Components of Network Access Protection (NAP)

Components of a NAP-Enabled Infrastructure.

The components of a NAP-enabled network infrastructure consist of the following:
2

NAP clients - Computers that support the NAP platform and include computers running Windows Server 2008, Windows Vista, or Windows XP SP3.

NAP enforcement points - Computers or network access devices that use NAP or can be used with NAP to require the evaluation of a NAP client’s health state and provide restricted network access or communication. NAP enforcement points use a Network Policy Server (NPS) that is acting as a NAP health policy server to evaluate the health state of NAP clients, whether network access or communication is allowed, and the set of remediation actions that a noncompliant NAP client must perform. Examples of NAP enforcement points are the following:

* Health Registration Authority (HRA) -A computer running Windows Server 2008 and Internet Information Services (IIS) that obtains health certificates from a certification authority (CA) for compliant NAP clients
* Network access devices -Ethernet switches or wireless access points (APs) that support IEEE 802.1X authentication
* VPN server -A computer running Windows Server 2008 and Routing and Remote Access that allows remote access VPN connections to an intranet
* DHCP server -A computer running Windows Server 2008 and the Dynamic Host Configuration Protocol (DHCP) Server service that provides automatic Internet Protocol version 4 (IPv4) address configuration to intranet clients

NAP health policy servers -Computers running Windows Server 2008 and the NPS service that store health requirement policies and provide health state validation for NAP. NPS is the replacement for the Internet Authentication Service (IAS), the Remote Authentication Dial-In User Service (RADIUS) server and proxy provided with Windows Server 2003. NPS can also act as an authentication, authorization, and accounting (AAA) server for network access. When acting as a AAA server or NAP health policy server, NPS is typically run on a separate server for centralized configuration of network access and health requirement policies, as Figure 1 shows. The NPS service is also run on Windows Server 2008–based NAP enforcement points, such as an HRA or DHCP server. However, in these configurations, the NPS service is acting as a RADIUS proxy to exchange RADIUS messages with a NAP health policy server.

Health requirement servers -Computers that provide current system health state for NAP health policy servers. For example, a health requirement server for an antivirus program tracks the latest version of the antivirus signature file.

Active Directory Domain Services -The Windows directory service that stores account credentials and properties and Group Policy settings. Although not required for health state validation, Active Directory is 3 required for Internet Protocol Security (IPsec)–protected communications, 802.1X-authenticated connections, and remote access VPN connections.

Restricted network -A separate logical or physical network that contains:

* Remediation servers -Network infrastructure servers and health update servers that NAP clients can access to remediate their noncompliant state. Examples of network infrastructure servers include Domain Name System (DNS) servers and Active Directory domain controllers. Examples of health update servers include antivirus signature distribution servers and software update servers.
* NAP clients with limited access -Computers that are placed on the restricted network when they do not comply with health requirement policies.
* Non-NAP-capable computers -Optionally, computers that do not support NAP can be placed on the restricted network (not shown in Figure 1).

System Health Agents and System Health Validators

Components of the NAP infrastructure known as system health agents (SHAs) on NAP clients and system health validators (SHVs) on NAP health policy servers provide health state tracking and validation for attributes of system health. Windows Vista and Windows XP SP3 include a Windows Security Health Validator SHV that monitors the settings of the Windows Security Center. Windows Server 2008 includes the corresponding Windows Security Health Validator SHV. NAP is designed to be flexible and extensible. It can interoperate with any vendor who provides SHAs and SHVs that use the NAP API.

An SHA creates a statement of health (SoH) that contains the current status information about the attribute of health being monitored by the SHA. For example, an SHA for an antivirus program might contain the state of the program (installed and running) and the version of the current antivirus signature file. Whenever an SHA updates its status, it creates a new SoH. To indicate its overall health state, a NAP client uses a System Statement of Health (SSoH), which includes version information for the NAP client and the set of SoHs for the installed SHAs.

