I have been through several certification programs using both classroom and self-study. I definitely like the idea of self-study with good study materials that take complex topics and make them easy to understand. This Video Mentor product is a reasonably good self-study tool for making complex topics and simplifying them for students. Before I describe the contents, I need to raise a frustration with the product right from the start. The presentations are all in Adobe Flash Video (flv) format. When you put the DVD into your computer and the autorun starts the program (don’t get me started on autorun on removable media!), you may be presented with the message shown below.

This was rather frustrating to me as I tried to run this on a couple of laptops that were new within the past 3 years but not capable of the screen resolution described. What this means is when you watch the video presentations as presented by the videomentor.exe player, you do not have visibility of any player controls like pause, fast forward, reverse or time remaining. I would like to be able to pause a presentation or know how long it will last.

There are a couple of workarounds that I used to get past this real frustration. One workaround is available right on the DVD itself. There is an html file called videomentor.html. You can open this file in any browser at any resolution. The content will be shown with scrollbars on the side and bottom of the browser window as needed. This allows the viewer to see the controls at the bottom of the presentation in the browser window. However, this can be annoying to have to scroll for access to video controls.

The second workaround I used was downloading a standalone FLV player. I tried both the Sothink Media FLV player and the Wimpy FLV player. The training materials showed well in both players and it was a great improvement to have access to the video controls missing due to being unable to meet the material’s display requirements. This is something that Pearson Learning and other training product material production companies need to consider.

Now on to the content of the product. There are six sections as shown below with a “lab” section for each one except Lesson 1: Cryptography Foundations.

The reason I put “lab” in quotes is this product presents labs differently than I expected. I expected a lab to be something with a list of tasks described in the printed materials for the student to complete and document the results of the tasks. This presentation uses the labs to do a deeper dive into the materials shown in that section. In other words, the presenter takes steps of using a linux box to show how to encrypt and hash files. This is all well and good, but the labs should also have the steps documented in the book for students to use after the video is over. I feel the book is not a good support to the extensive materials presented in the videos. I realize the product is called Video Mentor but the issue with the video controls presented earlier and the lack of documentation on the lab procedures left me wondering if this product could really be an effective learning tool.

The topics presented focus on some of the more technically challenging aspects of the CISSP certification. I cannot speak to how well the materials actually match up with CISSP objectives. I can speak though on how I perceive the product can meet the needs of a technology student. The CISSP exam covers ten domains listed below.

Access Control Systems & Methodology
Applications & Systems Development
Business Continuity Planning
Cryptography
Law, Investigation & Ethics
Operations Security
Physical Security
Security Architecture & Models
Security Management Practices
Telecommunications, Network & Internet Security

As you can see, the list of the ten CISSP domains does not seem to closely match the focus of the CISSP Video Mentor product. The Video Mentor product appears to focus on only two of the ten domains, Cryptography and Telecommunications, Network & Internet Security. I think the product covers Cryptography to a pretty good level of detail, and this alone might be worth investing in the product. Cryptography, asymmetric encryption, public-private key encryption are all difficult to understand. Any training material that tries to make this more understandable is, in my opinion, worth a deeper look.

Where this product seems to miss the boat on its objectives is related to the Telecommunications, Network & Internet Security domain. The order of the presentations is confusing. It seems like it would be a better idea to present the OSI 7-layer model before discussing IP-SEC and network traffic encryption. For me, the 802.11 Wireless section was eye-glazing. The presenter, Don Keeber, had a very level voice and presented without personality. I did not get much out of this section and do not feel that it added anything significant to the product.

Bottom line on this I would rate the product 2 1/2 stars out of 4. The technical player issues and the missing lab documentation do not justify a higher rating on a product from Pearson Learning or Shon Harris. I do think there are some good nuggets in here on describing concepts of encryption methods and that alone might make it worth adding to your library. I would recommend looking around and finding the best price on the product. No need to pay list price. If you do have this product, or get it at some point, please share your thoughts with me and other ITKE readers.

