|
|
|
|
Volume 10, Issue 34
18th June 2009
|
|
|
|
TechNet Virtual Conference,
Bing, Security Feature Article, Great example of Photosynth use,
SharePoint User Group, SBS User Group
|
I
appreciate attending training and conferences is not easiest thing to
prioritise, when teams are increasingly becoming lighter and pressure to
win new business is greater. In fact, in the April TechNet Ireland survey,
67% of you confirmed that you recently are finding it to be a challenge, to
take the time or get budget sign-off to attend training or technical
events. Overseas conferences are an even tougher sell. This is why my
counterparts across the water in the TechNet UK team are launching their
very first Virtual conference this week. Learn more and register @http://technet.microsoft.com/en-gb/dd819085.aspx.
You should really look into attending this great online technical
conference, taking place on Friday 19th June. There is a range of top class
international technical speakers, for example ‘technical fellow’ Mark
Russinovich is delivering the keynote. The broad selection of topics range
from Windows 7 Deployment to Powershell and Data Protection Manager. See
the full agenda and register here.
TechNet is pleased to announce the launch of its very first virtual
conference, helping you to cut costs, increase efficiency and reduce
environmental impact, whilst still getting all the latest information you
need on Microsoft technologies and technology insights.
Join us on the day for an immersive online experience, and your chance to
chat live with our experts.
But if you can’t make it on the day don’t worry, we’re making all the
content available for you to access on demand when it’s convenient for you.
In 2008 Microsoft promised a new era for Search and, with the release of Bing.com
early June, we’ve reached a major milestone. Bing does more than list
millions of results, it presents results in a way that makes more sense to
everyone. Using technologies like Autosuggest, Deeplinks, Instant Answers
and QuickView, Bing will make searching far more efficient and will help
people arrive at better decisions. The new service, Bing (http://www.Bing.com),
is specifically designed to build on the benefits of today’s search
engines, but begins to move beyond this experience with a new approach to
user experience and intuitive tools to help customers make better decisions
– which gives us the concept of a ‘decision engine’.
Finally, if you’re into photography, make sure to check out Microsoft Photosynth.
This is a powerful tool from Microsoft Research which turns regular 2D
pictures into a fully 3D, 360 degree experience. With photosynth you can
quickly and easily make 3D experiences for your favourite areas or objects,
to share online. Photosynth’s popularity can be seen by its highlighted use
on screen in shows like CSI, at the inauguration of Barrack Obama and in
the Movie, Angels and Demons.
Darren Doyle of the Developer Platform Group here in Microsoft, recently
did a cool job of making an old chapel ruins come to life through
Photosynth. His ‘Synth’ can be seen here
(the image above too). And for those of you interested in creating your own
synths, Darren was kind enough to provide a step by step guide on his blog.
Thanks for reading!
Enda Flynn
TechNet Manager
Microsoft Ireland
Find
the IT Professional User Groups that interest you here.
SharePoint
User Group (Dublin)
The SharePoint User Group will meet once again on the evening of 29th
June Microsoft’s office in Sandyford (see directions here).
Penny Coventry, a UK SharePoint MVP, will be delivering a session on Using
Data Views and ASP.NET controls with SharePoint Designer See http://www.sugie.org/
for a full event description and registration link.
Small Business Server Hands-on Session (Dublin)
On the 30th June the SBS User Group (with the support of Wilbour
Craddock) will be running a full-day hands-on technical session, which will
cover the following scenarios:
• EBS (Essential Business Server) Clean Install
• SBS (Small Business Server) 2008 and OCS (Office Communication Server)
• Windows 2008 R2 and Windows 7 Branch Office Solutions
This will be great chance to get your hands dirty with SBS and EBS, whilst
having the support of Microsoft and peers if you want to raise any
questions. To register for this session, email David.
