TechNet UK

Useful tools, tips & resource for IT professionals including daily news, downloads, how-to info and practical advice from the Microsoft UK TechNet team, partners and MVP's

February, 2013

UK  TechNet Flash Newsletter
Featured
  • System Center 2012 sp1

    As I type this I am working hard with Simon to prepare for our next wave of IT Camps specifically the new camps on System Center 2012 sp1.  Having just completed the five exams of MCSE Private Cloud I am now having to readjust to how much is different as a result of this service pack coming out.  The key change is that System Center has had to change to run on and support Windows Server 2012 for example:

    • Virtual Machine Manager (VMM) has to support all of the new stuff in Hyper –V so Shared Nothing and Storage Migration plus all the changes to all the performance limits such as the number of cores.  Virtual Networks aren’t obvious in Windows Server 2012 (they  can only be referenced from Powershell), but they show up really will in the network diagrams in VMM.  VMM also has to understand the other parts of Server 2012 e.g.  virtual machines can now be run form SMB shares , NIC teaming, and the new standards based storage management (SMI-S)
    • Operations manager has to be able to monitor the new version of server, and track the health of these new features, for example 360 health of .Net applications, storage health, IIS 8 health and so on.
    • Data Protection needs to be able to understand and work with deduplication as well as the new REFS file system as does any backup provider.

    System Center 2012 can now run on SQL Server 2012, which in its Enterprise edition provides availability groups to protect your key System Center data.  There’s also the capability to do some really clever business intelligence in this release with Office 2013 to help you understand and predict demand in a large datacentre and better respond to the rhythms of your business.

    Then there are individual enhancements to each component of the suite..

    • Orchestrator gets a new integration pack for Exchange so you can easily setup Runbooks to automate that part of your fabric.
    • Operations Manager has better support for more flavours of Linux e.g. Oracle, Debian & Ubuntu.
    • Configuration Manager has also undergone a lot of changes to fully manage Windows 8 in the enterprise, for example side-loading modern applications, windows to go support and BitLocker configuration.  It’s also important to remember that config manager can also manage Server 2012 and set such things as desired configuration baselines.
    • Service Manager introduces chargeback, one of the key pillars of a private cloud, and essential if you want to benchmark your IT department against third party service providers.
    • Virtual Machine Manager will now manage up to Vmware VSphere5.1 and Citrix XenServer 6.0.

    Finally each component has better integration with the others and so there is a general sharpening of the whole suite.  So that is quite a lot of stuff for a service pack and would easily take a day to go through assuming like me you are already au fait with System Center 2012. 

    I also know that a lot of you have been holding off evaluating or deploying Windows Server 2012 until this service pack was released as you quite rightly want to manage this new version of Windows Server. 

    Finally we are on tour with the System Center camps Manchester, Birmingham and York and we have a few places left on each of them so please don’t beat me up in a few months time that we didn’t run these, and please please cancel if you can’t make it as it does allow us to plan and to let others off the shortlist if it does fill up.

    If you can’t make it and you want to try System Center sp1 you can get it here.. but note this is just for evaluation you can’t upgrade to the full version or migrate data from this.

  • Save the Date: TechEd Europe 2013 Registration opens 12 February

    image

    TechEd is Microsoft’s premiere conference for IT Professionals and Enterprise Developers, offering the most comprehensive technical education across Microsoft's products, solutions, tools, and services.

    We are pleased to announce that registration for TechEd North America and TechEd Europe will go live next week on Tuesday, February 12th.

                TechEd North America                          TechEd Europe

                June 3-6                                                 25-28 June

                Morial Convention Center                    IFEMA – Feria de Madrid Convention Centre

                New Orleans, LA                                   Madrid, Spain

    Attendees will get hands-on learning, deep product exploration and countless opportunities to build relationships with a community of Microsoft experts and industry peers. Visit www.msteched.com to learn more. 

    clip_image002

    Register by 22 March to take advantage of the Early Bird price of €1,695, a €300 savings off regular pricing.


    At TechEd you will get 4 days of hands-on learning, deep product exploration and countless opportunities to build relationships with a community of Microsoft experts and peers. Need to deliver maximum business value while managing your company's technology investments? We’ve got you covered with multiple tracks featuring a breadth of Microsoft products and solutions.

