“…FIPS 140 is a US Government standard that defines a minimum set of the security requirements for products that implement cryptography. This standard is designed for cryptographic modules that used to sensitive but unclassified information.
Testing against the FIPS 140 standard is maintained by the Cryptographic Module Validation Program (CMVP), a joint effort between the National Institute of Standards (NIST) and the Communications Security Establishment of Canada (CSEC).
The current standard defines four-levels of increasing security, 1 thru 4. Most software products (including all Microsoft products) are tested against the Level 1 security requirements…”
To learn more about FIPS 140 standards and how Microsoft works within that framework, check out:
http://technet.microsoft.com/en-us/library/cc750357.aspx
HTH,
Tom
Thomas W Shinder MD, MCSE, MVP
tshinder@isaserver.org
“…A key reason to take advantage of cloud services is the ability to ensure the security of business data and the reliability of the cloud services.
Attend this webcast to get an in-depth look at the Microsoft security measures for ensuring data protection and integrity in a cloud computing environment.
Learn how Microsoft’s extensive, geo-redundant data center infrastructure, which is designed specifically for enterprise customers, can enable you to safely migrate business-critical communications and collaboration capabilities to the cloud.
We also feature an overview of Microsoft’s 24×7 support infrastructure that aligns with Microsoft’s financially backed 99.9% uptime service level agreement (SLA)…”
HTH,
Tom
Thomas W Shinder MD, MCSE, MVP
tshinder@isaserver.org
While it’s the most fun learning about what the new features and capabilities are in a new OS, second to that is finding out what was dropped.
The stuff that’s dropped doesn’t get as much attention, but if there’s a feature that you’ve been using for years, you might want to know about it.
Pretty interesting list – especially the RDP support for Windows 2000 machines. I don’t know about you, but we still have a few Windows 2000 machines running here.
HTH,
Tom
Thomas W Shinder MD, MCSE, MVP
tshinder@isaserver.org
Check out these new Windows Server 2008 R2 virtual labs:
There’s a little something for everyone here – and I’m sure there are more coming in the future.
Check out these labs and let me know what you think!
Thanks!
Tom
Thomas W Shinder MD, MCSE, MVP
tshinder@isaserver.org
“…In this 2-hour clinic, IT professionals will learn about the new features and functionalities in Windows Server 2008 R2.
Topics covered in the clinic include:
- Overview of Windows Server 2008 R2
- Hyper-V in Windows Server 2008 R2
- Remote Desktop Services and Virtual Desktop Infrastructure
- Management enhancements in Windows Server 2008 R2
- Active Directory Domain Services enhancements in Windows Server 2008 R2
- Web enhancements in Windows Server 2008 R2
- Enhancements in Windows Server 2008 R2 for Windows 7 clients
Student prerequisites
- Technology Specialist level skills on Windows Server 2008
- Familiarity and experience with batch scripting or another scripting language
Objectives
At the end of the course, students will be able to:
- Describe Windows Server 2008 R2.
- Describe Hyper-V in Windows Server 2008 R2.
- Describe Remote Desktop Services and Virtual Desktop Infrastructure.
- Describe management enhancements in Windows Server 2008 R2.
- Describe Active Directory Domain Services enhancements in Windows Server 2008 R2.
- Describe Web enhancements in Windows Server 2008 R2.
- Describe enhancements in Windows Server 2008 R2 for Windows 7 clients…”
Register for and take this two hour course over at:
https://www.microsoftelearning.com/eLearning/cours...136756
HTH,
Tom
Thomas W Shinder, MD, MCSE, MVP
tshinder@isaserver.org
“…The architecture of the network perimeter is changing. The wisdom of the past was to harden the perimeter as much as possible by layering multiple technologies to detect and protect against threat. The concept was to secure organizational borders and then, after that, the network. There were various business drivers that put this “perimeterization” in sync with the needs of the business. These drivers include:
-
The explosion of IP addresses, with one on nearly every electronic device, and with some of these devices, such as mobile phones, having significant associated business functionality
-
Increased connectivity from outside the enterprise environment by customers, employees, and business partners and
-
Increased business relationships of various forms including relationships in a “coopetition”—a situation where a competitor in one field is also a business partner in another.
