In this tutorial you will learn how to deploy and configure Forefront Endpoint Protection (FEP) 2012 with System Center Configuration Manager (SCCM) 2012.

In Part 1, we installed FEP 2012 on the SCCM 2012 server. Now, it’s time to see what changes have been made to the SCCM environment so that we can deploy and configure the FEP environment.

The FEP installation makes a number of changes and additions to the SCCM console. In no particular order they are:

• Software Library – Packages – FEP Deployment
• Software Library – Packages – FEP Operations
• Software Library – Packages – FEP Policies
• Monitoring – Reporting – Report – Forefront Endpoint Protection (10 new reports)
• Monitoring – FEP Status
• Assets and Compliance – Device Collections – FEP Collections (24 new collections)
• Assets and Compliance – Compliance Settings – Configuration Items (24 new items)
• Assets and Compliance – Compliance Settings – Baselines (8 new baselines)
• Assets and Compliance – FEP Policies

(more…)

This tutorial describes how to integrate Forefront Endpoint Protection (FEP) 2012 in System Center Configuration Manager (SCCM) 2012.

With the move away from Forefront Client Security to Forefront Endpoint Protection, Microsoft did away with the MOM backend and instead made use of the infrastructure available to System Center Configuration Manager to install, manage and deploy FEP.

(more…)

iPad for business? Should IT support the iPad? This are the questions that are discussed in this article.

One of the big topics doing the rounds amongst IT professionals these days is the increasing influence of consumer technology in enterprise IT and in particular the question whether the iPad is valuable for business and should be supported by IT. End users have access to more and more business-ready devices in their personal lives, and the traditional line between personal computing and work computing is looking blurrier than ever.

There is increasing pressure on businesses and IT professionals to provide (and support) infrastructure which enables users to connect and be productive on a variety of consumer devices, now that these devices can, with relative ease, cross the boundary between home and work. Business-focused platforms like Windows Mobile and Blackberry have had to improve their consumer functionality, while consumer devices like the iPhone have had to beef up their enterprise features.

(more…)

Microsoft Application Virtualization is generating a lot of interest throughout the IT community. It allows IT professionals to abstract application management away from SOE maintenance, and offers a highly flexible environment in which to manage and deploy applications.

As an App-V administrator, one of the tasks you may find yourself performing is moving the system database to another SQL server. This process has a number of gotchas because the database is referenced in a number of places which can prevent the App-V management service from starting, so here is a list of tasks to perform which will ensure a successful database move.

(more…)

I recently attended REMIX10, which is an Australian-based conference for developers and designers. There were lots of highly-creative people wandering about, and even an IT pro like myself was able to pick up a few pearls of wisdom from our coding colleagues. One particular point which struck me was that developers and IT professionals are often working for and supporting the same customers, and I did a write-up of my thoughts on this subject here.

And that got me thinking a little bit more on the subject. As IT professionals we all deal with users. It’s inevitable. It certainly isn’t what most of us signed up for, which seems rather unfair. I don’t know anyone got into the IT industry because of a personal passion for customer service.

Over time you start to notice a pattern emerging, in that you keep giving the same advice to people, time and again. As an IT professional, this is confusing. After all, if someone sends you a useful link on how to solve a problem which you might come across again, you’d keep the link handy, just in case. Wouldn’t you? Of course you would, so why don’t users do the same? And more to the point, why can’t users remember their own passwords, the ones which they selected themselves?

(more…)

Jeff is an IT Pro Evangelist with Microsoft Australia, based in Sydney. In this interview he explains how Microsoft’s virtualization solutions integrate and how multiple solutions can be brought to bear to assist IT professionals manage their environments, mitigate compatibility issues and accelerate deployments.

Jeff’s blog can be found here.

JB: The large range of virtualization options available to customers means that there’s pretty much a solution to fit every usage scenario.

JA: There’s certainly been a lot of confusion in the local market with businesses and IT pros, simply because Microsoft has so much happening in the virtualization space, and sometimes it’s not clear how it all fits together. That’s why May 2010 is Virtualization Month for Microsoft Australia, where we’re running lots of Live Meetings to give IT pros a comprehensive overview of the key solutions. We’re following that up with free virtualization workshops across Australia throughout June.