  • Private Cloud Licensing – Made Simple

    I’m starting this blog with an intuitive quiz… (exciting I know!).

    If you’re building a high density private cloud, do you know which edition of System Center 2012 provides the most efficient option?

    What is the licensing minimum initial purchase for Enrolment for Core Infrastructure (ECI) and how many processers does each license cover?

    Take the new Private Cloud Licensing MVA Course to discover all you need to know about licensing the Private Cloud. Learn how to license your private cloud; including server management and virtualization, as well as migrating servers to third party hosting companies. Products covered include Windows Server 2012 and System Center 2012. Understand how the combination of both provides enterprise class virtualisation, end-to-end service management and deep insight into applications so you can focus more attention on delivering business value to your organisation.

    clip_image002

    Learn how the four different Windows Server 2012 licensing editions, Datacenter, Standard, Essentials and Foundation, can be optimised depending on your organisation size and your virtualisation needs. The course takes you through Volume licensing, virtual instances, processor capabilities, CAL’s, and much much more. Below is a familiar scenario which illustrates the use rights for a customer running 4 instances of Datacenter in the virtual. The instance running in the physical can only be used to manage the instances of the operating system running in the virtual operating system environment.

    clip_image004

    System Center 2012 integrates 8 separate component products into one which streamlines the installation and reduces the time it takes to deploy, from days into hours! The Datacenter edition in particular allows for the provisioning of unlimited virtual machines without additional licensing costs. The Datacenter license edition also covers 2 physical processors and allows you to manage unlimited OSEs providing highly virtualised environments with significant cost savings. The System Center 2012 Standard license edition covers 2 physical processors and allows you to manage 2 Operating System Environments.

    clip_image006

    The course also trains you on how to assign certain licenses to a cloud infrastructure with License Mobility through Software Assurance. Do you know the products eligible for License Mobility? I’ll give you a clue… there’s 6! To gain more knowledge and great training and accreditation on licensing the Private Cloud, start the course here and get your certificate to become a Microsoft Licensing expert!

    Be sure to also download a free Evaluation Copy of System Center 2012 sp1 and Windows Server 2012 and have a play with the software.

     

    MVA Licensing Courses

  • Guest Post: The Top 15 Windows 8 Apps to Boost Business Productivity

    The top 15 Windows 8 apps to boost business productivity

    Author Bio: Marcus Austin works for Firebrand Training as a Technical Author. Marcus has over 25 years’ experience in the technology and business sector. His recent work includes constructing a mobile strategy for the Guardian Media Group, together with writing and editing for magazines and websites including TechRadar, Internet Retailing, IT Perspectives, and Santander Breakthrough.

    With over 35,000 apps available on Windows Store, there’s a lot to choose from.

    clip_image002

    The likes of Angry Birds and Fruit Ninja may be the most fun, but there’s a wealth of business apps to be explored. Here are 15 of them that will help increase your productivity:

    clip_image004[4]
    1. Remote Desktop App.

    This allows you to sign in to different PCs, and access files, without having to be physically near your PC. This can prove useful in case you forget an important document, or simply want to move files to and from computers while on the bus home.

    clip_image006[4]
    2. Evernote.

    If you're in the middle of a meeting with your Surface tablet or other Windows 8 device, you can use this program to take notes. You may be wondering why you shouldn't simply use the included app, Onenote. Evernote contains much more functionality allowing you to add links, videos, and photos as well as make to-do lists and sync with multiple computers.

    clip_image008[4]
    3. Skype.

    If you need to keep in touch with co-workers or host a business meeting, Skype has you covered. This has all the features you would expect including the ability to host voice calls, video calls or simply use instant messaging.

    clip_image010
    4. Microsoft Lync.

    This is an elegant and clean looking app thanks to the Modern UI design. With support for audio and video with multiple people, you can keep in touch with colleagues. Plus, you can reference another app or website while using Lync. It snaps to the side of your screen, so you can multi-task and use multiple windows at the same time.

    clip_image012
    5. BBC News.

    This app has a clean design, providing easy access to the latest articles. With multimedia to enhance your experience, this is an essential download.

    clip_image014
    6. News Bento.

