8:30–10:00am
Mark Minasi
Every day we log into our Windows systems, but what really happens when we do? How do workstations and domain controllers
exchange logon information without revealing passwords? Let veteran Windows expert Mark Minasi show you how logins work, what
happens when they don’t work (and how to fix them) and how to
better secure them. He’ll help you understand where Microsoft’s
login protocols are secure, and where they aren’t. After this session,
you’ll know exactly what terms like “ticket-granting service” and
“service principal name” mean.
Th7
Th13
Tuning, Troubleshooting, and Taming
Terminal Services
Thursday 2:15–3:45pm
Terminal Services has been an integral part of the Windows operating system since 1998. That means we’ve had a lot of time to
play with it and a lot of time to see it break. In this session, you’ll
fix some of TS’s biggest problems and discuss how to tune it for
best performance. We’ll discuss proven practices for setting up
Terminal Services in both LAN and WAN environments. Best of all,
you’ll learn exactly how to hack your terminal servers to eek out
the very best performance.
Th19
Ask the Troubleshooting Experts
Thursday 4:00–5:30pm
Greg Shields, Mark Minasi, Rhonda Layfield
Missed the Consulting Hour at the Exhibit Hall? Got a hugely complicated question that’s plaguing your business and need an
answer? Want to see what problems others are having in the IT
field today? Come join the Troubleshooting Experts Mark Minasi,
Rhonda Layfield, Don Jones and Greg Shields for a full 90 minute
roundtable all about your problems. Together we can fix that nagging problem that brought you to TechMentor in the first place!
F1
The Best Free Tools for Windows Server
Troubleshooting
Friday 8:30–10:00am
Greg Shields
Why buy anything if you can get it for free? With the hundreds of
free tools out on the Internet, you can find one that’ll do just about
anything—finding the right one is the hard part. For this session,
Master Toolsmith Greg Shields shares the ones in his quiver for easing the burden of systems administration—without having to beg
for money from the boss. Bring your USB hard drive to this session
and you’ll leave with a thumb full of useful freebies.
F7
Documentation & Change Control:
Hating it to Loving it in 90 Minutes
Friday 10:15–11:45am
Greg Shields
Do you hate documentation? Or maybe just want to learn how to
do it better? Do you yearn for more control in your work? Non-stop
firefighting gets the adrenaline going, but it’s a primary cause of
“lack of sleep”, “lack of vacation”, and “lack of life outside work”. If
you’re constantly firefighting to keep the network running, you’ve
got more than a technical problem: You’ve got a process problem. In
this session, we’ll douse those flames by showing you how to write
great documents and implement processes to stabilize your environment. You’ll leave with proven practices and fill-in-the-blank
documents that will stabilize your network and give your life back.
When WSUS Goes Bad:
Troubleshooting Windows Update
Thursday 10:15–11:45am
Greg Shields
Greg Shields
WSUS and Windows Update have been around for a while. But did
you know they’re components of a holistic patching engine that is
completely changing how we do updates? In this high-tech session
learn more about the Windows Update Agent and WSUS – including a peek at the upcoming WSUS 3.0. Digging deep into this
amazing new service, we’ll detail the do’s and don’ts for getting it
working properly on your network. Plus, you’ll take home six useful scripts that’ll automate some of the most difficult and annoying parts of your WSUS installation.
TechMentorEvents.com
System and Network Troubleshooting
W7
17
Hotel & Travel Information
Rio All-Suite Hotel & Casino
3700 W. Flamingo
Las Vegas, NV 89103
Phone: 1-888-746-6955
Avis Rent-a-Car is offering TechMentor attendees a discount from October 2 through October 20. To receive the
discounted daily and weekly rates, call Avis at
1.800.331.1600 or go to http://tinyurl.com/b65u5 and use
Avis Worldwide Discount number D005872.
