Cloud Computing! It’s one of the biggest opportunities for IT Professionals in recent years. But wouldn’t it be great if there was a simple, effective way to get the skills and training you need to take advantage of this opportunity, and also get the recognition and rewards that you deserve?
This is where Microsoft can help give your career a boost.
Visit the Microsoft Virtual Academy training portal now and register to receive free and easy access to training for IT Professionals who want to get ahead in cloud computing. This content was developed by leading experts in the field, and the modules ensure that you acquire the essential skills and gain credibility as a cloud computing specialist in your organization.
Microsoft Digital Crimes Unit (DCU), working together with the US Federal law enforcement units has brought down Rustock, the world’s largest email spam network.
Rustock, a botnet, that controlled around 2 million zombie machines worldwide, was sending out up to 30 million spam email messages each day into cyberspace.
Rustock was taken down piece by piece – the master controllers (botnet controllers that sent out commands to compromized ‘zombie’ machines) were identified. Microsoft, working together with the US Marshall Service, seized some of these machines in the US for analysis and collaborated with the Netherlands police to disable some of the controllers outside the US.
Microsoft then worked with service providers to black hole IP addresses that were being used to control the botnet, and with the Chinese CN-CERT to block registration of domains that could be used for these purposes.
Microsoft provides the best anti-spam solution available in the market today, and also provides a variety of best-in-class unified threat management, rights management, secure remote access and anti-malware solutions. For more information, check out the Forefront website, or speak to your Microsoft representative.
I read with interest news articles on MSNBC and Yahoo about Bank of America’s shares falling on WikiLeaks fears.
[A spokesman for the Bank of America] said that the bank was aware that Wikileaks claimed to have the computer hard drive of a Bank of America executive more than a year ago. "Aside from the claims themselves we have no evidence that supports this assertion," he said.
In an October 9, 2009 interview, Assange told Computerworld that WikiLeaks had obtained five gigabytes of data from a Bank of America executive’s hard drive.
"Now how do we present that? It’s a difficult problem. We could just dump it all into one giant Zip file, but we know for a fact that has limited impact. To have impact, it needs to be easy for people to dive in and search it and get something out of it," Assange told Computerworld.
Why is Windows 7 BitLocker important? BitLocker Drive Encryption is a full disk encryption feature included with the Ultimate and Enterprise editions of Microsoft’s Windows Vista and Windows 7. It is designed to protect data by providing encryption for entire volumes.
If a hard disk protected by BitLocker is lost or stolen, there is NO way for the data to be retrieved by an unauthorized person.
For more information on how BitLocker can help you organization protect its information assets, please speak to your Microsoft representative or a Microsoft partner.
Of late, I have seen that a lot of customers and even partners are confused between the capabilities of Forefront Threat Management Gateway (TMG) and Forefront Unified Access Gateway (UAG).
The most important difference is that TMG is an “inbound AND outbound” access gateway that includes a network level firewall with stateful packet inspection & application filtering, forward and reverse web proxy, VPN server (for users and site-to-site). TMG is more focused on keeping the bad guys out and to a certain extent, allowing good guys in. On the other hand, UAG is an “inbound-only” secure remote access gateway that enables you to allow "the good guys” in more securely.
I need TMG if:
I need an inbound and outbound access gateway
I need a state-of-the-art firewall with stateful packet inspection and application filtering capabilities to protect my network
I need built-in IPS (Intrusion Prevention System) on that firewall
I need a secure forward proxy for users on my network to access the internet
I need to be able to do web filtering based on individual URLs or URL categories (like Politics, Sports, Pornography, etc)
I need to be able to monitor my user’s web activity and firewall logging.
I need to protect my users from web-based threats (web antivirus, web antimalware, block malicious websites)
I need Forward HTTPS inspection to protect users against web threats that are hidden inside HTTPS
I need to publish (reverse proxy) services to the internet (like web servers, email servers, webmail, extranet, intranet and internet portals, etc)
I need SSL bridging to protect my publish servers against threats embedded inside SSL
I need zero day protection from vulnerabilities that do not have a patch released yet (NIS)
I need site-to-site VPN
I need a VPN server for my users in addition to all the above
I need UAG if:
I need an ‘inbound only’ access gateway
I need to enable my users to securely access internal resources remotely (while they are outside the company network)
I need to enable Secure VPN access for users when they are outside my network
I need to quickly and easily enable DirectAccess for my Windows 7 users
I need to ensure only healthy and secure remote machines can access information/services/applications in my network with appropriate user authentication
I need to be able to define which applications or services these users can access and granularly define the security policies that will govern access to these services remotely
I need to ensure that these users can access these applications regardless of whether they are web-based, terminal services, RemoteApp or Citrix without having to establish VPN connection.
I need to give my users the ability to access these applications from a mobile device, or a non-Windows client such as a Mac or a Linux machine.
I need to provide a web-based interface that the user can login remotely and execute these applications from this portal without connecting VPN, provided his machine is healthy.
I need to provide a web-based interface that the user can login remotely and establish a secure SSTP VPN session or access file servers from the portal without connecting VPN, provided his machine passes the health requirements of my organization.
