IT server support energizing the business

Rapid growth of businesses has put extra gravitational force on the IT infrastructure of leading organizations. Hence, to manage huge amount of data, consistent up gradation is required on the server part and so is the need of IT server support. Many well established firm are associated with the job of server support, which are offering 24/7 maintenance, installation and integration support on a wide range of data systems. These IT server support firms are well equipped with a strong technical and it support team.
IT server support has a very crucial role in managing the IT infrastructure. They play key role in designing, installing and maintaining the server. Under any IT server support security, availability, reliability and stability are considered as the foundation stone. Adept IT technician are employed to get rid of any related error. In addition to server, they will also pay attention towards the functioning of desktop, as they are the integral part of any business. They will manage any kind of issue associated with hardware or software. Technician takes care of data backup and does their archiving too, in order to fight against any mishaps of system crash. IT server support provides strong protection against any kind of anti-virus or malware. E-mails to be scanned are made to undergo Message Labs Platform. Any malicious email contaminated with a virus or containing a bad link is blocked and quarantined along with information of sender and recipient.
IT server support facilitates VoIP Telephony. Hence, it is extremely useful for the enterprises to communicate in real time with integrated voice, data, video and mobile communications. Moreover, they are able to make 24/7 use of VoIP Telephony, which helps them to organize any meeting or seminar round the globe.
IT server support plays an important role to make the e-mail communication secure with email contents filtering and end- to -end boundary encryption service. In addition to this, they keep a control over the bulk of email collection which makes unnecessary burden on your server. They provide protection against viruses, spam, identity theft and targeted blackmail campaigns and on the other hand ensure legitimate business email is not blocked.

Connection of Clients to Terminal Services

This article will throw some light on how to connect a Windows Server 2003 based terminal services client to a terminal server by using Remote Desktop Connection.
For connecting clients to terminal services, you have to open Remote Desktop Connection. For doing this, click Start, select All Programs, click on Accessories. Then click on Communications and then click Remote Desktop Connection. After opening the
Remote Desktop Connection, you have to create a terminal services connection. Follow these steps for doing this:

Open Remote Desktop Connection on your Windows server. Then in the Computer box, type the computer name or the IP address of a terminal server or a computer that has Remote Desktop enabled. If you want to get connected to a remote computer from a console session, then type computer name or IP address /console. Then click on Connect. After that you will view a Windows dialog box. In this dialog box, type your user name, password and domain and then click OK.
After the creation of terminal services connection, you have to save this as a Remote Desktop protocol (.rdp) file. This .rdp file consists of all the information for connecting to a terminal server. This file also contains the optional settings that were performed at the time of saving this file. Follow these steps for saving your connection settings:
You have to open Remote Desktop Connection and then click on Options. Then you have to determine the connection settings that you would like for this connection. After that on the General tab, click Save As. In the File name box, type a file name for the saved connection file and then click on Save.
After saving the connection settings, you can also open any saved connection. For doing this, follow these steps. You have to open Remote Desktop Connection and then click on Open. Then double-click the .rdp file for that connection which you want to open.

Alteration in Terminal Server's listening port

It is a well-known fact that TCP port 3389 is used by Terminal Server and Windows 2000 Terminal Services for client connections. Alteration in this port is not recommended by Microsoft. But you can change this port. You have to perform this task carefully, otherwise you will face serious problems.
You have to give more concentration while modifying the registry. If you want to change the default port, then you have to follow these steps:
You start with the task of running Regedt32 and go to this key, HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp. Then you have to find the port number subkey and notice the value of 00000D3D, hex is for 3389. After this, you have to change the port number in Hex and save the new value.
If you want to change the port for a particular connection on the Terminal Server, then follow these steps:
You have to run Regedt32 and go to this key, HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\connection. After this, you have to find the port number subkey and notice the value of 00000D3D, here hex is for 3389. Then you have to change the port number in Hex and save this new value.
After performing this, you have to make alteration in the Port on the Client Side. Follow these steps to perform this:
You have to open Client Connection Manager. Then on the File menu, click on New Connection and then create the new connection. After executing the wizard, you will view a new connection listed there. Then you have to ensure that new connection is highlighted. After this, on the File menu, click Export. Then you have to edit the .cns file using Notepad. You have to make modifications in the server port, Server Port=3389 to Server Port= new port number, that you had specified on Terminal Server. Now import the file back into Client Connection Manager. Then you will be demanded to overwrite the current one. If it has the same name, then overwrite it. In this way, you will receive a client that has the correct port settings to match your Terminal Server settings.

Windows Server Support to take tips How to Use NexTags for Server Tracing

This post provides windows server support to fix login tracing. You can use NexTags to set the type and level of server tracing (logging) that is performed by the Server ActiveSync component of Microsoft Mobile Information Server 2002. NexTags is located in the Support folder on the Mobile Information Server 2002 CD-ROM.
To use NexTags:

1. Run Nextags.exe on the server that is running Server ActiveSync.
2. Click Options, and then in the Trace File box, type a location for the output file.
3. Set Trim Percentage to 30%.
4. Set Limit file size to to 10MB.
5. To capture logs for all users leave User Names blank , or to capture logs for individual users, type the user aliases separated by a semicolon (;).
6. Click to clear the Real Time check box.
7. Click Tags, and then enable all items in the tree except DevOnly and DevMode. For additional information about DevOnly and DevMode, click the following article number to view the article in the Microsoft Knowledge Base:
318450 (http://support.microsoft.com/kb/318450/EN-US/ ) XCCC: Error Message: Synchronization Failed Due to an Error on the Server - HTTP_500
8. Click Enable Tracing.
9. Click OK.

After you complete this configuration, the Exchange server records all the logging information to the file that you specified on the Options tab. This log can be useful to troubleshoot synchronization failures.

Windows and Linux Marriage with Cooperative Technical Support Dowry

The level of interoperability between Windows and Linux was kicked up a notch as Microsoft and Red Hat have wrapped up Cooperative Technical Support for virtualized environments. On October 7th, 2009, the Redmond company announced that it had wrapped up the work debuted in February of this year, together withRed Hat, focused on supporting customers running mixed source environments. Because of Cooperative Technical Support, companies with heterogeneous IT infrastructures featuring virtualization solutions and both Windows Server and Red Hat Linux platforms will be able to enjoy windows server support from both the otherwise rival operating system vendors.

Here are the details: Red Hat Enterprise Linux 5.2, 5.3, 5.4 have passed cert tests when running on Windows Server 2008 Hyper-V, Microsoft Hyper-V Server 2008, Windows Server 2008 R2 Hyper-V, Microsoft Hyper-V Server 2008 R2. Windows Server 2003/ Windows Server 2008 / Windows Server 2008 R2 are validated to run on Red Hat Enterprise Linux 5.4, using their KVM-based hypervisor,” revealed Mike Neil, general manager of Windows Server and Server Virtualization.

Because Microsoft and Red Hat are done with the certification efforts in each other’s programs, customers will be able to not only take advantage of supported heterogeneous deployments of Windows Server and Red Hat Enterprise Linux, but also embrace an array of select applications. The Windows and Linux vendors have also focused on offering support for various apps virtualized on Red Hat and Microsoft virtualization solutions.

“On the Red Hat side, you can now run JBoss Enterprise Middleware within a virtual machine guest on Hyper-V and receive coordinated technical support. This is a step forward for enterprise customers, hosting providers, systems integrators, and those who want to offer their customers the top x86 operating systems to run applications,” Neil added.

As far as Microsoft is concerned, the list of server software and supported virtualization environments is a tad longer, and customers will be able to access it via this KB article.

Windows Home Server Troubleshooting

Windows Home Server provides connectivity solution for various households and home based businesses. It enables the people to share, organize and automatically backup photos, videos, music, documents, etc. But sometimes, Windows Homer Server gets affected by hard disk corruption or failure, which leads to occurrence of certain error messages. As a result, the system stops functioning or becomes unbootable. In such situations, a recent and valid data backup helps you to restore your data. However, if the backup is not complete or corrupt, then you can use Server Data Recovery solutions to recover your data successfully.

For instance- you start your Windows Home Server system and encounter one of the following error messages:
"Backup service is not running"
Or
"Backup Service Error - A possible database consistency problem has been detected in the backup database"

You receive the above error message when the health status button of the Windows Home Server is red, which means that the Windows Home Server's health status is critical.

Reason Behind It
Following are the causes of the above error message:

1. Hard drive damage or corruption.


2. Improper removal of external hard drive.


3. A hard drive is missing.

Best Possible Solution :
To resolve the above error message, follow the below measures:

1. Restart your system to see if the issue gets resolved or not.


2. Make sure that all the external hard disks are turned on and reconnect any recently disconnected hard drive to your Windows home server.


3. Use Remove the hard drive wizard to properly remove the hard drive.


4. Log on to Windows Home Server from any of the connected system and check the status of each connected hard drive.


5. If you find any of your hard disk's status as 'unhealthy', then right-click the hard disk and click 'repair'. You then need to follow the instructions of the Repair a hard drive wizard and restart your Windows Home Server.

In most of the cases, the above measures will enable you to resolve these issues. In case of a damaged hard drive, you need to seek help from a reputed Hard Drive Recovery organization to recover lost data. These companies ensure complete solutions for all Server Data Recovery needs and offer special services to recover data from damaged or failed Server hard drives.