(more…)

Michael is a Senior Technical Product Manager for VDI and Remote Desktop Services with Microsoft, based in Redmond. In this interview he discusses the advantages which RemoteFX will bring to Microsoft’s RDS and VDI solutions and compares the two technologies, looking at their relative advantages and disadvantages and what benefits they bring to business, while clearing up some common misunderstandings about VDI.

Michael’s blog can be found here.

JB: There’s been a quite consistent look and feel about Microsoft’s remote desktop/VDI technology to date, which has meant that the user is generally aware that they’re not using locally-installed software. The latest advances in the remote application user experience now seems to be at a point where the distinction between local and remote clients is blurring to the point of disappearing

(more…)

OK, time for a personal confession. This review was commissioned some time ago (read, 2009), but in his infinite wisdom your intrepid author thought “What better way to test such a product than as part of a real-life Windows 7/Server 2008 R2 deployment?”. StarWind was quickly installed and configured, but then the deployment took off at such a frantic pace that all other considerations (such as writing the review) were abandoned in a desperate attempt to keep on top of things.

And during the deployment, StarWind didn’t get looked at once. Why? Because it worked perfectly. As advertised. No crashes, no funny behaviour, no performance bottlenecks, no regular patching needed, nothing. In our industry, it’s generally the problematic or the most complex products which tend to demand the most attention – having access to a solution which works quietly and efficiently in the background is a rare treat. So even though I was meant to write this a while back, at least I can now do the write-up with several months of production experience backing it up. Don’t you feel privileged? Good.

(more…)

Competition Alert! StarWind Software is raffling a license of their iSCSI SAN product. The winner will receive a license for StarWind Enterprise worth USD$995. More information can be found at the end of the article.

Like many technologies in the IT industry, storage is one of those areas of cost in which you can guarantee that your needs will never decrease. We all read stories about the latest advances in speed, reliability and capacity, while marvelling at the ever-decreasing per-GB price. We squeeze the finance department for some extra money, insisting that this next storage purchase will meet the organisation’s needs for at least five years. Two years later, we’re back asking for more money.

(more…)

This second part of the Office 2010 32-bit vs. 64-bit article addresses the advantages and disadvantages of Office 2010 64-bit.

In the last article I looked at the installation of the 32-bit and 64-bit versions of Office 2010. In this part I’ll cover the important considerations in choosing which platform to go with. This principally comes down to the advantages and disadvantages of Office 2010 64-bit.

Office 2010 64-bit advantages

Apart from the general ability to address more physical memory, the main advantages of using the 64-bit version of Office 2010 will be experienced by power Office users, who, for example, might use Excel spreadsheets which reference massive amounts of data, or who regularly work with Office files greater than 2GB in size. Microsoft Project also benefits, with the ability to handle large, multiple subprojects contained with the main project.

64-bit machines also have a security advantage via mandatory hardware-based DEP (Data Execution Prevention) for native 64-bit applications. With the 64-bit version, this protection is now available to Office.

(more…)

For the first time, Microsoft Office will come in both 32-bit and 64-bit flavours. Having just been released to manufacturing, Office 2010 will be the first version of Office able to address the full 64-bit memory space, and you will have to make the decision whether to deploy Office 2010 64-bit or 32-bit. Today I will examine some considerations regarding the installation of Office 2010 64-bit and 32-bit. In my next post I will discuss the advantages and disadvantages of Office 2010 64-bit.

With the ever-increasing availability of high-storage RAM, 64-bit processors and the systems to power them, all at prices within the reach of every consumer and SOE, 64-bit computing is fast becoming the normal state of play.

(more…)

At Tech.Ed Australia 2009 I caught up with Rocky Heckman, Senior Security Architect at Microsoft Australia with the ACE (Assessment, Consulting & Engineering) Team and the Security track owner for Tech.Ed 2009 in Australia and New Zealand. We had a long chat about the latest security features in Windows 7 and Server 2008 R2 which were of greatest interest to business customers and IT pros, and what are the latest trends in the security industry.