When the NAP client validates its system health, it passes its SSoH to the NAP health policy server for evaluation through a NAP enforcement point. The NAP health policy server uses the SSoH, its installed SHVs, and its health requirement policies to determine whether the NAP client is compliant with system health requirements, and if it is not, the remediation actions that must be taken to achieve compliance. Each SHV produces a statement of health response (SoHR), which can contain remediation instructions. For example, the SoHR for an antivirus program might contain the current version number of the antivirus signature file and the name or IP address of the antivirus signature file server on the intranet.

Based on the SoHRs from the SHVs and the configured health requirement policies, the NAP health policy server creates a System Statement of Health Response (SSoHR), 4 which indicates whether the NAP client is compliant or noncompliant and includes the set of SoHRs from the SHVs. The NAP health policy server passes the SSoHR back to the NAP client through a NAP enforcement point. The NAP client passes the SoHRs to its SHAs. The noncompliant SHAs automatically remediate their health state and create updated SoHs, and the health validation process begins again.
Enforcement Clients and Servers

A NAP Enforcement Client (EC) is a component on a NAP client that requests some level of access to a network, passes the computer’s health status to a NAP enforcement point that is providing the network access, and indicates health evaluation information to other components of the NAP client architecture. The NAP ECs for the NAP platform supplied in Windows Vista, Windows XP SP3, and Windows Server 2008 are the following:

* An IPsec EC for IPsec-protected communications
* An EAPHost EC for 802.1X-authenticated connections
* A VPN EC for remote access VPN connections
* A DHCP EC for DHCP-based IPv4 address configuration
* A TS Gateway EC for connections to a TS Gateway server

A NAP Enforcement Server (ES) is a component on a NAP enforcement point running Windows Server 2008 that allows some level of network access or communication, can pass a NAP client’s health status to NPS for evaluation, and, based on the response from NPS, can provide the enforcement of limited network access. The NAP ESs included with Windows Server 2008 are the following:

* An IPsec ES for IPsec-protected communications
* A DHCP ES for DHCP-based IPv4 address configuration
* A TS Gateway ES for TS Gateway server connections

For 802.1X-authenticated and remote access VPN connections, there is no separate ES component running on the 802.1X switch or wireless AP or VPN server.

Together, ECs and ESs require health state validation and enforce limited network access for noncompliant computers for specific types of network access or communication.
NPS

NPS is a RADIUS server and proxy in Windows Server 2008. As a RADIUS server, NPS provides AAA services for various types of network access. For authentication and authorization, NPS uses Active Directory to verify user or computer credentials and obtain user or computer account properties when a computer attempts an 802.1Xauthenticated connection or a VPN connection.

NPS also acts as a NAP health policy server. Administrators set system health requirements in the form of health requirement policies on the NAP health policy server.
5

NAP health policy servers evaluate health state information provided by NAP clients to determine health compliance, and for noncompliance, the set of remediation actions that must be taken by the NAP client to become compliant.

The role of NPS as an AAA server is independent from its role as a NAP health policy server. These roles can be used separately or combined as needed. For example:

* NPS can be an AAA server on an intranet that has not yet deployed NAP.
* NPS can be a combination of AAA server and health policy server for 802.1Xauthenticated connections on an intranet that has deployed NAP for 802.1Xauthenticated connections.
* NPS can be a health policy server for DHCP configuration on an intranet that has deployed NAP for DHCP configuration.

Read More

Exchange Server 2010 Beta available

Microsoft Exchange Server 2010 brings a new and rich set of technologies, features, and services to the Exchange Server product line. This topic lists many of the new features and functionality that are included in Exchange 2010. The list isn't comprehensive; however, it provides important information to use when you're planning, deploying, and administering your Exchange 2010 organization:

* New Rights-Protected E-Mail Functionality with Active Directory RMS
* New Transport and Routing Functionality
* New Permissions Functionality
* New High Availability Functionality
* New Messaging Policy and Compliance Features
* New Outlook Web Access Features
* New Unified Messaging Features
* Web Management Interface
* New Exchange Core Store Functionality
* New Administration Functionality in the Exchange Management Console
* New Administration Functionality in the Exchange Management Shell

The first Beta version of Exchange Server 2010 is now available for download. Go ahead, download now!!