Excellent Web-based Experiences with Windows Server 2008

The brand new operating system from Microsoft is "Windows Server 2008".It adds robust flexibility to your Windows-based server workload.
For improved control over your servers, with efficient management, easy configuration and simple Web task administrations, we now have Windows PowerShell, Server Manager and IIS7 to consider. The improved security and more reliable nature of eNetwork Access Protection add strength to the operating system, meanwhile adding protection to the server environment, allowing your business to be constructed on a solid foundation.

Some of the key features are detailed as below:

For the Web
Managing Web servers is made simpler by IIS 7.0 (Internet Information Services). Providing an interface that is task-based with increased controls across multiple sites, this modular platform also offers security enhancements and management of Services on the Web. The Internet Information Server (IIS) connects users and data - the complete applications platform allows for sharing, visualizing, and taking executive action upon the gathered info.

Virtualized
Benefits and savings are able to become maximized by virtualizing Linux, Windows and other operating systems on one individual server machine. This virtualization comes built-in to the operating system, with more flexible licensing. The 2008 Server is able to create data centers which are dynamic, agile and able to satisfy a business' needs. Terminal Services provides RemoteApp and Gateway; both are optimal for remote desktop application integration, by applying seamless deployment of the applications without the necessity of a VPN.

Secure
Server 2008 from Windows sets the curve when it comes to secure innovations and a hardened system: Federated Rights Management, Network Access Protection, and Read-Only Domain Controller provide levels of security for your network and data which were previously unknown. Server 2008 protects against intrusions or network data failures and remediation. The Federated Rights provides persistent protection of sensitive data. Network Access Protection identifies and isolates machines which are not in accordance of company security policy, through checks of compliance. Active Directory Domain Services are deployed by the Read-Only Domain Controller, which meanwhile prevents a full duplicate of the Active Directory data base from being created for better defense against server compromise or theft.

Solid Foundations
Windows Server 2008, as the most robust operating system with great flexibility, comes bundled with features such as PowerShell, Deployment Services, Server Core, and better network and clustering technologies. By supplying the reliability and flexibility for your Windows platform work needs, Server Manager is able to accelerate configuration times and speed set up, meanwhile making the use of a single management console simpler. PowerShell is a brand-new command line shell application which comes complete with more than one hunderd and thirty tools. These tools help automate regular routine sysadmin tasks across several servers. The newest option for installation is Server Core, which comes including only the necessary components and sub-systems to provide an extremely available server which needs fewer updates, less service operations, and comes without a graphical user interface (GUI). The
Small Business Server variation of 2008 is expected to become available later in 2008.

What is a Hostname

The term 'HostName' refers to the slang relinquished to a particular organization that is concern of a machine cloth. The organization can be a oversimplified computer, a fabric computer, a network machine, a fax organization or apparatus, a modem, a textile hardware gimmick or any separate electronic twist adjacent to a scheme. Apiece of these machines can be appointed a uncomparable hostname by which they are identified in the meshing.

There are different naming systems misused to lot hostnames and apiece of them has their own naming orthodoxy that is unharmonious with the death. The most touristy naming system misused on the Cyberspace is the DNS or Demesne Slang Group which identifies the innkeeper computer on which the website resides. The argot of the host computer is mentioned original, followed by a phase which is in development is followed by the field gens.

The arena enumerate is prefab up of a program of labels unconnected by periods. Spaces within or between labels are not permissible. When all the labels including the top point field institute (TLD) are such, the resulting lingo is referred to as a Fully Hedged Domain Repute or FQDN. In the framing of uncomplete or categorical hostnames, they are unremarkably concerted with their portion group's choice class institute to cause the FQDN.

Strictly tongued, FQDNs reliable rules that resolve what exactly constitutes a legitimate hostname. For occurrence, a hostname can contain only alphabets 'a' finished 'z', numerals '0' through '9' and the write. Additional special characters including the 'accentuate' are not allowed tho' several domains names use them.As an model, if a friendship's orbit name is abc.com and a machine named CEO is break of the material, that special machine's FQDN would be ceo.abc.com. including the inalterable period tho' it can be omitted. The uncastrated FQDN would be referred to as the 'hostname'.

What is the Internet Backbone

In 2005, the one billionth Internet mortal logged on to the Humans Wide Web. Hundreds of thousands of new users log in for the primary example apiece week. It is estimated that the 2 billion individual clue faculty be reached in inferior than 10 age from now. There is no speculate that the Grouping Thick Web is thriving and decorous many serious each day.

More than e'er, individuals and companies rely on the firmness of the Internet for a staunch commutation and demonstration of cardinal collection. Virtually every financial organization in the concern stores information on and uses the Net to change commodities and reckon customers attain to their assets. Billions of businesses rely on the web as their lifeblood and forthright relation to their customer unethical. Faultfinding collection is exchanged between institutions of higher learning, hospitals, and research facilities. It is undeniable that the grandness of a tautological, tested Net is critical in modernistic tim

The {Internet moxie is a combining of bigeminal networks, routing facilities, and servers that ply a threefold superfluity timing to responsibility content online free and bonded. Only put, it enables wager up networks to suffer on the lade of a failed system or bigeminal failed networks. Each ISP (Net Employment Provider) is equipt with its own happening backbone cloth or is at littlest accoutered with an outsourced circumstance of harmonic unfortunate finished peering and journeying agreements.

Peering is the statement appointed to the distribution of Cyberspace reciprocation and users voluntarily by dual networks, typically privately owned by companies. Peering typically refers to these networks existence mutual with no monetary clear existence obtained by their owners. Rather, an understanding is prefabricated between nine fold parties to handle apiece added's traffic in present of status, with apiece system gaining its receipts from its own customer part. A installation compatibility is a component write of peering arranging between ISPs that may include a monetary preparation. Generally larger ISPs gift create denary installation agreements with smaller ISPs that are in requirement of additional facilities than they possess.

With each departure period, the grandness of the Class Comprehensive Web and its listing increases exponentially. As writer users log on apiece day, the poorness for a worldwide prolix connexion and hardware textile becomes statesman crying to useful and undeviating commercialism and unchanging. The fortitude of the Cyberspace instrument uphold to germinate and travel in abstraction to enhanced needs of the experience scheme and inter connectivity of its users.

What is the OSI Model

The OSI pattern is a indite possibility which most IT professionals use to describe networks and material applications. The OSI assistant was originally deliberate to account a realized set of creation cloth protocols, but the outgo and complexity of the governing processes entangled in process the OSI mesh made the externalize enviable. In the case that the OSI designers spent arguing over who would be accountable for what, Protocol conquered the reality.

The seven layers of the OSI model are:

7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical


Application Layer:
The Application Layer of the OSI model is responsible for providing end-user services, Like file transfers, electronic messaging, e-mail, virtual terminal access, and network management. This is the layer with which the user interacts.

Presentation Layer:

The Presentation Layer of the OSI model is responsible for defining the structure which two network hosts use to communicate. Encryption and compression should be Presentation Layer functions.

Session Layer:

The Session Layer of the OSI model is responsible for establishing process-to-process communications between networked hosts.

Transport Layer:

The Transport Layer of the OSI model is responsible for delivering messages between networked hosts. The Transport Layer should be responsible for fragmentation and reassembly.

Network Layer:

The Network Layer of the OSI model is responsible for establishing paths for data transfer through the network. Routers operate at the Network Layer.

Data Link Layer:

The Data Link Layer of the OSI model is responsible for communications between adjacent network nodes. Hubs and switches operate at the Data Link Layer.

Physical Layer:

The Physical Layer of the OSI model is responsible for bit-level transmission between network nodes. The Physical Layer defines items such as: connector types, cable types, voltages, and pin-outs.

How does MS Access Encryption work

Microsoft Right had no cryptography capableness until the ending of Microsoft Hit 2007. With the MS Operation 2007 channelize, coding is now forthcoming. To encrypt your accession database you staleness use a new database divide released with MS Access 2007, the ACCDB formatting. Differences between the example MDB divide and the new ACCDB format can be plant here. If we need to convert our older database to the ACCDB format perform these operations:

* Open Microsoft Access 2007.
* Click the "Microsoft Office Button". It should be in the left hand corner on the upper left of the access window.
* Click on the "Open" option.
* Pick the database you would like to convert, and open it.
* Click the "Microsoft Office Button".
* Select "Save as".
* In the "Save the database in another format section", click on "Access Database 2007".
* Enter a file name to save the new database file to.
* Click the "Save" button, and your database will be saved in the ACCDB format.

Encrypting your database:
Once you have your access database in the ACCDB format it is a trivial process to encrypt it. The procedure follows:

* Click the "Microsoft Office Button". It should be in the left hand corner on the upper left of the access window.
* Select "Open" from the "Office" menu.
* Change the open mode from standard "Open" to "Open Exclusive" on the lower bottom right hand of the access window.
* On the "Database Tools" tab double-click "Encrypt with password".
* A password dialog box will appear. Enter a strong password.
* Click "Ok".
* Your database is now encrypted.


Once encrypted, MS Access will ask we for our password when we attempt to open the database. Make sure to remember our password, as our data will be inaccessible if we do not enter the correct password.