One difficulty with the hardened perimeter model is that as more and more technologies are added to the perimeter, the management burden increases, in some cases faster than the rate of deployment of the new technologies. Additionally, with so many “band-aid” type solutions layered at the perimeter, it eventually becomes hardened to the point that it negatively impacts the ability of the business to react effectively to new opportunities or to conduct business. We need to rethink this approach, and need to realize that while we are adding point technologies to the network perimeter in the name of security, we are also dramatically increasing the complexity of the perimeter and thereby making it more difficult for the business to respond to new opportunities…”
To learn more about deperimeterization, check out:
http://technet.microsoft.com/en-us/library/cc512604.aspx
HTH,
Tom
Thomas W Shinder MD, MCSE, MVP
tshinder@isaserver.org
“…The line between business and information security professionals is blurring. Government regulations have mandated security practices over the past decade.
The resulting changes are evident. Security professionals are being given seats at the executive table and within lines of business.
Business acumen is quickly becoming the eleventh domain of information security.
To adapt, security professionals must align with business management and develop depth and breadth within business…”
Read more over at:
http://technet.microsoft.com/en-us/library/cc512664.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
“…Today, Microsoft VPN client can be configured in two ways as discussed in this article – a) in-built VPN client b) CM based VPN client.
The first method requires end user to know the VPN settings and then create a VPN connection – which needs to be repeated by each user and prone to errors.
The second method requires VPN server administrator to create a VPN connection package (called as CM profile) and then send to end user through some mechanism (like uploading to a web server).
The end user then manually installs the CM profile. The problem in this mechanism is end user may forget to do the same step when the configuration changes and VPN server administrator has no way to automatically push the changes…”
Check out the details of this solution over at the RRAS Team Blog at:
http://blogs.technet.com/rrasblog/archive/2009/08/...y.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
BitLocker protection on removable drives is known as BitLocker To Go.
When a BitLocker-protected removable drive is unlocked on a computer running Windows 7, the drive is automatically recognized and the user is either prompted for credentials to unlock the drive or the drive is unlocked automatically if configured to do so.
Computers running Windows XP or Windows Vista do not automatically recognize that the removable drive is BitLocker-protected.
With the BitLocker To Go Reader users can unlock the BitLocker-protected drives by using a password or a recovery password (also known as a recovery key) and gain read-only access to their data.
Supported Operating Systems: Windows Vista; Windows Vista 64-bit Editions Service Pack 1; Windows Vista Business; Windows Vista Business 64-bit edition; Windows Vista Enterprise; Windows Vista Enterprise 64-bit edition; Windows Vista Home Basic; Windows Vista Home Basic 64-bit edition; Windows Vista Home Premium; Windows Vista Home Premium 64-bit edition; Windows Vista Service Pack 1; Windows Vista Service Pack 2; Windows Vista Starter; Windows Vista Ultimate; Windows Vista Ultimate 64-bit edition; Windows XP 64-bit; Windows XP Service Pack 2; Windows XP Service Pack 3.
Download the BitLocker to Go Reader over at:
http://www.microsoft.com/downloads/details.aspx?di...6f6b3d
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
So I’ve been recommending Windows 7 to everyone! Quite a bit different from what I was doing with Vista, when I was recommending that people stay with XP, so that I wouldn’t have to be responsible for the problems that they encountered, regardless if it was a Vista problem :)
If you’re thinking about making the upgrade, there are 10 things you ought to know about Win7:
- Make sure your apps are compatible – there’s a good chance that they will be, and even if they’re not, you can use XP Mode to get those ancient XP applications running
- Get the right hardware – some features like Aero require the right kind of video card
- Think about migrating your server infrastructure to Windows Server 2008 R2 to get the most out of your Windows 7 investment
- Use BitLocker to encrypt your removable media
- Check out AppLocker and how it allows you to lock down what apps users can use
- Drive yourself crazy trying to learn PowerShell – ah, I mean “learn how to automate tasks with PowerShell” :)
- Take a look at the Problem Steps recorder and other built in troubleshooting tools
- Deploy using new tools like DISM and VHD imaging formats
- Simplify migration using the new User State Migration Tool
- Got branch offices? Check out BranchCache to speed up file access for branch office users
For more details on these issues, check out:
http://technet.microsoft.com/en-us/library/dd350196.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)
“…FIPS 140 is a US Government standard that defines a minimum set of the security requirements for products that implement cryptography. This standard is designed for cryptographic modules that used to sensitive but unclassified information. 
