Code Name “Geneva” is Microsoft’s user access platform for developers and IT professionals that helps simplify access to applications and other systems with an open claims-based model. 

“Geneva” helps simplify user access for developers by externalizing user access from applications via claims and reducing development effort with pre-built security logic and integrated .NET tools.

“Geneva” helps IT efficiently deploy and manage new applications by reducing custom implementation work, centralizing and standarizing access management across the enterprise, helping establish a consistent security model, and facilitating seamless collaboration between organizations.

Users can benefit through single sign-on and seamless collaboration across organizational boundaries. “Geneva” includes built-in interoperability via open industry standards and claims, and implements the industry Identity Metasystem vision for open and interoperable identity. When you download the latest beta software, you’re automatically registered to access valuable beta resources assembled in one convenient location.

“Geneva” includes three components for enabling claims-based access. Beta 2 of the following components are now available for public evaluation:

• “Geneva” Server security token service (STS) supports the WS-Trust, WS-Federation, and SAML 2.0 protocols to enable secure single sign-on across organizations, platforms, and applications.
• Windows CardSpace “Geneva” for helping users navigate access decisions and for developers to build customer authentication experiences for users
• “Geneva” Framework for building .NET applications that use claims to make user access decisions

Head on over to

http://msdn.microsoft.com/en-us/evalcenter/dd440951.aspx

to download the Geneva code or a pre-built Geneva virtual machine.

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

I’ve heard some really ridiculous things lately about Internet Explorer security. For some reason, most people in the media still consider Internet Explorer unsecure and recommend routinely that you should use Firefox instead.

Some of them really screw things up by recommending Chrome, probably one of the least secure browsers on the market today. I’ve even seen in print a Microsoft security MVP making these kind of unsubstantiated claims.

The best thing you can do is get the facts and learn about what’s new in Internet Explorer security. Along these lines, let me recommend a very good article on this subject, that you can find at:

http://technet.microsoft.com/en-us/library/dd939968.aspx

I think after reviewing that article and reading some of the supporting documentation included in articles that this one links to, you’ll find that Internet Explorer 8 is the most secure browser on the market today and that you can rest assured that your company is safe when using Internet Explorer 8 as its default browser.

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

This is the first in a series of videos from the Network Monitor Experts Day event.

The event covered various topics on the Network Monitor API available within the Network Monitor product and our Experts system.  We hope you find these talks useful in understanding how to use the Network Monitor API more effectively.

This talk provides an overview for the series and focuses on explaining what Experts are, how they integrate with the product, and the process involved in creating one.

Check it out at:

http://channel9.msdn.com/posts/MichaelHawker/Netwo...Story/

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

This screencast and document covers the key new features and improvements in the Windows 7 Release Candidate.

This includes areas like performance, networking, security, PC management as well as everyday tasks.

Check it out at:

http://technet.microsoft.com/en-us/windows/dd75877...ecnews

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

“…An RFID system is based around a reader and a tag. A tag stores information, whereas an RFID reader retrieves or modifies information stored on the tag. To transmit this information through the air, both devices  use high frequency electric current oscillations (the frequency of such current oscillations is also known as radio frequency or RF) which when applied to a piece of wire (referred to as an antenna) have a tendency to extend themselves well beyond the actual antenna wire boundary in the form of electromagnetic waves.

Such waves consist of two parts; magnetic and electric. Each of these contributing parts has an area of influence which depends on the distance from the emitting antenna.  Another important feature of the waves is their ability to induce electric charge or current in a conductor placed in the path of such wave propagation. If a tag is placed in the path of an electromagnetic wave emitted by a reader, there will most certainly be electric current induced in the tag’s antenna. Also, the direction of propagation can be roughly controlled by the shape of the emitting antenna, although in reality waves tend to scatter among a multitude of directions…”

Read more on this topic at:

http://blogs.technet.com/mmpc/archive/2009/06/05/r...e.aspx

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

The Security Compliance Management Toolkit series builds on previous Solution Accelerators to provide you with expanded best practices and additional automation tools to help configure and deploy security settings for the following operating systems and applications: Windows Server® 2008, Windows Server® 2003 Service Pack 2 (SP2), Windows Vista® SP1, Windows XP® Professional SP3, and 2007 Microsoft Office SP1.

