|
To
view this update as a Web page, copy this link into your
browser:
http://www.qtsnet.com/stayinformed/quiknews/quiknews
june2005.htm.
To
subscribe or unsubscribe, please follow instructions at
the bottom of this page.
Welcome to the June edition of QTS QuikNews, our monthly
e-mail newsletter. In this monthly e-mail, you will
receive an update of what's new at QTS - new products we
support, new patches and upgrades, solution ideas and
promotions to save you money, and information about our
company and our clients.
In this issue:
-
QTS and Partner News
-
Events
-
President's Corner
-
QuikSecure Tip of the Month
-
Patches and Upgrades
-
Product Support Lifecycle Watch
-
Solution Spotlight
-
Special Offers
-
Partner Spotlight
QTS AND
PARTNER NEWS
WELCOME TO NEW CUSTOMERS
QTS offers a �welcome aboard� to the following new
customers:
�
Argix
Direct
�
Celgene
Corporation
�
Middlesex Water Company
�
Vantage Custom Classics
QTS ON MICROSOFT PRESSPASS
QTS and the Brooklyn Brewery were featured in Steve
Ballmer�s keynote address at Microsoft
TechEd in Orlando, Florida
on Monday, June 6th. For more information
and to read the press release, visit
http://www.microsoft.com/presspass/features/
2005/jun05/06-06WorldofWork.mspx.
CONGRATS TO ISS GROUP!
QTS would like to congratulate ISS Group for achieving
Microsoft Gold Partner status as a Microsoft Business
Solutions Partner for CRM. This status is based on a
combination of criteria including customer feedback and
references, technical certifications and other quality
indicators. For more information, visit
www.issgroup.net or contact your QTS Account
Manager.
QTS IS HIRING!
QTS is recruiting for mid and senior level technical
personnel, as well as an entry to mid-level
sales/service support specialist. If you know anyone
who might be a good fit, please have them submit their
resume to Liz Meechan, our Office Manager. Liz can be
reached at
lmeechan@QTSnet.com, or (973)984-7600 x223.
QTS
SUCCESS STORIES
THE STAR-LEDGER
QTS
helped the Star-Ledger complete a migration from Windows
NT Server and Exchange 5.5 to Windows Server 2003,
Active Directory and Exchange Server 2003 in a highly
available and scalable configuration. The 1500 user
migration was completed with no disruption and downtime
for this 7x24 operation.
http://www.qtsnet.com/about/success stories/star-ledger
success story.pdf
Back
to Top
EVENTS
QTS
and Symantec will be hosting a lunch seminar on Tuesday,
August 2nd at the Highlawn
Pavillion in West Orange to
present Symantec�s SNS 7100 Network Intrusion Prevention
System, and to discuss current security threats and best
practices. For more information or to register, visit
www.QTSnet.com/symantec or call Liz Meechan at
(973)984-7600 x223.
QTS�
VoIP partner Greenwich
Technology Partners and Cisco will be hosting a free
seminar entitled �IP Telephony in The Real World� at
Cisco�s NYC Office on Thursday, July 14th
from 10:30AM to 2:30PM (lunch will be provided). The
event will discuss the convergence of voice and data
networks and how Cisco�s IPT solution can enhance
customer service, reduce
costs and improve operational efficiency. For more
information or to register, call Albert Marrache at
(646)487-2815, click
here, or contact your QTS account manager.
Back
to Top
PRESIDENT'S CORNER
Last
month, Microsoft released Service Pack 1 to Windows
Server 2003, as well as a separate release of Service
Pack 1 to Windows Small Business Server 2003. We�ve
deployed this at numerous client sites thus far, with no
problems identified to date, and subject to a review of
release notes for your specific environment, would
recommend it to our clients. For specific application
compatibility notes from Microsoft�s testing, click
here.