Conference Registration
Each attendee will have access to:
> All Courses
> Keynotes
> Exhibit Hall
> Receptions
> Consulting Hour with Instructors
> Networking Events
> Lunches and Morning Pastries
> Conference Bag
> T-shirt with Completed Survey
> Printed Course Notes (for registered courses only)
> NEW! CD of All Course Notes (excludes Crash Course notes)
Early Bird Price (By September 1) $1,499
Regular Price (After September 1) $1,699
Registration and Travel Information
TechMentor has negotiated a special room rate of $169 single/double for attendees. Attendees must book their accommodations by September 14, 2006 to receive the discount.
After that date regular room rates will apply. Rooms at the
special rate are available from October 7 through October
13, based on availability.
18
To make reservations, call 1.888.746.6955 and mention the
group code S10TCH6 and the TechMentor conference to
receive your discount.
American Airlines is offering discounts from any published
domestic fare for travel to Las Vegas between October 6
and October 16. Mileage members can receive full credit
for all American miles flown to attend this conference. For
discounts please call American Airlines at 1.800.433.1790,
reference number #08H6AB. You must make your reservation by phone to receive the discount.
HOW TO REGISTER
Online:
Phone:
Fax:
Mail:
TechMentorEvents.com
1.800.280.6218 (8:00am – 5:00pm PST)
1.541.346.3545
TechMentor Registration
1277 University of Oregon
Eugene, OR 97403-1277
Onsite: You may register for the conference onsite.
However space is limited and admission
cannot be guaranteed.
Questions?
Phone: 1.800.280.6218 (8:00am – 5:00pm PST)
Email: [email protected]
Web: TechMentorEvents.com
Pre-Conference Crash Courses
Early Bird Price (By September 1) $225
Regular Price (After September 1) $275
Group Discounts
When you register 4-9 colleagues from the same company, each attendee pays only $1,299 per person.
Register 10 or more for only $1,199 per person. To register a group and for more information, call Sara Ross
at 972.506.9027 or email at [email protected].
Alumni Discount
We value our alumni! Attendees of any TechMentor Event
from 2001-2006 qualify to receive a $100 discount.
Combine this discount with Early Bird registration for a savings of $300. To qualify for the discount please include
which conference or summit you attended. This discount
does not apply to group pricing.
Attendee Networking Forum
Network with your peers before the conference begins.
Check the “Attendee Networking Forum” box when you
register and we’ll send you an e-mail with attendee contact
information about a week before the event. It’s a great way
to start networking before you arrive in Las Vegas.
Refund and Cancellation Policy
Registration is transferable with written authorization.
Cancellations must be in writing and postmarked before
the cancellation deadline. Cancellations must be made by
September 1, 2006 and will be subject to a $250 cancellation fee. Cancellations made after September 1, 2006 as
well as “no shows” are liable for the full registration fee.
TechMentor’s Federal Tax I.D. Number is 95-4758348
TechMentor Conferences are a division of 1105 Media, Inc.