Thanks for reading and let’s continue to be good network citizens.

If you have not visited the Microsoft Technet Blogs website, then you should take some time and check it out.

Thanks for reading and let’s continue to be good networking citizens.

We first contacted the vendor for the smart relay host appliance and opened a support ticket. No real issues were identified at first review. Since the errors were being reported at the Exchange server, we contacted Microsoft and opened a support ticket. We spent hours testing and changing configuration to another regional smart relay host which seemed to get the messages delivered successfully, but we were still not able to find out what was causing the conversations with the local smart relay host to timeout.

So, we went into deeper debug mode since the application and server event logs did not shed any light on the issue. The Microsoft engineer enabled protocol logging on this particular send connector. The protocol logs did give a little more information on the situation. A snippet is shown below.

2009-01-08T22:36:19.495Z,SendConn,08CB3FF87FA34699,16,exchsvr:20709,relayhost:25,>,RCPT TO:<someone@there.com>,
2009-01-08T22:36:19.495Z,SendConn,08CB3FF87FA34699,17,exchsvr:20709,relayhost:25,<,”250 Requested mail action okay, completed.”,
2009-01-08T22:36:19.589Z,SendConn,08CB3FF87FA34699,18,exchsvr:20709,relayhost:25,>,DATA,
2009-01-08T22:36:19.589Z,SendConn,08CB3FF87FA34699,19,exchsvr:20709,relayhost:25,<,”354 Enter mail, end with “”.”" on a line by itself.”,
2009-01-08T22:36:25.417Z,SendConn,08CB3FF87FA34699,20,exchsvr:20709,relayhost:25,-,,Remote
2009-01-08T22:37:25.431Z,SendConn,08CB3FF87FA346A1,0,,relayhost:25,*,,attempting to connect
2009-01-08T22:37:25.431Z,SendConn,08CB3FF87FA346A1,1,exchsvr:20736,relayhost:25,+,,

The conversation seemed to go fine at the beginning but something was happening at the end. Since this log did not freely give up that information, we used Microsoft’s Network Monitor 3.2 (btw-if you are still using an older version of Network Monitor, you should upgrade to v3.2. It does have some nice features that make it more user friendly – but not as nice as Wireshark) to capture the actual packets between the Exchange server and the smart relay host. We ran Network Monitor directly on the Exchange server.

At this point, we were able to capture the transaction failures. The results were very interesting and a good lesson in packet analysis versus protocol analysis. The packet analysis showed that TCP was working well. Everything at layer 4 and below seemed to be working well. This was a relief. However, it appeared that the actual problem existed at layer 6 & 7. The Exchange server was ending the SMTP (Simple Mail Transport Protocol) conversation with the “.” command (a single dot on a line by itself). The Exchange server was then waiting for the smart relay host to reply with a 250 2.6.0 status message saying the message was successfully queued for delivery. The Exchange server would then reply with a QUIT command and end the SMTP session. Since the smart relay was not responding at all with the expected status message, the SMTP conversation was timing out and messages were building up in the queue.

We found out that there were some patches for the smart relay host so we applied those. Once that was done, the messages seemed to flow normally. The other puzzling thing about this is that we have two other hub sites with the same configuration that are not experiencing this problem. So, sometime today we will be rolling out the patches to those smart relay hosts to prevent this problem from happening at those sites. This issue started out of the blue but seemed coincide with the same time Exchange Server 2007 rollup 5 was applied.

The point of this whole blog posting is that while the TCP protocol was working fine and everything looked good there, the SMTP protcol was not working correctly. It is important for a network engineer to understand networking through all of the OSI layers. You cannot just assume that if things are working well at the lower levels that things at the higher levels will work too. The reverse logic is true also. So, understand the protocols at the lower layers and also the PROTOCOLS at the upper layers if you really want to be an effective troubleshooting expert.

Let’s be good network citizens out there!