WindowsNetworking.com Monthly Newsletter of April 2012 Sponsored by: KEMP Technologies

Welcome to the WindowsNetworking.com newsletter by Debra Littlejohn Shinder, MVP. Each month we will bring you interesting and helpful information on the world of Windows Networking. We want to know what all *you* are interested in hearing about. Please send your suggestions for future newsletter content to: dshinder@windowsnetworking.com

Free Trial - # 1 Price/Performance Windows Load Balancer- Increase Network Performance

The Kemp LoadMaster family of Server Load Balancers intelligently and efficiently distributes network traffic among Windows web and application servers to help you achieve the best network and infrastructure performance. LoadMaster Load Balancers give Network administratorís better control & enables easy adaptation to network changes by providing a resource optimization layer in front of applications and infrastructure servers. The LoadMaster provides 99.999% high-availability. Free Trial HERE.

Free Trial Kemp Virtual Loadmaster

1. Windows 8 Whole Volume Encryption: Building a Better BitLocker

 
Microsoft introduced BitLocker in Windows Vista, and it was one of the most interesting and promising new security features, but that first version had a lot of limitations. BitLocker is a whole volume encryption solution that allows you to encrypt entire system and/or data volumes on your Windows computers running Vista, Windows 7, and Windows Server 2008 and above. It’s pretty handy because you can encrypt your drives too so that anyone who obtains physical access to your computer won’t be able to access your data or boot into the operating system without knowing your PIN or, depending on how you’ve implemented it, without inserting a USB device that contains the startup key.
 
Windows 8 adds several improvements to BitLocker to make it even more useful and manageable.
  • Improvements in BitLocker provisioning
    You can now enable BitLocker prior to installing the operation system. This enables you to encrypt the volume before installing the operating system, adding an extra measure of security. You do this from the Windows Preinstallation Environment (WinPE).
  • Used Disk Space Only encryption
    Prior to Windows 8, BitLocker encrypted the entire volume, including both the data and the free space. For larger drives, this could take a very long time. With Windows 8, you have the option to encrypt only the used space on the drive, which can significantly reduce the amount of time to initially provision the drive for BitLocker (depending on how full the volume is). There are also some new Group Policy settings that enable you to force encryption on fixed data drives, force encryption on operating system drives and force encryption on removable data drives, and to force the type of encryption (full encryption or used disk space only) that is to be used in each case.
  • Standard User PIN and Password Change
    In the past, you had to have administrative privileges to change the BitLocker PIN or password. With Windows 8, users that are not administrators of their machines will be able to change their own passwords and PINs by default. Note that there might be some security issues with this option, since users might use simple passwords and PINs. You can prevent this by setting complexity requirements for these strings. You also have the option to turn this capability off entirely through a Group Policy setting.
  • Network Unlock
    One of the major reasons why we don’t use BitLocker on servers is because someone would have to be at the server during a reboot to enter the PIN. In even a moderately sized datacenter, this can be quite a challenge. In Windows 8 Server, the Network Unlock feature will allow those servers on the corporate network that are members of a domain to use DHCP to automatically unlock the encrypted volumes when they are on the network. This feature does require that the computer’s hardware support a DHCP driver implemented in UEFI firmware.
  • Support for Encrypted Hard Drives for Windows
    With Windows 8, you will be able to take advantage of new encrypted hard drive technology and run Windows on it. These new hard drives use Full Disk Encryption (FDE), which encrypts every block on the disk. Performance is significantly improved because the encryption processing is done by the hard disk controller, not by the main CPU. Tight integration enables you to manage the FDE control through the BitLocker interface.
Windows 8 BitLocker is just one of the very cool new things about Windows 8! Make sure to test drive it when you install the Windows 8 client or server betas.

By Debra Littlejohn Shinder, MVP
dshinder@windowsnetworking.com

=======================
Quote of the Month - College isn't the place to go for ideas. Helen Keller (1880 - 1968)
=======================


2. ISA Server 2006 Migration Guide - Order Today!

Dr. Tom Shinder's best selling books on ISA Server 2000 and 2004 were the "ISA Firewall Bibles" for thousands of ISA Firewall administrators. Dr. Tom and his illustrious team of ISA Firewall experts now present to you , ISA Server 2006 Migration Guide. This book leverages the over two years of experience Tom and his team of ISA Firewall experts have had with ISA 2006, from beta to RTM and all the versions and builds in between. They've logged literally 1000's of flight hours with ISA 2006 and they have shared the Good, the Great, the Bad and the Ugly of ISA 2006 with their no holds barred coverage of Microsoft's state of the art stateful packet and application layer inspection firewall..

Order your copy of ISA Server 2006 Migration Guide. You'll be glad you did.

