Most organizations have started to realize the true benefit of ISA 2004 as an enterprise grade firewall and I have noticed a trend emerging among numerous enterprises moving towards using ISA to protect critical information assets. ISA is also being used to replace competitive products that do not offer similar application level protection for Microsoft …

Because of the release of the iPhone, there has been an increase in interest in configuring IMAP and POP3 services on SBS servers. In this author’s opinion, providing access to e-mail via IMAP is better than POP3. The approach of IMAP more closely emulates how Exchange provides e-mail services in that messages are maintained on the server, and the IMAP client only pulls down what is needed. There are still security issues with IMAP, however, in that the default protocol still transmits the username and password information across the internet in clear text, and even though fewer sniffers are trained on IMAP ports to try and discover account credentials, the risk is still there. To help protect account credentials, as well as e-mail contents, IMAP can be set up over SSL, which encrypts the entire transaction process, not just username and password. The iPhone and other devices can be easily …

Windows Server 2008 is going to ship its next public release candidate very soon. Inside that release will be a CTP of Windows Server virtualization (WSv). WSv will be setting the stage for a whole new wave of technologies so with that in mind, I thought I’d give you a quick peek at the product via a screencast video I created. Hypervisor I love that name. It’s catchy and kewl. It sounds like a supervisor for hyper space or something. It does of course refer to the new thin layer that is installed on Windows Server 2008 also know at the virtualization parent partition. It’s also a a term used industry wide so when you hear the term, it doesn’t just refer to the Microsoft implementation. Our hypervisor, code named “Viridian”, is an installable Windows Server 2008 role. After installation of this role, you can start installing one or more …

This chapter describes the details of addressing for both IPv4 and IPv6. Network administrators need a thorough understanding of both types of addressing to administer Transmission Control Protocol/Internet Protocol (TCP/IP) networks and troubleshoot TCP/IP-based communication. This chapter discusses in detail the types of Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) addresses, how they are expressed, and the types of unicast addresses assigned to network node interfaces.  After completing this chapter, you will be able to: Describe the syntax for IPv4 addresses and address prefixes, and convert between binary and decimal numbers. List the three types of IPv4 addresses, and give examples of each type. Describe the differences between public, private, and illegal IPv4 addresses. Describe the syntax for IPv6 addresses and address prefixes, and convert between binary and hexadecimal numbers. List the three types of IPv6 addresses, and give examples of each type. Describe the differences …

Firewalls and other simple boundary devices lack some degree of intelligence when it comes to observing, recognizing, and identifying attack signatures that may be present in the traffic they monitor and the log files they collect. Without sounding critical of such other systems’ capabilities, this deficiency explains why intrusion detection systems are becoming increasingly important in helping to maintain proper network security. Firewalls and other simple boundary devices lack some degree of intelligence when it comes to observing, recognizing, and identifying attack signatures that may be present in the traffic they monitor and the log files they collect. Without sounding critical of such other systems’ capabilities, this deficiency explains why intrusion detection systems (often abbreviated IDS) are becoming increasingly important in helping to maintain proper network security. Whereas other boundary devices may collect all the information necessary to detect (and often, to foil) attacks that may be getting started or …

Server Core adalah pilihan instalasi server minimal yang terdiri dari 5 server role. User dapat memilih untuk hanya menginstal Windows Server untuk fungsi spesifik tertentu, tanpa menginstal fungsi- fungsi lain yang tidak dibutuhkan dalam suatu scenario implementasi. Sebagai contoh, jika user hanya butuh sebuah domain server, maka dia bisa hanya menginstall Windows Server sebagai domain server, dan berbagai fungsi lainya seperti Internet Explorer, IIS, bahkan GUI (Graphical User Interface) tidak perlu diinstall ke dalam server. Sehingga server tersebut akan sangat ringan dan berfungsi khusus untuk domain server. Keuntungan hal ini antara lain: Bidang Security: Pengurangan attack surface (area atau komponen yang dapat diserang) terhadap hacker, virus dan berbagai ancaman lainya karena baik service, port maupun modul yang terinstal hanya yang berhubungan dengan suatu fungsi tertentu. Sehingga jika ada ancaman yang biasanya masuk dari IE atau port e-mail tidak akan berpengaruh bagi system ini.

A very popular new functionality of Exchange Server 2007 Enterprise Edition is Unified Messaging. With this feature set you have some great options to remotely connect to your mailbox. Within this article I will describe how to install and set up Unified Messaging and look at how to configure Outlook Voice Access and test your configuration using the Microsoft Testphone Tool provided with Exchange Server 2007. Adding the UMS-Server Role One of the first steps to providing your users with Outlook Voice Access is to add the UMS-Server role to your Exchange Server 2007 box. This task is quite easy because you have two options: 1. Using the commandline   Figure 1: Set up UM using the Commandline

If you’ve ever been handed an Excel spreadsheet listing 200 new employees starting next week, or if your user accounts are configured incorrectly because help desk staff clicked something they shouldn’t have, or if you just want an easier way to manage Active Directory® besides opening Users and Computers every time, there are a number of free administration tools that can help. Some are built right into the Windows® OS, some come in a Resource Kit or the Windows Support Tools, and some are free third-party tools. What are these handy tools and where can you get them? Let’s find out. I’ll start with the built-in command-line tools in Windows Server® 2003 that allow you to create, delete, modify, and search for objects in Active Directory. CSVDE The Comma-Separated Values Data Exchange tool, known as CSVDE, allows you to import new objects into Active Directory using a CSV source file; …

Implementing effective security measures for your Microsoft Office SharePoint Server (MOSS) 2007 environment can significantly reduce management overhead while allowing teams to collaborate and share business data in a safe environment. Innovative authentication features built into MOSS 2007 let you employ Web-based security standards through custom authentication providers, Internet-style forms-based authentication, and Web single sign-on (SSO). Furthermore, MOSS offers granular rights management of business assets such as 2007 Microsoft® Office system files, native encryption features, and reduced client authentication obligations. Here are seven security features provided by MOSS 2007 you can quickly put to work. 1. Pluggable Authentication Provider An authentication provider is a component that lets you verify user credentials. Configuring that authentication provider for your MOSS environment is an important security decision when setting up Internet-style SharePoint® authentication. MOSS continues to support the Windows®-based authentication methods available in previous SharePoint versions, including Integrated and Basic authentication (while adding …