Tom Decaluwé

Hi everyone,

Community day 2013 is only 8 days away and WinTalks has the unique opportunity to give away some free entry tickets for you.

http://www.communityday.be/

If you are interested let us know (tom@decaluwe.eu) and we can hook you up and get you into this fantastic conference and you’ll have a change to follow great sessions and hook up with some real industry experts.

If you are looking at windows 8.1 this is one technology certainly worth your attention!

Work Folders allows a user to sync data to their device from their user folder located in the corporation’s data center. Files created locally will sync back to the file server in the corporate environment. This syncing is natively integrated into the file system.  Note, this all happens outside the firewall client sync support. Previously, Windows 8 devices needed to be domain joined (or required domain credentials) for access to file shares.  Syncing could be done with third-party folder replication apps. With Work Folders, Users can keep local copies of their work files on their devices, with automatic synchronization to your data center, and for access from other devices. IT can enforce Dynamic Access Control policies on the Work Folder Sync Share (including automated Rights Management) and require Workplace Join to be in place.

Hi everyone,

The world is still adapting to windows 8 and it’s time for us tech guys to start getting to know windows 8.1. As with all OS releases the first place to start is to find out what’s new and MS is providing a great overview for us.

http://technet.microsoft.com/en-us/windows/dn140266

Once you know what’s new what’s new and what’s interesting for you, you can head out the TechEd US recordings and lookup the right terms and get all the details you want.

http://channel9.msdn.com/Events/TechEd/NorthAmerica/2013#fbid=KfIXYacW91e

This week I spent quite some time troubleshooting an issue with a wireless access point that was no longer registering with its central controller. The cause of the issue came out of an unexpected corner and i wanted to share the background with you all.

The setup is simple, we use a Motorola RFS central controller in our company and have access points in other ip subnets segregated by PaloAlto statefull firewall’s as illustrated in this picture.

This week we were doing maintenance work on the firewall and accidently blocked all traffic between the RFS controller and the remote AP. We quickly saw this error and fixed the rule base, however even though we could see TCP packets flowing the AP was still not re-registering on the RFS controller. No matter how hard we looked at it we could not find traffic being blocked in the firewall log’s. What we did have as a last entry of traffic on our faulty deny rule that was many days old. It seemed as though the devices where no longer talking to each other but when we sniffed interfaces on the RFS and AP we could see traffic flowing.

After putting in a call with a Motorola technician we got the info we needed to help us figure this out. The technician explained the details of the AP to controller traffic and there he mentioned AP and RFS keep in contact using a constant UDP stream on port 24576.

The pudding of the problem was in the words constant. With a PaloAlto statefull firewall UDP traffic sessions remain active for 60seconds by default. When looking at the session info on the PaloAlto for traffic on UDP 24576 we could see the traffic was still being blocked using command:

show session all filter destination-port 24576
show session id <session id>

Session              74

        c2s flow:

                source:      xx.xxx.xxx.xxx [zonexxx]

                dst:         xxx.xxx.xxx.xxx

                proto:       17

                sport:       24576           dport:      24576

                state:       DISCARD         type:       FLOW

                src user:    unknown

                dst user:    unknown

                qos node:    ethernet1/2, qos member N/A Qid 0

The traffic from RFS and AP has matched the deny rule many days before but seeing that the udp traffic is constant and never stops for +60 seconds the statefull firewall was still processing it over the old session.

by simply killing the deny session we forced the traffic to be re-evaluated by our new firewall rule using command

clear session id  <session id>

looking at the new session we know we were in the clear

Session           36270

        c2s flow:

                source:      xx.xxx.xxx.xxx [zonexxx]

                dst:         xx.xxx.xxx.xxx

                proto:       17

                sport:       24576           dport:      24576

               state:       ACTIVE          type:       FLOW

                src user:    unknown

                dst user:    unknown

                qos node:    ethernet1/1, qos member N/A Qid 0

It’s all very logic when you look at it but it did take us a while to figure out and this post might just trigger you if you ever see alike behavior.

If you were at Techdays in Belgium this year you will know I’m a huge fan of Windows8 with all it’s capabilities.