    This app is a gorgeous RSS reader following all the design cues from Microsoft's Modern UI philosophies. Like any other RSS reader, this aggregates all your subscriptions into one easy-to-read place. This goes one step further by aggregating pictures along with text.

    clip_image016
    7. Package Tracker.

    Do you send or receive lots of packages? If so, this app is invaluable. It allows you to track the location of packages on a map, with support for a wide variety of shipping services.

    clip_image018
    8. Invoice 360.

    This app allows you to print out a professional-looking invoice in a matter of minutes. All you have to do is input the correct information and choose from a number of invoice templates. After inputting all the information on the invoice, you can save it as a PDF, print it out or use the built-in soft-copy sharing in Windows 8.

    clip_image020
    9. TeamViewer Touch.

    While the Remote Desktop app was already suggested, this app is a good choice for businesses that already use TeamViewer and don't have a company infrastructure that runs on Windows Server.

    clip_image022
    10. Skitch.

    With this app, you can write notes and add annotations to existing pictures. This is incredibly useful for when you're having a brainstorming session.

    clip_image024
    11. Box.

    This app is similar to other popular services like Skydrive or Dropbox, but offers a number of different features and is focused specifically at businesses. There is an uptime guarantee of 99.9%, the ability to collaboratively work on documents as well as the ability to search for text through a document. There are also numerous powerful security features and robust admin tools. This is a great choice for businesses that want a reliable cloud storage service.

    clip_image026
    12. EZ Opp.

    This app allows you to view estimated revenue for your business as well as actual versus potential income. With a tablet-friendly interface and integration with Microsoft's Dynamics CRM service, this is the app to check out.

    clip_image028
    13. Meeting Money.

    This app calculates how much money employees are earning while sitting through a meeting. This can help you keep track of how much money is being spent every minute when you host a meeting!

    clip_image030
    14. Banking.

    Whoever you bank with, chances are they have an app. And they’re all pretty useful for banking on the go. As a minimum, you’ll get access to your account balance, and be able to make payments.
    clip_image032
    15. Microsoft's Map.

    This app is the perfect fit for your transportation needs allowing you to learn about the traffic conditions and get directions to wherever you want to go.
    Overall, all of these apps should help boost productivity within the workplace. Whether it's calculating how much money is being wasted during a meeting or collaborating with employees on a spread sheet, Windows 8 has you covered.

  • A Week With the Samsung ATIV smart PC

    Simon and I have challenged one another to see which Windows 8 devices we fall in love with! We are both gadget lovers and so with Windows 8 consumer and business devices now available we are in our element.  We decided that tablets were the first thing to try as these are something new to many businesses and with touch there are many opportunities that aren’t necessarily that obvious.

    Simon is going with his Windows 8 Slate and I’ve gone with the Samsung ATIV smart PC.  You may say that we are comparing apples to pears but actually they are both very usable in a business context and great for every day use.  So how did I get on with the Samsung then?

    First things first we need to get down to the details… What was in the box!

     

    image

    image

    When I first got this device one thing hit me… Where’s the keyboard… Out of the box this device doesn’t come with a keyboard and at first I was a bit put out.  After all Simon gets a nice flip cover keyboard! (Yes I got keyboard jealousy!)  Then I remembered I have my Arc Keyboard & Mouse… I don’t use the keyboard on my laptop at my desk anyway. In fact I pretty much use my laptop as a second screen when at my desk. 

    I did feel that this device needed a stand of some sort to be able to use the screen when not on the go but once that was sorted it was all systems go with my wireless keyboard and mouse all set up and the screen plugged into my HD monitor via the HDMI port. The at desk experience was good for general office use.

    What I would say is that I wouldn’t want to do anything too intensive on this.  Using Visual Studio or running VM’s is not what this machine was made for but for every day general use it was great.  It was fast, responsive and the screen is really clear.  For those considering security at work note that this device does have a TPM chip which means that if you are like and like to use direct access from home this device will meet your physical security requirements.

