Digital Engineering Firm Enhances the Security of Its Wireless Network Connectivity

Digital engineering firm Silicon Image wanted to enhance the security of its network by increasing and enforcing compliance requirements for users who wirelessly connected to its network. Windows Server® 2008 was the logical choice after previously using Internet Authentication Service (IAS). The firm partnered with Microsoft Gold Certified Partner PC Professional to implement the new and improved security-related features.

Business Needs
Silicon Image generates $320 million in annual revenue by implementing architecture and semiconductors in the consumer electronics and personal computing markets to securely store, distribute, and present high-definition content. Its 620 employees collaborate through a mixed operating system environment (Windows® and Linux) using 50 servers from various sites. Many of those network users—employees, vendors, and company guests—connect to the Silicon Image network through wireless connections, an invaluable tool for campus-wide access to the Silicon Image network.

Previously, Silicon Image used IAS technology in Windows Server® 2003 to authenticate wireless access to its network and Enterasys network tools for further network security. However, it was concerned about who was accessing its network and the security of the local laptop configurations. Silicon Image wanted to enhance network security by gaining more control over who connected wirelessly to its network and by enforcing stricter policies for wireless connections to the network. It also needed an affordable solution that integrated well within its mixed server environment, with its Enterasys security tools, and eventually with the UNIX clients it plans to add to the environment.

Solution
Silicon Image evaluated solutions from Enterasys, another Microsoft Certified Partner. Although the Enterasys solution is still an integral part of the client’s solution, Silicon Image ultimately decided that Windows Server 2008 was the next logical step after IAS. The security enhancements in Windows Server 2008 (available when deployed with Windows Vista and Windows XP SP3) were of particular interest to Silicon Image for focusing on manageability, security compliance, and policy-driven access features.

Network Policy Server (NPS) enables Silicon Image to centrally configure and manage its network policies with the following three features: RADIUS server, RADIUS proxy, and Network Access Protection (NAP) policy server. With NPS, Silicon Image can now authorize and authenticate network connections through a variety of network access servers, including IEEE 802.1X authenticating switches and wireless access points, virtual private network (VPN) servers, dial-up servers, and computers running Windows Server 2008 with Terminal Services Gateway (TS Gateway).

Benefits
Besides the ease of implementation, Silicon Image benefits most from the new and improved security in Windows Server 2008. It can now be confident that computers connecting wirelessly to its network must first meet certain security requirements. According to Silicon Images, the ability to control the software and security level of systems as they authenticate to a wireless network is a critical benefit.

With Windows Server 2008, they can also easily configure separate roles by computer, block access, or enable restricted access to the network based on the client computer’s software level. Silicon Image has several Windows Vista clients in production, which are authenticating well with Network Admission Control (NAC) policy.

“Windows Server 2008 was surprisingly more robust and complete over Windows Server 2003. Our pre-implementation lab testing and validation was very smooth, without any road blocks. This paved the way for us to create a project plan and perform the site implementation without disruption to the client’s end-user environment,” says Neil Pearlstein, Executive VP of Sales and Marketing for PC Professional.

Windows Server 2008 also enables Silicon Image to do the following:
* Check the health and status of roaming laptops and verify compliance of unmanaged home computers (desktop and laptop).
* Determine the health of visiting laptops and enforce application layer data inspection by checking for malware. Simplify administrative tasks such as system updates and application installations.
* Check policy-based quality of service to prioritize and manage the sending rate of outgoing network traffic and filtering of outgoing and incoming traffic.
* More securely extend and protect information and applications to business partners.
* Reduce the risk of unauthorized access through strong authentication.
* Reduce the number of user accounts and repositories that need to be managed.
* Securely manage user accounts and information outside the data center.

Windows Server 2008
Windows Server 2008, with built-in Web and virtualization technologies, enables you to increase the reliability and flexibility of your server infrastructure. New virtualization tools, Web resources, and security enhancements help you save time, reduce costs, and provide a platform for a dynamic and optimized datacenter. Powerful new tools like IIS 7.0, Server Manager, and Windows® PowerShell, allow you to have more control over your servers and streamline Web, configuration, and management tasks. Advanced security and reliability enhancements like Network Access Protection and the Read-Only Domain Controller option for Active Directory Domain Services harden the operating system and help protect your server environment to ensure you have a solid foundation on which to build your business.

Who is Going to Win the Virtualization War?

With a couple of announcements by VMware directly tied to the release of Microsoft Windows Server 2008 and the upcoming release of Microsoft's virtualization hypervisor Hyper-V, it appears these companies are starting to gear up for a heavyweight showdown.