Check out the ACE Team’s website here, and Rocky’s blog here.

Disclaimer: I attended Tech.Ed Australia 2009 as a guest of Microsoft.

JB: As a security guy, your perspective on newly-released products is always going to different from the typical product spiel. What are the things about Windows 7 and particularly Server 2008 R2 that interest you and you are pleased with from a security perspective?

(more…)

Well, as we move from theory to practise, our first batch of Windows 7 machines has been deployed and rolled out into the production environment, and so far so very, very good. Microsoft has done a very impressive job with its newest suite of client and server products, and our deployment is being managed end-to-end with no third-party products required.

I thought this would be an opportune time to document some of the problems I’ve encountered so far in the build of our Windows 7 Standard Operating Environment (SOE). Given that we are moving from a Windows XP/Novell Netware environment, there are a whole raft of changes happening as well as having to deal with problems which were lurking behind the scenes, and that’s what I’ll talk about today.

One of our critical line-of-business applications is an authoritative administration/HR system, with a locally-installed GUI application which talks back to a SQL database. The database is hosted on SQL Server 2005 SP3 x64 which sits on a Windows Server 2003 SP2 x64 system. We started noticing that on the Windows 7 machines, the local GUI took forever to talk back to the SQL database. There were no error messages (irritatingly) but performance was so slow as to be unusable.

(more…)

OK – please forgive the rather large gap between Part 2 and 3 of this series. There are many conflicting reasons for the time blow-out but the biggest one was that I didn’t want to write this last bit until I’d actually gone through and completed the project in a live environment and verified it to be 100% successful. Yes that’s right – the methodologies I’ve documented weren’t just extracted from a sterile lab environment, but from a live production environment with real users and servers. But before I could get to the point at which I could migrate the forest functional level, there were various sub-projects which cropped up – new domain controllers (all virtual – see Part 2), new Hyper-V hosts, network time considerations, WAN reconfiguration, DNS changes and so on.

The actual process of raising the functional level is pretty straightforward – a couple of clicks and you’re done. However, every domain controller has to be able to support the new level, so that means taking existing DCs based on earlier versions of Windows Server out of commission. They can still stick around as member servers, but you have to use DCPROMO to revoke their role as DCs. In my case, the last DC (which was Server 2008 Standard) happened to be the first DC of a new domain, so that meant it also took the FSMO roles for the domain (Flexible Single Master Operations) which are still part of Active Directory Domain Services. These do not get transferred automatically so this must be done manually.

(more…)

Putting on a show as big as Microsoft Tech.Ed is no mean feat. Preparing a convention venue for a few thousand demanding and IT-savvy delegates, not to mention three days’ worth of technically-intense presentations, sessions and labs, involves months of preparation and the combined efforts of many teams.

The focus of the 2009 round of Tech.Ed events is centred strongly around Windows 7 and Server 2008 R2 – Microsoft’s major product releases this year. Microsoft Australia were looking for way to give Tech.Ed delegates as good an experience with Windows 7 as possible, so early this year an idea was floated to give each attendee a netbook (to have, not just to borrow) with Windows 7 preloaded. As if staging the event was not difficult enough, now the infrastructure had to accommodate an additional 2500 machines, using software which was not yet available in its final form.

A project of this scale would challenge any IT team, so how have Microsoft achieved it? I chatted with three of the main organisers and technical managers with Microsoft Australia responsible for making sure that this year’s Tech.Ed Australia netbook extravaganza will go off without a hitch.

Andrew Coates is a Developer Evangelist with Microsoft Australia and is the content owner for Tech.Ed Australia 2009.

Nick Hodge is an evangelist with Microsoft Australia and is responsible for bringing many aspects of Tech.Ed Australia 2009 together

Jorke Odolphi is an Infrastructure Architect Evangelist with Microsoft Australia, and is responsible for the technical infrastructure behind Tech.Ed.

(more…)