Nov 18 2008 1:15PM GMT
Posted by: Troy Tate
administration,
tools,
Microsoft Windows,
Development,
CIO,
DataCenter,
email,
Exchange 2007,
Exchange,
design,
Microsoft,
howto
New Infrastructure Planning and Design Guide-Now Available for Download
Exchange Online — Evaluating Software-plus-Services
The Infrastructure Planning and Design team has released a new guide, Exchange Online — Evaluating Software-plus-Services. Download the guide here.
In addition to the continuously growing collection of IPD guides focusing on architectural design configurations, Microsoft is now introducing a variation of these guides. This new type of guide is designed to help you make decisions about what’s best for your organization from both a business and a technology point of view.
Considering an online solution for your organization’s e-mail services? The Exchange Online — Evaluating Software-plus-Services guide provides a clear comparison of e-mail technologies across on-premises, standard hosting, and dedicated hosting scenarios. Use the guide as a framework for evaluating the technical feasibility of Microsoft Exchange Online. An overall scoring assessment is provided for each option, identifying key mail services and requirements for your organization. Understand the impact of adopting software-plus-services, weigh the importance of each topic to your organization, and learn which offering will serve you best.
Find other Infrastructure Planning and Design guides.
Oct 9 2008 3:00PM GMT
Posted by: Troy Tate
administration,
Networking,
Firewalls,
Storage,
Security,
DataManagement,
intellectual property,
email,
Data security,
Policy,
SharePoint,
Exchange,
design,
website,
risk,
policy enforcement,
vulnerability
I’m looking for some help on this topic and have posted a question to the ITKE community. Hopefully someone out there has had some experience with this service for your organization and can provide some valuable insight.
One group I participate in is a mailing list from SANS. If you have not attended a SANS event or education, then you should try to get to one of their events. They are one, if not, the premier non-vendor related security and systems administration group in the IT industry. I posed the same question to this peer group and have had some very good responses. Some suggestions for solutions have come back and include:
Microsoft Office SharePoint (http://www.microsoft.com/sharepoint/default.mspx)
OpenText – Livelink (http://www.opentext.com/2/sol-products/sol-pro-llecm10.htm)
Webex Connect – (http://webex.com/enterprise/index.html) (There are other flavors for small & medium business)
Accellion - http://www.accellion.com)
These are very interesting solutions and I will certainly be looking at all potential candidates. One thing that bothers me about the SharePoint option is its security capabilities. SharePoint is typically Microsoft Active Directory integrated. This has major security implications and in fact CSO magazine has posted a recent article on this topic. I recommend that you read the article and understand what risks the SharePoint solution may open for your organization.
Why Security Pros Hate Microsoft SharePoint
Microsoft’s SharePoint collaboration platform is all the rage in today’s business world, especially since third parties gained the ability to plug security holes. But managing it can still be a nightmare for IT security shops.
I am still looking for more references and ideas for this solution, so please share what you are doing for your organization and it will be much appreciated by me and other readers.
Sep 3 2008 7:28PM GMT
Posted by: Troy Tate
administration,
Security,
tools,
reporting,
internet,
DataManagement,
IT education,
spam,
email,
Data security,
Policy,
Exchange,
anti-virus,
Performance,
howto,
Metrics,
risk,
awareness,
podcast
An audio podcast on how SPAM is generated along with an examination on the frameworks and technologies that help manage and reduce SPAM.
This may be a great tutorial for you and/or your users.
CERTStation Media - Spam-Prevent.mp3
I just ran my monthly e-mail statistics and these are the results:
97,000 msgs/day inbound
8,800 msgs/day delivered to end users - 9%
22,200 msgs/day quarantined as spam - 23%
66,000 msgs/day blocked as spam - 67%
This month had higher than normal quarantine activity. Quarantine has been running about 15% and blocking around 75%. How does your mail stack up?
Thanks for your time. Let’s be good network citizens together & practice safe networking!
