This week has reminded of the precious value of having someone else review the projects and problems we face as network engineers helping our clients with all of their networking needs.
Every one of us have ran up against multi-factorial network problems that can make our heads spin, especially when the issue is described as something like, "the network is slow". Is it the switches?...Is it the cables?... Is it the servers?.... Is it a name-resolution issue?... Is there an infected system on the network?.... The list is endless, and most of the time, the result is a cumulative effect of many of these affected areas.
As professionals, we work, methodically, through the various possibilities; fixing one or more of the many items that we find while troubleshooting. Sometimes we get so "deep" into these scenarios that we can end up "losing sight of the forest for the trees". It is during these times when it becomes invaluable for a professional to call in a colleague for a fresh view of the problem.  A review of the situation by this "second set of eyes" provides many benefits, least of all the following:

• "Fresh Eyes" - Different viewpoints can provide new and different insights to an issue.
• Another Body of Knowledge  - Especially, if the reviewing engineer has specialized expertise in an area related to the problem at hand.
• "Battle  Scars" - Many times a reviewer may have already faced the same issue that you are facing currently.
• Efficiency - No one wants to pay money for time spent on issues while your ego was in denial…the faster you ask for help, the faster the issue gets resolved.
• "Feel Good" Factor - Bottom line, it is the right thing to do when you are struggling with a complex issue.

I have reviewed many colleagues issues and work performed and have asked for the same consideration for my scenarios. Each time, on both sides,  I have found the experience valuable!

I will close my post with a sincere, "Thank You" to all of those who have helped me when I have asked for it and those who have esteemed me enough to ask for my help.  Please continue to do so in the future...

The user interface (UI) of Office 2007 is dramatically different from that of previous versions of Office.

While the change is very stark, the new UI is very intuitive. Believe it or not, more features are accessed easier now than ever before!

Microsoft has created interactive guides to help you find functions that you are used to in Office 2003 are located in the new Office 2007 UI.

• Word 2007 : http://office.microsoft.com/en-us/word/HA100744321033.aspx
• Excel 2007: http://office.microsoft.com/en-us/help/HA101491511033.aspx
• Outlook 2007: http://office.microsoft.com/en-us/outlook/HA102221621033.aspx
• PowerPoint 2007: http://office.microsoft.com/en-us/help/HA101490761033.aspx
• Access 2007: http://office.microsoft.com/en-us/access/HA102388991033.aspx

If you prefer to get a quick “get up to speed” type of demo, you can view these demos:

• Word 2007 : http://office.microsoft.com/en-us/word/HA100484691033.aspx
• Excel 2007: http://office.microsoft.com/en-us/help/HA100484501033.aspx
• Outlook 2007: http://office.microsoft.com/en-us/outlook/HA100518161033.aspx
• PowerPoint 2007: http://office.microsoft.com/en-us/help/HA100484621033.aspx
• Access 2007: http://office.microsoft.com/en-us/access/HA102002991033.aspx

IMPORTANT POINTS

File Format

• File extensions are different (i.e. "docx instead of ".doc")
• Free Office 2007 file reader: http://www.microsoft.com/downloads/details.aspx?FamilyId=941B3470-3AE9-4AEE-8F43-C6BB74CD1466&displaylang=en

PDF Creation:

• Free add-in for creating PDF files from Office 2007 files: http://www.microsoft.com/downloads/details.aspx?FamilyId=F1FC413C-6D89-4F15-991B-63B07BA5F2E5&displaylang=en

Office Tips:

• Site for new tricks and tips to improve your productivity with Office 2007: http://office.microsoft.com/en-us/webcasts/FX102557791033.aspx

Very interesting, heated discussions going on here at SMB Summit 2008, in Dallas! Lots of "strong" opinions... :-)

Here is one of the rubs....Small Business Server (SBS) 2008 (aka. "Cougar")  is dropping the ISA product, straight out! A mixed reaction from the group when that news was dropped yesterday during the dedicated sessions on the topic (the "boos" were very audible, from the partners who love this product in SBS). Single NIC implementations will be the focused design of the new version of SBS. While there were some unhappy folks, the overwhelming attitude was welcoming acceptance.