   


Click here to Order your copy today

Free Trial - # 1 Price/Performance Windows Load Balancer- Increase Network Performance

The Kemp LoadMaster family of Server Load Balancers intelligently and efficiently distributes network traffic among Windows web and application servers to help you achieve the best network and infrastructure performance. LoadMaster Load Balancers give Network administratorís better control & enables easy adaptation to network changes by providing a resource optimization layer in front of applications and infrastructure servers. The LoadMaster provides 99.999% high-availability. Free Trial HERE.

Free Trial Kemp Virtual Loadmaster

3. WindowsNetworking.com Articles of Interest

4. Administrator KB Tip of the Month

 
Configure Static IP Addresses with Netsh Command-line Utility
 
You can perform a variety of tasks using the Netsh command-line utility, including configuring the IP addresses of network adapters in Windows.

Here’s how to configure a static IP address:
 
netsh interface ip set address "connection name" static 192.168.0.101 255.255.255.0 192.168.0.1

NOTE: The default connection names are Local Area Connection for wired adapters and Wireless Network Connection for Wi-Fi adapters. The IP address order: client IP, subnet mask, and gateway IP.

Here’s how to configure the DNS addresses:

netsh interface ip add dns "connection name" 208.67.222.222
netsh interface ip add dns "connection name" 208.67.220.220 index=2

NOTE: Remember to replace the connection names and IP addresses

For more administrator tips, go to WindowsNetworking.com/WindowsTips

5. Windows Networking Tip of the Month

System Center 2012 Licensing Gets Simplified

System Center 2012 has shipped and it brings with it a slew of new capabilities and design changes, such as the ability to manage a whole virtual datacenter with System Center Virtual Machine Manager (SCVMM) and the focus on easily managing a private cloud infrastructure. But features and functionality are only half the story when it comes to deploying new solutions. Another important aspect is pricing and licensing. In the past, System Center has suffered from a confusing and convoluted licensing plan with so many different price points that organizations ended up not knowing what they were going to pay for a particular configuration.

The good news is that the licensing structure has been drastically simplified, with the individual components bundled together in one of only two packages: Standard edition and Datacenter edition, with a per-CPU pricing model. Read more about it here.

Free Trial - # 1 Price/Performance Windows Load Balancer- Increase Network Performance

The Kemp LoadMaster family of Server Load Balancers intelligently and efficiently distributes network traffic among Windows web and application servers to help you achieve the best network and infrastructure performance. LoadMaster Load Balancers give Network administratorís better control & enables easy adaptation to network changes by providing a resource optimization layer in front of applications and infrastructure servers. The LoadMaster provides 99.999% high-availability. Free Trial HERE.

Free Trial Kemp Virtual Loadmaster

6. Windows Networking Links of the Month

7. Ask Sgt. Deb

QUESTION:

Hey Deb,
 
I’m thinking of testing out Windows Server 8 this month. I don’t have a lot of time, so I’m wondering what new feature or capability should I focus on first? Got any recommendations?
 
Thanks! – Uli.

ANSWER:

Hi Uli,
 
Great question! Of course, different folks may have different opinions regarding which Windows Server 8 feature is the most interesting and impactful, but I would say that you’ll get the biggest return on investment for your time if you focus on Hyper-V. Check out this list of new and improved features in the Windows Server 8 Hyper-V:
Feature/functionalityNew or Updated
Client Hyper-V New
Dynamic Memory Updated
Hyper-V module for Windows PowerShell New
Hyper-V Replica New
Importing of virtual machines Updated
Live migration Updated
Resource metering New
Significantly increased scale and improved resiliency Updated
Simplified authorization New
SR-IOV New
Storage migration New
Storage on SMB2 file shares New
Virtual Fibre Channel New
Virtual hard disk format Updated
Virtual machine snapshots Updated
Virtual NUMA New
Virtual switch Updated
Wow. That’s a lot of bang for the buck. Of these features, make sure you try out Hyper-V Replica, Storage migration, storage of virtual machines on SMB shares, and importing virtual machines – if your hardware supports them. Some of these features require advanced hardware.
 
Have fun!
Deb

Free Trial - # 1 Price/Performance Windows Load Balancer- Increase Network Performance

The Kemp LoadMaster family of Server Load Balancers intelligently and efficiently distributes network traffic among Windows web and application servers to help you achieve the best network and infrastructure performance. LoadMaster Load Balancers give Network administratorís better control & enables easy adaptation to network changes by providing a resource optimization layer in front of applications and infrastructure servers. The LoadMaster provides 99.999% high-availability. Free Trial HERE.

Free Trial Kemp Virtual Loadmaster