This months issue focuses on Windows Vista.  How's this for a list of feature articles?

10 Things You Need to Know about Deploying Windows Vista

From more flexible image handling to a new boot loader, Windows Vista introduces some important changes for desktop deployment. Here’s a look at 10 ways Windows Vista can make your next deployment faster and easier than ever.

Protect Your PC with New Security Features in Windows Vista

Developed according to the Microsoft Security Development Lifecycle guidelines, Windows Vista offers a level of security not built into earlier versions of Windows. Take a look at the new and enhanced features Windows Vista offers to help you detect and prevent security threats.

Achieve the Non-Admin Dream with User Account Control

While limiting user privileges is a good way to help protect your systems, non-admin accounts can be inconvenient, introducing problems such as application compatibility issues. Windows Vista offers new features that make it easier for you to manage and support standard user accounts.

Enterprise Networking with Windows Vista

Since the release of Windows XP, networking has changed drastically—users are more mobile, wireless networking is everywhere, and security threats are more sophisticated. Take a look at the innovations in Windows Vista that make networking simpler, more secure, and easier to manage.

Getting Ready for Windows PE 2.0

Along with Windows Vista, a more powerful version of Windows PE will be released. This overview discusses the new features and capabilities found in Windows PE 2.0 and how these changes will affect you.

Inside the New Microsoft Application Compatibility Toolkit

Before you deploy a new OS, it's critical that you determine potential compatibility issues and solutions for the many applications your organization relies on. Here's an in-depth look at how you can access your software portfolio, determine the impact Windows Vista will have on applications, and find solutions for potential issues.

New Tools for Event Management in Windows Vista

Windows Vista presents a giant step forward in enterprise management, offering a new and improved infrastructure and tools designed for event logging and tracing. The result is easier, more powerful ways to gather information and quickly perform troubleshooting.

More Powerful Group Policy in Windows Vista

The Group Policy infrastructure has been overhauled, delivering new management features, new policy settings, support for multiple local GPOs, and much more. This article looks under the hood at the many changes Windows Vista brings to Group Policy.

This is a really useful tool for any customers out there running Microsoft's Internet Security and Acceleration (ISA) Server.

It's designed to scan the configuration settings of the local ISA Server computer and report issues that do not conform to the recommended best practices.

The report that you get from it will highlight critical configuration issues, potential problems, and information about the local computer. By following the recommendations of the tool you can achieve greater performance, scalability, reliability, and uptime.

Jim Allchin has just informed us that Internet Explorer 7 for Windows XP is ready!   The English version available as a free download.   Other languages will be available in the coming weeks.   To help our customers become more secure and up-to-date, we will begin distributing Internet Explorer 7 as a high-priority update via Automatic Updates in November.  In addition, Internet Explorer 7 (with protected mode capability) will ship in Windows Vista.

Internet Explorer 7 incorporates major advances like a streamlined interface, tabbed browsing, printing enhancements, RSS feeds, instant search capabilities, improved security, and much more.   We will offer free customer support for consumers.

The October issue of TechNet Magazine is now online at http://www.technetmagazine.com

October 2006 Table of Contents

The Irish MCS Infrastructure team has just begun blogging!  It should be an interesting blog as these guys have a whole load of experience with the current and forthcoming versions of products such as Microsoft operating systems, SMS, MOM, AD, Exchange, MIIS plus all the areas that glue things together – security, scripting, automation.  The people in this group often end up presenting at my TechNet events around the country (especially when they are at level 300+).

The link to their blog is here: MCS Ireland Infrastructure Blog

We're looking at putting on an event about the Microsoft Dynamics product line.

As an IT Professional are you what is your level of involvement with your company’s business applications [CRM, Finance, ERP]? Is it on a support only basis or are you part of the team that reviews such solutions?

Do you advise on what product the business users should purchase or it this decision primarily down to your Managing Director or your Financial Director?

Are your current business applications having an impact on your workload?

Would you like to find out more about Microsoft’s offerings around CRM and Finance?

Are your current business applications integrated with your desktop products and your infrastructure?

When was the last time you reviewed the financial or CRM products your company uses?

Specifically what would you like to see presented at a Microsoft Dynamics Event?

I hope you can give me some feedback on this by typing your comments into the space provided below and hit submit.  This would help me structure the event in a way that would benifit you most.

Thanks,
Colm

Good news for a Friday afternoon!  I've just read an announcement stating that we're on track to deliver Windows Vista™ for worldwide availability to volume license business customers in November and worldwide general availability in January.

I'm actually running Windows Vista on my main machine at the moment as are most people in the Microsoft Subsidiary here in Sandyford.  I must say the productivity gains that I've made already have been great!

Windows Desktop Search

Microsoft Update

Microsoft® Windows® Malicious Software Removal Tool

Server Applications

Extended Security Update Inventory Tool
The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA.

SQL Server Management Pack for MOM 2005
This management pack monitors SQL Server 2000 and 2005 for critical conditions indicating potential operational problems.

Exchange Server Management Pack for MOM 2005
The Exchange Server Management Pack monitors Exchange Server 2000 and 2003.

Microsoft Windows DHCP Service Management Pack for MOM 2005
This management pack monitors the health, availability, and performance of the Windows DHCP service, including scopes and superscopes.

October 10, 2006 Enterprise Update Scan Tool (Standalone Version)
This tool is used for detecting needed security updates for October 10, 2006 as described in MS06-056.
 

Systems Management Tools

Windows Server 2003 Performance Advisor Management Pack for MOM 2005
This management pack is designed to help you collect distributed data and consolidate Windows Server 2003 Performance Advisor 2.0 reports for centralized review.