On the other hand, the new Essential Business Server (EBS) product, (aka "Centro") which targets the core Mid-Market space of organizations of up to 250-300 users/computers, will REQUIRE the newest ISA implementation, which is now known as, Forefront Threat Management Gateway (TMG...leave it to Microsoft to change up one ridiculous acronym for another one). The standard EBS implementation, which will be a three server deployment, consists of a Management/Monitoring Server - running Windows Server 2008 and System Center Essentials (SCE..."I know, I know, stop with the acronyms already); a Messaging Server - running W2K8 and Exchange 2007; and a Security server - running W2K8 and you guessed it, ISA, oops, I mean, "TMG".

After a ton of "back and forth" with the Microsoft Team onsite here, the crowd hopefully got the idea that these new compiled offerings while sharing the brand of "Essential Server" Family, are not intended for the same client base. Period. The same compelling reasons that motivate Microsoft to pull ISA from SBS, drive their decisions to include it in this 1.0 version of EBS....namely Partner and User Feedback!  While I understand the learning curve involved in learning ISA, (damn it, Marcus..say TMG!) it is important to know that it is a wonderful product for what it does...protect data. The Mid-Market tends to have a greater appreciation for this fact. Given that the EBS product promises to properly publish all of the services that we know and love (OWA, Outlook Anywhere - RPC/HTTPS, RWW, ActiveSync, etc) right out of the wizard, there is really is little to complain about with this new product.....so far.

I want to get my hands on this code and have signed up for all the partner/public beta access, I could...

...ah yes, change cometh forth this way. Ready thy self !

Elizabeth and I  landed late yesterday and checked into the Omni Mandalay Hotel, here in Las Colinas (Irving,TX)...She will be enjoying the local Dallas area during the day, catching up with our friends in this area, and I will attending all of the sessions which drove me to this event after Tom mentioned it to me, SMB Summit 2008 is dedicated to the solutions that Lanlogic has been delivering for over 4 years now, Microsoft's Small Business Server and the brand new Essential Business Server.

I am scheduled for the one of the pre-conference workshops presented by Karl Palachuck, "Perfect, Profitable Projects". Karl has lots of time in service and I have read a couple of his books and find him to have real, succinct, valuable information in them. His delivery is real-world and no-frills (thank goodness) and I am eager to attend this workshop.

All day tomorrow is dedicated to SBS 2008! I can't wait....having evangelized SBS 2003 for so long, I am very excited to see this updated version of my favorite Microsoft product.

Saturday is dedicated to the new Microsoft compilation product, Essential Business Server 2008 (formerly known as "Centro"). This version was developed due to the overwhelming success of SBS 2003. It promises the same value proposition of SBS, but targeted at businesses in the Mid-market. This means that the user limits are extended from 75 to 250 users. The requirement to maintain the MS server products on the same server has been lifted allowing more sound, real-life implementations of the various products that come with this server. There are many other new considerations for this new product which will be covered in depth on Saturday. I am truly looking forward to it.

Sunday is a break out day: 3 tracks - Owner/Manager, Sales/Marketing, and Service/Technical. While most would peg me for the Mgmt or Sales track, I have targeted the technical track at this event for Sunday...simple reason: it contains the most valuable information for our team at this time (more stuff on the new products and some discussion on products that we are currently using)

Monday is another break out day and I have targeted discussions from each track on that day....go figure! :-)

I will be looking at dinners and sights in the evening hours out here, so if anyone has recommendations for things to see or where to have a good dinner here in Dallas, TX, I invite your recommendations!

This is a test posting using Windows Live Writer....let's see if it works out for me!

I am very interested in the various apps that people use during their workday. I am not looking for the comprehensive list of what is installed on your system...rather I want to know which applications are like oxygen for you.

The apps you simply could not live without!

Here is my list:

Computer: Internet Explorer 7 (any tabbed browser, at least); Outlook 2007; OneNote 2007; any decent .pdf reader; Word/Excel/PowerPoint 2007; Trillian; RDP client; LogmeIn Rescue; ActiveSync

Phone: Web browser (the must-have mobile favorite: www.pocketvip.com ; Jott (while not technically an app, I absolutely must have this now); Camera

What are your "Oxygen" apps?