Read More

Happy Father’s Day to all of you techie dads out there

Read More

Free Windows 7 IT Pro beta class offered

Microsoft Learning has recently completed the beta version of a Windows 7 Instructor-led training course for IT Professionals entitled “Installing and Configuring Windows® 7 Client”

In an attempt to attain feedback on the course prior to the RTM release of Windows 7 we are offering the three-day course to IT Pros who would like to attend and give feedback on the course.

· When: July 7th to 9th (9:00AM to 5:00PM)

· Where: Microsoft Campus, Redmond WA

This beta class is being offered for free only once and class size is limited. If you are interested in attending the course send an email to trblog@microsoft.com. In the email explain your interest in the course as an IT Professional. Students will be chosen based on how well they match the audience profile listed in the syllabus link above. You will receive an email response within 48 hours if you have been selected to attend the course.

Read More

Microsoft’s Virtual Lab Exams: Going Inside the Black Box

Microsoft recently announced the release of virtual labs in 83-640. Virtual labs allow you to perform tasks using the software technology rather than performing them in a simulated environment or answering multiple choices questions about how you would solve the specified problem. With virtual labs, you solve the problem by doing something. I found this totally cool video that shows off the virtual lab technology and item type and thought it would be great to share it with you.

Read More

Implementing Roaming User Profiles in Windows Vista

To implement roaming user profiles for users of Windows Vista computers in an Active Directory environment, follow these steps:

1. 1. Prepare the file server where you want to store roaming user profiles for users by creating a shared folder on the server. (This server is sometimes 2called the profile server; a typical sharename for this shared folder is Profiles.)
2. 2. Assign the permissions shown in Tables 1 and 2 to the underlying folder being shared and to the share itself. Also confirm that the permissions in Table 3 are automatically applied to each roaming user profile folder.

Table 1 NTFS Permissions for Roaming Profile Parent Folder

User account


Minimum permissions required

Creator/Owner


Full Control -Subfolders and Files Only

Administrator


None

Security group of


List Folder/Read Data, Create Folders/Append

users needing to


Data -This Folder Only

put data on share




Everyone


No Permissions

Local System


Full Control -This Folder, Subfolders, and Files

Table 2 Share-Level (SMB) Permissions for Roaming Profile Share

User account


Default permissions


Minimum permissions required

Everyone


Full Control


No Permissions

Security group of users needing to


N/A


Full Control

put data on share







Table 3 NTFS Permissions for Each User’s Roaming Profile Folder

User account


Default permissions


Minimum permissions required

%Username%


Full Control, Owner Of Folder


Full Control, Owner Of Folder

Local System


Full Control


Full Control

Administrators


No Permissions1


No Permissions

Everyone


No Permissions


No Permissions

1This is true unless you set the “Add the Administrator security group to the roaming user profile share” policy, in which case the Administrators group has Full Control (requires Windows 2000 Service Pack 2 or later).

3. 3. Create a default network profile for users and copy it to the NETLOGON share on a domain controller. Let it replicate to other domain controllers in the domain.
This step is optional and is typically necessary only if you want to preconfigure a roaming user profile for your users so that they will all have the same desktop experience when they first log on. If you do not create a default network profile, Windows Vista will use the local %SystemRoot%\Users\Default profile instead.
4. 4. Open Active Directory Users and Computers and configure the profile path on the Profile tab for each user who will roam.

3

Additional, optional steps include configuring roaming profiles as mandatory profiles or as super mandatory profiles if desired.
Creating a Default Network Profile

When a user logs on to a Windows Vista computer for the first time, Windows Vista tries to find a profile named Default User.v2 in the NETLOGON share on the domain controller authenticating the user. If Windows Vista finds such a profile, this profile is copied to the user’s computer to form the user’s local profile on the computer. If Windows Vista does not find such a profile, the Default profile under %SystemDrive%\Users on the user’s computer is copied instead as the user’s local profile.