Extended Security Update Inventory Tool
The Extended Security Update Inventory Tool is used to detect security bulletins not covered by MBSA.

SQL Server Management Pack for MOM 2005
This management pack monitors SQL Server 2000 and 2005 for critical conditions indicating potential operational problems.
 
Exchange Server Management Pack for MOM 2005
The Exchange Server Management Pack monitors Exchange Server 2000 and 2003.

Microsoft Windows DHCP Service Management Pack for MOM 2005
This management pack monitors the health, availability, and performance of the Windows DHCP service, including scopes and superscopes.

Get the latest security bulletin for October HERE.

Check out Microsoft's best practices recommendations for applying security updates HERE.

Sign up for monthly security bulletin notification HERE.

.....Here's something I blogged about last month but I think it might be of interest to you within the context of the above!

How to Assess Microsoft Security Patches
Notes from the Field: How to Assess Microsoft Security Patches

By John Ennis, Microsoft Ireland Technical Account Manager.

As a Microsoft Technical Account Manager, I work with many Irish customers to help them operate and secure their IT Operations, and of course questions around Security Patch Management is always high on the agenda.

Unfortunately, patches are a necessary evil for system administrators. All systems require security updates to some extent and managing them is a necessity.  It is important that customers fully  assess security vulnerabilities and the risk to their assets, and then apply a consistent framework for the application of the patches based on the company’s Information Security policy. The focus should be on reducing the overall security risk and not on how quickly a customer can apply a security patch.

To help you do this, I would like to share some simple Patch Management Processes that look at Risk Management, Patch Management SLA and how to  assess Microsoft Security Bulletins.

Security Risk Management Guidelines

The Microsoft security risk management process defines risk management as the overall effort to manage risk to an acceptable level across the business. Risk assessment is defined as the process to identify and prioritise risks to the business.

In quantitative risk assessments, the goal is to try to calculate objective numeric values for each of the components gathered during the risk assessment and cost-benefit analysis. For example, you estimate the true value of each business asset in terms of what it would cost to replace it, what it would cost in terms of lost productivity, what it would cost in terms of brand reputation, and other direct and indirect business values.

Risk Statement

Impact x Probability = Risk

Risk is the probability of a vulnerability being exploited in the current environment, leading to a degree of loss of confidentiality, integrity or availability of an asset.

To help communicate the extent of impact and the degree of probability in the risk statement, the Microsoft security risk management process begins prioritising risk by using relative terms such as high, moderate and low.

Ranking identified risks in a consistent and repeatable process.

The Microsoft security risk management process defines the following three qualitative asset classes: high business impact (HBI), moderate business impact (MBI) and low business impact (LBI)

High Business Impact
Impact on the confidentiality, integrity or availability of these assets causes severe or catastrophic loss to the organisation. Impact may be expressed in raw financial terms or may reflect indirect loss or theft of financial instruments, organisation productivity, damage to reputation, or significant legal and regulatory liability.

Highly sensitive business material - Such as financial data and intellectual property
Assets subjected to specific regulatory requirements
Moderate Business Impact
Impact on the confidentiality, integrity or availability of these assets causes moderate loss to the organisation. Moderate loss does not constitute a severe or catastrophic impact but does disrupt normal organisational functions to the degree that proactive controls are necessary to minimise impact within this asset class.

Internal business information - Employee directory, purchase order data, network infrastructure designs, information on internal websites and data on internal file shares for internal business use only
Low Business Impact
Assets not falling into either the HBI or MBI are classified as LBI and have no formal protection requirements or additional controls beyond standard best practices for securing infrastructure.

Defining Threats and Vulnerabilities
Information on threats and vulnerabilities provides the technical evidence used to prioritise risks across an enterprise.

Estimating Asset Exposure
After the Risk Assessment Facilitator leads the discussion through asset, threat and vulnerability identification, the next task is to gather stakeholder estimates on the extent of the potential damage to the asset, regardless of the asset class definition. The extent of potential damage is defined as asset exposure.

For each category, assist stakeholders in placing estimates within the following three groups:

High exposure — Severe or complete loss of the asset
Moderate exposure — Limited or moderate loss
Low exposure — Minor or no loss

For the Rest of this blog click here.

Covering all aspects of the 2007 Office Systems including SharePoint Server 2007, Exchange Server 2007, Live Communications Server, Office Communicator 2007…

This event looks at how you can Optimise your Business Productivity Infrastructure focusing on how to give your employees pervasive communication and collaboration capabilities - through a familiar set of capabilities built on a scaleable, security-enhanced, and easily managed platform. This event is on in The Morrison Hotel Dublin on the 2^nd November – click here to register now.

Content Covered:

Unified Messaging

The aim of this session is to show how Microsoft's Unified Communications products deliver rich, intuitive and seamless communication capabilities that enhance productivity and collaboration by streamlining how people communicate. We will take a look at how they form a complete software solution that enables effective communications across e-mail, instant messaging (IM), voice, data, video, and web conferencing, with enterprise-grade security and reliability.

Communication & Collaboration

In this session we will cover the journey from basic email, file shares and mostly email communication to seamless collaboration across the firewall. Areas which focus will be given includes:

Collaborative Workspaces & Portals

Messaging, including mobile working - Outlook Web Access and Mobile 5

Presence

Web Conferencing.

Audience: IT Directors/Chief Information Officers, IT Managers, Chief Technical Officers, Infrastructure Specialist and Line of Business Specialists

Please forward this invite on to the relevant members of your team and or colleagues of yours whom you think would be interested in the event.

Dublin: 2^nd November (Morning), The Morrison Hotel - Click here to register for this event