Here are the second set of articles I read:

"The Ranks of Service", by Douglas Hanna, published in Ping!(most recent edition)

Douglas provides an overview of the various levels of support that are considered standard by most hosting companies. You all know the terms, "…Level 1, 2 and 3…or if you are fancy, primary, secondary and tertiary!!"

Douglas is not very fancy in his delivery of this article (thank goodness!). He just delivers the "nuts and bolts" of the various levels and what each level generally consists of. He does show how various companies change the definition a bit to meet their needs/expectations.

He goes on further to touch on the importance on mentor-based training in these support roles.

He concludes with some notes on escalation procedures and describes the simplicity of some methods and the intense complexity of others. He provides some examples of different methodologies at work.

The article is supplemented with a "tips" column bar for companies looking to refine their escalation procedures. Here is the list:

• Have the team be aware of the different strengths and weaknesses of their fellow team members.
• Outline job descriptions and responsibilities
• Have administrators watch incoming tickets
• Escalate quickly
• Give updates
• Use training to your advantage
• Have a "go-to" person
• Share your statistics
• Monitor individual employees

"Server Backups, Are You Serious?", by Dave Young, published by Ping! (most recent edition)

Dave starts off by mentioning how, currently, most web hosting providers provide little, if any, backup of client data as part of their agreements with their clients.

The ones who don’t simply state that they view client data protection as the client's responsibility.

The ones who do often have hodge-podge mixtures of "FTP, tar, rsync and homegrown shell scripts".

He mentions how the word, "restore" doesn't mean that the client gets any data back, but rather that the client will get a new server wiped clean with a functional operating system.

He compares this against what other industries do for data backup. SANs, NASs, tape libraries, …vendors like EMC, Veritas, and Computer Associates. Doug has keen insights on why traditional licensing models of this software don't work for the hosting business.

He then discusses the data retention strategies for web hosting companies. Notably he discusses the impracticality of incrementals using TAR and Rsync.(too much disk space req'd).

Obviously retention plays big into disaster recovery scenarios and Dave mentions how some hosts have found out that their backups were failing, not to mention the failed server, and been in the unfortunate position of only having that single "backup". (oof!)

The remainder of the article highlights Righteous Software and its founder, David Wartell.

The history of the company and the creation of their technology Continuous Data Protection (CDP) is detailed and the efficiency of the CDP is lauded (hard disk sector based backups vs. file system level backups.

He mentioned how the RS group was able to efficiently store incremental backups using "disk safes"…aka "delta" technology.

So now, apparently, disaster recovery is narrowed down to four easy steps

1. Fix hardware issues
2. Boot the server into recovery mode
3. Select the backup to restore
4. Sit back and enjoy the complete disaster recovery.

Interesting read…seemed aimed more at the pure Linux-based networks, but I enjoyed the read!

I read another Q and A one pager on hosting questions…loved the Question and Answer on "blowing out the dust"!

The last one I read was a very brief interview with Open-Xchange Chairman Rafael Laguna. The one-page interview mentions that Open-Xchange has struck a deal with 1&1 and will have a low-cost open source option here.

Take care!

I heard somewhere that the most efficient way to absorb magazine articles was to breeze through the magazine and pinpoint 1-2 of the most impactful articles, tear them out and save them in a file for absorption during down time.

I have done this previously and realized that the takeaways would make cool blog posts...So I have decided that I would give it a try. It's not quite a full-blown medical journal summary (ala Journal Watch), but hopefully you will be able to pull something from it.

• "Following SMB Dollars" , by Lisa Terry, published in VSR (04/2007)

Brief one-pager giving insight gained from recent studies by the Yankee Group, Forrester Research and CompTIA .

Lisa's Predictions for SMB IT spending based on these reports?

1. Security
2. Backup/Restore (Disaster Recovery)
3. Applications and Data Availability

• "5 Steps to IT Consolidation", by Apurva Dave, published in VSR(4/2007)

Just like it sounds…here is the list:

1. Communicate a change management strategy
2. Develop a plan for resiliency
3. Architect a forward-looking infrastructure and support plan
4. Test branch office performance
5. Plan a phased rollout

• "10 Tasty Terminal Server Tools" by Greg Shields, published in Remond (4/2007)

Greg analogizes terminal server administration to "concocting the perfect latte"…further supporting my premise that if IT guys are not thinking of technology, they are thinking of coffee…good coffee!