To create a default network profile, follow these steps:

1. 1. Log on to any computer running Windows Vista, using any domain user account.
2. 2. Configure the desktop settings, Start menu, and other aspects of your computer’s environment as you want users who log on to Windows for the first time to experience them.
3. 3. Log off and then log on using an account that belongs to the Domain Admins group.
4. 4. Click Start, right-click Computer, and then select Properties.
5. 5. Click Advanced System Settings. In the System Properties dialog box, click the Advanced Settings tab and then click Settings under User Profiles. The User Profiles dialog box opens.
6. 6. Select the user profile you previously configured in step 2 and click Copy To.The Copy To dialog box opens.
7. 7. Type \\domain_controller\NETLOGON\Default User.v2 in the Copy To dialog box.
8. 8. Click Change, type Everyone and then click OK twice to copy the local user profile you previously configured to the NETLOGON share as the default network profile Default User v.2.
9. 9. Type \\domain_controller\NETLOGON in the Quick Search box and press ENTER to open the NETLOGON share on your domain controller in a Windows Explorer window. Verify that the profile has been copied.

Note You may already have a Default User profile in NETLOGON that you created previously as a default network profile for users of computers running earlier versions of Windows. This network profile is not compatible with Windows Vista. See the section “Considerations for Mixed Environments” later in this chapter for more information.
Configuring a User Account to Use a Roaming Profile

Once you have created a Profiles share and configured it with suitable permissions on a file server, you can configure new user accounts to use roaming user profiles. To do this, 4 follow these steps (a Windows Server 2003 domain is used in this example):

1. 1. Log on to a domain controller as a member of the Domain Admins group (or any administrator workstation running an earlier version of Windows on which adminpak.msi has been installed).
2. 2. Open Active Directory Users and Computers and select the organizational unit containing the new user accounts you want to enable roaming for.
3. 3. Select each user account in the OU that you want configure. Right-click each account and select Properties.
4. 4. Click the Profile tab, select the check box labeled Profile Path, type \\profile_server\Profiles\%username% in the Profile Path text box, and then click OK.

The selected new user accounts are now ready for using roaming profiles. To complete this procedure, have each user log on to a Windows Vista computer using his or her user credentials. When the user logs on to Windows Vista for the first time, the Default User.v2 profile is copied from NETLOGON to the user’s local profile and then copied as user_name.v2 to the Profiles share on the profile server. For example, a user named Jacky Chen (jchen@contoso.com) who logs on to a Windows Vista computer for the first time will receive the roaming user profile \\profile_server\Profiles\jchen.v2. The .v2 suffix identifies this profile as compatible only with Windows Vista or later.
Implementing Mandatory Profiles

The procedure for implementing mandatory user profiles is similar to the procedure for implementing roaming user profiles described earlier in the article, with the following differences:

* Instead ofassigning the Authenticated Users built-in group Full Control of the Profiles folder on the profile server, assign this group Read permission and the Administrators group Full Control instead.
* Follow the steps in the section “Creating a Default Network Profile,” but instead of copying the domain user profile you configured to \\domain_controller\NETLOGON\Default User.v2, copy the profile to \\profile_server\Profiles\Mandatory.v2.
* Browse to locate the super-hidden \\profile_server\Profiles\Mandatory.v2\ntuser.dat file and change its name to ntuser.man. (Super-hidden files have the hidden and system attributes set.)
* Follow the steps in the section “Configuring a User Account to Use a Roaming Profile,” but instead of typing \\profile_server\Profiles\%username% in the Profile Path text box, type \\profile_server\Profiles\Mandatory.

Any user who now logs on with this mandatory user profile will be able to configure the desktop environment while logged on to the network, but when the user logs off any changes made to the environment will not be saved.
5

Caution Do not add .v2 to the profile path of the user object in Active Directory Users and Computers. Doing so may prevent Windows Vista from locating the roaming or mandatory profile. You should only apply the .v2 suffix to the name of the user folder on the central file server.