October 9-13, 2006 • LAS VEGAS
Pre-Conference
Crash Courses
Monday,
October 9
Monday,
October 9
Workstation
CC1 VMWare
and ESX Crash Course
Greg Shields
CC2
Networking Crash Course
Todd Lammle
CC3
Vista Crash Course
Mark Minasi
8:00-11:30am
SYSTEM & NETWORK
TROUBLESHOOTING
12:30-2:00pm
SCRIPTING AND
AUTOMATION
SECURITY
Management 101:
Anonymous Computer
M1 Patch
Tools & Techniques to
M2
Usage
Keep Your Network Safe
Todd Lammle
M3
VBScript Fundamentals,
Part 1
M9
VBScript Fundamentals,
Part 2
Don Jones
Greg Shields
2:15-3:45pm
M7
Understanding and
Troubleshooting User
Profiles
M8
Network Analysis
Todd Lammle
Don Jones
Darren Mar-Elia
4:00-5:30pm
Tuesday,
8:30-10:00am
October 10
M13
The Accidental DBA’s Guide
to Microsoft’s Mandatory
Databases—MSDE & SQL
Server Express Mark Minasi
Down & Dirty
T1 Getting
with Group Policy
Functionality
M14
Social Engineering
Keith Parsons
Debugging and
M15 VBScript
Error Handling
Don Jones
T2 Penetration Testing
and Windows
T3 VBScript
Management
Instrumentation (WMI)
T8
T9
Keith Parsons
Darren Mar-Elia
10:15-11:45am
T7
What’s New with Group
Policy in Windows Vista
Darren Mar-Elia
Don Jones
Computer Forensics
Keith Parsons
VBScript and Active
Directory Services Interface
(ADSI)
Don Jones
1:45-3:15pm
3:30-5:00pm
T13
T19
Using, Troubleshooting,
and Customizing the
Security Configuration
Wizard
Greg Shields
T14
Wireless Security, Part 1
Be Gone Ye’ SpyWare:
Ridding IE of Spyware for
Good
T20
Wireless Security, Part 2
Todd Lammle
Keith Parsons
T15
Writing Inventory Scripts
T21
VBScript and Databases
Don Jones
Don Jones
Greg Shields
Wednesday, 8:30-10:00am
October 11
Good, the Bad, and
W1 The
the Really Ugly of
Microsoft’s FRS
You Can Do Now to
PowerShell
W2 What
Secure Your E-Mail
W3 Windows
(“Monad”) Scripting, Part 1
Joern Wettern
Don Jones
Rhonda Layfield
10:15-11:45am
Windows
Securing Content with
W7 The
Troubleshooter’s Guide to W8 Windows Rights
DNS
Management Services
Greg Shields
2:15-3:45pm
Don Jones
Paul Adare
Tricks for Monitoring
Securing Web
Command-Line
W13 Top
and Analyzing System
W14
Applications with ISA
W15
Scripting, Part 1
Performance
Server 2006
Greg Shields
4:00-5:30pm
PowerShell
W9 Windows
(WPS) Scripting, Part 2
Jeff Hicks
Beth Quinlan
and Fixing the
Windows Vista System
Command-Line
W19 Finding
Nastiest Active
W20
Integrity Technologies
W21
Scripting, Part 2
Directory Problems
Steve Riley
Jeff Hicks
Program-At-A-Glance
Mark Minasi
Thursday, 8:30-10:00am
October 12
Authentications
the Best Use of
Windows PowerShell
Revealed
Group Policy to Secure
(WPS, formerly code-named
Th1 Windows
Th2 Making
Th3
Your Network
“Monad”) Scripting
Mark Minasi
Beth Quinlan
10:15-11:45am
Th7
When WSUS Goes Bad:
Troubleshooting Windows
Update
Th8
Windows Vista
Networking, Firewall, and
IPsec Improvements
Greg Shields
2:15-3:45pm
Th13
Tuning, Troubleshooting,
and Taming Terminal
Services
Th9
Th14
Joern Wettern
Don Jones
VBScript with a GUI:
HTML Applications
(HTAs)
Steve Riley
Effective Computer
Lockdown
Don Jones
Th15
Script Without
Scripting
Jeff Hicks
Greg Shields
4:00-5:30pm
the Troubleshooting
Certificate
Automating Windows
Th19 Ask
Experts
Th20 Microsoft
Lifecycle Manager
Th21
Desktop Administration
Deep Dive
Troubleshooting Speakers
Jeff Hicks
Paul Adare
8:30-10:00am
Friday,
October 13
F1
The Best Free Tools for
Windows Server
Troubleshooting
F2
Security Myths Debunked
Joern Wettern
F3
Top Tricks of the Scripting
Pros
Don Jones
Greg Shields
10:15-11:45am
& Change
Attacker Trends and
F7 Documentation
Control: Hating It to Loving F8 Techniques: an Update
It in 90 Minutes
Steve Riley
4
Overview
Greg Shields
VBScript Tips,
F9 Advanced