His pick of tools was a well-rounded list that will attend to most issues that TS admins will run up against. Here is the list:

1. TS Task Manager - Cool hacked version of this ol' standby utility
2. ReconnACT - Ability to run scripts during Disconnect and Reconnect times
3. TSWhereIs - Locates which terminal servers a stated user is logged into
4. TSLogoff - Allows admins to log off all users connected to a specific terminal server at the same time.
5. ICSweep - Automatically clears the Temporary Internet Files cache on your terminal servers.
6. TSListUsers - Lists users attached to the local terminal server as well as their computer name and IP address.
7. Ping Plotter - Good ol' standby for pinpointing network connectivity latency.
8. ThreadMaster - Establishes and enforces process threading thresholds, automatically reducing the priority of the thread if exceeding the thresholds
9. TSPing - Monitors the Netlogon, Print Spooler, and Terminal Server services. Sends SMTP alerts if issues arise.
10. WTSConfigurator - All in one configuration panel for Terminal Services.

• "Changing the Model", by Lisa Terry, published in VSR (4/2007)

Feature article of this month's issue of VSR. Very much in line with the latest buzz of Managed Services.

Lisa describes the two models of managed services:

1. Licensing a management platform to administer services
2. Branding and reselling of a 3rd party managed service offering

She also brings light to the "dark secret" of managed services, that is, the difficulty of internal business process changes to managed services. It turns the traditional "break/fix" approach on its head and, obviously, this causes apprehension in business that have been successful in the traditional model.

Lisa pinpoints "Four Pitfalls to Avoid" which are:

1. Failing to Systematize
2. Supporting bad infrastructure
3. Not anticipating all costs
4. Overinvesting too soon

She ends the article off with a note on the potential for vertical advantages, in the mostly horizontal offering that managed services is.

Please leave a comment to let me know if there was more or less that I could add/subtract.

If you own a laptop, attend meetings with it, use it while taking messages on the phone, and brainstorm regularly with teams and yourself...you MUST try OneNote!

Here is a typical beginning of my work day:

1. Start Laptop
2. Log In
3. Go get cup of coffee
4. Sit back down at desk and open:
   1. Outlook
   2. Internet Explorer
   3. OneNote
5. Open the new subpage for "phone calls" in OneNote, pop on headset, check my voicemail and transcribe the messages as a callback list (I tag each call with a checkbox and clear it as I make my calls)
6. Begin reviewing my email, ticketing system, etc.

If it's a Monday morning...

1. Steps 1-5 above...
2. Take laptop into our conference room
3. Conduct weekly staff meeting and take notes on preformatted template for this regular meeting.
4. Send out copy of meeting notes to everyone immediately after the meeting ( from the menu bar, File | Email)
5. Move on with the rest of my morning...which is usually comprised of more meetings where I both review and take more notes inside OneNote!

I find that it is an invaluable tool, much the same as Outlook...things I love about it are:

1. No need to "Save As"
2. Totally searchable "notepads" (so damn cool)
3. "Send to email" functions
4. Screen clipping function (especially when combined with drawing and ink tools)
5. Built in math functions
6. Table functions
7. OneNote Mobile (I run around with a Cingular 2125 and my notebook runs Windows Vista Business, so I am armed to seamlessly take voice, photo and text notes from my phone to my OneNote notebooks)

Most people that I talk to seem to have a hard time getting into it until they open it up, read some tips, and keep using it...open it every time you open Outlook and I am sure that you will come to love it like I do...maybe even more!

Instant Messaging (IM) has been around for awhile, but it still bodes well for all of us to remember to stay vigilant and safe when IM'ing. Parents not familiar with IM'ing will want to pay particular attention....these tips were originally published by Microsoft at:  http://www.microsoft.com/athome/security/online/imsafety.mspx

My wife, Elizabeth, recently picked up the new Samsung Blackjack. A very cool device!

Very slim, much like a MotoQ, but with a greatly reduced hassle factor. She had it set up to her Exchange server account without my help. She was previously using a Blackberry 7520 on Nextel. She ponied up the $200 for early termination after checking out the Blackjack. She claims to be much happier with the new device and the new network (Cingular).