The
service pack to Windows Server has a number of
compelling points. First and foremost, it is a
collection of the various security patches and bug fixes
to date, and thus should be implemented both to keep
systems current, resolve problems, and better secure
your network. However, on top of this the operating
system has been tuned to improve performance, and
Microsoft is projecting a 10% performance improvement
from this release, which is particularly significant in
larger environments.
Remote Access Quarantine is one of the more significant
new features, and should be reviewed by any shops using
Microsoft�s RRAS technology, either as a VPN connection
point or as a dial-up server. Remote Access Quarantine
allows for the application of policies to inbound
connections, to apply checks before allowing connection
to the network. These could include:
o
Verifying a client has antivirus software installed,
with current signatures and scan engines;
o
Verifying that a personal firewall is running on the
client;
o
Verifying that the client does not allow routing between
the Internet and the VPN connection (in effect, split
tunneling);
o
Verifying patch levels are current on the client;
o
Verifying that the client complies with password and
screen saver lockout policies.
The
idea behind this is clear � each VPN end-point is a
potential point of vulnerability on your network, and
needs to be managed as such. There is a component to
configure on the RRAS server(s) as well as the Windows
2000 and XP clients. Ensuring these end-points
are secure and in compliance
with your security policy is an important starting
point. Those of you who know me know I am a strong
proponent of clientless VPNs
� using solutions like Citrix
MetaFrame and SSL to eliminate the need for any
computing or data storage on the �thin� client � but not
all applications or environments support this, so the
Remote Access Quarantine technology is important to any
environment running Microsoft VPN/RAS technology.
The
logical next step in this process is to take this inside
the network, and control all connections. The problems
around viruses, worms, spyware
and malware is becoming
increasingly acute, and as more and more users take
notebook computers back and forth between the internal
network and other environments, the threat of malicious
code popping up behind your firewall is increasingly
severe. Microsoft last year announced its Network
Access Protection (�NAP�) initiative, and has been
working with many of the leading security hardware and
software players to drive support and integration,
including Cisco, Symantec, McAfee, Trend and others.
NAP essentially allows for the same types of access
control checks as Remote Access Quarantine, but for all
network connections. This is similar to Cisco�s Network
Admission Control (�NAC�), and Microsoft and Cisco are
collaborating and support each others� technology � but
Cisco is obviously looking at this from an
infrastructure perspective (router as the point of
enforcement), whereas Microsoft is looking at this
obviously from the server.
I am
still lobbying with Microsoft to have this NAP
functionality moved forward into the �R2� release of
Windows Server later this year � if you feel strongly
that you want to see this, send me an email and I�ll
pass it through to Microsoft, or email your contacts at
Microsoft. At present, it is more likely to be in the
Longhorn time frame (2007).
Beyond Remote Access Quarantine, there are a number of
additional security improvements in the service pack
that you should be aware of � in fact, there is a 300
page document reviewing all the features that you can
download at
http://www.microsoft.com/downloads/
details.aspx?FamilyId=C3C26254-8CE3-46E2-B1B6-3659B92B2CDE&displaylang=en
to review this in detail. In effect, this brings many
elements of the Windows XP Service Pack 2 security
improvements over to the server platform. Specifically,
some of the more noteworthy items include:
o
Access-based enumeration (users can only see files and
folders they have rights to);
o
Improvements in ADPrep,
DCDiag and other AD tools to
improve reliability and fix issues, particularly around
replication;
o
Add
or Remote Programs Filter (can filter out all the
patches so they are not visible);
o
Data
Execution Prevention (with appropriate hardware support,
prevents executable code from running in non-executable
memory areas, reducing the risk of systems being �taken
over� by malicious code);
o
Group Policy �RSOP� fixes to address collection of data
over the network through Windows XP�s personal firewall;
o
Security Configuration Wizard to help with server
lockdown and security optimization; and
o
Internet Explorer improvements in pop-up blocking,
attachment handling, download management and other areas
to match Windows XP Service Pack 2.