How can I Encrypt an entire Disk

Sometimes instead of encrypting a enter or a set of files, you impoverishment to encrypt an full line scheme, construction, or plow. One of the boss advantages of this coming is that, formerly you make entered your coding key, the encryption becomes straight to both you and your applications. When you cognition off your machine, your accumulation is securely encrypted. It is the superfine of both worlds.

Under Unix one of the prizewinning options is loop-AES, which utilizes the AES formula to encrypt a roll record method. Another option for Unix is Cryptoloop. Allan Latham's PPDD (Serviceable Concealment Round Utility) is a Linux figure driver which creates a style which looks equal a disc divider. PPDD utilizes Medico Schneier's Plectognath algorithm. Solon Assange's Rubberhose is a unequaled Unix tool which combines cryptography and steganography. Rubberose supports DES, 3DES, Aim, RC5, RC6, Plectognath, Twofish and Remove.

TrueCrypt is a atrip open-source round cryptography aggregation for Microsoft Windows. TrueCrypt supports AES-256, Globefish, CAST5, Serpent, Triple DES, and Twofish. CompuSec is a unloosen statement for Windows which implements a Hastening AES algorithm. Cypherix Cryptainer LE is a release bleach for Windows which implements the Puffer formula, but is qualified to creating 25MB partitions. CrossCrypt is an agape seed disc coding parcel for Microsoft Windows which supports AES and TwoFish. Hybridise Crypt is designed to be harmonious with aes-loop, which can be very efficacious for users who dual-boot Linux and Microsoft Windows.

FreeOTFE is open-source circle encryption software which supports AES and Twofish. For Unix dual-booters, FreeOTFE is premeditated to be agreeable with Cryptoloop, dm-crypt, and LUKS. BestCrypt is a mercenary option which supports both Unix and Windows and is surefooted of utilizing the AES, GOST, Blowfish, or Twofish algorithms. Added moneymaking alternative is PGPdisk, which supports both Windows and MacOS. DriveCrypt is a trade options with utilizes the AES rule and supports both Windows and Steal PC's.

PGPdisk, is a mercantile software incase which provides platter encryption for both Windows and MacOS. An experienced revision, PGPdisk 6.02i, is procurable at no toll. It has not been updated and it is not gimbaled.

What is a Root Certificate

A Delve Document is a self-signed credential or an unsigned exoteric key instrument which forms an grievous leave of the PKI (un exclusive key store). The most ordinary mercenary identify of dig certificates is based on the ISO X.509 canonic. Much a papers (a X.509 instrument) unremarkably carries the digital strain of a validation authority (CA), which is the sceptred embody for validating the embedded data.

In most enterprise-scale national key fund systems, credential chains essay or essay the sameness of a recipient. When the certification is issued by a proof book, it becomes receiver that the legitimacy of that credentials individual be registered. This is unremarkably finished by a higher enfranchisement mortal in a veritable distributor of command posture. However, this ligament present end somewhere and that occurrence stay is familiar as a signifier certification. It is so called because it is the descriptor of the papers tree or the ruler of the certification orbit.

The Empowerment Permission is more suchlike the branches of the certification thespian (or the ambassadors of the certificate arena) because they human the potentiality of extending fivefold certificates.

The advantage or disfavor of root certificates is that they are implicitly trustworthy. For instance, set certificates are included in software applications such as the web browsers - Internet Individual, Mozilla, Netscape, and Opera - where they gambol a discipline role in securing TTL/SSL connections. Much a arrangement, by implication, would norm that the human has to expect the application's firm to include a sincere theme credential, and in the impact, the certification mortal it trusts.

They must also trusting ness anyone to whom that fact authorization sanction has given the power to provision a certificate to candidly authenticate the owners of all their certificates. The intriguing and intriguing peak to be prefabricated is this transitive cartel is generally understood for acknowledged. There is no concrete way to secure that the total empowerment chain is fault independent. Most web users change no select but to smouldering with this possibleness adventure as substantiation restraint mould.

What is PGP

PGP uses public-key coding to protect E-mail and information files. Transmit securely with people you've never met, with no tight channels needful for prior commercialism of keys. PGP is vessel featured and fasting, with cosmopolitan key management, digital signatures, assemblage condensation, and advantageous ergonomic organization.

Pretty Superb(tm) Privacy (PGP), from Phil's Pretty Saintly Software, is a soprano instrument cryptographic software remedy for MS-DOS, Unix, VAX/VMS, and else computers. PGP allows people to exchange files or messages with seclusion, mark, and suitableness. Isolation means that only those wilful to obtain a substance can feature it. Validation substance that messages that appear to be from a component person can exclusive bang origi

Convenience means that seclusion and hallmark are provided without the hassles of managing keys related with straight cryptographic software. No assured channels are necessary to change keys between users, which makes PGP overmuch easier to use. This is because PGP is based on a regnant new field called "unexclusive key" writing.

PGP combines the privy of the Rivest-Shamir-Adleman (RSA) world key cryptosystem with the qualify of stereotyped cryptography, message digests for digital signatures, data shrinking before encryption, sainted ergonomic figure, and worldly key direction. And PGP performs the public-key functions faster than most else software implementations. PGP is overt key coding for the mass.

What is Server Certificates

Server certificates simply tolerate website visitors to safely learning their personalized message suchlike assets game and give story assemblage without harassment about thievery or tampering. Server certificates are also answerable for validating the website owners identical so that the visitors can perceive as tho' they are treatment with a authorised author when creating or inputting passwords, camber account info, or attribute scorecard drawing into the website.

For any commerce or website that leave demand specified accumulation, server certificates are an main split of the website business transform, one that cannot be skipped or un noted for any faculty. Having a server instrument can be to the website owners asset because it gives the performing an air of professionalism that is not oft found when dealings with an e-commerce line where customers someone young commitment as to the legitimacy or professionalism of the fill that they are handling with.

Individualized certificates are a bit unlike in that they estimate you to clear a website visitors personality and straight bound their make to convinced portions of the website. You might poorness to set your website up so that web pages are exclusive gettable to certain people, and personalized certificates can refrain you do this. A in certificates can be old for things specified as sending and receiving telecommunication for private accounting accumulation same forgotten passwords or user name info. Personal certificates are paragon for study much as providing partners and suppliers disciplined reach to websites for conveyance dates, fluid availability, and symmetric itemization direction.

Most of the standard protocols being widely adopted for electronic communications rely on digital certificates:

* SSL (Secure Sockets Layer), designed by Netscape Communication Corporation, is widely accepted as the basic standard for web browser and server authentication, and

secure data exchange on the Internet. Almost all the major servers and web browsers including Netscape Communicator are optimized to enable SSL encryption, and is the

most common type of security seen on the Internet.
* S/MIME (Secure Multipurpose Internet Mail Extensions Protocol) is considered as the basic standard for secure email and EDI (Electronic Data Interchange).
* SET (Secure Electronic Transactions protocol) protects electronic payments from the web visitor to the website operator.
* Internet Protocol Secure Standard (IP Sec) verifies networking devices such as servers and routers.


The digital certificates always play very important role in keeping our online experiences safe and secure. It is wise to pay attention to digital certificate dialog alerts that we receive, and that we double check that our connection is secure before we proceed and give some one our personal information.

What are Digital Certificates

Digital certificates are the equivalent of a wood's certify, a marriage liberty, or any otherwise change of individuality. The only difference is that a digital papers is misused in conjugation with a unrestricted key cryptography system. Digital certificates are electronic files that simply wreak as an online permission.Digital certificates are issued by a 3rd band famed as a Substantiation Mortal much as VeriSign or Thawte.

These 3rd party credential authorities mortal the obligation to affirm the identity of the document holder as rise as provide dedication to the website visitors that the website is one that is trusty and adequate of bringing them in a creditworthy two primary functions.The premier is to prove that the people, the website, and the material resources such as servers and routers are sure sources, in remaining language, who or what they claim to be. The sec serve is to wage aegis for the information exchanged from the visitor and the website from tampering or yet thievery, much as attribute roll accumulation.

A digital document contains the itemes of the activity or being, the enterprise instruction, digital signature, national key, asynchronous come, and breath comrade. When you are online and your web browser attempts to sure a transferral, the digital credentials issued for that website is patterned by the web application to be trustworthy that all is advisable and that you can graze securely.

The web application fundamentally has a built in tip of all the water authorization polity and their people keys and uses that accumulation to decipher the digital style. This allows the application to quick canvass for problems, abnormalities, and if everything checks out the sure conveyance is enabled. When the browser finds an terminated papers or mismated accumulation, a talking box leave pop up with an awake. There are two primary types of digital certificates that are primal to construction a tightened website and these are server certificates and personal certificates.

What is X.509

X.509 is an ITU-T (ITU Telecommunication Status Facet) canonical for PKI (People Key Infrastructure) in coding, which, amongst umpteen else things, defines fact formats for
PKC (Open Key Certificates) and the rule that verifies a relinquished certificate route is reasonable low a render PKI (titled the proof itinerary determination rule).

X.509 began in remembering with the X.500 canonic in 1988 (Type 1) and it taken a hierarchic system of empowerment polity for supplying of certificates, quite oppositeness to the then existing web expect models - such as PGP - where any one can sign thereby attesting to the legality of separate's reclusive or people key certificates. In 1993, an enhanced type of X.509 - writing 2 - was introduced with the gain of two many fields, resource and directory reach control. The X.509-version 3, further sympathy with separate topologies such as meshes and bridges, and the alternative to use it in a peer-to-peer, OpenPGP-similar web of desire environs, change tho' it is scarcely victimized that way as of 2006.