She has been gracious enough to allow me to play with it from time to time and I must say that this device has a slim enough profile to get me re-interested in full QWERTY devices again. (I forced myself to learn T9 to get away from the bulky Blackberries and TREOs) Overall, I like the device. The buttons are workable, but best for smaller hands. The display is, simply put, beautiful. Smartphone with a scrollwheel...nice addition.

Kinda sucks that there were no cases available immediately, but this device is slim enough to drop in your shirt pocket or purse with no prob.

A client recently contacted me concerning an online deal that he was working on with a Canadian individual. He had some reservations about the party he was looking to transact with and decided to contact me for an objective, third-party opinion on the transaction. Thank goodness!

I receive the email history trail of his communications with his "interested buyer" and ran it by a few online fraud resource sites.

Turns out that this scheme attempts to get victims to loosen their pursestrings in a way that offers a false sense of security and sincerity. Here is the description from the "Internet Crime Complaint Center". (Please note: The Internet Crime Complaint Center is also your portal to report internet-based crimes (attempted, successful, failed or otherwise) to the FBI.

COUNTERFEIT CASHIER'S CHECK

The counterfeit cashier's check scheme targets individuals that use Internet classified advertisements to sell merchandise. Typically, an interested party located outside the United States contacts a seller. The seller is told that the buyer has an associate in the United States that owes him money. As such, he will have the associate send the seller a cashier's check for the amount owed to the buyer.

The amount of the cashier's check will be thousands of dollars more than the price of the merchandise and the seller is told the excess amount will be used to pay the shipping costs associated with getting the merchandise to his location. The seller is instructed to deposit the check, and as soon as it clears, to wire the excess funds back to the buyer or to another associate identified as a shipping agent. In most instances, the money is sent to locations in West Africa (Nigeria).

Because a cashier's check is used, a bank will typically release the funds immediately, or after a one or two day hold. Falsely believing the check has cleared, the seller wires the money as instructed.

In some cases, the buyer is able to convince the seller that some circumstance has arisen that necessitates the cancellation of the sale, and is successful in conning the victim into sending the remainder of the money. Shortly thereafter, the victim's bank notifies him that the check was fraudulent, and the bank is holding the victim responsible for the full amount of the check

FYI: My client has submitted his case to the FBI and we are hopeful that they will catch the dirtbags trying to fleece him.

I recently noticed a very simplistic piece of internet social engineering (a.k.a phishing) come past my Inbox.

================================

Here is the subject:

Lisa has sent you a photo from Vacation on Nov 27 16:00:00 -5 2006  

Here is the sample text:

Lisa has sent you a photo from Vacation!

Click here to view the photo Lisa has sent from vacation: <URL that I was just supposed to trust>

Click here to share your photos with a friend:<Another URL that I was just supposed to trust>

At Vacation Photos Online we care about your privacy. We have sent you this notification to facilitate your use as a member of our service. If you don't want to receive emails like this to your email account in the future, please click below:<More of the same URLs that I was just supposed to trust>

Vacation Photos Online Inc. - 4598 River Glen Dr, Las Vegas, NV 89103 USA

©2006 VP Online Inc., All Rights Reserved.

=======================

What is disturbing to me about this attack is its simplicity and its method of playing on the ever growing practice of sharing files via links (URLs). Lots of legitimate services work on this method of sharing everything from photos to articles, recipies to E-greeting cards.

The attacker sends this out with very common names, "Lisa" , "Roy" etc.... and says the same thing...here are some pictures that "Lisa" or "Roy" want to share with you!...(stimulation to the curiosity centers of the brain)....

BEWARE! Do not click on the links, simply delete the message.

This type of attack forces everyone to pay mindful attention to their email handling techniques and to put a damper on their natural curiosity.

FYI: If you want to report an Internet Crime, you can at http://www.ic3.gov. This is the FBI's site setup to receive these complaints

Be careful everyone.

I am returning from a week of wonderful knowledge transfer at the, "Connections 2006" show put on by DevConnections.

Tom, our CTO, invited me to this event this year, and I must publicly thank him for that invitation. Thanks Tom!

