Author: AFinn

Technet Magazine: September 2006

Are you using MOM 2005 or SMS 2003?  Do you want to learn more about how these products can be used to do more while you do less?  If so, I highly recommend that you read the free online edition of TechNet Magazine.  This month’s edition feature articles on SMS 2003 and MOM 2005.

Articles include:

  • Using WMI with MOM
  • Zero Touch Installations
  • Getting to know Windows PE
  • Using MOM for SOX compliant security auditing
  • System Center Operations Manager 2007 (aka MOM 2007)

When correctly deployed and used, MOM and SMS in conjunction with Windows 2003/2003 R2 can really make life simpler for the systems administrator.  I’m speaking from experience here.  In a past job, my team (3 of us) ran a global network of 170 servers.  Most of our time was spent on engineering for new projects/systems instead of firefighting or sneakernet deployments.  This would have been impossible without the solutions we had deployed.

Windows 2003 Service Pack 2 Beta Technical Refresh

Microsoft has released a Technical Refresh of the Service Pack 2 beta for Windows 2003/2003 R2.  The following was posted on Connect.

"Windows Serviceability is pleased to announce the release of Beta Refresh 1 (build 2786) of Windows Server 2003 Service Pack 2 for Windows Server 2003 and Windows XP Professional x64 Edition customers.

This build contains:

  • Roll up of hotfixes released to date
  • Roll up of security updates released to date
  • Fixes for bugs reported by Beta customers and other known issues on previous Service Pack 2 builds

This build should be used for full deployment purposes, including pre-production testing or general compatibility testing. We will review all reported issues in the Release Candidate build. In order to have a stable test environment we strongly recommend un-installation of any previous SP2 builds from your machines before installing build 2786. If you previously installed an integrated build of SP2, you cannot upgrade your system to build 2786 with this refresh; you will need to re-install a released version (RTM, SP1, or R2) of Windows Server 2003 before upgrading to build 2786. Go to https://connect.microsoft.com/content/content.aspx?SiteID=98&ContentID=1799 to find an evaluation copy of Windows Server 2003 Service Pack 1.

Release notes for this build can be found at https://connect.microsoft.com/content/content.aspx?ContentID=3342&SiteID=98.

Here is the list of releases; note that there are no integrated releases with this build:

32-bit x86 standalone update: English, German and Japanese
x64 standalone update: English and Japanese
Itanium standalone update: English, German and Japanese
Checked update for English only (debug version)
We encourage you to continue WS03 SP2 Beta testing with this build and provide feedback".

The feature in this Serivce Pack I’m most interested is Windows Deployment Services.  An image based system, WDS is a replacement for RIS and will be one of the deployment mechanisms for Windows Vista.  Any organisation facing a potential deployment of Vista should review this new solution.

Microsoft Forefront Client Security

Back in 2003, Microsoft unoffically notified the world of their intention to venture into the world of anti-virus and anti-malware solutions by buying out Romania-based antivirus firm GeCad.  The world waited but nothing happened.  Then Microsoft bough Giant, an anti-spyware provider.  We waited and then got a limited functionality product called Defender that has been in a never ending beta.  More recently, Microsoft bought out Sybari, the famed e-mail anti-malware solutions provider.  This past July, Microsoft Antigen 9.0 made its debut.  Antigen for Exchange featured a new anti-virus engine that had not ben seen before, one from Microsoft!

Details of what Microsoft was doing on the server and desktop anti-malware world slipped out here and there.  They were definitely developing a solution.  It was rumoured that Windows Update and/or WSUS could be a deployment mechanism, something that many would like as it would simplify deployment systems.

Microsoft recently announced the start of the public beta of Microsoft Forefront Client Security saying that it would provide:

"Unified malware protection for business desktops, laptops, and server operating systems that is easier to manage and control. Built on the same highly successful Microsoft protection technology already used by millions of people worldwide, Forefront Client Security helps guard against emerging threats, such as spyware and rootkits, as well as against traditional threats, such as viruses, worms, and Trojan horses. By delivering simplified administration through central management and providing critical visibility into threats and vulnerabilities, Forefront Client Security helps you protect your business with greater confidence and efficiency. Forefront Client Security integrates with your existing infrastructure software, such as Active Directory, and complements other Microsoft security technologies for better protection and greater control.

Forefront Client Security is currently in development. Microsoft plans to make a public beta of the product available to customers in the fourth quarter of 2006. Pricing and licensing will be announced at a later date.