VMware delivered the first blow by announcing it's agreements to embed VMware ESX 3i Hypervisor on HP, IBM, Dell and Fujitsu-Siemens servers. It's a "bare metal" system, meaning that it doesn't run on top of an installed operating system. Instead, the machine's resources can be sliced and diced into virtual servers directly from the hardware interfaces themselves.

"Just plug it in, and it's ready to run virtual machines," as one happy customer puts it. "You just start the server, answer a couple of questions, and you'll be up and running in a couple minutes," said Robin Prudholm, senior systems engineer at VMware.

VMware also said it will not support Windows Server 2008 immediately.

Meanwhile, Microsoft is set to release Windows Server 2008 which will allow "easy" integration with the upcoming release of Microsoft virtualization hypervisor Hyper-V. Server 2008 is a fairly safe bet and Microsoft's sell on the ultra-cheap (some would say free) Hyper-V makes for an enticing proposition.

But caution should abound, with experts on the company suggesting a waiting and testing period before using Hyper-V.

VMware will most likely win the early rounds, but like with other wars Microsoft has won, Microsoft could end up being the champ when it is said and done?

http://www.microsoft.com/virtualization/default.mspx

http://www.vmware.com/

Symantec Energy Efficient Data Center Solutions

Gartner Group has identified Data Center power and cooling as the highest priority issue facing IT organizations worldwide. The problem is serious and exacerbating. Gartner is presently advising IT organizations to focus on reducing Data Center power and cooling because of:

1. Power unit cost increases well in excess of inflationary increases
2. Doubledigit annual growth in Data Center power consumption
3. Data Centers running out of power and cooling capacity
4. Internal and external CO2 emissions reduction pressures consequent to International Panel on Climate Change (IPCC) Reporting.

Used as part of a holistic Data Center Greening approach, Symantec's server and storage management software products are uniquely capable of helping reduce Data Center power consumption and consequent CO2 footprints while increasing power and cooling efficiency. Symantec also has a skilled services organization that can help IT organizations implement these products effectively.

Executive Summary

Data Center power and cooling challenges are a chronic, inescapable fact for many enterprises. While server virtualization will provide some measure of relief, the relief will usually prove temporary. In the final analysis, it is important to recognize that, while hardware produces power and cooling challenges, software is a critical ingredient in its mitigation.

Symantec provides a range of software products that enable enterprises to significantly reduce their energy requirements throughout the entire IT infrastructure. These products work with existing, inplace current hardware and can assist enterprises plan for and optimize new hardware as it arrives. Consequently, enterprises can immediately begin to address power and cooling challenges because Symantec's solutions do not require a capital investment cycle.


http://www.symantec.com/content/en/us/enterprise/media/stn/pdfs/Articles/energy_efficient_data_center_solutions.pdf

Windows Small Business Server at risk from critical flaw

Microsoft said Wednesday that another one of its operating system products is vulnerable to a critical vulnerability, first patched two weeks ago.

In an update to its MS08-001 security bulletin, Microsoft said that the latest release of Windows Small Business Server was also critically at risk from a bug in Windows' networking software.

The flaw is also considered critical for Windows XP and Vista users. Microsoft did not say why it had initially omitted Small Business Server from its list of critically affected operating systems, but it said that the product's users were being offered patches via Microsoft's various automatic update services. "Customers with Windows Small Business Server 2003 Service Pack 2 should apply the update to remain secure," Microsoft said in its updated bulletin.

The bug lies in the way Windows processes networking traffic that uses IGMP (Internet Group Management Protocol) and MLD (Multicast Listener Discovery) protocols, which are used to send data to many systems at the same time. Microsoft said that an attacker could send specially crafted packets to a victim's machine, which could then allow the attacker to run unauthorized code on a system.

Microsoft rates the flaw as "important" for Windows Server 2003, meaning that it would be more difficult for attackers to exploit the flaw on this operating system.

Security experts are paying particular attention to this vulnerability because it could be exploited by attackers to create a self-replicating worm attack.

The flaw is not being exploited in online attacks, but last week researchers at penetration-testing-software vendor Immunity made a sample exploit available to their customers. That software causes an unpatched system to crash, but the company is close to developing code that could be used to install unauthorized software on a victim's computer, according to Immunity Chief Technology Officer Dave Aitel.

Aitel said it's no surprise that the small business version of Windows Server 2003 is at risk.

"I assumed most 2003 servers in the real world were vulnerable," he said via instant message. "Windows Server 2003 by default does not have any multicast addresses active and would not be affected by this vulnerability. However, installing applications that use multicasting could cause the operating system to become vulnerable."

