Microsoft U.S. Education

HiED West ATS Newsletter – June 2007

 

Microsoft News and Product Information

 
Security

·         The Windows Server 2008 Security Guide helps organizations efficiently create, deploy, and maintain a secure environment for a variety of servers running Windows Server 2008, the next major release of Windows Server.

·         Data Encryption Toolkit for Mobile PCs You've seen the headlines. Mobile PCs are easy targets for theft. And news stories are appearing with increasing regularity about companies whose employees have either misplaced their mobile PCs, or had them stolen – laptops filled with sensitive employee or customer information.  Losing confidential data can cost you hundreds of thousands of dollars in lost business, and a damaged reputation. The Data Encryption Toolkit for Mobile PCs is the newest in a suite of Windows Vista Solution Accelerators, and provides tested guidance and powerful tools to help you protect your most vulnerable information – the data residing on your mobile PCs.  The Toolkit’s strategies are easy to understand, and show you how to use two key encryption technologies: BitLocker Drive Encryption, which is included with specific versions of Windows Vista, and the Encrypting File System, which is included with Microsoft Windows XP Professional and Windows Vista. And be sure to check out the other Solution Accelerators in the Windows Vista suite, including the Windows Vista Hardware Assessment tool, Business Desktop Deployment 2007, and the Windows Vista Security Guide.

How Microsoft Does IT

·         How Microsoft IT Uses SQL Server 2005 to Power a Global Forensic Data Security Tool The Microsoft Information Security team uses an internal tool called Information Security Consolidated Event Management (ICE) version 3.0 to gather forensic data from more than 85 proxy servers around the world. Powered by Microsoft SQL Server 2005, this 27-terabyte data management system collects different types of global evidence, such as inbound and outbound e-mail traffic, log-on events, and Web browsing, into a single database.

·         Microsoft Office SharePoint Server 2007 Hosting This white paper is for Microsoft customers who plan to deploy Microsoft Office SharePoint Server 2007 on their networks. It shares the experience of Microsoft Information Technology (Microsoft IT) in expanding the hosted team site and portal offerings at Microsoft and upgrading them from Microsoft Office SharePoint Portal Server 2003 to Office SharePoint Server 2007.

·         Centralizing and Sharing Business Intelligence This technical white paper features the myBI portal as the context to discuss how Microsoft IT uses Office SharePoint Server 2007 and Microsoft business intelligence products to help business units within Microsoft to make better and faster decisions. Although myBI is an internal Microsoft solution, the underlying technologies and products are publicly available to customers who want to achieve similar results.

·         Optimizing Client Security by Using Windows Vista The purpose of this white paper is to share design, planning, and deployment best practices that Microsoft IT identified during its planning and deployment of Windows Vista. This paper reviews past, present, and future security considerations addressed within the global Microsoft infrastructure. The basis for the information in this paper is the experience of Microsoft IT, which is at the forefront of rolling out the new features and technologies in the latest Microsoft operating systems and server products.

Windows Desktop and Server - Vista / 2003 / XP / 2000

·         Vista: Putting advanced searches to work for you From the Vista Team blog, we'll introduce you to some of the advanced search operators, show you how to create a Search Folder, and finally introduce you to a new Windows Vista-only search feature:  the "SearchMelt."

·         Windows PowerShell Graphical Help File View the Windows PowerShell 1.0 help (including cmdlet help and the About topics) in a fully-searchable, graphical format (a standard Windows .chm file). Also included in the help file is the VBScript to Windows PowerShell Conversion Guide. See also the Windows PowerShell Quick Reference

·         Inside Windows Vista User Account Control In this article I discuss the problems UAC solves and describe the architecture and implementation of its component technologies. These technologies include the refactoring of operations that previously required administrative rights, lightweight virtualization to help programs run correctly without administrative rights, the ability for programs to explicitly request administrative rights, and isolation of administrative processes from non-administrative processes running on the same user desktop.

·         Keys to Protecting Data with BitLocker Drive Encryption In this article, I introduce you to the basics of BitLocker so that you can evaluate its potential and include it in your upgrade planning. I will begin with some background and conceptual information, and then I take a look at enabling BitLocker, data recovery, administration, and how BitLocker can help at the end of a computer’s life.

·         Exploring The Windows Firewall Many computers carry sensitive information stored locally, and they spend a lot of time away from the corporate network (that is, outside the edge). Therefore, the firewall must evolve into an individual client protection mechanism. Make no mistake: client firewalls are no longer optional. To protect your computers from your own corpnet and from the Internet, client firewalls are required.

·         New ACLs Improve Security in Windows Vista The fundamental structure of access control lists (ACLs) has not changed much for Windows Vista, but there are a number of small yet important changes you need to be aware of.