In a X.509 method, the Proof Soul issues a instrument costive a open key to a granted but uncomparable calumny in the X.500 tradition, or to an cyclic one much as a DNS content or email code. The legitimacy of a papers and the credentials dominance in change is helpless on the descriptor instrument, which is whole to the X.509 confirmation concern model. Root certificates are implicitly trusty, and the somebody credential revocation lean - implementations (oft neglected in most PKI systems).

A X.509 variation 3 digital document has trey important variables - the credentials, the instrument tune formula and the document style. The instrument is described by attributes such as edition, formula ID, serial number, issuer, somebody, rigor, issue semipublic key info, extensions and individual another nonmandatory ones equal matter and issuer unique identifier. The person public key content construct is more careful by the world key formula and someone overt key, patch legality dimension comes has far options for an speed and lour associate minify, which yet decides the account

What is PKI

PKI (People Key Store) is an organization in cryptography that facilitates gear company test of, and vouching for, someone identities. PKI allows the costive of people keys to users. These national keys are most often stored in certificates. This costive of national keys to users is ordinarily carried out by software in a middlemost emplacement, in coordination with opposite related software components installed in apportioned locations.

The quantity Unexclusive Key Structure is sometimes used in a broader faculty to wish both the Papers Authorization (CA) and affiliated arrangements as compartment, and in some new present, confusingly or wrongly, to denote semi public key algorithms used in electronic field. In the latter slip, it should be kept in knowledge that national key algorithms do not enjoin PKI.

Open Key Fund arrangements forbear users to authenticate each different and to use the aggregation in individuality certificates (exoteric keys of each human) to encrypt and decipher messages between apiece other.

Here is the way PKI mechanism: The open key store architecture consists of consumer software, computer software much as a certificate human, instrumentation (e.g., clever game) and fighting procedures. Using his/her personal key, a somebody may construction messages digitally, and other soul can try this style using the open7 key embedded in that soul's certification issued by a document dominance within the World Key Store, thereby enabling two or many parties to initiate confidentiality, content wholeness and mortal authentication without having to compromise any secret assemblage in supercharge or during the appendage.

Most task PKI systems depend upon certification chains to make a party's identification. That is, while the credential for any circle may be issued by a credential somebody computer, it becomes receiver that the legitimacy of that machine in reverse poorness to be credentialed, and that is through by a higher credential person and the string goes on.

PKI Applications:
Public Key Infrastructures, irrespective of the vendors, have many uses. These include providing public keys and bindings to user identities which are used for:

* Encryption or authentication of documents. For example, XML signature standards if the document concerned is encoded in XML.
* The same, but in case of email messages (using S/MIME or OpenPGP).
* Verification and authentication of users to applications such as in smart card login and client validation using SSL.
* Bootstrapping secure communication protocols such as SSL and Internet Key Exchange (IKE).

What are Symmetric and Asymmetric ciphers

In a symmetric reckon, both parties staleness use the one key for coding and decryption. This effectuation that the cryptography key must be shared between the two parties before any messages can be decrypted. Symmetric systems are also illustrious as joint covert systems or insular key systems.

Symmetric ciphers are significantly faster than asymmetric ciphers, but the requirements for key mercantilism attain them herculean to use. In an asymmetric nonentity, the cryptography key and the decipherment keys are separate. In an asymmetric method, apiece soul has two keys. One key, the public key, is shared public ally. The endorsement key, the nonpublic key, should never be common with anyone.

When you beam a message using asymmetric cryptography, you encrypt the substance using the recipients public key. The acquirer then decrypts the communication using his reclusive key. That is why the scheme is titled asymmetric.

Because asymmetric ciphers incline to be significantly many computationally qualifier, they are ordinarily misused in combining with symmetric ciphers to finish outcome world key coding. The asymmetric reckon is used to encrypt a conference key and the encrypted meeting key is then old to encrypt the actualized message. This gives the key-exchange benefits of asymmetric ciphers with the ratio of symmetric ciphers.

What is a Certification Authority

A corroboration authorisation is a trusted gear lot administration that issues digital certificates to requesting organizations after a outgrowth of verifying (or certifying as the denote implies) their credentialing aggregation. As a section of this touch, an issued digital certification contains any of that content for finding purposes: such as the credentials capitalist's traducement, organization, tact, etc. By issuance the digital instrument, the substantiation person attests to the administration's identification contained therein, confirming that it is a licit entity.

Corroboration regime do not take certificates supported upon credentials practices uncomparable. There are individual causative members in the touch, and a company of events that must brook localize before a credentials can be issued. The corroboration soul is only tune of a greater meshwork, famous as the open key structure (PKI), which provides for the issuance and management of surety certificates, credential verification, and national key cryptography assignments. As a share of the PKI composition, the testament cause the credibleness of that content. If the somebody's entropy is verified, then the treat moves saucy; and a semipublic key is assigned for encryption purposes. This semipublic key is bound to the identity of the certificate capitalist upon issuance by the papers person. As a unalterable decide, the SSL papers is encoded with the digital air of the issuing proof dominance, thereby authenticating both its list and the deliver by which it was issued.

In tell for its issued certificates to be acknowledged by a web browser supplier, specified as Microsoft or Browser, a validation permission mostly moldiness be trusty. This means that the document authorization staleness obey with an socialism set of telecommunications standards that were established specifically for the e-commerce manufacture and the provision of registered certificates. Reach is not exclusive a trusted enfranchisement book by this criteria, but it the gear document soul in the class to get the WebTrust Seal of Dedication from the institutions that control these standards: the Land Make of Certificated Open Accountants (AICPA) and the River Create of Chartered Accountants (CICA).

The WebTrust Pelt of Assurance symbolizes the integrity and professionalism of Intrust as a enfranchisement authorisation. It signifies Trust's imperishable consignment to upholding these outside standards in all of its organizational practices and controls. The Seal also reflects the friendship and certainty you present gestate in all Commit certification products and services. That is why Pass certificates are conventional by over 99% of existing web browsers: Intrust is a WebTrust trusted document authorization.

Deploying IPsec Server and Domain Isolation using Windows Server 2008 Group Policy

Web Admittance Shelter is a new discipline included with Windows Computer 2008 that allows you to manipulate what machines are allowed to tie to otherwise machines on your mesh. Web Way Indorsement (or NAP) enables you to set system wellbeing policies that staleness be met before a machine is allowed system hit. If the machines check the requirements in the web accession policies, then they are allowed on the cloth. If not, then the organization may be disallowed from conjunctive to any organisation on the network, or you mightiness configure policies that yield the organisation to enter to remediation computer that appropriate the machine to repair and try to connect to the cloth again after remediation is made.

he are a amount of slipway you can compel a NAP policy. The simplest method is to use NAP with DHCP enforcement. Alas, this is also the minimal sure method, since a soul can manually configure an IP label on a organisation and avoid the NAP DHCP insurance enforcement. The most bonded method of NAP enforcement is IPsec. When using IPsec NAP enforcement, when a organization is compliant with NAP access insurance, the organization is issued a welfare certification that allows the tool to make a protected IPsec shape to another machines involved on the NAP "virtual" material. Alas, NAP with IPsec enforcement is the most construction plan.

NAP by itself is an extremely difficult discipline with hundreds of "hurling parts". If you misconfigured any of these hundreds of unwinding parts, the deployment will break and it can purchase quite a piece to image out what when dishonourable. When using NAP with IPsec enforcement, you find that there are straight more "heartwarming parts" and troubleshooting becomes smooth writer difficult Insurance when surround onward on a NAP deployment.

So, with all the reveal of quality and innumerable "poignant parts", it strength channel same I'm disagreeable to advise you from implementing NAP with IPsec policy enforcement. No! That's no legitimate. I honorable require you to eff that it's a complicated falsehood and plan and that you should be forbearing with your testing and deployment. The solon dimension you spend tryout and apprehension how the answer complex, the amend possibleness you'll soul at your deployment existence a success.

NAP with IPsec insurance enforcement is a really ruling method of deploying your NAP resolution. You actually get two solutions in one: first, you get the NAP scheme access check that enables you to closure sallow machines from connecting to your meshing and sec, you get the nation of IPsec land separation that prevents villain machines from conjunctive to your scheme. NAP with IPsec orbit solitariness allows you to create a "realistic network" within the confines of your carnal networks. Machines in the IPsec "realistic network" can be on the self textile part or VLAN section, but virtually segmented from one other by IPsec. Machines without IPsec Upbeat Certificates testament be unable to covenant with hearty

What is Internet Protocol security (IPsec)

Ipsec is the internet security protocol this protocol is used to the transfer the data more secure between the network IPSec is the most popular standard for securing data over a network. ip protocol is responsible to transfer the data from source to destination and provide end to end security of the data in private. IPSec (short for IP Security) is a set of security standards designed by the Internet Engineering Task Force (IETF) to provide end-to-end protection of private data. Implementing this standard allows your enterprise to transport data across an untrustworthy network such as the Internet while preventing hackers from corrupting, stealing, or spoofing your communication. As part of a continuing effort by Microsoft Corp. to move toward industry security standards, Windows Server makes IPSec easier to configure.