Back
to top >
|
|
|
|
|
|
|
|
|
|
|
|
|
Since
Tuesday, May 5 (PST), the RC has been available to everyone via our
Customer Preview Program. As with the Beta, the Windows 7 RC Customer
Preview Program is a broad public program that offers the RC free to
anyone who wants to download it. It will be available at least through
June 30, 2009, with no limits on the number of downloads or product
keys available.
|
|
Service
Pack 2, the latest service pack for both Windows Server 2008 and Windows
Vista, is now available for public download. SP2 supports new types of hardware
and emerging hardware standards, includes all of the updates that have
been delivered since SP1, and simplifies deployment for consumers,
developers and IT professionals. For more details, see
the TechNet page for Windows Server 2008 SP2 and Windows Vista SP2.
|
|
This
screencast covers the key new features and improvements in the Windows 7 Release
Candidate. Supporting document also available.
|
|
Visit
the Windows 7 Learning Portal to get up to speed quickly on Windows 7.
You’ll find Learning Snacks, Learning Plans, sample book chapters and
more from Microsoft Learning. Also, register to receive special offers on
Windows 7.
|
|
Windows
XP Mode is specifically designed to help small businesses move to Windows
7. Windows XP Mode provides you with the flexibility to run many older
productivity applications on a Windows 7 based PC. All you need to do is
to install suitable applications directly in Windows XP Mode which is a
virtual Windows XP environment running under Windows Virtual PC. The
applications will be published to the Windows 7 desktop and then you can
run them directly from Windows 7. Windows XP Mode and Windows Virtual PC
are best experienced on your new Windows 7 PC. We will be soon releasing
the beta of Windows XP Mode and Windows Virtual PC for Windows 7
Professional and Windows 7 Ultimate.
|
|
It’s
true that the Windows 7 RC release is grabbing all the headlines in
recent days – but let’s not forget Windows Server 2008 R2 RC (man that is
a mouth full!) got released as well. Microsoft Windows Server 2008 R2
will be the next version of the Windows Server operating system from
Microsoft. Building on the features and capabilities of the current
Windows Server 2008 release version, Windows Server 2008 R2 allows you to
create organization solutions that are easier to plan, deploy, and manage
than previous versions of Windows Server.
|
|
Want
to understand virtualisation's impact on your business? The Virtualisation
Self-Assessment Kit brings together some of our best resources to help
you understand specific impacts, such as cost savings.
|
Eight Reasons to Patch Your Systems
Among several issues that I saw affecting large corporate environments, the
most preventable are malware outbreaks. That is why I plan to discuss some
of the benefits of keeping your environment up to date thru patch
management. Therefore, I will start with this blog, and depending on the
feedback, I may dig the subject deeper.
Let’s start by looking at what CodeRed, Nimda, Blaster, ILoveYou, Sasser,
Slammer, Slapper and Conficker, that are some of the most infamous
viruses/worms that spread out in the wild, have in common. The common thing
is that all of them exploited known vulnerabilities, whose patches
were released weeks or months before the actual outbreak. Whit that I want
to stress why effectively patching you system is key to maintain your
system in a secure state, and by not doing that, you are just exposing
yourself (or your company).
Interesting enough if you talk about patching with most IT Pros they would
agree that it is important and beneficial to the business and to IT. So,
why we still found so many systems (from SOHO to enterprise) not up to
date?
Well, I believe this is related to that old saying “If it ain’t broke,
don’t fix it”. Yes, there are risks on “messing” with a system that is
working and the less you know about your environment the greater this risk
is
(This leads me to the fact that most IT shops do not have an application or
services portfolio neither a Configuration Management Database (CMDB).
However, that is a subject for another blog. :) ).
To minimize the risks you must test the updates before putting them in a
production environment. Also having a well defined process in place helps a
lot because that helps people to understand what to do and how to do it and
this then leads to repeatability and consistency, improving the process and
procedures themselves. Covering the Technology pillar, which is along with
People and Process the Operations tripod, Microsoft has provided many
options (Windows Update, WSUS, SCCM and SMS) to help customers with the
patching process.