Aside from the “missing start button” and the “no default to classic desktop” there is very little you can really say about the OS other than it’s the best MS has ever brought to market. Regarding the above two points, the missing start might just go away in windows 8.1 read here and even now there are many options to work with it instead of against it and I illustrated an easy to use free option during Techdays. View video here and here

Apart from the great new features in windows 8 one of the biggest revelations is the multitude and all new form factors. So I thought it would be high time for me to try this out and go ultra-mobile.

I’m trading in my trusted laptop form factor, my trusted android tablet and I’ll try the to work of a Dell latitude 10inch Windows Pro tablet Pc full time for a few days/weeks.

To ensure I’m as diverse as possible I’m setting it all up in 4 forms

1) Mobile office setup

This will be my ultra-light travel setup. Working off the Dell latitude screen with a Microsoft wedge keyboard and a Microsoft arc mouse. As always I’ll keep my analog pen as backup ;-)

2) Home office setup

At home I’m looking if I can get the Latitude to hook up to a usb port replicator with an external keyboard, mouse and mini-HDMI to dvi cable. If that all goes well I’m sure I’ll miss my dual screen so I need to see if I can add in a USB to DVI to get that running. More to follow…

3) Office setup

In the office I have the complementary docking station that should work beautifully again the dual screen might pose an issue.

4) Tablet setup

And of course that last scenario will be to use the device as tablet for casual light reading and to command my home entertainment system.

I’m looking forward to experimenting with a modern device and let you know how I get along.

Hi Everyone,

It’s time to free up a time slot in you busy calendar as the next Wintalks ChalkTalk data is set!

Wintalks "ChalkTalk "

Thursday, May 30, 2013, 18u30

Combell Group NV
121 Skaldenstraat
Gent, Vlaams Gewest 9042 BE

I hope you can all be there, i’m sure this ChalkTalk will be even better than the last one giving a unique environment to “speak Geek“

Register now at:

http://www.eventbrite.com/event/6175504099

Unable to attend MS Techdays 2013 this year or missed my sessions on windows 8? Good news for everyone as my session was put online!

Now many of you have been asking me where i got all this wonderfull information for the slide deck. As always I did a lot of research and it all started down at the Microsoft Virtual Academy. http://www.microsoftvirtualacademy.com This is Microsoft’s free training platform and it’s packed full of great sessions covering just about everything within windows 8. This realy got me going in the new OS and each time the video would mention something i wanted more info on, i would pause it en ten do an intensive BING around the world for more info on that topic. The result of this all is a wopping slide deck packed with info on the greatest OS to date.

If you don’t have windows 8 yet, you can get a 90 day eval on MSDN. There is realy no reason not to get started asap. http://msdn.microsoft.com/en-us/evalcenter/jj554510.aspx

Enjoy

---------------------------------

Windows 8 Client Part 1 "The OS internals for IT-Pro's" |

Video recording: http://technet.microsoft.com/en-us/video/tdbe13-windows-8-client-part-1-quot-the-os-internals-for-it-pro-s-quot

Slide deck: To Be uploaded

Part2:

The recording: http://technet.microsoft.com/en-us/video/tdbe13-windows-8-client-part-2-quot-the-application-internals-for-it-pro-s-quot

The slids: http://www.slideshare.net/technetbelux/windows-8-client-part-2-the-application-internals-for-itpros

Many of you may not be aware that with the release of windows 8 Microsoft took a big step in the direction of Malware protection in the core OS. One of the hidden jems is the new and improve Windows Defender. In the old days (Vista / Windows7) Defender used to be a light weight spyware scanner, however with the release of windows 8 Microsoft revamped it merging Windows essentials and Defender into the Windows 8 Defender.

With Windows 8 you now get an full blow Anti-Virus product out of the box to protect your system from the very first moment you boot for the first time. This is a significant step in malware protection.

Even though this build in product does not have the feature rich environment we all know from third products, it will significantly increase overall protection of computers and ensure everybody (even home users) have a minimum level of defense.

In the March 2013 security updates MS as gone a step deeper and released some enhancements to this great new feature:

This anti-malware platform update contains the following improvements:

· Adds new malware remediation functionality to the anti-malware platform.

· Adds anti-tampering improvements to the anti-malware platform.

· Improves overall performance of the anti-malware platform.