The benefits offered by Microsoft Forefront Client Security include:

  • Unified Protection: Forefront Client Security delivers unified protection from current and emerging malware, so you can feel confident that your business systems are better protected against a broad range of threats.
  • Simplified Administration: Forefront Client Security provides simplified administration through central management, so you can protect your business with greater efficiency.
  • Critical Visibility and Control: Forefront Client Security produces insightful, prioritized security reports and a summary dashboard view, so you have visibility and control over malware threats".

The solution includes anti-virus and anti-spam prevention mechanisms and mangement.  Based purely on description, this looks like Microsoft will jump straight into competition with Spohos, a leader in this field.  It will be interesting to monitor how things develop.

Best of MMS TechNet Roadshow – Dublin

Microsoft TechNet Ireland has just started advertising a free day of briefings on some of the new System Center products including those available now and those that are coming next year.  It will basically consist of some of a main sessions from the MMS conference that was held earlier this year in the U.S.

This TechNet event will be a very technical covering the following topics:

  • Optimising your infrastructure with Microsoft System Centre
  • MOM 2005 and System Centre Operations Manager 2007 technical drilldown
  • SMS 2003 R2 and System Centre Configuration Manager 2007 technical drilldown
  • Operations Management with System Centre Products
  • Protecting your data with Systems Centre Data Protection Manager

Sessions will cover one or more of the following scopes on a specific topic:

  • Deep drill technical drilldown into current or future of the products and technologies
  • Best practices for common real-world scenarios covering the lifecycle of solutions
  • Comparisons between different solutions available – such as SMS and WSUS patch management
  • Real-world experience (‘Tips and Tricks’) from Microsoft and non-Microsoft consultants and customers

WinRE – Windows Recovery Environment

A new team blog has been launched by Microsoft.  WinRE is a derivative of WinPE and is intended as a replacement for the Recovery Console.  We’ll see it "live" for the first time with Windows Vista.  MS says:

"WinRE provides two main functionalities:

  1. Automatic diagnosis and repair of boot problems using a tool called Startup Repair.
  2. A centralized platform for advanced recovery tools".

WinRE is included on the Windows Vista RC1 DVD image.

Virgin Bans “Exploding” Laptops

ENN is reporting that  Virgin Airlines is taking steps to ban the inflight use of most Dell and Apple laptops after the recent spate of exploding batteries that was followed by a recall.  Quantas and Korean Air have already done this.  Virgin is allowing up to 2 individually wrapped batteries to be carried but they cannot be put to use.

Given how rare these "explosions" have been, this seems like overkill.  Next they’ll be banning water on flights … oh!

Windows Vista Security Guide

Windows Vista is coming.  You can live in denial all you want but change is on the way.  Vista features lots of changes: h/w requirements, user interface, deployment, but most of all, the biggest changes seem to be in the security features and functionality. My gut is telling me that most organisations will be slow to adopt Vista due to the amount of change and the costs of purchasing new hardware.  But I do see it prematurely making it’s way into networks for a few reasons:

  • OEM Licensing: Organisations with OEM desktop licensing will start seeing Vista as an OS option from January onwards.  I doubt it will take long for MS to withdraw Windows XP as an option. 
  • Some applications will have an OS dependency.  Some cutting edge business applications may take advantage of new features available to programmers.
  • Windows Vista is chock full of new security features.  This may make it a candidate for complete or targeted deployment by security planners.  One feature likely to draw attention is BitLocker, a login integrated, complete disk encryption solution that makes us of TPM architecture for secure key storage.  BitLocker is a feature of Windows Vista Enterprise which is only available to Software Assurance customers.

January isn’t far away so proactive administrators and consultants should be making plans now.  Part of this is understanding the security implications associated with Windows Vista.  You can download a beta release of the Windows Vista Security Guide from Microsoft’s Connect web site.

MOM 2005 Management Pack for ISA

A new (version 2.0) management pack for ISA 2000/2004/2006 is avaiable for download.  Microsoft’s comments are:

"The ISA Server Management Pack monitors ISA Server events and alerts for all ISA Server versions (2000, 2004 and 2006). With detailed alert information you can quickly identify and troubleshoot ISA Server issues, minimizing time-to-resolution when problems occur. Collect and analyze performance trends and metrics. Performance information allows you to manage bottlenecks, identify capacity requirements, and proactively manage your ISA Server configuration to resolve issues before problems occur"