Techniques, and Practices
Don Jones
CC4
Linux/Windows
Integration Crash Course
Jeremy Moskowitz
Group
CC5 Troubleshooting
Policy Crash Course
Derek Melber
EXCHANGE/SQL SERVER
M4
Overview of Exchange
Server 2007
Bharat Suneja
MCSA
M5
MCSE
MCSA: Attended and
Unattended Installs and
Upgrades
M6
MCSE: Physical and
Logical Devices
Rick Taylor
Monday,
October 9
Bruce Rougeau
M10
Messaging Hygiene in
Exchange 2003 & Beyond:
2003, 2003 SP2, Exchange
2007
Bharat Suneja
Data Access, File
M11 MCSA:
System, and Printing
M12 MCSE: Resource Access
Bruce Rougeau
Derek Melber
Exchange for
Windows 2003/XP
MCSE: RAS and Remote
M16 Designing
Performance
M17 MCSA:
System Configuration
M18
Administration
and Backup Strategies
Sekou Page
Rick Taylor
Bruce Rougeau
Virtual Servers and
MCSA: Active Directory,
T4 SMTP
SMTP Connectors: How to
T5
Part 1
Configure SMTP in Exchange
Bruce Rougeau
Server 2003
T6 MCSE: Name Resolution
Rhonda Layfield
Tuesday,
October 10
Bharat Suneja
Exchange with
MCSA: Active Directory,
MCSE: Manage Users,
T10 Clustering
T12
Exchange Server 2003 & T11 Part 2
Computers, and Groups
2007
Bruce Rougeau
Derek Melber
Bharat Suneja
T16
Troubleshooting DNS for
Exchange
Sekou Page
T17
MCSA: Disk Management
Bruce Rougeau
T18
MCSE: Networking
Concepts and Principles
Derek Melber
Recovery
Terminal Services
MCSE: Network Security
T22 Disaster
Planning for Exchange
T23 MCSA:
and Remote
T24
Troubleshooting
Sekou Page
Rick Taylor
Bruce Rougeau
MCSA: Performance
and Active
MCSE: IIS and IIS Security
W4 Exchange
Directory Availibility Issues W5 Monitoring and System
W6
Recovery Strategies
Dmitri Daiter
Rick Taylor
Wednesday,
October 11
Bruce Rougeau
Side Exchange
W10 Client
Troubleshooting
Dmitri Daiter
TCP/IP
W11 MCSA:
Configuration and
DHCP Issues
Active Directory,
W12 MCSE:
Part 1
Derek Melber
Bruce Rougeau
SMTP
DNS Configuration
Active Directory,
W16 Troubleshooting
for Exchange
W17 MCSA:
and Troubleshooting
W18 MCSE:
Part 2
Sekou Page
Configuring
W23 MCSA:
Routing and Remote
Access
Sekou Page
Th4
SQL Server 2005
Reporting Services
Managing and
W24 MCSE:
Monitoring Performance
Rick Taylor
Bruce Rougeau
Th5
MCSA: 70-290 Exam Prep
Bruce Rougeau
Eric Johnson
Th10
Monitoring and
Optimizing SQL Server
2005 Performance
Th11
Th16
SQL Server Integration
Services
Th17
MCSA: Troubleshooting
RAS Policies and
Capturing Passwords with
Anil Desai Network Monitor Bruce Rougeau
Eric Johnson
Derek Melber
MCSA: Role-Based
Security and Security
Templates
Th6
MCSE: Introdcution to
GPOs
Derek Melber
Th12
MCSE: Disaster
Recovery and Backups
Th18
Repeat – MCSE:
Introduction to GPOs
Thursday,
October 12
Rick Taylor
Derek Melber
Bruce Rougeau
SQL Server
Th22 Securing
2005
Anil Desai
Web Services and
MCSE: Advanced GPOs
Th23 MCSA:
Service Pack and Hotfix Th24
Assessment and Deploy-
Derek Melber
ment
F4
Replication in SQL Server
2005
Eric Johnson
Server 2005
F10 SQL
Data Protection and
High Availability
Anil Desai
F5
Bruce Rougeau
MCSA: IPSec Security
Principles
Bruce Rougeau
Certificate
F11 MCSA:
Strategy and Planning
Bruce Rougeau
F6
MCSE: PKI and Certificates
Rick Taylor
F12 MCSE: Review Session
Friday,
October 13
Program-At-A-Glance
a Highly
W22 Architecting
Secure Messaging
Environment
Bruce Rougeau
Rick Taylor
5
HOW TO REGISTER
ONLINE:
TechMentorEvents.com
REGISTRATION FORM
FAX: 541.346.3545
First Name
PHONE: 800.280.6218
Last Name
MAIL with full payment to:
TechMentor Registration
1277 University of Oregon
Eugene, OR 97403-1277
Title
Company
Address
City
State/Province
Zip/Postal Code
Country
Phone
Fax
Email
*Your email address is used to communicate with you about conference registration.