Hi everyone,

A college of mine brought the blow two articles to my attention. Well worth the read if you have Intel's 82574L Ethernet controllers

http://www.zdnet.com/intel-ethernet-controller-vulnerable-to-packet-of-death-7000010984/

http://www.kriskinc.com/intel-pod

In March Microsoft is hosting it’s annual techdays here in Belgium. With the release of windows 8 and windows 2012 a lot will change for us and having so many top national and international speakers in one place is an ideal time for any IT pro to invest 3 days to gain knowledge for the next 3 years.

As many of you know I work for a retail company in Europe and I too am faced with the challenge of integrating these new possibilities into my organization.

I specifically looking forward to

- Marcus Murray’s security session on 5 March. I strongly believe security is getting more difficult than ever. BYOD is not only brining technology challenges that we have been familiar with for so long and understand. We are now being faced with end-users that are indifferent to security and unwilling to see that home based network security is something totally different than corporate security and this in times when the type of attacks are getting more and more advanced, stealthy and serve the purpose of earning money by well organized cybercrime organizations.

- Daniel Pearson will be speaking about windows 8 tools on day two. As much focus as we love to have on server side we have to realize that our end-users will be working off of windows 8. As an It pro we need to understand this new OS to it’s full potential and know the tools within it is no luxury.

- Johan Arwidmark will be showing us deployment and MDT. There is no OS without deployment and fast, accurate deployment makes all our lives easier. A session i would not want to miss.

- On day 3 i’ll be faced with a huge dilemma. Richard will be speaking about DirectAccess and Kurt on Powershell Advanced. Both topics are reshaping the way we think about managing our infrastructure and getting our clients connected. I’m hoping by then I can 3D print and clone myself and follow both simultaneous.

I’ll leave it to you to decide what’s more important for your organization going forward.

If you have not done so, high time to get your ticket now 3days for 3 years, not a bad tradeoff if you ask me

http://www.microsoft.com/belux/techdays/2012/Home.aspx#p=home

Hi everyone, i’m happy to start the new year with a new event.

--------------------------

IEEE 802.1x is an authentication protocol that restricts unauthorized clients from connecting to your wireless or wired network. Before a client actually can connect, the authentication server authenticates first the wired or wireless client. After successful authentication, the client can access your network.

During this session, you will learn how to configure and implement IEEE 802.1x for wired and wireless networks based on Windows Server 2012 and Windows 8. Johan explains you the differences between the available authentication methods (PEAP, EAP, TLS, …), implementation steps and an overview on the requirements. Based on the condition of the client computer, Windows Server 2012 can be used to place the client computer in the correct VLAN, if authentication fails; the client becomes a member of a restricted VLAN.

Agenda:

• Understanding IEEE 802.1X
• Understanding PKI
• Understanding VLANS
• Network Policy Server
• Switch configuration
• Configure Windows 8

During this live demonstration, I will use virtual machines and Cisco switches

Presenter

Johan Loos works as a freelance information security specialist/trainer and is owner of Access Denied bvba, a Belgian based company. He focus on wired and wireless security, vulnerability management, and next-generation firewalls. Johan has more than 15 year experience in ICT and during his career he obtained several certification such as CISSP, CEH, GCWN, OSWP, MCT, MCITP EA, ISO 27001 Lead Implementer/Lead Auditor, ISO 27005 Risk Manager and many others.

Event to be held at the following time, date, and location:

Register here

If you are thinking about VDI and wondering if this could be the ultimate solution to all your desktop deployment problems?

Read this great book from Brian Madden:

http://docs.media.bitpipe.com/io_10x/io_106512/item_579433/The%20VDI%20Delusion%20-%20from%20Stoneware.pdf

Have you ever pressed windows key + prt scr in windows 8 ?

If not, high time to do so and take a look at: C:\Users\<profile>\Pictures\Screenshots

This function takes a print screen and dumps it straight to file.

If you have not seen the good news yet, here it is, MS released a win7 rdp 8.0 version.

From now on you can fully enjoy windows 2012 RDS from both win8 and win7 clients.

http://blogs.msdn.com/b/rds/archive/2012/10/09/remote-desktop-protocol-8-0-update-for-windows-7-sp1-enabling-a-great-wan-user-experience-for-windows-7-sp1-virtual-desktops.aspx

Our next WinTalks event is coming up soon and registration is now open. If you have never heard of Veeam or don’t know what next generation backup and management can do for you in a virtual environment?

Be sure to join us on 18 October