Caution It is acceptable to use the existing server and file share where you store your current roaming user profiles. If you do so, however, each user will have two roaming profile folders: one for Windows Vista and one for Windows XP. The added folder also means additional storage requirements for the server. Ensure that the drive hosting the share has adequate free space, and adjust any disk-quota policies accordingly.
Implementing Super Mandatory Profiles

The procedure for implementing super mandatory profiles is similar to the procedure for implementing mandatory user profiles described earlier, with the following differences:

* Instead of copying the domain user profile you configured to \\domain_controller\NETLOGON\Default User.v2, copy the profile to \\profile_server\Profiles\Mandatory.man.v2.
* Instead of typing \\profile_server\Profiles\%username% in the Profile Path text box, type \\profile_server\Profiles\Mandatory.man.

Once you have implemented these profiles, users will be able to configure their desktop environments while logged on to the network, but when they log off any changes they made to their environments will not be saved. In addition, if the profile server is unavailable when the user tries to log on to the network (or if the super mandatory profile does not load for any other reason), Windows Vista will not allow the user to log on to the computer.
Using Roaming User Profiles Together with Folder Redirection

If you configure both Folder Redirection and roaming user profiles, do not store redirected folders within the user’s roaming profiles, but instead store them on the network share where Folder Redirection is targeted. This reduces the size of a user’s roaming profile, speeds up its download time, and improves the user’s logon experience.

In general, best practice is to configure Folder Redirection first, make sure it applies successfully, and then deploy roaming user profiles. Also, users should log off all computers and follow these steps on one computer first (with all their main data).
Considerations for Mixed Environments

The following considerations apply when implementing roaming user profiles in mixed environments that consist of both Windows Vista and Windows XP or Windows 2000 client computers:

* Default network profiles created for computer running an earlier version of Windows are not compatible with default network profiles created for Windows Vista computers because the profile namespace of Windows Vista 6 is incompatible with the profile namespace of Windows XP. Because of this incompatibility, users who log on to a computer running an earlier version of Windows cannot roam their profiles to Windows Vista computers and vice versa. If users must use both Windows Vista computers and earlier versions of Windows, they will need separate roaming profiles for each computer and must manage the profiles separately. If Folder Redirection is implemented, however, part of the user profiles (the redirected folders) can be shared between the two desktop environments.
* If users need to roam across both Windows Vista computers and computers running earlier versions of Windows, you will need twice the usual space to store their roaming profiles. For example, if user Jacky Chen roams across both Windows Vista and computer running an earlier version of Windows, he will have two roaming profiles on the profile server:
o \\profile_server\Profiles\jchen, which is his roaming profile on earlier versions of Windows
o \\profile_server\Profiles\jchen.v2, which is his roaming profile on Windows Vista computers

These two user profiles are incompatible and will not share any data unless you have also implemented Folder Redirection for the user. Specifically, if you implement all available Folder Redirection policies for this user (including those that apply to earlier versions of Windows), only the HKCU settings will be unavailable between platforms.

In Windows Vista, disk quotas configured on roaming profiles no longer prevent users from logging off as disk quotas did on earlier versions of Windows. However, disk quotas will prevent roaming profiles from being uploaded to the profile server when the user logs off. No user data is lost, however, since the data still remains in the user’s local user profile on the computer.

Read More

Free E-Book on Terminal Services

For 25 years, Microsoft Press books have focused on helping you take your skills and knowledge to the next level. Celebrate our 25th Anniversary with a "Free e-book of the Month" offer! Simply sign up for the Microsoft Press Book Connection Newsletter for notification of offers, register, and download the selection of the month.

Read More

Windows 7 Pre-Order 50% Half-Price Discount Promotional Deal

http://www.amazon.com/gp/feature.html?ie=UTF8&ref%5F=ms%5Fsbrspot%5F2&docId=1000392481

Microsoft is launching a time-limited promotional deal that will see the price of certain editions Windows 7 been slashed by 50%, if customer pre-oder the Windows 7.