·         EAPHost in Windows EAPHost in Windows Server "Long­horn" and Windows Vista updates the EAP implementation in Win­dows for the latest Internet standards and provides a new modular architecture to extend Windows with EAP authentication methods and supplicants. Net­work­ing vendors can extend the existing user experience in Windows without replacing the entire Windows EAP implementation by developing new supplicants written to the EAP­Host API and new authentication methods written to the EAP­Host Method API. EAPHost also supports existing EAP methods developed for Windows Server 2003 and Windows XP.

·         The Secure Socket Tunneling Protocol Virtual private network (VPN) support in Windows XP and Windows Server 2003 allows you to connect to your private intranet across the Internet, just as if your computer was plugged into a local Ethernet port. However, the VPN protocols in Windows XP and Windows Server 2003 don’t work for some firewall configurations and for some indirect configurations—such as when your computer is behind a Network Address Translator (NAT) or Web proxy server—in which the traffic for VPN connections is being blocked. To resolve these difficulties, Windows Server 2008 (now in beta testing) includes support for the new Secure Socket Tunneling Protocol (SSTP).

·         Security: Managing Hardware Restrictions via Group Policy USB thumb-disk keys and other removable devices can make your personal life easier but your professional life harder. For improved security, you need a way to control what hardware devices your users are installing on their work systems. Now you can use Group Policy to control which devices they can use and which ones they can’t.

·         TechNet Webcast Series for Windows Server 2008

·         Windows Server 2008 Technical library Deploy Windows Server 2008 by using Server Manager to install multiple server roles and features in a single session, manage a server's identity and system information, display server status, identify problems with role configuration, and manage the roles installed on a server.

Exchange Server

·         Exchange Server TechCenter Updates - May 2007

·         Deep Dive into Windows Mobile 6.0 and Exchange Server 2007 In this post I'll provide an overview of the features available when using Exchange 2007 and Windows Mobile 6.0. For comparison, I'll also provide some information about the capabilities of Windows Mobile 5.0.

·         Performance issues due to connector restrictions Connector restriction checking is turned off by default because it can significantly affect performance to expand distribution groups and check the restrictions for each message that passes through the system. If needed, turn on this setting only where it is necessary.

·         Exchange 2007 Autodiscover and certificates With Exchange 2007 we introduce the idea of the Autodiscover service. This service allows your Outlook 2007 clients to retrieve the URLs that it needs to gain access to the new web services offered by Exchange 2007.

·         See these Exchange articles and more at the Exchange Team Blog

Microsoft Management Products

·         Three Issues to bring to your attention impacting SMS 2003 This blog is an attempt to alert the community, educate, and disentangle these three items so you can keep your eye on the prize of a healthy site and clients.

·         System Center Operations Manager 2007 Active Directory Management Pack Guide This guide includes an overview, deployment procedures, and monitoring scenarios for the Active Directory Management Packs for Microsoft System Center Operations Manager 2007.

·         Systems Center Operations Manager 2007 Documentation This download contains documentation for System Center Operations Manager 2007

·         System Center Essentials 2007 Operations Guide This guide discusses best practices for everyday use of System Center Essentials 2007. See also the System Center Essentials 2007 Migration Guide.

Microsoft Office SharePoint Server

·         Microsoft SharePoint Products and Technologies Team Blog The official blog of the SharePoint Product Group – This is an active blog with the latest information and links to more SharePoint technical info.

·         More recently published MOSS content

Microsoft Office System

·         MOSS 2007 Management Pack for Operations Manager 2007 This Management Pack quickly brings any failures or configuration problems to your attention, which increases the availability and performance of Office SharePoint Server 2007.

·         Excel 2007 Add-in: Synchronizing Tables with SharePoint Lists This add-in accompanies the MSDN article "Publishing and Synchronizing Excel 2007 Tables to SharePoint Lists", available in the Related Links section. The add-in allows you to publish a read-write list to Windows SharePoint Services.

Other Information

·         MIIS 2003 Getting Started Collection The Microsoft Identity Integration Server 2003 Getting Started Collection is a set of documents that are designed to walk you through various features within MIIS 2003. This document set is designed to be a learning aid for users that would like to learn or expand their MIIS 2003 skills.

·         VBScript Quick Reference Quick reference guide to commonly-used VBScript commands.