Some brief stats on the conference to help the visualization:

• Location: Mandalay Bay Casino Resort - Las Vegas, NV
• Number of Attendees:  4,700+
• Technologies Covered (All Microsoft) : ASP.net, Visual Studio and .NET, SQL Server, Sharepoint, Mobile PC and Mobile Devices, MS Office, MS Windows, and MS Exchange (normally each a separate show, combined for the first time this year)
• Number of Speakers: 40+
• Number of Vendor Sponsors: 50+
• Extras: Technical Reference Bookstore, Breakfast served most days, Social mixers with live entertainment and gaming tables (this is Vegas, you know!) , Vendor Exhibit Hall, Demo sessions galore!,  UltraMobile/Tablet PC Demo lab, Prize Giveaways, Innovation Awards Ceremony…and the opportunity to meet and network with some of the greatest minds in the industry.

Key takeaways from presentations I attended:

Tuesday

Exchange Keynote - Tons of change here!

I will list some terms which you may or may not make you think of Exchange server:

• Hub and Transport Server
• File Share Witness
• Edge Server (not necessarily a member of the domain)
• Local Continuous Replication
• Message Transport Rules
• Unified Messaging
• Weekly full backups ONLY(New Best Practice)
• Cross-Mailbox Search
• Database Portability
• Power Shell
• Built-in Anti-Spam
• Scheduling Assistant
• Full Mailbox Search from mobile device
• …so much more!

Word from the Senior Team Managers is that Exchange 2007 will go RTM in December 2006.

The time to start learning this product is NOW!

 

Vista Security Tidbits

A nice presentation which highlighted some of the new security measures included with Windows Vista. The main points included:

• User Account Control (UAC)
• Secure Desktop
• Local Policy
• Security Options | User Account Settings (adjust here)
• Disabling all of local policies loses "IE Protected mode" (not recommended)
• All Experts recommend getting used to UAC, instead of disabling it.!
• Local Administrator acct status
• Disables RID 500 accounts by default
• Safe Mode:  requires some other administrative account to use.
• New Groups
• Performance groups, etc
• New SIDs
• Dialup
• IIS
• Cached credentials more difficult to break now!
• ACL Modifications
• Object Access Auditing
• Richer Event Information
• XML based data
• Added auditing for UAC, AD changes, registry value changes, etc
• Local Security Policy Defaults
• Lots locked down
• Lots and lots and lots of GPO Changes!
• New  firewall
• Outbound and inbound traffic inspection
• Profile based rules
• Private, Domain, and Public
• IPSec controls available, when connected via Admin tools icon
• Rule creation wizard (much like ISA)
• Rule creation possible from GPMC, as well.
• Much more granularity and flexibility overall

 

Sharepoint 2007

This product is gaining in popularity, features and key integration…this is not something any engineer can afford to ignore!

• Single infrastructure for Docs and Records Mgmt, Collaboration, Portals, and Publishing
• Easy to configure deployments
• Enabling Self Service Provisioning
• Blog for install: Sharepoint Café 
• http://blogs.msdn.com/joelo
• 3 Tiers of Mgmt
1. Central Mgmt
• Global Settings
• Home
• Operations
• Blocked File Types
• Backup
• Timer Jobs
• Application Mgmt
• Command Line
1. Shared Services
• SSP (Shared Svc Provider)
• Audiences
• Search
• Excel Services
• Business Data Catalog
• My Sites
1. Site Settings
• User management /site
• RTM November 2006

 

Message Security and Active Protection in Exchange 2007

I have included the notes that I took during this presentation on the various methods that Exchange Server 2007 protects email messages/traffic.

Roles:

• Edge Transport on the perimeter
• Hub Transport for every site which has mailboxes (uses RPC, therefore needs to be on the same LAN segment)
• Code can modify the message, which will allow for disclaimers
• Policies are applied at the hub transport

Exchange 2000/2003 Routing Strentghs

• Queue when problem exists
• Set cost per physical link
• Bandwidth Control
• Schedule Control
• Delayed Fan-out

Exchange 2000/2003 Routing Weaknesses

• Must configure connectors between Routing Groups
• Hops introduce cost and latency
• Link State updates use bandwidth
• Non-deterministic

Exchange 2007 Routing

• Direct Connection (leverages IP networks)
• If fails: backs off along shortest path…message gets as close to destination as possible.(minimizes hops)
• Deterministic Routing
• Automatic Configuration

AD and IP Networks