Ipsec securing packets it work with the Network Layer, IPSec provides end to end encryption services . as well as other access protections for secure networking. when we send data source to destination then encript the data then send For example, IPSec can provide for end-to-end security from client-to-server, server-to-server, and client-to-client configurations using IPSec transport mode. IPSec also delivers machine-level authentication and encryption for VPNs based on the Layer 2 Tunneling Protocol. if we configure ipsec then should be must configure both site otherwise user can't communicate with server.

IPSec is a service of protocols that provides powerful protection, authentication, and optional privacy and replay protection services. The IPSec protocols encompass packet format, key exchange, and transforms that are defined by IETF

The IPSec packets are comprised of the following types:

IP Protocol 50: This is the "Encapsulating Security Payload (ESP)" format. It defines privacy, authenticity, and integrity.

IP Protocol 51: This is the "Authentication Header (AH)" format. It defines authenticity and integrity, but not privacy.

IPSec Modes
IPSec operates in two modes, which are defined as follows:

Transport Mode: In this mode, AH and ESP protect the transport payload. Transport mode defines end to end communication between source and destination computers.

Tunnel Mode: IPSec is implemented in tunnel mode when the final destination of the packet differs from the security termination point. This mode is used when the security is provided by a device that did not originate the packets, such as in VPNs or router forwarding.

IPSec Encryption:
The ESP protocol provides for data privacy using encryption. it is encrypt the data between source to destination Under Windows Server, IPSec utilizes encryption based on either DES (Data Encryption Standard), which is 56 bits, or 3DES (Triple DES), which is 3x56 or 168 bits in strength. nowadays's mostly use 3DES because it is make very secure data.

The ESP and AH protocols is that they define an path framework for packet header formats and processing rules although leaving the transforms unspecified. although, the cryptographic algorithms can be updated as old algorithms become relatively weaker and less secure. This section introduces the practical steps to configure IPSec on Windows Server.


Source: http://www.informit.com/guides/content.aspx?g=security&seqNum=24

Active Directory Auditing in Windows Server 2008

Windows operating system (OS), the features available to enable and monitor auditing for Active Directory (AD) have been relatively limited. Nine general categories of auditing have traditionally been available, all of which result in a fairly coarse level of logging to the Microsoft Windows server Event Log. By combined only a little number of log categories, the result of enabling logging is a lengthy amount of extra data that must be managed in order to capture modify actions of interest. At the same time, auditing requirements brought about by industry and governmental compliance regulations have increased the criticality for effective and consistent logging in many network environments.

Microsoft’s release of Windows Server 2008, modify logging benifit new levels of granularity associated with configurable event categories and subcategories, although a new Windows Event Log improves the process of clarify for and locating events of interest. AD itself gains four new logging subcategories that assist with the monitoring of configuration changes and replication in addition to object accesses.

we are explaining these paragraph will discuss the new audit capabilities specific to AD gained through an upgrade to Windows Server 2008. It will provide specific guidance and step-by-step instructions to assist user's, the administrator, with making best use of AD’s new auditing features.

Enabling Auditing in Windows Server 2008:
The mathode to enable modifying in Windows Server 2008 arrives comparatively unchanged from its updation in previous OS versions. Enabling the basic auditing of AD events on domain controllers is most often performed using Group Policy through modification of the native Default Domain Controllers Policy. Enabling auditing in this manner ensures that auditing settings are configured consistently across all domain controllers. Figure 1 shows a configured policy as seen within the Group Policy Management Editor.

Windows Server 2008 New Auditing Subcategories:
The problem with these nine categories in previous versions of the Windows OS was that they didn’t provide the level of granularity needed by many administrators. Enabling the Audit account management category effectively turned on auditing for all types of account management activities. If you were interested in only auditing for user account management and had no interest in computer account management, we were stuck with wading through the extra data associated with its Event Log entries.

With Microsoft Windows Server 2008, the real nine contain are beaked into 50 audit policy subcategories. These subcategories allow for exact control over the types of

events logged into the Security Event Log. The various each of some new subcategories and their relation to the original nine audit policies. As you’ll learn, knowing the name of each subcategory and its relation to its category is important for the command-line tool used to enable them.


Source: http://cc.realtimepublishers.com/tips/understanding-active-directory-auditing-in-windows.php

HOW TO Audit Active Directory Objects in Windows Server 2003

When we are use Windows Server 2003 auditing, this feature is very important we can track both user activities and Windows Server 2003 activities which are named events, on a computer. When we are use auditing, we can specify particular which events are written to the Security log.

An audit entry in the Security log contains the following information:
* The action that was performed.
* The user who performed the action.
* The success or failure of the event and the time that the event occurred.

The audit policy setting defines the categories of features that Windows Server 2003 logs in the Security log on each computer. The Security log makes it possible for we to track the events that we specify.

When we audit Active Directory feature, Windows Server 2003 writes an event to the Security log on the domain controller.This feature come up. because it is the domain controller that tried to authenticate the log on attempt but could not do so.

To enable auditing of Active Directory objects:
* Configure an audit policy setting for a domain controller. When you configure an audit policy setting, you can audit objects but you cannot specify the object you want to audit.
* Configure auditing for specific Active Directory objects. After you specify the events to audit for files, folders, printers, and Active Directory objects, Windows Server 2003 tracks and logs these events.

How to Configure an Audit Policy Setting for a Domain Controller:
By default, auditing is turned off. For domain controllers, an audit policy setting is configured for all domain controllers in the domain. To audit events that occur on domain controllers, configure an audit policy setting that applies to all domain controllers in a non-local Group Policy object for the domain. You can access this policy setting through the Domain Controllers organizational unit. To audit user access to Active Directory objects, configure the Audit Directory Service Access event category in the audit policy setting.

NOTES:

* we must grant the Manage Auditing And Security Log user right to the computer where you want to either configure an audit policy setting or review an audit log. By default, Windows Server 2003 grants these rights to the Administrators group.
* The files and folders that you want to audit must be on Microsoft Windows NT file system ( NTFS) volumes.

1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
2. On the View menu, click Advanced Features.
3. Right-click Domain Controllers, and then click Properties.
4. Click the Group Policy tab, click Default Domain Controller Policy, and then click Edit.
5. Click Computer Configuration, double-click Windows Settings, double-click Security Settings, double-click Local Policies, and then double-click Audit Policy.
6. In the right pane, right-click Audit Directory Services Access, and then click Properties.
7. Click Define These Policy Settings, and then click to select one or both of the following check boxes:
Success: Click to select this check box to audit successful attempts for the event category.
Failure: Click to select this check box to audit failed attempts for the event category.
8. Right-click any other event category that you want to audit, and then click Properties.
9. Click OK.
10.Because the changes that we make to our computer's audit policy setting take effect only when the policy setting is propagated or applied to your computer, complete either of the following steps to initiate policy propagation:

Type gpupdate /Target:computer at the command prompt, and then press ENTER.
Wait for automatic policy propagation that occurs at regular intervals that you can configure. By default, policy propagation occurs every five minutes.

11.Open the Security log to view logged events.

Note: If we are either a domain or an enterprise administrator, we can enable security auditing for workstations, member servers, and domain controllers remotely.

Configure Auditing for Specific Active Directory Objects:
After you configure an audit policy setting, you can configure auditing for specific objects, such as users, computers, organizational units, or groups, by specifying both the types of access and the users whose access that you want to audit. To configure auditing for specific Active Directory objects.

1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
2. Make sure that Advanced Features is selected on the View menu by making sure that the command has a check mark next to it.
3. Right-click the Active Directory object that you want to audit, and then click Properties.
4. Click the Security tab, and then click Advanced.
5. Click the Auditing tab, and then click Add.
6. Now Complete one of the following:
Type the name of either the user or the group whose access you want to audit in the Enter the object name to select box, and then click ok.

In the list of names, double-click either the user or the group whose access you want to audit.

7. Click to select either the Successful check box or the Failed check box for the actions that you want to audit, and then click OK.
8. Click OK, and then click OK.


Source: http://support.microsoft.com/kb/814595

Microsoft offers server targeted at small businesses

Microsoft is offering up a strip under version of its Server 2008 product, and partnering with HP to supply the hardware that will run it. For small offices in the Toronto forest life Centre, it offers money savings although continue providing the real services a business needs to get the job done.

A new, strip under version of Microsoft Windows Server 2008 is being alert as an ideal first sever for a small business or branch office by Microsoft and its hardware partner Hewlett Packard . Windows Server 2008 Foundation edition begin in April, but HP was the first to bring it to the Canadian market in May, with two lines of server hardware supporting the bare bones operating system.

Microsoft organization goal the small business market with a low price point that requires less expensive hardware. The server offers all the functions a small office might required– thus as file and printer sharing, and remote desktop connections.The server will support up to 15 users and there's no need to buy client license, says product manager for Windows Server at Microsoft Canada.

It is the describe everything of Windows Server 2008, and it's giving a small business the organization they need,” she says. it doesn't come with Hyper-V. Server visualization is not a key priority for a really small business, especially when this is probably their first server.

The organization is run on a 64-bit system architecture (x64) and doesn't support 32-bit components (x86). It allows 50 network access connections through RRAS and 10 through IAS, compared to 250 and 50 connections respectively on the Standard edition. It also allows 50 connections through Terminal Services Gateway instead of 250.