I need to be able to easily define the security/machine health policies for machines that are attempting to access these applications.
I have smaller remote sites where I have small numbers of users with no site-to-site VPN and just an internet connection. I need to provide them secure access to my applications over the internet.
As you can see, each product is specialized to deliver very focused capabilities. Hence it is quite possible that some organizations need both solutions while others need only one. For many smaller organizations which need a one-product solution to protect their network and provide reasonably secure remote access, TMG would be the answer. However, for designs that focus purely on inbound access, UAG needs to be considered. If an organization has separate TMG/ISA Server arrays – one for inbound access and another for outbound access – the solution is simple – use a UAG array instead for inbound access and continue using TMG for the outbound array.
So you have state-of-the-art security software and hardware rolled out in your environment, a great security and privacy policy adhered to in your organization and you have taken every step to protect your organization’s data and the privacy of your employees and customers? Think again.
What about copier machines? Did you know that almost all copier machines have a hard drive built into it? Yes? No? Watch this interesting video to learn more.
Key go-do’s:
Find out how many copier machines in your organization have a built-in hardware or other data storage.
Figure out how to clear the images saved on that hard drive
Document a process for discarding/repurposing used copier machines – just as you would discard computers. Make sure wiping the hard drive is on the list.
Make sure data on the hard drives is wiped before these machines leave your premises for repairs and maintenance.
I thought I’d share this great video by Jim Harrison on considerations to make when planning to run Microsoft Forefront Threat Management Gateway (TMG) (or ISA Server, for that matter) on a virtualized environment.
In this video, he discusses:
Performance, security and management considerations
Why it’s not recommended to place TMG on the parent, and how to configure the parent partition
High Availability with TMG in a virtual environment
As per the latest report published by Microsoft, based on feedback from the Malicious Software Removal Tool (MSRT). The MSRT is usually executed as part of Windows Update and currently has a user base of 500+ million computers worldwide running Windows.
The UAE were one of the countries included in the report.
However, the number of computers infected with malware in the UAE is lower than the worldwide average with only 5.8 infected computers for every 1000 computers in the country.
According to the analysis, the UAE is ‘dominated’ by malware, which accounts for 82.6% of all threats detected on infected computers. The most common category of malware in the country was found to be worms (23%) which have the ability to spread via mapped drives with missing or weak passwords or by using USB flash drives.
This recommendation from the German authorities came after a confirmed vulnerability was detected in Firefox.
What do I gather? If every government starts telling users to stop using every browser each time a vulnerability is discovered, I wont be surprised if one day they tell citizens to stop using the internet altogether!
NSS Labs has published three independent studies on web browser protection against socially-engineered malware. The tests were performed during first quarter of 2009, 3rd quarter of 2009 and the first quarter of 2010.
In all three tests, Internet Explorer 8 was the only browser that improved its block rate test-over-test, successfully stopping 69%, 81%, and 85%. This shows Microsoft’s continuous commitment to strengthen security of our browsing platform against emerging threats.
As per this independent report, as of today (Q1 2010), Microsoft Windows Internet Explorer 8 is most secure browser that can protect you against socially engineered malware.
T minus 4 for the biggest tech event in Dubai — TechEd Middle East 2010.
Here’s a reminder of the session that I will be speaking at. Hope to see you there!
Session: SIA308 – Secure Remote Access with Unified Access Gateway and Direct Access
Track: Security, Identity and Access Speaker: Shijaz Abdulla When: Wed, Mar 03, 2010 (13:30 – 14:30) | Breakout Session Where: Sheikh Maktoum Hall A Level: 300 – Advanced Audience: Security Administrator, IT Manager, Network Administrator
Here’s what I will be covering:
Overview of Microsoft Forefront Unified Access Gateway
Demo of Unified Access Gateway features:
Remote access with SSL-VPN,
Secure Application Publishing,
Secure File Access,
Endpoint security
Publishing RemoteApp and Remote Desktop Services
Overview of DirectAccess
Demo: Enabling Windows 7 DirectAccess feature with UAG
Recommended Pre-requisites:
There are no prerequisite sessions that you need to attend before my session. However, if you have an interest in understanding the darkest depths of DirectAccess and IPv6, I recommend that you also attend the following sessions by John Craddock.
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition technologies.
SVR402: DirectAccess Technical Drilldown, Part 2 of 2: Putting it all together.
I will be recapping some of the content covered in these sessions, but as my session focuses on Unified Access Gateway, I will not go in to the depths of how DirectAccess works.
Technical Learning Centre (TLC)
I will be available at the Technical Learning Centre at these times to attend to your questions around Microsoft Forefront products.
Monday, March 1: 11:45 to 15:45
Tuesday, March 2: 12:30 to 16:00
Feel free to drop in and ask your questions on ISA Server/Threat Management Gateway, Forefront Unified Access Gateway, Forefront Protection for Exchange/SharePoint/OCS, Forefront Endpoint Protection, Forefront Hosted Filtering for Exchange, Rights Management Services.
