Determine Windows 8 readiness with MAP 7.0 Beta
Microsoft Assessment and Planning (MAP) Toolkit 7.0 Beta is now available! MAP 7.0 helps you to assess the readiness of your environment for deploying Windows 8 in your machines. The Windows adoption feature performs a hardware assessment against the recommended system requirements for Windows 8 and provides recommendations about which machines meet Win 8 system requirements and which machines require upgrades. Key benefits include a migration assessment report and proposal to help you understand the scope of migration opportunity for Windows 8, along with an inventory of desktop computers, deployed operating systems, and applications.
· Join the MAP 7.0 Beta.
· Learn more about the Microsoft Assessment and Planning (MAP) Toolkit.
Ensure a secure Windows Server 2012 Beta deployment with MDT 2012!
Microsoft Deployment Toolkit (MDT) 2012 is now available for download! MDT 2012 provides support for Windows 8, Windows Server 2012 Beta, and System Center 2012 Configuration Manager releases. MDT 2012 fully leverages the capabilities provided by Configuration Manager 2012 for OS deployment. The latest version of MDT offers new User-Driven Installation components and extensibility for Configuration Manager 2007 and 2012. You now also have the ability to migrate MDT 2012 task sequences from Configuration Manager 2007 to Configuration Manager 2012.
Secure cloud deployment from the start with new baselines from SCM 2.5!
Microsoft Security Compliance Manager 2.5 (SCM 2.5) is now available for download! Windows Server baselines include a Hyper-V baseline which addresses secure cloud deployment. SCM 2.5 provides ready-to-deploy policies and DCM configuration packs that are tested and fully supported. Our product baselines are based on Microsoft Security Guide recommendations and industry best practices, allowing users to manage configuration drift, address compliance requirements, and reduce security threats.
In case you’ve not heard of Anywhere Working, it is a consortium led initiative to promote the benefits of flexible working.
The Anywhere Working team is hosting a series of tweet ups in London in May, with representatives from our consortium partners and members of the Anywhere Working community and we'd like to extend an invite to you and a plus one.
We hope our informal tweet ups will be the ideal way to relax, midweek after a hard day’s work. We will be providing food and drink, have 2 masseuses on hand and we will be giving away some great prizes, including annual memberships to the London cycle hire scheme, magazine subscriptions and plenty more.
Join us at one of our Anywhere Working tweet ups to find out more about the initiative and enjoy the opportunity to network with some of those involved.
The Anywhere Working Well Being Tweet Up 5.30 – 8.30pm, 16th May 2012 Attending will be representatives from WWF, BITC (Business In The Community) and Working Mums.
The Anywhere Working Technology Tweet Up 5.30 – 8.30pm, 23rd May 2012 Attending will be representatives from Microsoft, Nokia, Intel and Vodafone.
There are only 10 spaces left so if you want to go you’ll need to act fast!
For those of you who haven’t yet heard. The Windows Azure conference is coming up and if you building or considering building applications for the cloud, then the 22nd June is a date for your diary.
It’s a big day for Windows Azure as it will be the first full day, multi-track conference supported by Microsoft and London Windows Azure User Group, featuring content for .NET, PHP, Java and node.js developers as well as device support in Windows 8, iOS, Windows Phone and Android.
Not to be missed is the keynote speaker Scott Guthrie, the Microsoft Corporate Vice President in charge of the development platform for Windows Azure.
Tickets are free until 20th May so get them whilst you can.
Register for the conference here: http://azureconference2012.eventbrite.com/
Last week we had a bit of an events and training week with workshops, bootcamps and more.
This week we’ll be looking at how to get you skilled up for the cloud revolution and bringing you more resources, events and news.
Curiously one of the topics we hardly ever get asked about at our IT Camps is security in Hyper-V. Perhaps it’s because you all have total confidence in our approach security, or you already have the facts to hand, but more likely is that you forgot to ask about because it’s not top of your agenda.
That’s OK, and anyway I need to write this so I have the definitive answers to hand when someone asks me.
So what do you need to consider when virtualising your data centre?
The best resource I have seen is by the US Government specifically the National Institute of Standards & Technology in their Guide to Security for Virtualization Technologies. It’s a big read but the three key sections are:
4-2 recommendations about locking down the hypervisor. the key points are:
4-3 recommendations for securing the virtual machines themselves
4-4 recommendations for securing a virtual desktop infrastructure
I would argue that you’ll also need System Center to manage your data centre security, check and rectify compliance issues as well as to audit and changes. To help with that there is a Governance Risk & Compliance Process Pack which uses the integration between Service Manager and the rest of System Center (Config Manager, Ops Manager, Virtual machine Manger via Orchestrator). It has extensive guidance for the non IT functions and has the side benefit of showing you how to unify System Center to better support the business.