Vendor Marketing Code ____________________ Promo Code ____________________
Attendee Networking Forum – Yes, I want to participate in pre-conference networking via email.
Which certification titles do you currently hold? Please check all that apply:
MCP
MCDST
MCSA
MCSE
MCSD
MCDBA
MCT
Other
None
PROGRAM SELECTION
TechMentor Conference – $1,499 (Before September 1), $1,699 (After September 1)
Select Track: Exchange/SQL MCSA MCSE Scripting Security Troubleshooting
Pre-Conf Crash Course – $225 (Before September 1), $275 (After September 1)
CC1 - VMWare Workstation and ESX Crash Course CC2 - Networking Crash Course CC3 - Vista Crash Course
CC4 - Linux/Windows Integration Crash Course CC5 - Troubleshooting Group Policy Crash Course
Additional Options
Ultimate USB Security Stick - $150 (Required for Security Track sessions: M2, M8, T2, T8, T20)
MCSA: Windows Server 2003 Core Requirements (70-270, 70-290, 70-291), 2nd Edition, Sybex/Wiley - $60
(50% off list; strongly recommended for MCSA Track)
MCSE: Windows Server 2003 Certification Kit (70-290, 70-291, 70-293, 70-294) 2nd Edition, Sybex/Wiley - $80
(50% off list; recommended for MCSE Track)
$100 Alumni Discount: Previous TechMentor event attended in 2001-2006: City ________________________ Date _________________
Group Registration: please call Sara Ross at 972.506.9027 to register.
PAYMENT
Check enclosed (payable to 1105 Media, in U.S. dollars drawn on a U.S. bank)
Visa
MasterCard
American Express
Discover
Card Number ________________________________________________________________________________ Expiration Date ______________
Cardholder Name ____________________________________________ Signature ___________________________________________________
Cardholder Address (if different than above) ___________________________________________________________________________________
To confirm your registration, a guarantee of payment is required. Remit check or credit card. If you need an invoice please call
800.280.6218 or email [email protected]. To pay by purchase order, please include a copy of your P.O. with your faxed or
mailed registration. Registration fees must be paid in full before the start of the event.
SESSION SELECTIONS
After receiving your email confirmation code, you may go online and select the breakout sessions you are interested in attending. You
may attend ANY session in any track offered at TechMentor as long as space permits.
Registration Form
Total Fee ___________________________________
19
OCTOBER 9-13, 2006
LAS VEGAS
Network and
Certification Training
for Windows Professionals
Knowledgeable, Accessible Instructors
» Learn from Mark Minasi, Todd Lammle, Derek Melber and others.
Real-World Training
» Learn the new features of Windows Vista.
» Improve your network security.
» Diagnose and repair common network problems.
Peer Networking
» Problem solve with peers during networking events.
Certification Prep
» Upgrade your skills to Windows 2003 with the MCSA and MCSE tracks.
Sponsors and Exhibitors (as of June 30)
TechMentorEvents.com
9121 Oakdale Avenue
Suite 101
Chatsworth, CA 91311
PRESORTED
FIRST CLASS MAIL
U.S. POSTAGE PAID
Richmond, VA
Permit #930