After deploying the security settings, you can verify the accuracy of the setting policies and monitor policy changes by applying one or more of 26 Configuration Packs using the desired configuration management (DCM) feature of Microsoft System Center Configuration Manager 2007 SP1.
This series includes the following toolkits:

• Windows Server 2008 Security Compliance Management Toolkit
• Windows Server 2003 Security Compliance Management Toolkit
• Windows Vista Security Compliance Management Toolkit
• Windows XP Security Compliance Management Toolkit
• 2007 Microsoft Office Security Compliance Management Toolkit

Check it out and download the toolkits over at:

http://www.microsoft.com/downloads/details.aspx?Fa...ang=en

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

The System Center Configuration Manager Extensions for SCAP allow organizations to use Configuration Manager 2007 to scan computers for compliance with the Federal Desktop Core Configuration (FDCC) mandate issued by the Office of Management and Budget (OMB). 

These extensions enable Configuration Manager to consume Security Content Automation Protocol (SCAP) data streams, assess systems for compliance, and generate report results in SCAP format.

Check it out at:

https://connect.microsoft.com/InvitationUse.aspx?P...ID=715

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

May 28, 2009 - Raleigh, NC

It is never possible to guarantee that a company is totally secure or that a breach will not occur, however implementing the latest tools and providing ongoing, end-user education will minimize those risks and allow companies to focus more on growing their business rather than repairing it.

“The SMB market space is more vulnerable to security breaches as the high-end enterprise. SMB owners or those individuals tasked to provide IT support for the organization must focus on security when building the infrastructure rather than looking at it as an afterthought. Failure to do so will put the company in reactive mode with the potential to lose multiple thousands of dollars in remediation costs, lost productivity and bad press,” Microsoft Most Valuable Professional, Brad Dinerman, points out in a white paper entitled ‘Security considerations for small- and medium-sized businesses (SMBs), being released today by GFI Software.

It is a safe to assume that the single-most important factor that affects a small business’ decisions is budget. SMB owners do not usually have tens of thousands of dollars to spend on IT infrastructure. Instead, they look at their checkbook as they hand over their hard-earned dollars to purchase devices such as firewalls to protect their internal network.

“Without computer networks, many businesses would just stop functioning. Email goes down and they can no longer communicate with customers. The server goes down and they lose access to the critical database. So why is it that so many small businesses just live day-to-day when it comes to planning for their IT needs? The answer is simple: IT can be expensive. Maintaining and securing it will add even more expense. Businesses just deal with their current needs and hope for the best, and that is often the crux of the problem.

“SMBs need to understand that investment in security cannot be an after-thought. It needs to be well-planned, both technically and financially. Without this level of planning, businesses will always be reacting to the latest emergencies, losing money in the process, and never being able to focus on growing the business rather than just repairing it,” Dinerman concludes.

To read more about these issues and what an SMB can do to enhance security, download a copy of the FREE white paper, please visit http://www.gfi.com/whitepapers/security-considerat...bs.pdf (Registration not required).

All product and company names herein may be trademarks of their respective owners.

www.AV-Comparatives.org put a recent report that puts Microsoft anti-virus near the top of the list of the product they tested. Wow! This goes to show that Microsoft has come a long way toward being the security company we knew they could be.

Some interesting findings from their testing:

• MSAV was one of only 3 products that received the Advanced+ rating
• MSAV detection rate was 60%, second best of all the products tested
• MSAV also had the lowest false positive rate

This is some power stuff! Next time you’re considering an enterprise AV product, you should seriously consider Forefront Client Security. Now that you know you can trust it, there’s no reason not to give it a look before shelling out big buck again for your current solution.

Check out the report at:

http://av-comparatives.org/comparativesreviews/cor...eviews

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

Microsoft is the first enterprise organization to use Windows 7 on a large scale, and that includes deployments using the System Center Configuration Manager 2007 Operating System Deployment (OSD) feature.

OSD provides administrators with a tool to create images that can be deployed to managed and unmanaged computers. The OSD user interface, and features such as driver management and the User State Migration Tool (USMT), have been significantly enhanced.

Join subject matter experts from Microsoft IT as they share best practices. These include complex scenarios such as using OSD with Network Access Protection (NAP).

Check out this interesting Web cast over at:

http://msevents.microsoft.com/CUI/WebCastEventDeta...ode=US

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)