    OK so that’s the on desk experience… So what happened when I took this device to my meetings?  Well actually it was a really interesting one.  Unplugged and away from the keyboard and mouse this device really does come into it’s own in a business environment.  I am going to admit something you probably never knew! I REALLY love OneNote!  In fact it’s one of my favourite Microsoft apps ever!  Why is this relevant… Well… When in meetings OneNote on a tablet really comes into it’s own.  For example when explaining how something works it’s much quicker to use the integrated pen that comes with the Samsung and draw a quick diagram for a colleague.  Even better than that I can even email that diagram to them and doodle some text around it and turn my scruffy handwriting into legible text with the convert to text functionality making me more productive.

    There are 101 different ways that a tablet works better than a PC in the office and I’m pretty sure you don’t need me to tell you all the reasons, but to me the tablet is the future in the office for the general office worker. It provides flexibility, simplicity and the ability to be creative.

    The Samsung ATIV SmartPC is definitely a contender if you are looking at tablets for your business and has the benefits of a fully functional PC.  At just under £700 this is a pretty nifty device and if you are looking for something that has even more power and oomph then the Samsung ATIV SmartPC Pro could be well worth a look.

    How could you imagine this device being used in your office?

  • Licensing Logic: Windows Server 2012 Licensing – Made Simple

     

    With Windows Server 2012, organisations receive the capabilities they need to meet today's ever changing IT requirements through a fundamental shift toward cloud computing. The Windows Server 2012 licensing MVA course covers how to license Windows Server 2012, and will assist you in understanding which edition is the right solution for your organization and how to migrate from earlier editions of Windows Server.

    The course takes a look at the four Windows Server 2012 editions. It will help you to understand how the processor + CAL model for Windows Server 2012 Datacenter and Standard editions work for your organisation. Did you know Windows Server 2012 Standard edition now have all the same features and capabilities as Datacenter edition with each license covering up to 2 physical processors on a server? They are both Private Cloud optimised solutions. The Datacenter edition is ideal for highly virtualised environments as it provides for unlimited virtualisation. If your organisation is rapidly growing with high-density virtualisation needs then this edition is ideal. Datacenter and Standard editions are only differentiated by virtualisation rights as the Datacenter edition provides for unlimited virtualisation whereas Standard edition provides organisations with 2 virtual instances with each license.

     

    Windows Server 2012 Essentials is a cloud connected first server ideal for small businesses with up to 25 users providing organisations with the flexibility to have email in the cloud, run line of business applications, or run email on premises. Windows Server 2012 Foundation is an economical general purpose server for physical computing continues to be a server model with no CAL requirements.

    clip_image002

    Every user or device that accesses an instance of Windows Server 2012 requires a CAL. Learn how to choose the best and most economical CAL based on your particular scenario. The 2 CALs are Device and User CALs. Device CALs is an access license required for every device used by any user and most appropriate for organisations with multiple users accessing an instance of Windows Server on a single device e.g. shift workers. User CALs are required for every named user accessing the server and is most appropriate for organisations with many roaming employees who need access to the corporate network.

     

    The course also takes you through a simplified Windows Server 2008 to 2012 comparison. Windows 2008 R2 Datacenter and Standard editions had different capabilities whereas Windows Server 2012 editions both share the same improvements in capability and licensing. Learn how both editions benefit from the increased processor support, memory and other features once again are only differentiated by virtualisation rights.

    clip_image004

    You are able to downgrade your bits to previous versions of Windows Server as illustrated below but it is important to remember that Downgrade Rights allow you to downgrade the bits only but the license rules of the purchase version still apply.

     clip_image006

    For those of you with Windows Server 2008 we review the difference between the previous and the new version for Windows Server 2012 by going through common scenarios. You can increase or grow your virtualisation instances in 2 ways:

    1.  If you want a lightly virtualised envrionment you can choose to assign multiple Standard edition licenses to a single server often referred to as stacking licenses. Each standard license increases your virtualisation rights by clip_image008

    2. If you want to move to a highly virtualised environment and have active SA you can use your Step-up benefit to move from Standard edition to Datacenter edition

    · clip_image010

    All this and much more scenarios, learnings and instances are covered on this course to solve your licensing headaches. Take the course now and kick-start your path to becoming a Microsoft licensing expert! Start Here

    Be sure to also download the free Evaluation copy of Windows Server 2012 and have a play with the software.