Read More

Match Fixing

Read More

Movavi Video Converter

Movavi Video Converter is a fast and easy way to convert video & DVD into the format you need. Enjoy video on your iPod, iPhone, PSP.

Why Movavi
* Movavi Video Converter and other products are used by four million people and companies in 92 countries

* 82% of our customers recommend Movavi Video Converter, VideoSuite and other Movavi Products

* Business customers include Microsoft, Procter & Gamble, Coca-Cola, Harvard University, and more

* Reviewed by PC World, CNet, MacWorld, Yahoo!Tech, VideoMaker, and many more .

Read More

IBM Claims Privacy Breakthrough for Cloud, Data

IBM researcher Craig Gentry has proposed a method for manipulating data while leaving it encrypted. That could be big news for cloud computing, for antispam solutions, and for health care providers, according to an IBM (NYSE: IBM) statement -- if it works.

The news comes as regulators are monitoring the handling of personal data. The FTC recently announced the Red Flags rule to force companies to fight fraud more actively. Just yesterday, the now-famous ID thief Frank Abagnale, whose life story inspired the movie "Catch Me If You Can" and who now works for the FBI, said that companies must do better to protect their customers.

It's possible that they can with the breakthrough proposed in a paper by Gentry, a Stanford University Ph.D. candidate. The research was reported last week and published for Association of Computing Machinery members under the title "Fully homomorphic encryption using ideal lattices."

Homomorphic encryption enables encrypted data to be manipulated so that, when decrypted, the result is as if the operation had been performed on the unencrypted data -- an approach that makes it especially suitable for some types of security. Lattice encoding would normally limit the number of operations that could be conducted on the encrypted text, according to PGP Corporation cryptographer Hal Finney, who discussed the approach on a list serv.

But Gentry's approach manages to overcome those shortcomings.

"The resulting scheme is apparently not practical ... but it is still amazing that it is even possible," Finney wrote.

One problem may have to do with the fact that although the data is not decrypted, the software does manipulate a decryption mechanism while working with encrypted data. The ACM abstract notes that Gentry's technique uses "an encryption scheme that can evaluate (slightly augmented versions of) its own decryption circuit; we call a scheme that can evaluate its (augmented) decryption circuit bootstrappable."

Nevertheless, IBM has high hopes for the technology.

"We believe this breakthrough will enable businesses to make more informed decisions, based on more studied analysis, without compromising privacy," Charles Lickel, IBM vice president of software research, said in a statement. "We also think that the lattice approach holds potential for helping to solve additional cryptography challenges in the future."

Additionally, an IBM representative told InternetNews.com that "there are flavors of homomorphic encryption already out there, but they do not offer efficient, affordable ways of analyzing encrypted information from all angles. The fully homomorphic solution we've arrived at offers the possibility of performing nearly unlimited mathematical operations to analyze encrypted information."

PGP's Finney was certainly impressed with Gentry's technique. "I have to go back to Godel's and Turing's work to think of a comparable example," he wrote.

"This is ... one of the most remarkable crypto papers ever. Not only does it solve one of the oldest open problems in cryptography, the construction of a fully homomorphic encryption system, it does so by means of a self-embedding technique reminiscent of Godel's theorem."

Read More

Microsoft Hohm Beta Helps in Energy Conservation

Energy conservation has always been a critical global issue that nobody can neglect. Excessive development and wastage has resulted in incredibly high world energy consumption. Many parties have put in effort to try to reduce consumption by increasing efficiency. Being one of the world’s technological giants, Microsoft has joined in the effort by introducing its new service, Microsoft Hohm, an online application which allows users to analyze and understand their home energy usage and hence conserve the energy efficiently.