Obviously, there is a lot to go through here. I would
recommend that you either read through the document to
determine which security features are activated by
default, or have one of our engineers spend some time
with you going over which components are applicable to
your environment and helping you to tune your Windows
Server 2003 security.
Separately, it should be noted that the SBS-specific
service pack should always be applied to SBS systems �
Microsoft does not fully support the �standard� service
packs on SBS as there are technical differences between
the product. For example,
there is a glitch with mailbox creation in the SBS
version of Exchange which was fixed in Exchange 2003
SP1, but which SBS users had to wait on until now,
because the Exchange 2003 SP1 would potentially break
other things in SBS and thus was not Microsoft-supported
for SBS. It is important to stay in sync on this.
As
always, feel free to email me your comments or thoughts
at
nrosenberg@QTSnet.com. Thank you.
Neil Rosenberg
President & CEO
Quality Technology Solutions
Back
to Top
PARTNER SPOTLIGHT
This
month�s QTS Partner Spotlight is on
Solartech, a local company providing computer
training since 1997, a Microsoft Certified Partner for
Learning Solutions (CPLS) since 1999, and Gold Certified
Partner with Microsoft since 2003.
Solartech headquarters are in Hasbrouck Heights,
NJ, where their facility boasts over 13,500 square feet
of classrooms, testing facilities, and office space.
With the most technologically advanced computer
classrooms and dependable experts in the industry,
Solartech has delivered �8
years of excellence� to IT staff from all over.
Solartech has teamed up with
United Training, which has partner training centers
throughout North America, to offer a national sphere of
coverage.
Solartech
offers a wide variety of classes from the beginner level
of application training (Word, Excel, PowerPoint, Access
etc.) to Microsoft�s latest technology. Exchange
Server, Active Directory, and Windows Server 2003 are
among some of the most popular courses offered by
Solartech.
Solartech does not limit
themselves to just the most popular Microsoft classes;
branching out and teaching hard to find training like
BizTalk 2004, PKI, MOM 2005, ISA 2004 and IIS 6.0 is
where Solartech excels. All
training is instructor-led by Microsoft Certified
Trainers, who only use Microsoft Official Curriculum.
These offerings are on their extensive public schedule
via both classroom and LivEclasses
format.
LivEclasses
are synchronous instructor-led training using a delivery
method which allows students to participate in a live
class environment remotely. There is no travel
involved. Students can hear and view the instructor's
presentation, interact with the class, and most
importantly, the students can do live labs with the
instructor's supervision.
Solartech
prides itself on understanding its clients� needs, from
individuals to small businesses to enterprise clients
and developing creative solutions to meet those needs.
Most of Solartech�s private
training offered to companies is
customized, allowing companies to learn based on
their environment not from the basic �off the shelf�
book. Solartech�s
instructors having real world experience make it easy to
cover the �what ifs� that a book may not cover. As new
products and new technologies continue to emerge,
Solartech will help educate
IT staffs on deploying, implementing, integrating,
maintaining, and supporting all the newest features and
benefits of these Microsoft technologies. This will
enable your business to maximize its productivity and
efficiency by using a Microsoft product to its fullest
potential.
Solartech
aims to ensure that students are getting the most out of
their classes and instructors. After each class,
students will provide their input and comments via a
Microsoft authorized online evaluation The goal of
these evaluations are to make sure the student was
satisfied with all aspects of their training and found
it as an essential tool in their current job role. This
is to ensure that students are not only satisfied with
their training experience with
Solartech, but also able to apply these new
skills into their company�s business strategies at
work. In 2004, Solartech
and its instructors were ranked in the top 15% of all
partners certified by Microsoft in North America.
For
more information on Solartech,
please visit their website at
www.solartech.us, where you can view updated course
offerings, class schedules, certification updates, the
latest Hands-on Labs sponsored by Microsoft, and
directions to Solartech
learning center headquarters. Or, contact your QTS
account manager.
Back
to Top |