  • Why Windows 8 is Great for Business–Technically Speaking

    Windows 8 has enhanced security with BitLocker, AppLocker, Windows Store apps, Secure Boot, Measured Boot and much more. It also offers superior seamless, fast and fluid experience for remote or VDI sessions with inbuilt support for technology like mobile broadband in ways you probably hadn’t considered. Simon May takes a look at why Windows 8 is great for business.

    Over the past few years the world of end user computing has changed dramatically. Back in 2009 when Windows 7 was released there were few end-users who used multiple devices. I was working for an organisation that was one of the exceptions, issuing some users with relatively dumb smart phones for email access. My how the world has changed.

    User Demands Have Changed

    Today it’s highly unlikely that your end-users are only carrying one device, many are carrying two or three. In some rare circumstances (Andrew Fryer and I) typically carry 7 devices each, we are extreme end users inside of Microsoft. As the world has changed so much our devices also need to change in almost every aspect. In the world of end user computing we are mainly driven by what our users expect from a device and as we all know some of those expectations are explicit and some are not.

    On the list of explicit requirements are usually things like the ability power it on and in todays world very quickly – almost instantaneously. Small, light, fast, clear, bright, intuitive are also right up there on the list of expectation adjectives for end users. The list of implied expectations I think is far more interesting: security, reliability, easy to repair are often taken for granted or assumed by the user. Lets take a look at why Windows 8 is necessary to help IT deliver on some of these requirements.

    App Security

    The security features of Windows 8 are pervasive throughout the OS and build upon and compound the previous security investments in Windows. For example the Windows Store app model requires that apps declare to the end user (or to the IT Admin) precisely what the app needs to access within Windows such as the users work or home networks, documents, web cams etc. Additionally Windows Store apps don’t execute with the users standard set of permissions – instead they use a subset in much the same way Internet Explorer does. The upshot being that the app is less able to affect the devices stability. I use the term Windows Store here but that doesn’t require the app to have been obtained via the Windows Store, side-loading (the process of installing without using the store) is more relevant for many enterprises.

    Encryption, Faster

    Encryption is an area where Windows 8 excels and compounds previous improvements. In Windows 8 BitLocker Drive Encryption (BDE) can be set to only encrypt data as it is placed onto the disk, where as previous versions of BDE would also encrypt the “white space” on the disk that contains no data. If you want you can still allow that to occur. BitLocker’s approach of only encrypting data as it is placed on disk becomes a boon when you consider the deployment process. With Windows 8 and System Center Configuration Manager 2012 we have the ability to pre-provision BitLocker or to put it another way encrypt the hard disk before Windows 8 is even installed. The upshot is that Windows 8 can be provisioned in an encrypted state. For anyone who’s had a build engineer take a device from your build factory before disk encryption has been run, and subsequently breach security by issuing the device to a user this will probably want Windows 8 as a result of that feature alone. It’s a job saver.

    Encryption, More User Focused

    There are other improvements too for BitLocker, most importantly these affect usability for the end user. With Windows 8 and BitLocker users can change their own BitLocker PIN without the need for admin rights, simplifying the process. Most BitLocker users I’ve seen (and EVERYONE) in Microsoft must run BitLocker to protect YOUR data never change their BitLocker PINs but they should. I actually helped a colleague add a PIN a few days ago as he was having to enter his BitLocker recover key upon every boot to use his device. Sub-Optimal! This is of course the next end user improvement, BitLocker can in Windows 8 with UEFI hardware network unlock itself. This process prevents your users having to find and enter their BitLocker recovery key on trusted networks, you as the IT guy define that network and the whole process is secured using public key certificates. This will reduce downtime and helpdesk calls for your users and for IT.

    If you don’t think BitLocker is for you then consider what happens when you loose a device, also consider that most users think their devices are encrypted even if they aren’t since they’re smartphones and tablets often are. Now make the link to you CIO / CEO / CFO probably thinking you encrypt all devices and again deploying BitLocker could be a job saver.

    Secure Boot

    Windows 8 with UEFI hardware also implements Secure Boot. Put simply the UEFI chip holds the current signature of Windows 8 and if that changes Windows 8 will enter recovery and recover to the state that Secure Boot knows, reboot and succeed to start. This is important because pre-boot malware has become an attack vector of choice. As a Malware creator getting your malware under the OS is a home run because it’s hard to detect once the device has started. Secure Boot prevents that ever happening.