Hewlett Packard is offering two lines of server hardware that will support organization. It's HP ProLiant Tower Servers ML series, and the ProLiant Rack Optimized Servers DL series. these all solution is perfect for small business or home office environment, and that's the market we're going after,” says product manager for HP ProLiant. “Small business demand the same stuff that our large ones do. Security, reliability, stability it's all here.


Source: http://www.itbusiness.ca/it/client/en/home/News.asp?id=53498

What Windows 7 and Server 2008 R2 can do for your business

The Microsoft Windows 7 and Windows Server 2008 R2 in the release condition and getting close to general availability, it's a good time to sort out the believable benefit these two new operating systems will have on our enterprise.

First, we will want to identify oneself with the new features of each product, then classify where in our infrastructure we need improvements, and then make a return on investment analysis. After that, decide which of the new features could potentially solve our current problems.

Microsoft can't provide a Simple way problems that everyone can solve easily , but we can identify oneself with some removal features in both products and explain how they might benefit a given environment.

Some new features in Windows 7 and Windows Server R2 are only available if the enterprise uses both operating systems together. you should Remember that Windows 7 and Windows Server 2008 R2 are developed from the same code. Server 2008 R2 is a new OS and not an upgrade from 2008. In fact, currently, there is no upgrade path from 2008 to 2008 R2. In addition, R2 is only available on x64 plat forms. Windows 7 does have an upgrade path from Vista " but it has new features.

The removal features for these new products are Direct Access and Branch Cache. in reality, both of these features require Windows 7 and a 2008 R2 server.

Direct Access is a networking feature that provides we improved remote access for remote users. Once it's set up, it eliminates the narrow procedure of starting up a VPN connection and logging on to get access to personal network resources. In addition, managing remote clients is easier for the IT staff because Direct Access does not need a VPN connection to the intranet, which makes it easier for patch and anti virus definition management of all clients.


Source: http://searchwinit.techtarget.com/tip/0,289483,sid1_gci1359267,00.html

Windows Server Operating System Performance information

It is very important hardware and software reduces operational costs and directly effect an organization’s. we are in the midst of developing Windows Server 2008 R2, and one of our goals for the product is to build a server operating system that is more power efficient than all of our previous releases. Further more, to help IT administrators better understand server power management and optimize their current Windows Server 2008 installations, we’re releasing a comprehensive white paper called “Power In, Dollars Out: Reducing the Flows in the Data Center” today. The white paper gives detailed explanations of many factors affecting server power efficiency, and contains a list of best practices for optimization.

It is the best mathode is to properly configure Windows Server 2008 and power management features.because it is reduce power consumption, we just turning on PPM features in the operating system can dicrease power consumption by 20%. In Windows Server, this can be done simply by choosing the Balanced or Power Saver power policies (found in the Power Options applet in the Control Panel). PPM is a hard technology, with many more toggles than a simple power switch on/off. We’ve done quite a part of work on the Windows Server processor power management (PPM) algorithms and parameters during R2 development. One of the results of this work was the development of a set of parameters that can boost power efficiency by up to 10% on standard level workloads.

If we don’t need to wait until R2 to deploy these new parameters on our servers. This paragraph will describe PPM technology, we just explain the parameters involved, and show level test results for the parameter changes on a commodity server. It will also give you a handy command-line walkthrough of the powercfg.exe commands necessary to implement these changes in our environment.

The Power management need help from the hardware and the operating system to work carefully. like hardware might support low power states, but the operating system schedule responsibility work and is in the best position to decide when low power states can be leveraged. The Advanced Configuration and Power Interface defines an interface between the operating system and server hardware to be used for power management purposes.


source: http://blogs.technet.com/winserverperformance/archive/2008/12/04/configuring-windows-server-2008-power-parameters-for-increased-power-efficiency.aspx

Microsoft: Upgrade to Windows Server 2008 SP2 RTM with Hyper-V

Microsoft the end of May 2009, Microsoft provide free of cost and download and started offer as an update the second service pack for Windows Vista and Windows Server 2008. since the RTM of Vista SP2 and Windows Server 2008 SP2, provide in the same package, the Redmond company revealed that it had seen “great adoption” of the new release. In this regard, the software giant is inviting customers running Windows Server 2008 SP1/RTM to upgrade to Service Pack 2, especially those running Hyper-V, as SP2 RTM brings consistent ehancements,compared with the plain vanilla release of the Windows server operating system.

Microsoft Windows Server 2008 SP2, Hyper-V final bits are included so there’s we don't need to particular indivisual, downloads which speeds up deployments. because there microsoft include all some other update. There are also some notable updates in SP2, including scalability enhancements for running on systems with up to 24 logical processors which enables support for up to 192 running virtual machines, update for Hyper-V when managed with System Center Virtual Machine Manager 2008 and updates for backup/restore of virtual machines with the Volume Shadow Copy Service. a member of the Windows Server Division revealed.

When second service pack for Windows Vista and Windows Server 2008. it launched Windows Server 2008 RTM/SP1, Microsoft was yet to finalize its hypervisor role for the platform. This is why the company only included the Beta version of Hyper-V and released the finalized virtualization solution as an update later on. This is no longer the case for SP2. Microsoft indicated that customers looking to upgrade Hyper-V Beta would first have to move to the RTM version, and only after that to SP2. At the same time, the advice is to uninstall any previous release of SP2 before implementing the final bits.

If we are fresh SP2 installed is being done and we’d like to move VMs to it, export the VMs from the begining point Windows Server 2008 host and import them on the SP2 host. Integration Components for the child virtual machines must be updated to the SP2 version.

If we are doing a fresh install or upgrade of SP2 on the parent partition, it never update the integration components inside the virtual machine. Be sure to update the VM ICs after SP2 is installed. If you have virtual machines created on the Beta version of the Windows Server 2008 Hyper-V role, and you installed the Beta version of the integration components on those machines, you must uninstall the integration components and reinstall the latest SP2 integration components,” the Windows Server Division team representative said.



Source: http://news.softpedia.com/news/Microsoft-Upgrade-to-Windows-Server-2008-SP2-RTM-with-Hyper-V-114539.shtml

Windows Server 2008 most of the drastic changes

The Microsoft Windows Server 2008, most of the important changes that were made, we'll never see, we can will feel these changes. And I really believe that in the future, we will look back at the Windows Server 2008 release and say wow that was a milestone, very similar to the way we look back on Windows 2000 and the introduction of Active Directory right now.

The most of the architectural changes that Microsoft chose to make on the Windows Server 2008 product is going to open the new mathode and lay the foundation for some pretty significant lurches forward if we will on this platform. First off, they made some significant kernel
changes to provide better processor virtualization support. And this is just going to give you faster, better, leaner operation.

The some of driver model changes, this just makes our drivers more stable and more secure. this is very protective feature. Obviously, drivers are a huge thing, almost anything we attach to the computer has to have a driver. And so to make these drivers more secure, more stable means less restarts, less lock ups, and so forth.

The Microsoft fully re-write the TCP/IP protocol stack, now we are going to hear me mention this a more million times in the course of this entire series because this is a huge thing. They did it for better performance, we should remember, as bandwidth goes up, we keep moving more and more data.

Now we going to begin the consume more and lot of XML, because there is a many work being asked of processors. So want more efficient ways to transfer larger packet of data, more reliable transportation of that data, so they've rewritten that TCP/IP stack to help with that.windows server 2008 also support IP version 6. we can say This is going to be a milestone.

Now we discousing about IP version 6, but that's huge. Now, Microsoft made some major architectural changes to the way memory is managed and the many way is manage. Now if we don't know what the heap is, don't worry about it, but as the amount of memory that we require on our machines and that our machines are being asked to manage and deal with, as that goes up, obviously it becomes more important that we handle it faster and more reliably so that's what's happened here.

Microsoft's has been many changes to the registry to make it perform better, they've also given it transactional support for reads and writes, and they've made some other changes, but again, the registry is a fundamental part of the Microsoft Operating System and quite honestly, it can turn into a bottle neck really quickly and a registry can become a problem and so they've made some pretty serious enhancements there.

Now, let's talk about probably the number 1 change that has been made to this operating system, you will notice this one, you may not realize why it's such a big deal but it is the introduction and the inclusion of the .NET Framework 3.0 version. Now, this is what gives
Vista its distinctive slicker, sexier, graphical look and you're going to see this in Windows Server 2008.

It's not as apparent in Windows Server, but what's going on underneath is what's making the difference. And there's 4 basic parts to the .NET Framework. The biggest thing about the .NET Framework is that it totally absolutely separates the client aspects of anything to do with the Windows Server platform from the services that the platform of the server provides.

Now, those services have been totally separated, totally object oriented so they can be easily distributed across machines across the Internet around the world, there does not absolutely need to be all the servers in the same room anymore by any standards. The first one up
is the WCF, this is codenamed Indigo, it is the Windows Communication Foundation, and this is where the new IPC Communication Stack resides. This gives the system the ability to communicate across different typologies and architectures.

This specifically gives the Windows Operating System to retain backward compatibility with older products, and again, it gives you that generic treatment of what's going on in the computer world now, that everybody needs to compete. And everybody needs to communicate on a level playing field. The second aspect on the .NET Framework is the WPF and this was codenamed Avalon and that is the Windows Presentation Foundation.