·         Hosting Core Infrastructure Production Workloads Using Microsoft Virtual Server 2005 R2 Virtual Server 2005 R2 allows enterprises to host some production workloads in virtual machines reducing hardware and provisioning costs. Virtual machines allow multiple operating systems to run on a single physical computer. See also High Availability Solutions Microsoft Virtual Server 2005 R2

·         Windows Server Update Services 3.0 WSUS 3.0 delivers new features that enable administrators to more easily manage and deploy updates across the organization. This package installs both the WSUS 3.0 Server and WSUS 3.0 Administration Console components, for all Windows Server 2003 SP1 supported languages. Additionally, the WSUS 3.0 client is included in all supported client platform languages. You must install the server components on a computer running Windows Server 2003 SP1 and later. You may install the Administration Console on a remote computer running Windows XP SP2, Windows Server 2003 SP1, or Windows Vista. See also: Step-by-Step Guide to Getting Started with Microsoft WSUS 3.0

·         Windows Vista Enterprise Centralized Desktop and Virtual Server 2005 R2 This white paper introduces Windows Vista Enterprise Centralized Desktop, a way of licensing Windows Vista for deployment in a centralized, virtualized setting.

·         Windows Vista Volume Activation 2.0 Technical Guidance Technical documentation focusing on planning, deployment, and operational guidance. It includes the Volume Activation 2.0 Step-by-Step Guide, Volume Activation 2.0 FAQ, Volume Activation 2.0 Technical Attributes List, and Standard User Product Activation zip file.

 
Microsoft Developer Information

·         Microsoft Silverlight 1.0 Beta Software Development Kit (SDK) contains documentation, samples, quickstarts and tools for developing Silverlight applications.

·         Interop Forms Toolkit Allows developers to incorporate VB.NET Forms and Controls into their VB6 applications.

·         Enterprise Library 3.1 - May 2007 The patterns & practices Enterprise Library is a library of application blocks designed to assist developers with common enterprise development challenges. Application blocks are a type of guidance, provided as source code that can be used "as is," extended, or modified by developers to use on enterprise development projects. This release of Enterprise Library includes application blocks for Caching, Cryptography, Data Access, Exception Handling, Logging, Policy Injection, Security and Validation.

·         Smart Client Software Factory - May 2007 The Smart Client Software Factory provides an integrated set of guidance that assists architects and developers in creating composite smart client applications. The software factory includes: QuickStarts, reference implementations, how to's, patterns, and Visual Studio .NET extensions.

·         Hands-on Labs for Windows Workflow Foundation in C# and VB.NET Windows Workflow Foundation is the programming model, engine and tools for quickly building workflow enabled applications on Windows. This download is a set of 10 Hands-on Labs for Windows Workflow Foundation in C# and VB.NET versions. These labs are suitable for a .NET developer with 6 months experience who wants to learn about Windows Workflow Foundation. Each lab is approximately 60 minutes of work.

·         The Evolution Of LINQ And Its Impact On The Design Of C# In simple terms, LINQ is a series of language extensions that supports data querying in a type-safe way; it will be released with the next version Visual Studio, code-named "Orcas." The data to be queried can take the form of XML (LINQ to XML), databases (LINQ-enabled ADO.NET, which includes LINQ to SQL, LINQ to Dataset and LINQ to Entities), objects (LINQ to Objects), and so on.

·         Item-Level Auditing with SharePoint Server 2007 Learn about the auditing support built into Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007, and how to extend this support with the custom Item-Level Auditing solution.

·         8 Tips And Tricks For Better BizTalk Programming Given the number of applications organizations develop today, it’s critical to use good tools and techniques to produce working solutions as quickly as possible. BizTalk will help you efficiently move from concept to working prototype and we hope these tips will save you some time in your efforts.

 

Monthly Reminders of Good Information Sources:

 

 

 

 

Support WebCasts

 

List of Upcoming WebCasts: http://www.microsoft.com/events/webcasts/upcoming.mspx

List of Previous WebCasts for on demand viewing: http://www.microsoft.com/usa/webcasts/ondemand/

See the Top Ten List of the most popular webcasts.

 

Recent Security Bulletins (Security Bulletin Archives)

Last 5 Published or Updated Security Advisories:

Microsoft Security Advisory (927891)
Update for Windows Installer (MSI)
Published or Last Updated: 5/24/2007

Microsoft Security Advisory (937696)
Release of Microsoft Office Isolated Conversion Environment (MOICE) and File Block Functionality for Microsoft Office
Published or Last Updated: 5/21/2007

Microsoft Security Advisory (933052)
Vulnerability in Microsoft Word Could Allow Remote Code Execution
Published or Last Updated: 5/9/2007

Microsoft Security Advisory (935964)
Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution
Published or Last Updated: 5/8/2007

Microsoft Security Advisory (935423)
Vulnerability in Windows Animated Cursor Handling
Published or Last Updated: 4/3/2007

For the entire list of published Security Advisories, visit the Security Advisory Archive Web site.

Security Guidance Center for Developer and IT Pros Get prescriptive guidance tools, training, and updates you need to assist you in planning and managing a security strategy that’s right for your organization.