He said that Microsoft could help its customers by giving them more details on how to avoid being at risk to this problem. "What features can I enable on Windows Server 2003 to become vulnerable?" he asked.

By Robert McMillan, IDG News Service
January 24, 2008

Microsoft Announces Vision and Strategy to Accelerate Virtualization Adoption

Company announces acquisition of Calista Technologies, expanded alliance with Citrix Systems and initiatives to enable virtualization from the desktop to the datacenter.

REDMOND, Wash. — Jan. 21, 2008 — Microsoft Corp. today articulated an expanded role for virtualization as a key enabler of its Dynamic IT vision and outlined a companywide strategy to help accelerate the broad adoption of virtualization. To help drive its strategy, the company also announced the acquisition of Calista Technologies Inc. to improve the end-user experience for virtualized desktops and applications; an expanded alliance with Citrix Systems Inc. in the areas of client and server virtualization; more flexible licensing options for virtualization using Windows Vista; and new tools that provide best practices to deploy Microsoft virtualization software.

“Very few customers are able to reap the benefits of virtualization today,” said Bob Muglia, senior vice president of the Server and Tools Business at Microsoft. “We estimate that less than 5 percent of companies are utilizing virtualization technology because it is simply too cost-prohibitive and complex. We believe Microsoft’s comprehensive approach — from desktop to datacenter — is unique to the industry by delivering solutions that address virtualization at the hardware, application and management levels. Our approach is not only one of the most comprehensive in the market today, but we believe it is also one of the most economical. This combination brings a big strategic advantage and cost savings to customers.”

Today in an e-mail message to 300,000 customers and partners, and at the company’s Virtualization Deployment Summit, Muglia and other executives expanded on these comments and discussed the challenges facing businesses — from the high costs and complexity associated with managing today’s IT environments to space constraints and the ability to get the most out of existing IT investments. Microsoft also articulated how its strategy and investments in the area of virtualization are a key part of the company’s overall vision and long-term technology strategy for IT professionals and developers. This vision, called Dynamic IT, is aimed at delivering the right computing resources to people virtually anytime and anywhere, and creating an IT environment that is more efficient, flexible and cost-effective. With virtualization technology as a key driver of its Dynamic IT vision, Microsoft stressed the importance of the technology to its customers, reiterated its commitment in this area and outlined these areas of investments:
•

Flexible client and server solutions
•

Integrated management solutions
•

Accelerated broad customer adoption

Flexible Client and Server Solutions

Microsoft’s strategy for client and server virtualization is to provide the best value in the industry with a complete set of virtualization solutions from the desktop to the datacenter. For example, customers can virtualize nearly all components of their desktop — including operating system, applications, data and preferences — and make them accessible from virtually anywhere and on virtually any machine. The result is tremendous flexibility for users, combined with new levels of efficiency and agility for IT departments. The following announcements were made today in support of this strategy:
•

Acquisition of Calista Technologies. Microsoft has completed the acquisition of Calista Technologies, a leading provider of graphics technologies for next-generation desktop and presentation virtualization solutions. Calista software improves the user experience of 3-D and multimedia delivery for Microsoft multimedia applications, virtualized desktop deployments, and server-hosted virtualized desktops or applications using Windows Server Terminal Services. The addition of Calista’s technology to future Microsoft presentation and desktop virtualization products will enable remote workers to receive a full-fidelity Windows desktop experience without the need for high-end desktop hardware, while enabling software vendors to deliver additional capabilities. Financial terms of the deal were not disclosed. Calista Technologies, based in San Jose, Calif., is now a wholly owned subsidiary of Microsoft.
•

Windows Optimized Desktop solutions. Microsoft introduced solutions that help make overall desktop management, user migration, and change management more efficient and flexible so customers can get the applications and data they need. Customers can use a range of Microsoft products, such as Windows Vista, the Microsoft Desktop Optimization Pack, Windows Vista Enterprise Centralized Desktop and Terminal Services in Microsoft Windows Server 2008, to meet the needs of their unique client computing scenarios. More information is available at http://www.microsoft.com/virtualization.