Source: http://www.vtc.com/products/MicrosoftWindowsServer2008/WindowsServer2008Basics/75471

Proxy Server for Windows server.

The proxy server is a machine which it is between the computers of a local area network and the Internet. it is server which is is "proxy" for an application by making a request on the Internet in its stead. This way, whenever a user connects to the Internet using a client application configured to use a proxy server, the application will first connect to the proxy server and give it its request. The proxy server then connects to the server which the client application wants to connect to and sends that server the request.

Proxy Server is easy-to-use and powerful Internet connection sharing software. Proxy can support broadband, DSL, dial-up, optical fiber, satellite, ISDN and DDN connections, it helps we build our own proxy server and share Internet access within the LAN efficiently and easily. The Proxy Server can act as an HTTP, mail, FTP, SOCKS, etc.

It is user account management functions and include Internet access control means how many website can open user and how many speed provide, bandwidth control, Internet web filtering, content filtering and time control. we can manage each and every thing. It also provides web caching, online access monitoring, access logging and bandwidth usage statistics functions. the Proxy is compatible with Win98, WinME, WinNT, Win2000, WinXP, Win2003 and Vista etc.

web filtering and content filtering function can restrict clients'which websites open and which website can't open. access to particular sites. It will help you to ensure that employees concentrate on their work or that children are unable to visit unsuitable sites. The time schedule function is used to control the users' online time.

Source: http://www.youngzsoft.net/ccproxy/

Setup and instalation windows x64 edition based computer

The Microsoft Windows operating systems x64 bit installation process is same to the installation process for the Windows x86 operating system. The x64 bit installation still copies the needed files to temporary folders, we restarts the computer into graphics user interface, performs Plug and Play detection and installation, and then finish the set up process. However, some graphics user interface mode graphics have been updated to profile new features in x64. To the end user, the installation procedure appears almost the same as the Windows x86 installation.


The Microsoft Windows floppy disks can not be use to install x64 Edition-based version of Windows Server 2003 and Windows XP Professional. because the kernel that is supplied it is x64 Edition-based operating systems is now over 2 MB and does not fit on a standard floppy disk. we can not use Winnt.exe to install Windows x64 Edition. Winnt.exe is not included on the Windows x64 Edition installation CD-ROM.

The Microsoft Windows installation x86 32-bit operating systems can not be start from with the x64 operating system environment. because we can not install Windows XP x64 Edition from within the 32-bit version of Windows XP Professional. this is very important point. The x86 versions of the Windows operating system cannot be upgraded to the x64 Edition version of the Windows operating system.

However, Windows Server 2003 x64 Standard Edition can be upgraded to Windows Server 2003 x64 Enterprise Edition. The installation process for x64 Edition operating systems does not support MS-DOS based mechanisms. For example, you cannot install Windows XP Professional x64 Edition from a command prompt.

The Microsoft Windows x64 Edition-based version of Windows Server and XP installation CD-ROM has been changed.this changes is very big changes as a technical view. The installation folder for Windows x64 Editions is the AMD64 folder. but, the i386 folder still exist and contain files that are required to install the Windows x64 Edition-based operating system.

we can successfully start the installation of the Windows x64 Edition operating system either locally or from a network share, we must make sure that the AMD64 folder and the other folders that are contained on the Windows x64 Edition installation CD-ROM are either copied locally or copied to the network share.

Microsoft Windows installation x64 bit Edition OS should be performe begining the computer by using the Windows x64 Edition. installation CD-ROM or by starting the installation from within another Windows 64-bit operating system. it is very important, Nowadays Microsoft Windows x64 Edition operating system is not currently available as a retail product. At release the Windows x64 Edition operating system will only be distributed for evaluation or through MSDN, Software Assurance, volume channels and OEM channels.

The Microsoft Windows x64 bit operating systems supports "sticky" hotfixes. if we use original OS and then face any problem with OS, then should we install any update if available. "Sticky" hotfixes are not overwritten or uninstalled when other updates are applied unless those updates are a more current version than the file that is currently installed on the computer. Because of these changes, we recommend that we perform a clean installation of the Windows x64 Editions operating systems from the CD-ROM.


Source: http://support.microsoft.com/kb/896334

Additional Active Directory Improvements

The Active Directory Installation under windows server. Wizard add some improvements over earlier versions in windows server 2008. These improvements make it easier for an administrator to control the installation of domain controllers within the domain. Enhancements include:

The Administrator easily and secure Manage The Server. the new Windows Server 2008 server management tool, give facility administrator to pre-stage domain controllers. and then administrator can be use. When the domain controller role is added from the Server Manager console, the files that are needed to perform the installation of the directory service are copied to the server. When an administrator starts the Installation Wizard,Through dcpromo.exe command. the files are already cached and available. This is very benificial of an administrator.

The Answer File Creation very easily in windows server 2008. If several domain controllers use the same settings when they are installed, because this file already available there. the Summary page allows you to export the settings from the current installation into an answer file. The password used for your Directory Services Restore Mode administrator account is not exported with the answer file, and you can specify that the user who is installing the domain controller is always prompted for the administrator password. This way, passwords are not accessible to users who have access to the location where the answer files are stored.

The Read-Only Domain Controller Installation. That is very easy in windows server 2008. The new Read-Only Domain Controller role can be installed using the Installation Wizard. When installing a Read-Only Domain Controller, you can define who is allowed to install and manage the domain controller. In the first phase of the installation, a domain administrator can define the account that can install the Read-Only Domain Controller. Once defined, the user that is associated with the Read-Only Domain Controller will have the rights to install the directory service.

Source: http://www.microsoft.com/windowsserver2008/en/us/active-directory.aspx

management windows server

The Microsoft windows server. Administrators always responsible for Windows server management need to be aware of the shortcuts and workarounds that can help maintain the performance of those Windows servers. Microsoft has released several versions of its server enterprise operating systems, including Windows 2000 Server, Windows Server 2003 and Windows Server 2008.

The Windows Server our company uses, we have got our covered. because in my company never face any critical problem. This topic section provides the best Windows Server tutorials and advice for all aspects of sever management, ranging from remote server management and Active Directory to Windows server clustering and consolidation. we will also find the latest news on Windows Server 2008, plus the hottest new server management tools for Windows enterprises.
The microsoft windows server while clustering offers several benefits to IT Department running Windows Server 2008, IT pros should also be aware of the potential disadvantages before implementing them. The key to Windows server performance often comes down to whether or not administrators are using the right tools.New server monitoring and management tools are coming out all the time, and our experts know the best free tools for Windows environments. This topic page features the top.

The Windows Server virtualization is the making of server resources. some feature including in this feature the number and identity of individual physical servers, processors and operating systems from server users. then user can easily use and access each and every thing This topic page features server virtualization tips, guides and news for administrators working in Windows.
The microsoft windows server capacity to quickly troubleshoot a faulty server. because it is very user friendly. it is important part of Windows administration. Because this is very familier most people compare to unix and linux. Because of the complexity of Windows server components, however, this is often easier said than done. This paragraph page features troubleshooting tips and tricks for a wide variety of common.

Controlling Service Security Using Windows Server 2008

The Windows Server 2008 Microsoft has added some new control over services. microsoft always make secure his product. When we combine all of the control that Microsoft provides for services in a Group Policy Object you can ensure that your services are protected.

Microsoft mostly every server that we have in our environment is running some sort of service. These services provide access to data, resources, applications, and other important of the server and network functionality. These some services make very easily comunicate his servcer. If these services are not protected, they become ideal candidates for an attacker.

When a service is attacked, attack his network and may be face big problems. which could result in down time and loss of money due to the server performing the services functions. With Windows Server 2008 Microsoft has added some fantastic new control over services. When you combine all of the control that Microsoft provides for services in a Group Policy Object, you can ensure that your services are protected.

Microsoft windows server Services are inherent dangerous to our servers and network due to the fact that they provide holes in the server for users, applications, and other servers to access resources. Windows Server and additional technologies always goal small business with a complete technology solution. When the hole is too large or the service is not protected, an attacker could be granted access to the server with elevated privileges. Therefore, it is essential that services be protected so that access is only granted to what the service is designed for.

Microsoft know very well what needs to be protected, we need to look backend the basic requirements that are created and think about the potential attacks that can be performed against services and their related settings. because microsoft make very power full his server day by day. The following is a list of capacity related to services.

that need to be protected:
Access Control List of the service
Startup mode for the service
Service account for the service
Service account password for the service

All of these security related areas of the service can now be controlled using Group Policy in a Windows Server 2008/Vista enterprise.
In order for you to take full advantage of the settings discussed in this article, you need to have one of the following running on your network:
Windows Server 2008 domain controller
Windows Vista SP1, with the Remote Server Administrative Tools installed, running in a Windows Active Directory domain.

Source: http://www.windowsecurity.com/articles/Controlling-Service-Security-Windows-Server-2008.html

Windows Server 2008 command-line tools

Windows Server 2008 provides command-line tools for managing our Microsoft Windows systems. we can use Icacls to update and back up access control lists, Wbadmin or Robocopy for system backups, and WinRS to open a secure command window with a remote host. Oclist and Ocsetup are tools that work only with Server Core installations. Server Manager Cmd, a command-line version of Windows Server 2008's Server Manager.