    Measured Boot

    Measured boot takes the Secure Boot process one step further and checks more granularly that files and processes within the OS haven’t changed by comparing more signatures. The measured boot process uses the TPM to check that boot is progressing as planned and has not been compromised.

    App Control

    For many control over what apps can run on a device is a paramount concern, in fact in the UK some industry sectors are unable to deploy devices upon which applications cannot be blocked. Windows 8 and Windows Server 2012 allow you to decide what apps can or cannot run on Windows 8 devices within your enterprise using AppLocker technology. AppLocker is not new to Windows 8 and Server 2012, it has been available since Windows 7 and Windows Server 2008R2 but in Windows 8 and Server 2012 AppLocker extends to Modern UI or Windows Store Apps. AppLocker is implemented through Group Policy and by creating a GPO to either enable or disable specific apps that are either side loaded or are delivered from the Windows Store. This process provides complete control. AppLocker can be used to allow or deny based on publisher, version or name of the app with publisher being the most permissive or restrictive (allowing or blocking all apps for a publisher) and name being the least permissive or restrictive (requiring an exact name match).

    With regard to the AppLocker user experience at camps I’ve repeatedly been asked how to remove tiles from a users Start screen. AppLocker can help you achieve that. When apps have been blocked or only specific apps have been allowed (which infers all others are blocked) the app will not launch, cannot be installed from the store and upon login the tile is removed from the start screen (after the AppLocker policy is applied). The user may have paid for the app they are loosing access to and could be annoyed at the IT Admins blocking of their favourite app, but they still retain their purchase which will work on other devices that don’t have the GPO applied to them. Some IT Admins may want to use WMI filtering to make GPOs more dynamic, removing the block when the user is connected to an alternate network for example.

    Anti-Malware by Default

    Every Windows 8 devices has anti-malware protection by default. That is an incredibly important statement for enterprises because they can be sure that when someone brings a Windows 8 device into the office, even if it’s not corporately owned it will have some form of protection. Furthermore it is impossible to turn off Windows Update on a Windows RT device. Couple this anti-malware protection with a NAP solution with SHVs and you’ll be a step closer to safely allowing BYOD. For enterprises that want to take control of the anti-malware solutions in Windows 8 you will need to use either Windows Intune or System Center Configuration Manager 2012 SP1 with System Center Endpoint Protection. Once either solution is enabled you’ll have the ability to control updates and report compliance across your estate. Additionally you’ll have the ability to instantly, remotely initiate anti-malware detection so you won’t need to talk the user through the process.

    Connected

    The style in which we as individuals work has changed much over the past 3 to 4 years too. Always on connectivity is now expected and many of us work from home or on the road on a regular basis. One of the reasons for this change has been the abundance of access to the Internet from almost everywhere. Of course, being realistic, not all Internet connections are created equally and the quality of service you receive varies significantly. Trust me on this I know, I’ve spent over 40 nights in hotels this year and I run events where the Internet (which is always business-grade 30mbs minimum as advertised) varies dramatically. Thankfully we’ve realised this and there are changes throughout Windows 8 that make this experience better.

    Mobile Broadband

    Mobile broadband now accounts for a vast amount of connections to the Internet with most smartphones and tablets being constantly connected. Services range from GPRS to 4G in the UK and those terms indicate vast ranges in bandwidth but not only in bandwidth, latency and loss are also a huge factor in modern networks. If we look at how people were connecting back in around 2000 when I started my career WAN connections were a known quantity – you got what you paid for. If you wanted a 1mbs backbone (yup) for your core network with 100ms round trip you pay for it and get it. Today that kind of connectivity is almost taken for granted and is substandard – your mobile phone connects better. If you wanted to make that purchase today you will have myriad options, you will probably go with the cheapest. The point is really that network conditions have changed and your devices now have to cope with many different network types.