Microsoft Hohm is built on Azure Cloud Operating System and leverages Bing search as well as the Microsoft Advertising platform. Users can access to this online application via a modern browser easily. Based on the information and feedback from registered users, Microsoft Hohm will feed users with information of personalized energy savings and efficiency recommendations based on users’ dwelling conditions, e.g. house features, usage patterns and appliances. If users do not respond to Hohm with this basic information, the online application will then provide general recommendations to assist users in energy saving.

Microsoft Hohm is a free service with no additional costs to users. As a start, the service will be provided to residents in US only.

Energy conservation does not mean saving money only, but also helping to increase environmental value, national security, personal security, and human comfort. A collective effort will ensure the well-being and preservation of mother nature.

Read More

Enterprise-strength Linux for mission-critical computing. (Reliability has never been so affordable.)

SUSE Linux Enterprise 11 was built for reliability with affordable, enterprise-class clustering for your mission-critical workloads. With the ability to build a resilient and agile infrastructure, you can easily migrate from UNIX. And advanced Green IT capabilities keep your operation lean and efficient. Performance. Reliability. Affordability. What could be more mission-critical than that?

Powers your physical and virtual environments – desktop to data center.
Only SUSE Linux Enterprise 11 powers your complete environment with outstanding performance and manageability. So you can run your physical and virtual machines – from desktop to data center – on a common code base with common tools. Deploy traditional systems, or run software appliances for simplicity and speed. From x86 to mainframe and from netbook to desktop, SUSE Linux Enterprise delivers proven capabilities for your entire infrastructure.

The Linux that makes your IT work as one.
SUSE Linux Enterprise 11 provides maximum interoperability with Windows for lower costs and simplified management. Run Windows virtualized on Linux and vice versa, with full support from Novell and Microsoft. Easily add desktop Linux to your Windows environment for cost savings and security benefits. Leverage open standards to manage SUSE Linux Enterprise from your existing solutions. Even run ASP.NET applications on Linux for better performance and reduced cost.

Read More

Upgrade your MCP credentials for only 25 USD

If the answers to above are “Yes”, this is the BEST OFFER to meet your certification needs.


From now to June 30th, 2009 you are eligible for a Microsoft Certification exam
at a special price of US$25 *.

Save between 45 - 80%** when you utilize this offer to update your skills in new Microsoft technologies e.g. Windows Server 2008, SQL 2008, Visual Studio 2008, Vista and Sharepoint 2007.

This special offer is valid for valued Microsoft Certified Professional who has not attained any new Microsoft Certification credentials after July 1, 2007. Offer is valid for any Microsoft Certified Technology Specialist (MCTS), Microsoft Certified IT Professional (MCITP) and Microsoft Certified Professional Developer (MCPD) examinations scheduled and taken by June 30, 2009.

Read More

The Ultimate Windows Support Framework

Your organization strives to optimize its IT and business processes to achieve maximum performance. IT Standardization minimizes costs, reduces learning curves, reduces errors and increases efficiencies. Now think about the process of supporting Windows users and computers. Does your organization have standard support tools and methodologies? Are your support analysts achieving their maximum performance? Maven was designed specifically to enhance the productivity of Windows support analysts in all areas of support. Your company will save thousands of dollars in support costs.

Maven is a Windows support framework that allows organizations to standardize and audit all of their support tools, thereby greatly reducing support costs. Your enterprise data is typically found in multiple sources. Maven enables your organization to build and deploy a complete Windows support dashboard, with all of the queries, support tools, scripts and enterprise information required to rapidly service your IT infrastructure. Unlike many of today's Windows Management tools, Maven is fast and intuitive, designed specifically for analysts that administer and support Windows. Your service desk can do what they do best; service your organization.

Read More

Microsoft Security Essentials 1.0 (Morro MSE Free Anti-Virus) Leaked Download

Microsoft Security Essentials (MSE) is the official name for new free anti-virus security offering from Microsoft, which previously codenamed as Morro. Microsoft Security Essentials replaces Windows Live OneCare and Windows Defender.