Integrated Management Solutions for Virtualization

In IT departments, virtualization software is transforming individual servers into dynamic datacenters where applications are added in real time, enabling much greater flexibility and more efficient use of resources. Microsoft offers infrastructure virtualization software as part of the Windows platform, such as Hyper-V and Terminal Services available within Windows Server 2008, along with a comprehensive management platform, such as Microsoft System Center, to manage both virtual and physical infrastructure and applications. Microsoft delivers a simple, integrated management solution to manage across customers’ infrastructure: from the physical to the virtual; from the hardware to the application and services. The following announcement was also made today:
•

Hypervisor and management interoperability with Citrix. Citrix is developing a software tool that will allow customers to easily transfer virtual machines between Citrix XenServer and Windows Server 2008 Hyper-V to help ensure greater interoperability for customers. A test version of the tool will be available in the second quarter, and a final version will be available with the release of Hyper-V. More details on this and other areas in which Microsoft and Citrix have expanded their alliance are available at http://www.microsoft.com/presspass.

“We plan to transition to the next generation of Microsoft’s server virtualization and virtualization management technologies later this year,” said Chris Steffen, principal technical architect for Kroll Factual Data. “Windows Server 2008 and Hyper-V will provide superior hardware utilization and help us create a more flexible IT infrastructure, while the next version of System Center Virtual Machine Manager will maximize the way we use and control those resources. We’re hoping that with both products we’ll be able to increase the production-level virtual machines on our physical machines by at least 20 percent.”

Accelerated Broad Customer Adoption

Virtualization has been around for more than four decades, but in many ways customers are just beginning to understand the full implications as a way to provision and manage computing resources. Greater economic and infrastructure advantages, as well as integrated tools to manage new configurations, are required to broaden the customer adoption of virtualization software. Microsoft is focused on a range of initiatives to help customers accelerate the adoption of virtualization to build a Dynamic IT environment. The following announcements were made to further accelerate the adoption of server and client virtualization:
•

Desktop virtualization alliance with Citrix. Microsoft and Citrix will co-market a broad portfolio of new client computing offerings so that customers have simple, flexible and low-cost client computing options. These offerings will be based on Windows Server 2008 and Windows Optimized Desktop solutions, extended with Citrix’s XenDesktop and Presentation Server products and managed by System Center. Microsoft and Citrix will work together to help ensure the Citrix XenDesktop connection broker works well with Windows Optimized Desktop solutions. More details on this and other areas in which Microsoft and Citrix have expanded their alliance are available at http://www.microsoft.com/presspass.
•

New Microsoft Virtualization Solution Accelerators. To help customers evaluate, plan, secure and deploy Microsoft virtualization technologies across desktops and datacenters, Microsoft introduced four new Virtualization Solution Accelerators that will be available with the Windows Server 2008 launch in February. This set of free guidance resources and tools can help customers effectively plan and deploy virtualization technologies, including Windows Server 2008 Hyper-V, Windows Server 2008 Terminal Services and Microsoft Application Virtualization. Details can be found at http://www.microsoft.com/technet/solutionaccelerators.
•

Increased licensing flexibility with Windows Vista. For businesses, Windows Vista Enterprise Centralized Desktop provides unique licensing and flexibility to run Windows in virtual machines on servers and access them from either PCs or thin clients. The annual subscription to Windows Vista Enterprise Centralized Desktop is now an estimated retail price of $23 per desktop for rich clients covered by Software Assurance for Windows Client. For consumers, Windows Vista Home Basic and Windows Vista Home Premium are now licensed for use in a virtual machine environment, and the updated end-user license agreement is available at http://www.microsoft.com/about/legal/useterms/default.aspx.
•

Microsoft Office system support for Microsoft Application Virtualization. Microsoft announced today that the 2003 and 2007 versions of the Microsoft Office system are supported when running in both Microsoft Application Virtualization 4.5 and SoftGrid Application Virtualization 4.2. This support enables customers to run multiple versions of Office on the same device side by side, easing and accelerating the deployment of Office, reducing total cost of ownership, and enhancing mobility and business continuity for millions of information workers. Customers can learn more at http://www.windowsvista.com/optimizeddesktop.

“This new set of initiatives sets Microsoft on a path designed to optimize customers’ virtualized datacenters and desktops,” said Roger Kay, president and founder of Endpoint Technologies Associates Inc. “Through integrated systems management, a broad portfolio of Microsoft and partner applications built on Windows Server 2008, a worldwide partner ecosystem to deliver solutions, and tailored licensing provisions, the company aims to bring the benefits of virtualization to mainstream customers. In particular, Microsoft’s work with Citrix to provide a flexible combination of rich desktop, thin-client, and virtual desktop infrastructure will help customers satisfy a range of distributed work-force requirements.”

The Microsoft Virtualization Deployment Summit is a two-day, private technical conference of 300 Microsoft customers and partners that are early adopters of Windows Server 2008 Hyper-V and the next version of System Center Virtual Machine Manager. More information on today’s announcements, including Muglia’s executive e-mail message and the keynote address from Microsoft Virtualization Deployment Summit, can be found at http://www.microsoft.com/presspass. More information about Microsoft virtualization technologies and solutions can be found at http://www.microsoft.com/virtualization.