    Mobile broadband is now intrinsically understood by Windows 8. When Windows 8 sees mobile broadband hardware, a SIM and a connection you have the option to connect from the charms. Not only that but Windows 8 understands that you don’t want to experience shocking bills and so limits what happens over that connection. Windows 8 automatically marks mobile broadband connections as “metered” connections, and some activities, such as getting updates from Windows Update are not undertaken on metered connections. Metered connections are constantly tracked to tell you how much data you’ve used as well and many of the major carriers have Windows 8 apps to provide you with deeper intelligence on your bill. If an alarm bell just rang in your head, as it did in mine, about Windows Update not running on a metered connection and therefore not downloading anti-malware updates on a metered connection the fear not. IT admins can control metered connections with Group Policy, as you would expect.

    It’s not only Windows 8 that understands metered connections. System Center Configuration Manager 2012 SP1 also understands metered connections, an app can in fact make use of the information. CM12 however uses the information to give you control over whether your users can download from your CM12 Distribution Points (DPs) over a metered connection.

    As good remotely as locally

    Because so many people now connect when they’re out and about access to remote sessions has become ever more important. There are times when you don’t want the data walking out of the data centre which is where VDI and Remote Desktop Services come into play. In Windows 8 and Windows Server 2012 these two areas have undergone massive improvement. Firstly the client and server now negotiate to find the best connection quality for both bandwidth usage and server performance, and they do that continually to maintain remote sessions that look as good as local sessions.

    Ensuring that remote sessions look as good as local sessions was a key directive for the team. When I remote onto a Windows 8 VDI desktop it should feel local, and it does. Touch is respected (up to 256 points!! if the client supports that) and things flow as quickly on remote sessions as they do locally. Video is a prime example, watch Windows 7 and Windows 8 side by side and you quickly see the difference. The key is the way that the remote session is rendered, dynamically analysing the content on screen and sending that content to the users remote client in the most appropriate way. If the client sees moving pictures, it’s probably video and h.264 is used to encode and send the video (if it’s available for rendering on the client). If the content is a picture then a low res version is sent to the client and progressively updated with more detail – this lets the user get on with their task, such as viewing a webpage. Oh and for those guys working on trade floors, we now support up to 16 monitors.

    Under the hood there is a also work being done to support those more lossy, more latent networks. In the case of video in a Windows 8 VDI or Server 2012 RDS session the video is sent as UDP packets and not as TCP packets. The difference being that UDP doesn’t require the acknowledgement of receivership that TCP does, in most cases dropping a frame or two while watching a video doesn’t hurt the experience so much. Video sent over TCP could require every frame to be acknowledged, slowing the frame rate right down, delivering a very jerky experience.

    Of course the thought of VDI is great but the practicality is not for everyone and other solutions make sense. It’s great to not need to take a computer with you, but to have all your apps, your documents and your corporate access with you. Windows To Go is the solution that makes this work, allowing you to take Windows 8 with you on a USB drive, pop the drive into any Windows 7 certified PC, boot and log in. You then get your personalised experience with you. If you care about security you can encrypt the stick with BitLocker and you can implement DirectAccess to allow you to encrypt any network traffic back to your corporate HQ – right down to the specific servers being accessed. The second you pull your stick out of the PC you booted with it the PC will lock up, blocking all drive, keyboard, mouse and touch access. Thirty seconds later it will reboot to the PCs own OS. However if you pop your stick back in within 30 seconds you seamlessly carry on where you left off. Enterprises can use System Center Configuration Manager 2012 SP1 to manage the creation of the sticks with your normal enterprise deployment practices. We are seeing some organisations deploy Windows To Go to their temporary workforces to save cost, asking them to bring their own PC and boot from a stick.

    Enabling BYOD with Windows To Go

    Windows To Go sticks are managed just like any other computer in your estate. They have an AD account, they appear in CM12 as computers, when they’re in a PC they are the PC and you can do almost anything to them that you can to a normal Windows 8 device. Critically there is not usability difference to the end user.

    Over the course of this article I’ve highlighted how Windows Store apps take a more modern approach; how BitLocker and pre-provisioning and used space encryption will save hours and pounds; how integration with new hardware can strengthen security and malware resistance with Secure Boot and Measured boot; how AppLocker will help you control application usage in Windows 8; how built in Anti-Malware will help increase trust and manageability in BYOD environments; how remote connectivity is improved throughout Windows 8 with mobile broadband and metered network integration; how VDI and RDS help when dealing with demanding users and remote connections and finally how Windows To Go can help with BYOD questions.