Aug 20 2008 6:19PM GMT
Posted by: Troy Tate
administration,
tools,
Microsoft Windows,
web,
CIO,
DataCenter,
DataManagement,
WWW,
CA,
spam,
certificate authority,
digital signatures,
email,
RSS,
wiki,
Exchange 2007,
Outlook Web Access,
Policy,
Exchange,
design,
OWA,
website,
anti-virus,
Performance,
Powershell,
howto,
policy enforcement,
awareness,
blog,
toolkit
Maybe you have already read my post about implementing new Exchange 2007 mailboxes for over 2000 users. If not… look here. So, as you see from this event, ongoing support for these global users on a new messaging system is going to be a real challenge.
I found a great blog posting with links to some excellent Exchange resources. Keep this in your toolkit for those times you just can’t find the answer elsewhere to those nagging Exchange problems. I see lots of other IT people struggling with this system and looking for support here at IT KnowledgeExchange.
Some other Exchange resources I recommend are:
Microsoft Exchange Server Resource Site
E-mail archiving
Seven ways to organize your e-mail
MessagingTalk.org - Portal for Microsoft Exchange Messaging & Collaboration
Thanks for your time. Let’s be good network citizens together & practice safe networking!
Jul 25 2008 12:58PM GMT
Posted by: Troy Tate
administration,
Security,
Microsoft Windows,
Database,
Development,
Browsers,
reporting,
internet,
DataCenter,
DataManagement,
WWW,
email,
wiki,
Exchange 2007,
Policy,
Exchange,
blogging,
design,
website,
troubleshooting,
howto,
online identity,
research,
policy enforcement,
awareness,
subscriptions
If you read my previous post then you know we recently went through a major e-mail system migration. Part of that e-mail migration included moving from various naming conventions ( firstname at domain.com, firstname.lastname at domain.com, FirstInitialLastName at domain.com, etc.) to a single naming convention of firstname.lastname at domain.com. Of course this was a huge undertaking and also a political move. One thing I am sure of is that the users will never understand the discussions taking place behind the scenes and will continue to take place about names of other non-user specific mailboxes like a project engineering team or an application mailbox.
Another thing which struck me during this process is that we netizens are identified by our e-mail address in many places on the web. Have you ever looked to see how many places you are identified by your e-mail address? I had to take some time and go out and change my e-mail address wherever the old one was in use. That is not a easy task let me tell you! First of all I went through the mailing lists I subscribe to. I went to their websites and tried to find the area to change my profile’s e-mail address. There are some sites where I could never find this and/or could not change it. So, webmasters & publishers…. please make it easier for your subscribers to modify their e-mail address or credentials! There is this need for companies that may get purchased or change names. There is the need for the users who change names when getting married or divorced…. this should not be as difficult as I found it to be.
In the end, I’m not sure what I will be missing out on when we go back and clean out all of the non-standard names which we will likely do by the end of the year.
Thanks for your time. Let’s be good network citizens together & practice safe networking!
Jul 25 2008 12:41PM GMT
Posted by: Troy Tate
administration,
Networking,
tools,
Microsoft Windows,
internet,
CIO,
DataCenter,
DataManagement,
CA,
antivirus,
certificate authority,
digital signatures,
email,
Exchange 2007,
Outlook Web Access,
Exchange,
design,
OWA,
Microsoft,
troubleshooting,
Powershell
Well, we did it! We implemented new mailboxes on Microsoft Exchange 2007 for over 2000 users in one weekend. Of course it took lots of planning, testing and blood, sweat, tears during the process, but we are now on one e-mail platform where there were at least 5 before. We had more domains than we needed and now the company is on one domain. We had to plan and provide for inbound messages still to the old domains.
The implementation was not without a couple of minor glitches and learning how users use the application. One glitch was a mistyped IP address. This prevented e-mail flow for a short period of time, however that is not a huge issue since SMTP servers will continue to retry sending messages. Another issue that was encountered was administrative rights to “shared” mailboxes like customer service or supply buyers. This has now been resolved and users are getting full use from the system.
