Tom Decaluwé

Microsoft Security Compliance Manager (SCM) tool—version 2.5—is now available for beta download and review!

NEW baselines include:

·Exchange Server 2007 SP3 Security Baseline

·Exchange Server 2010 SP2 Security Baseline

Updated client product baselines include:

·Windows 7 SP1 Security Compliance Baseline

·Windows Vista SP2 Security Compliance Baseline

·Windows XP SP3 Security Compliance Baseline

·Office 2010 SP1 Security Baseline

·Internet Explorer 8 Security Compliance Baseline

SCM 2.5 enables you to quickly configure and manage your desktops and laptops, traditional data center, and private cloud using Group Policy and Microsoft System Center Configuration Manager.

Get the beta download from Microsoft Connect at https://connect.microsoft.com/site715/Downloads/DownloadDetails.aspx?DownloadID=40885.

I have been working with win8 devloper preview for some time know and one of the things that you get use to very fast and start to miss when you head back to your Windows 2008 production systems is the New Server manager.

It’s a fantastic interface that brings all the controle over all your servers nicely into one location / one interface.

One of the things I have especially come to love is the easy of opening a remote server powershell box.

Notice how not only is the Server Name Displayed but also the ip’s. Yes in an ideal ipV6 environment this would give very little extra but up till now most of us still work in V4 networks.

In this screenshot you can see I have 4 systems running in a lab. Now all I need to do to powershell onto one of the boxes is right click it

look at the amount of remote controle tools you have at your finger tips. Just click Windows Powershell and within seconds a remoted powershell window will open

Once you get use to Server Manager you’ll wonder how you ever got along without it.

And incase you didn’t notice, there is much more than just powershell ready for your usage.

I have been playing with win8 server and client for a while now and one of the nice new features that has not got much attention is the new detailed file copy interface.

As many of you know and have read SMB 2.2 is being introduced in win8 and it realy does make a big difference. But apart from a new protocol we are also seeing a new interface being introduced.

When doing a standard copy you get a clear % wise indication fo progress and the new posibility to PAUSE a file copy while in transit.

when you click More Details yo get a nice view of the current transfer speed on the line and a graph illustrating the speed over time. This will certainly help troubleshoot, identify slow copy processes or visualise some demo’s.

PAUSE is great new enhancement. How often has a file transfer slowed down your laptop when transferring a big file and at the same time someone asks you to quickly do something. Now you can just pause the file copy, do the quick thing you need to do and pickup where you left off.

The last 3 months I have been working very hard on Business continuity. With the introduction of virtualization many years ago a new era of backup was born.

Around the year change Veeam released there next version of Backujp and Replication.

With this new release there is a new shift in backup technology. For me this is the first backup solution that does not focus on the backup process, this was mastered many years ago. You can now look at this product as being a RESTORE tool instead of a backup tool. Everything this product does is oriented at ensuring backups are 100% restorable and ensuring extremely fast recovery after failure.

This year our community IT-Talks will be starting up again and our fist session will be focused on the great product.

If you are a Microsoft Certified Professional (MCP), Microsoft Certified Technology Specialist (MCTS) or a Most Valuable Professional (MVP), you can get a FREE 2-socket NFR* license for Veeam Backup & Replication v6 for your home or work lab.

Be sure to check out this tool as you will be amazed at what it can do for you.

http://www.veeam.com/nfr/free-nfr-license-hyper-v

In my previous post I was talking about Mike’s session on Consumerization and how I strongly believe you first stop should be HR and upper management for a clear and supported policy.

Mike’s presentation is create in it’s focus on the workspace area of consumerization but one topic that I believe should also be part of his slide deck is the “bring your own account” situation.

Not only are more and more Own devices are entering the corporate arena so are the personal apps that every one uses at home. People expect to have their twitters, dropbox, skype, spotify,…

Some of these applications can be tagged as being non business related and banned from corporate devices, however others might have valid business usages and be part of your business work area.

If we take skype for instance, many companies are now starting to use skype as a valid way of contacting employees and this could be a way you keep in contact with external suppliers. The questions now no longer is will we install this tool in our business but what account will be use to logon to the application.

At first sight it might seem a trivial thing and be fore you even think about it the end user has already signed in with their personal account.

Your question should be if they should do this? What is your policy? What do you do with mobile phones, do end users taker their phone number with them when they leave your company? Do you forward their emails to personal mailboxes for X months,….

A good example of this type of situation was recently in The New York Times with a twitter account:

http://www.nytimes.com/2011/12/26/technology/lawsuit-may-determine-who-owns-a-twitter-account.html?_r=3

Just as with BOYD there is no right or wrong answer here, there is just you company policy, informing your end users of acceptable usage and enforcing this with technology as much as possible.

A few weeks ago one of our Belgian MVP’s Mike Resseler (http://twitter.com/MikeResseler) did a great webcast on “Microsoft Technologies for Consumerization Explained”. As much as this topic has been put in the spotlight I still believe it’s a topic that is still very under appreciated / focused on by many IT-pro’s.

My favorite slide of the whole deck must be slide 14 '”What’s your policy”?

Many IT-pro’s are over focusing on the “Huge Problem” and “The technical solution”. The problem is there is no real fit all technical solution at this time and chances are there never will be.

Your first and most important step in consumerization should be HR and upper management. Explain to them what the benefits and the dangers of Bring your own device and bring your own account are. Ensure HR creates a clear policy and clearly distributes the policy throughout the organization. Ensure this point of view is supported by upper management and if the policy is less strict than you would like, make sure you have done your duty in pointing out the overall issue and clearly put your advice on writing. (In my company during budget times we create an overall risk overview and this would typically be something I would bring forward each time.)

Once you clearly know what’s supported and what’s not in your company it’s time look for technologies that can help you empower this and when you start getting the question “can I….” at least you can clearly say YES/NO even if you don’t have the technology yet to enforce.

If you have not seen Mike’s presentation yet: http://technet.microsoft.com/en-us/edge/Hh738543 well worth it’s time.

Tom