Finally You’ll want to lock down windows server as well whether that’s the physical operating system or the guest and there’s a Security Compliance Manager to help with that.
Join SharePoint MVP Andrew Woodward for an exclusive workshop that provides hands-on practical application of the use of Serious Games techniques to improve the quality of business requirements and facilitate deep user and business stakeholder engagement throughout the envisioning, scoping, requirements and prioritisation activities in your SharePoint projects. Techniques include those found in:
Please be aware that there is a charge for attending this event.
To find out more, please visit: http://www.21apps.com/sharepoint/workshop-sharepoint-and-custard-effective-sharepoint-requirements-with-serious-games/
Due to popular demand we will be running 2 versions of the Windows Azure Bootcamps online! This is a great opportunity for those of you who were interested but unable to attend the live Windows Azure Bootcamps or anyone else who is interested in learning more about building applications on the cloud.
The Windows Azure Online Bootcamp will take you from knowing nothing about the cloud to actually having written some code, deployed it to the cloud service and made a simple application available on the public Internet.
There are 2 options for you to choose from:
One day session on the 21st May 2012 – Register now at http://aka.ms/azureonedayonline
Lunch time multi-day session from the 22nd – 25th May 2012 – Register now at http://aka.ms/azureonlinemultiday
During the Online Bootcamp there'll be experienced people available online to guide you through each exercise. Once you have the basics in place, you'll be up and running.
A technology that’s been around for quite some time is IPSec, it helps to ensure security of communications between two network devices. With IPSec in place two devices need to establish a peer-to-peer trust before communication can take place, it’s kind of like having a secret handshake.
If your enabling an environment where people will be able to bring their own device you probably have some requirement to prevent them accessing some services, such as the HR system, so that they don’t walk off with the CEOs pay slip. IPSec is perfect in this situation to preform something called Server and Domain Isolation. Essentially this means that only specific devices can access the super-secret servers but every device can have broad network access.
Accesses to services and resources is somewhere that an 80/20 rule applies. Most people need access to most of the network for most of their work, some people will need access to the other 20%. Using SDI and IPSec you can require people to access secure information from devices you consider to be more trustworthy. Perhaps they can’t access the HR System from their Windows Phone but they can from their Windows Laptop, that’s BitLocker encrypted etc.
IPSec is implemented in Server 2008R2 and Windows 7 using Group Policy controls for Windows Firewall with Advanced Security. Essentially you place your super-secure resources into a group or OU that REQUIRES access and place clients that you are happy to have access to those resources into a group or OU that set things up so that clients will reply correctly if asked to do the secret handshake. If the client doesn’t know the secret handshake that’s the end of the conversation. Whilst you’re at it you can raise the general security level on your network by telling all clients to REQUEST access. That way the first thing the client will say is “do you know the secret handshake” if the answer is no they can still talk to each other.
For Windows everything is controlled through Group Policy, so not only is it easy to administer it’s easy to get very granular, for example you could say that only clients that match a specific WMI query get the IPSec policy's applied.
If you’re wondering why you wouldn’t just do this with some app level access control or some file level access control then consider this: you don’t know what’s running in the background maliciously on any device that someone casually brings in.
RESOURCES for IPSec and SDI have been gathered together in one place already on this IPSec Page of TechNet but I thoroughly recommend the following:
Four cities, in four days makes for one tired evangelist, so why am I doing SQL Relay with the SQL community I hear you ask. Well that’s your answer really - I can’t hear you ask anything when I am sat in darkest Surrey blogging away so I am actually doing these events not so much to speak as to listen. For a start we have some of the best experts on SQL Server in the world giving up their time to go on tour as well so I can learn from them. More importantly I am interested in what’s going on with SQL Server in the real world; are you virtualised, are you still on SQL Server 2005 or even 2000, and are you dedicated or is SQL just something you do in between Exchange, and Active Directory.
With lots of Power% and %Point stuff in SQL Server I thought I might skip the actual PowerPoint to avoid confusion. I also want my talk to be based on what you want to hear about so if you do plan to go:
and the following we’ll be in London on 30 May
Please register, and then drop me a tweet (@deepfat) or a drop me an e-mail with your questions comments or suggestions, and I’ll see if I can get some swag for those who send me ideas
Until the end of June 2012, Microsoft Learning are offering IT Professionals the opportunity to maximize their investment in current Microsoft Certifications with a 2-4-1 offer on exam vouchers.
When you purchase and take a qualifying exam for a current Microsoft product between April 11, 2012 and June 30, 2012, you will be emailed a voucher valid for the next version exam of your chosen technology path, at no additional cost.
The offer covers the following Microsoft Technologies:
Next Version Product
Windows Server 2008
Windows Server 2012
SQL Server 2008
SQL Server 2012
For more information and to request your voucher(s), please click here.