    In short I’m up to about 2 pages of A4 at 10pt text or 2800 words and I’m only half way through the features of Windows 8 that matter for business.

    The best thing you can do, right this second, is try Windows Server 2012, Windows 8 and System Center 2012 SP1

  • Eine Tour durch die Windows Azure Datencenter [Video]

    Hallo @all,

    das folgende Video zeigt wie Microsoft Windows Azure Rechenzentren baut und weiterentwickelt hat.

    zum Video

     Zu guter letzt noch ein kleiner Betrag wie man das eigene Unternehmensnetzwerk in einem Azure Data Center abbilden kann: Windows Azure Virtual Network–Wie baut man ein Netzwerk in der Cloud mit eigenem DNS-Server

     

    Liebe Grüße

    Patrick

  • Enable and Activate TPM for BitLocker Pre-Provisioning in WinPE

    I have to say this one caught me out. I’m just setting up a task sequence to deploy Windows 8 and pre-provision BitLocker (which is wicked fast by the way!) and got caught with enabling and activating the TPM from WinPE.  The solution I came up with works for me, on a Samsung Series 7 Slate but might not work for all hardware vendors (TPM is a little tricky like that).

    The process turned out to be pretty simple.

    1. Download the EnableBitLocker.vbs script from MSDN.
    2. Copy the file to my Configuration Manager 2012 SP1 Site Server.
    3. Edit the file and change the reference to “setup.exe /s” and “setup.exe /r” (shutdown and reboot in full Windows) to “wpeutil shutdown” and “wpeutil reboot” respectively. I did this because WinPE doesn’t include shutdown.exe but instead uses wpeutil to do the same(ish) thing.
    4. Created an Application Management package containing only the EnableBitLocker.vbs script and distributed it to my DPs.
    5. Added a Run Command Line task to my Windows 8 deployment task sequence, after Restart in Windows PE and before Pre-provision BitLocker.
    6. PXE booted and deployed my task sequence to my target machine.

    The final effect takes advantage of Windows 8’s used space only encryption and starts encryption before the OS is even deployed, encrypting as the OS deploys – the net result is a fully encrypted machine within minutes!

    Don’t forget to download Windows Server 2012, System Center and Windows 8 Enterprise to try this out and take a look at my other posts on System Center.

  • Want to Jump Start your Windows 8 at Work Experience?

    Take advantage of free, online, fast-paced training courses designed specifically for experienced IT professionals with jobs that demand that they know how to best leverage the emerging features and technologies in Windows 8.

    Module 1:
    Tips and Tricks for IT Pros

    See what's new in Windows 8 for the IT professional

    See what's new in Windows 8 for the IT professional from the new user interface and keyboard shortcuts to the Windows App Store and Internet Explorer 10.
    Download this module (2.66 GB)

    Module 2:
    Windows 8 Deployment

    Learn how to customize and deploy Windows 8

    Learn how to simplify Windows 8 planning and deployment, and ease your migration from earlier versions of Windows.
    Download this module (1.76 GB)

     

    Module 3:
    Access to Windows

    Explore virtualization scenarios for Windows 8

    Explore virtualization scenarios for Windows 8, specifically with regard to Windows To Go, Virtual Desktop Infrastructure (VDI), and Client Hyper-V.
    Download this module (1.73 GB)

    Module 4:
    Anywhere Productivity

    Learn how to utilize key Windows 8 features and complementary technologies to enable users to be productive virtually anywhere

    Explore common Windows 8 mobility scenarios including providing a consistent user experience across devices, virtual machines, and session-based desktops.
    Download this module (2.02 GB)

     

    Module 5:
    Windows Apps

    Learn how to deploy and manage applications in Windows 8

    Learn how to deploy applications in Windows 8, sideload apps for individual users or all users, and centrally manage apps once deployed.
    Download this module (1.39 GB)

     

    Module 6:
    Recovery and Security

    Learn how to better control, secure, and manage Windows 8 PCs

    Learn how to better control, secure, and manage Windows 8 PCs with BitLocker, UEFI, Secure Boot, and the Diagnostics and Recovery Toolset (DaRT).
    Download this module (1.63 GB)