I would like to share the basis of a Patch Management solution that MCS
designed, a few years ago for a large customer, who, at that time, had been
thru several virus outbreaks (while this is specific for Microsoft
Technology it can be easily adapted to cover other scenarios):
|
|
We
worked with representatives from IT Security, Development, Helpdesk,
desktop support, server support and operations teams. That was key to
achieve commitment to targets and adherence to the process.
|
|
|
The
initial step was to define the target technologies or products (in that
case it was initially Windows OS – XP, Windows Server 2000 and 2003,
Office 2003, IIS and SQL)
|
|
|
|
|
|
After
that we defined three deployment cycles:
|
|
|
|
Emergency
– tests completed and rollout started within a week of its release.
Target of 95% coverage on the installed base achieved within two weeks
(statistics showed that exploit kits were usually available within that
time frame)
|
|
|
Urgent
– tests completed and rollout started within two weeks of its release.
Target of 95% coverage on the installed base achieved within two weeks.
|
|
|
Normal
- tests completed and rollout and target of 95% coverage on the
installed base achieved within four weeks of its release (hard limit
here is linked to Microsoft’s monthly update cycle – every 2nd Tuesday
of the month).
|
|
|
|
Now
at every 2nd Tuesday when Microsoft release its monthly security
bulletin
|
|
|
|
Security
receives the alert from Microsoft’s Premier Technical Account Manager
|
|
|
For
each security update in the bulletin, IT Security analyses the alert to
verify if the affected technology is within those covered in Patch
Management process, and assigns an estimate exposure (E = Risk X
Impact). Impact was associated with number of systems using the
technology and criticality of the systems (e.g., Windows XP and Office
would usually drive high impact, but an update for IIS also would due
to critical system based on that technology). Risk was usually driven
by Microsoft’s ranking – Critical, Important, Recommended, etc. Other
sources, like, CERT or antivirus vendors information played a role in
this criteria. (Currently Microsoft has defined a Exploitability Index
that one could use for the same purpose);
|
|
|
A
deployment cycle would be selected based on the exposure.
|
|
|
|
IT
Security would then communicate with regional IT offices to start tests
and determine a target date for reaching deployment coverage.
|
|
|
Using
MBSA and WSUS reports, IT Security would track progress.
|
|
|
IT
Security also offers support and escalation for security related
incidents and would liaise and intermediate trade-offs among teams and
stakeholders.
|
|
In
this example, as I said earlier we focused only on Microsoft Technologies ,
but patch management should also cover other parts of your systems like
firmware, device drivers, and application’s components just to name a few.
To illustrate why that is important I will share a situation that just
happened in a project I’m working on. While expanding an existing SCOM
environment by adding some Managements Packs and deploying agents to cover
Exchange Servers, we found an issue where the server would start to lose
performance until eventually crash or hang. As this customer only
consistently deploys security patches, the OS components were outdated and
the result was that “cscript.exe” version lead to some odd memory
consumption and brought the server close to a complete stop. You may find a
description of the issue reported here http://blogs.technet.com/operationsmgr/archive/2009/02/24/opsmgr-2007-solution-ad-management-pack-scripts-fail-and-consume-large-amounts-of-memory.aspx.
If you still need further incentive, patch management is huge step towards
compliance. This aspect is nicely discussed on Roger Halbheer’s blog (http://www.halbheer.info/security/archive/2009/05/22/patch-management-a-key-step-towards-compliance.aspx).
Related Resources
Check out all the MOF team has to offer! For additional information, including
our most recent companion guides and job aids, visit the MOF page on
TechNet: http://www.microsoft.com/mof.
Ten
Principles of Microsoft Patch Management
Update
Management
Update
Management Process
Blogs
from the WSUS Product Team
Blogs
from the Microsoft Update Product Team
Microsoft
Support Lifecycle
Jorge Leitão is a
Senior Consultant with Microsoft Consulting Services. For the past 24
years, he has worked with IT mainly in the infrastructure areas from
cabling systems design to 35k+ seats deployments. Designing large AD
architectures and working with customer to operate and support their
environments.
|
Hear
about the latest trends impacting IT and the resources and guidance
available to help you plan and deploy the latest Microsoft virtualization
technologies.
To stay updated on the next instalment for IT Managers, visit the IT
Management Hub.
|
|
|
|
|
|
Learning
and Certification
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