Xerox "Goes Green"

Xerox "Green" Solid Ink and High Yield Business Paper uses less resources and generate less waste than typical laser products.

Xerox Solid Ink Sticks are environmentally friendly and satisfy a broad range of user expectations and requirements:
• No casings mean nothing to throw away when you run out of ink
• Images are offset onto paper in a single pass of the print engine, generating 90% less waste than a typical laser product
• Solid ink printouts can be recycled
• Low acquisition cost for superior quality
• Fastest printing of most common print jobs
• Low cost for consumables
• Unsurpassed use of ease
• Bright, vivid colors are the same on any paper, even recycled paper
• Handles the broadest range of paper types
• Small size allows printers to fit in almost any environment from desktop to credenza to small table
• Clean- they cannot spill, leak, or smudge on your clothes
• Safe – toxin free

The Phaser 8560 and Phaser 8860 come with GreenPrint software that analyzes each page of every document to eliminate waste characteristics such as pages with just a URL or banner ad.

Xerox High Yield Business Paper wastes less trees and requires less water and chemicals to make it. The paper making process uses 90% of the tree to grind wood into papermaking pulp, instead of using the chemical pulping process. The production plant is partially powered by hydroelectricity to reduce the reliance on fossil fuels.

Success with Exchange 2007!

Thanks to all who coordinated and attended the Exchange 2007 Seminar PC Professional hosted last week at the Marriott in Emeryville, Ca. This event was a great example of PC Professionals investment in obtaining the necessary tools and knowledge to be a leading IT consultant for Exchange 2007 and other new Microsoft product offerings such as Server 2008, SharePoint Server 2007 and Office Communications Server 2007.

PC Professional has been successful in the implementation of Exchange 2007 at several clients sites. We have been successful in upgrading clients from different versions of Exchange (2000 & 2003)and Non-Microsoft email programs. The majority of our success has come from the development of labs to test and design the implementation of Exchange 2007 within different environments.

For those of you who do not currently have Exchange 2007, here is a refresher to some of the features in Exchange 2007 (Provided by infoworld.com). Please contact us to learn more

on how we can assist you with your Exchange 2007 implementation:

1. Server roles: A new modular system that configures Exchange as one (or more) of five basic server roles. Choosing a role means enabling only those features necessary to that role, thereby decreasing the surface area for attacks through other features.

2. WebReady Document Viewing: A new option in OWA allows Office documents (Word, Excel, PowerPoint, and PDF) to be accessed as e-mail attachments or through public folders to be displayed as HTML, even if Office isn’t installed on the client PC.

3. Exchange Management Shell: The PowerShell scripting language, specifically optimized for Exchange, offers potent new tools for the day-to-day e-mail administrator.

4. Exchange ActiveSync: Improved direct push e-mail ensures ActiveSync clients receive messages on server connect. Other mobile-friendly features include inline message fetch — the ability to download long attachments without reloading the entire message — and information rights management, which allows users with proper authority to view protected messages without being connected to a server.

5. Exchange Forefront and Exchange Hosted Services: Forefront is a rebranding of the Antigen anti-virus/anti-spam products acquired from Sybari, which together provide a quality local security gateway. The Exchange Hosted Services version, available by subscription, delivers additional security, archiving, and continuity.

6. Outlook Web Access: The latest OWA client is a near-perfect clone of the Outlook 2003 desktop interface. Features and views are nearly the same, and performance is excellent. Incredibly, thin-client deployment becomes a real option.

7. Outlook auto-discover: Exchange 2007 combined with Outlook 2007 means administrators will no longer need to walk to client desktops to configure Outlook access to a specific account location. Users simply enter their user names and passwords, and Outlook automatically finds local Exchange servers, locates the proper e-mail account, and sets up access.

8. Smart scheduling: The addition of Scheduling Assistant and Calendar Attendant mean that Exchange tracks not only the schedules of all meeting invitees but also the availability of meeting rooms and can manage all of this on the server, so meetings can be fully scheduled without everyone’s Outlook client being connected.

9. Improved search: A rewritten search algorithm noticeably boosts the speed at which Outlook can find specific messages in large message stores. Administrators can access the same fast indexing in multiple-mailbox searches.

10. Bundled encryption: Exchange can now automatically encrypt all e-mail messages sent within the local organization. It also automatically supports TSL (Transcript Security Layer) encryption, including built-in certificates, as long as both hosts support TLS.