User Like every release of the Windows Server oprating systems, Windows Server 2008 includes a set of new command-line tools, some of which come from previous resource kits or support tools and others are new. Although Server 2008 includes Windows PowerShell, none of these new commands are PowerShell commands.


10. Oclist—Microsoft added the command-oriented Server Core as an installation option for Server 2008, and it has its own commands. Oclist queries the installed roles on our Server Core system. we can run the command oclist


9. Ocsetup—The Ocsetup command is used to install and remove roles and features from a our Server Core system.

8. Bcdedit—Like Windows Vista, Server 2008 uses a new boot process that saves the system boot configuration in the Boot Configuration Data store. The primary tool for editing Server 2008’s BCD store is the Bcdedit command, which supports many command-line options. To list the contents of the store, run bcdedit /enum


7. Icacls—The Icacls command replaces the older Cacls and Xacls commands. Icacls lets you list, update, and back up the ACLs for files and directories. The following example shows how we can save the ACLs for the C:\temp directory: icacls c:\temp /save tempacl


6. Mklink—The Mklink command creates a symbolic link in the file system that redirects all requests to a location you specify. Symbolic links are transparent to users, appearing as normal files or directories.

5. Robocopy—A staple in the Windows Resource Kit for years, Robocopy is more capable than the standard Windows Copy and Xcopy commands, and it’s able to resume after network outages as well as correctly copy file attributes, alternate streams, and security information.


4. Wbadmin—Wbadmin is used for Server 2008 backup and restore operations.


3. WinRS—The WinRS command lets you open a secure command window with a remote host. All communications between the client and the host are encrypted using Kerberos or NT LAN Manager (NTLM) keys.


2. Appcmd—Appcmd.exe is a new command-line tool that can be found in the \%WinDir%\System32\InetSrv directory. Appcmd is used to query, create, and configure Microsoft IIS 7.0 server properties, Web sites, and application pools. To list all sites on the system, we can use the following command: appcmd list sites

1. ServerManagerCmd—Without a doubt, the coolest commandline tool in Server 2008 is ServerManagerCmd.exe, which is the command-line version of the new Server Manager.

Source: http://windowsitpro.com/article/articleid/99119/command-line-tools-in-windows-server-2008.html

Windows server 2003 edition and support

Windows Server 2003 it is a brand name of microsoft there is number of editions, each are particular size and type of business. In general, all variants of Windows Server 2003 have the capacity of to the share files and printers, act as an application server, provide email services, authenticate users, befoure 2003 we are use windows 2000 and now we are using windows 2008 server

Windows Small Business Server
SBS includes Windows Server and additional technologies always goal small business with a complete technology solution. this technologies are integrated to enable small business with goal solutions such as the Remote Web Workplace, and offer management benefits enhanced monitoring, a unified management console, and remote access. then we can easily manage our network.

The Standard Edition of SBS includes Windows SharePoint Services for collaboration, because microsoft want make his windows always popular Microsoft Exchange server for e-mail, Fax Server, and the Active Directory for user management. The product also provides a basic firewall, DHCP server and NAT router using either two network cards or one network card in addition to a hardware router. when use two network card then we can share internet then we can use only single another system internet.




SBS server has the following design limitations:

Only one computer in a domain can be running Windows Server 2003 for Small Business Server.
Windows Server 2003 for Small Business Server must be the root of the Active Directory forest.
Windows Server 2003 for Small Business Server cannot trust any other domains.
Windows Server 2003 for Small Business Server is limited to 75 users or devices depending on which type of CAL.
Windows Server 2003 for Small Business Server is limited to 4GB of RAM
A Windows Server 2003 for Small Business Server domain cannot have any child domains.

Terminal Services only operates in remote administration mode on the server running SBS 2003, and only two simultaneous RDP sessions are allowed. this is very benificial feature in windows server.

Web Edition
Microsoft makes Windows Server 2003, mainly Web Edition is mainly hosting Web applications, Web pages, and XML Web services. It is designed to be used primarily as an IIS 6.0 Web server and provides a platform for rapidly developing and deploying XML Web services and applications that use ASP.NET technology, a key part of the .NET Framework. This edition does not require Client Access Licenses and Terminal Server mode is not included on Web Edition. However, Remote Desktop for Administration is available on Windows Server 2003, Web Edition. Only 10 concurrent file-sharing connections are allowed at any moment. It is not possible to install Microsoft SQL Server and Microsoft Exchange software in this edition. However MSDE and SQL Server 2005 Express are fully supported after service pack 1 is installed. Despite supporting XML Web services and ASP.NET, UDDI cannot be deployed on Windows Server 2003, Web Edition. The .NET Framework version 2.0 is not included with Windows Server 2003, Web Edition, but can be installed as a separate update from Windows Update


Standard Edition
Microsoft makes Windows Server 2003, Standard Edition is aimed towards small to medium sized businesses. Standard Edition supports file and printer sharing, offers secure Internet connectivity, and allows centralized desktop application deployment. the release of Windows Server 2003 was available solely for 32-bit processors; a 64-bit version supporting the x86-64 architecture (AMD64 and EM64T, called collectively x64 by Microsoft) was released in April 2005. The 32-bit version will run on up to 4 processors with up to 4 GB RAM; the 64-bit version is capable of addressing up to 32 GB of RAM. something the 32-bit version does not do. The 32-bit version is available for students to download free of charge as part of Microsoft's DreamSpark program.


Enterprise Edition
Microsoft makes Windows Server 2003, Enterprise Edition is aimed towards medium to large businesses. It is a full-function server operating system that supports up to eight processors and provides enterprise-class features such as eight-node clustering using Microsoft Cluster Server software and support for up to 32 GB of memory through PAE. Enterprise Edition also comes in 64-bit versions for the Itanium and x64 architectures. The 64-bit versions of Windows Server 2003, Enterprise Edition are capable of addressing up to 1 TB of memory. Both 32-bit and 64-bit versions support Non-Uniform Memory Access . It also provides the ability to hot-add supported hardware. Enterprise Edition is also required to issue custom certificate templates.


Datacenter Edition
Microsoft makes Windows Server 2003, Datacenter Edition is designed[8] for infrastructures demanding high security and reliability. Windows Server 2003 is available for x86, Itanium, and x86_64 processors. It supports a maximum of up to 32 processors on 32-bit or 64 processors on 64-bit hardware. 32-bit architecture also limits memory addressability to 64 GB, while the 64-bit versions support up to 1 TB. Windows Server 2003, Datacenter Edition, also allows limiting processor and memory this is depend upon application uges.

Server 2008 Security Compliance Management Toolkit

Windows Server 2008 Security Guide and the GPOAccelerator tool to provide you with prescriptive information and automated tools to establish and deploy your security baseline. This toolkit also provides you with 6 DCM Configuration Packs to use with the desired configuration management (DCM) feature in Microsoft® System Center Configuration Manager 2007 Service Pack 1 (SP1). Use this functionality to help you monitor the implementation of your security baseline for Windows Server 2008. The Windows Server 2008 Security Guide offers a choice of preconfigured security baselines for the following two different environments.


The Windows Server 2008 Security Compliance Management Toolkit includes the following components: Security guide, Attack Surface Reference workbook, Security Baseline Settings workbook, Security Baseline XML, GPOAccelerator tool, INF Files, Baseline Compliance Management Overview, DCM Configuration Pack User Guide, DCM Configuration Packs.


Windows Server 2003 Security Guide and the GPO Accelerator tool to provide you with prescriptive information and automated tools to establish and deploy your security baseline. This toolkit also provides you with 6 DCM Packs to use with the desired configuration management (DCM) feature in Microsoft® System Center Configuration Manager 2007 SP1. Use this functionality to help you monitor the implementation of your security baseline for Windows Server 2003 SP2. The Windows Server 2003 Security Guide offers a choice of preconfigured security baselines for the following two different environments:


The Windows Server 2008 Security Compliance Management Toolkit includes the following components: Security guide, Attack Surface Reference workbook, Security Baseline Settings workbook, Security Baseline XML, GPOAccelerator tool, INF Files, Baseline Compliance Management Overview, DCM Configuration Pack User Guide, DCM Configuration Packs.


Enterprise Client. This security baseline is best for most organizations in which functionality is evenly balanced with security.
Specialized Security – Limited Functionality. This security baseline is best for organizations in which concern for security is so great that a significant loss of functionality is acceptable. For example, military and security agency organizations operate in this type of environment.


Windows Vista Security Guide and GPO Accelerator tool to provide we with prescriptive information and automated tools to establish and deploy our security baseline. This toolkit also provides us with 6 DCM Configuration Packs to use with the desired configuration management feature in Microsoft System Center Configuration Manager 2007 SP1. Use this functionality to help us monitor the implementation of your security baseline for Windows Vista SP1. The Windows Vista Security Guide offers a choice of preconfigured security baselines for the following two different environments.


The Windows Server 2008 Security Compliance Management Toolkit includes the following components: Security guide, Attack Surface Reference workbook, Security Baseline Settings workbook, Security Baseline XML, GPOAccelerator tool, INF Files, Baseline Compliance Management Overview, DCM Configuration Pack User Guide, DCM Configuration Packs.


Source: http://technet.microsoft.com/en-us/library/cc514539.aspx