We still have some work to be done on things like:
- proactive system monitoring to detect issues before the users do;
- alternatives to sending large attachments (our attachment limit is 15MB);
- running Outlook Anywhere so a mobile user can attach to their mailbox without having to use VPN;
- supporting mobile devices like smartphones (our focus is on Windows Mobile v6 and up);
- user certificates using private PKI to allow for digital signatures and encryption.
So, as you see, work in IT never finishes… it just continues to grow as more services and systems are implemented and change happens. Please feel free to leave a comment if you would like more information about our implementation process and decisions we made along the way.
Thanks for your time. Let’s be good network citizens together & practice safe networking!
Jul 2 2008 2:33PM GMT
Posted by: Troy Tate
Security,
Monitoring,
reporting,
spam,
antivirus,
email,
Data security,
malware,
anti-virus,
Performance,
botnet,
online identity,
Metrics,
research,
awareness
See my previous post on The Great SPAM Diet. The results are now in and darkReading has the scoop.
McAfee’s Great Spam Experiment, Unplugged
|
 |
| Many spam messages sent to participants in the study were phishing emails or contained malware or links to malware-ridden sites |
Did anyone doubt that these would be the results? Thanks for your time. Let’s be good network citizens together & practice safe networking!
May 13 2008 4:06PM GMT
Posted by: Troy Tate
Networking,
Security,
tools,
Microsoft Windows,
Monitoring,
reporting,
CIO,
DataCenter,
DataManagement,
WAN,
LAN,
antivirus,
email,
malware,
anti-virus,
howto,
Metrics,
research
An acquisition or merger is not a frequent event for my organization. However, it seems like in the past year or so we have worked on a number of these activities. So, it seems like it may be time to create a formalized checklist for the IT department items that need to be addressed during an acquisition.
To get the ball rolling, I am listing some items that I consider to be important to the infrastructure/security folks like me. I know this list is not exhaustive or complete. It is a work in progress and will need to be refined for each event since they are all different. Some of these may be done in the due-diligence but the rubber hits the road during the implementation.
So, without further ado:
Absorbing a new acquisition - to do list (general & incomplete)
- Private WAN connectivity - 30-90 days or more lead time depending on location
- flexible IP addressing scheme to absorb devices on new network(s)
- Internet firewall changes - ports, source addresses, NAT, etc.
- DNS ownership and management
- changing DNS nameservers - use a dig tool to get information concerning current configuration - MenAndMice
- Network hygiene - how clean are the devices and what personnel habits need to be changed?
- Device inventory - what effort will it take to do this?
- Software licensing inventory
- What about handling loss of staff & knowledge?
- Documentation of processes, procedures, configurations?
- Phone list sharing
- E-mail addressbook sharing
- E-mail system integration
- ERP process integration
- Resource access permissions
- Financial reporting integration - accounts payable, receivable, tax, etc.
- Staff reporting structure
- Other HR activities - benefits, payroll, etc.
I welcome your insight and experience on the many other activities you feel is important to address during a merger/acquisition.
Thanks for your time. Let’s be good network citizens together & practice safe networking!
Apr 10 2008 6:39PM GMT
Posted by: Troy Tate
Security,
Monitoring,
spam,
antivirus,
email,
malware,
blogging,
anti-virus,
online identity
McAfee, Inc. Launches Global S.P.A.M. Experiment
Fifty Volunteers around the World Say ‘Yes’ to a Diet of Spam for 30 Days - Started April 1, 2008
McAfee, Inc. announced the launch of its global S.P.A.M. (Spammed Persistently All Month) Experiment. For the month of April, 50 participants from around the world - ranging from homemakers, government executives, and students to retirees - will surf the Web, make online purchases and register for promotions. Participants have been provided with a clean laptop without spam protection and a new email address. Beginning today, they will blog about their experiences daily at this website.
S.P.A.M. Experiment participants are from ten countries spanning the globe, including Australia, Brazil, France, Germany, Italy, Mexico, the Netherlands, Spain, the United Kingdom and the United States.
Let’s be good network citizens together & practice safe networking!