MSE features a a streamlined solution with smaller footprint that focuses on core but comprehensive anti-malware protection including viruses, spyware, rootkits and trojans. As it’s free, don’t expect the security solution to equip with additional non-security features or advanced functions that comes with commercial consumer security suites from other third-party vendors, such as firewall.

Microsoft Security Essentials have been tested internally by Microsoft employees since June 1, 2009. The leaked setup installers appear to be genuine. Beside, virus and malware signature definition update for Microsoft Security Essentials have been working properly too, ensuring up-to-date protection. The freeware Microsoft Security Essentials is available as a stand-alone free download and will support Windows XP, Windows Vista and Windows 7 operating systems.

Download Microsoft Security Essentials

32-bit (x86) Windows Vista and Windows 7: mssefullinstall-x86fre-en-us-vista.exe
64-bit (x64) Windows Vista and Windows 7: mssefullinstall-amd64fre-en-us-vista.exe
Windows XP: mssefullinstall-x86fre-en-us-xp.exe

Read More

Swine Flue - Influenza A (H1N1) : Precautionary Measures.

Read More

Huawei E583X Wireless Modem

The emergence of those tiny, portable and flash drive shaped HSDPA modems do give frequent travelers and businessmen a lot of convenience to access internet when they are oin the move. The reputable networking and telecommunications equipment manufacturer, Huawei, introduced the small portable modem by showcasing its E583X wireless modem at CommunicAsia 2009.

The new Huawei’s E583X is connected to a computer wirelessly. This tiny modem will detect and acquire 3G wireless signal and thence transmit to the computer as WiFi signal. With this technology, users do not have to worry if they forget to bring the cable or if there is limited desktop space to place their modem. The E583X is powered with a 1,500mAh battery which can provide five hours of signal beaming wirelessly. Users can charge the modem by pluging via USB. Of course users can still connect the tiny gadget to the computer like other regular HSDPA modems.

Read More

Get Free NOD32 License with Valid Username and Password for 90-Days

NOD32 is a popular antivirus software that ranks one of the best and most accurate detection and lowest failure rate. Beside, NOD32 also famous for its virus scanning speed and low system resource usage, with support for DOS，Windows, Novell Netware, Linux, BSD and other platform. NOD32 is a shareware which allows users to download, install, and use NOD32 for evaluation and trial for 30 days. After the trial period expires, users will need to purchase a legitimate and genuine license or serial number for NOD32 in order to continue using it. Now, you can extend the trial and demonstration period for another 90 days or 3 months for free, by a trick to get a valid NOD32 license serial number that allows you to get a user ID and password to enter in NOD32 to make it genuine and able to download NOD32 setup, access any upgrade or update available, without any crack or hack.

1. Go to China NOD32 Users’ Club web page that offers and giveaways free 90-days genuine copyright license and serial number.
2. As it’s web page in Chinese language, you most probably won’t understand what it means. Anyway, fill in the first 3 fields (those with *) respectively as Name, Email and repeat your Email again. Make sure your email is valid and correct as the license PIN or serial number that allows you to get NOD32 username and password will be sent to this email.
3. After finished key in the details, press on the button on the left to submit. Button on the left is for you to press or click in case you don’t receive the email with license information or serial number in 30 minutes.
4. Check your email inbox (or spam folder, just in case) for the email from NOD32. The email should arrive almost immediately, and will contains a PIN or serial number underlined with red text. The rest of the email instructs you how to obtain the user ID and password by using the PIN or serial number. Ignore it if you don’t understand the language.
5. Go to Hong Kong NOD32 Anti-Virus System registration page to register as a user of NOD32.
6. Fill in the first 4 fields (marked with *) which is product serial number, client’s name, your email address, and confirm again your email address. English description is available, so this step should be simple and easy.
7. Click on the left button (Submit).
8. You will then receive another email which contains an user ID or user name with a password, valid for 90 days or 3 months, and will allows you to download latest and upgrade version of NOD32 and update latest virus signatures. The email will be sent pretty soon after a few minutes.
9. As you can see at the bottom of the page, if you registered, but fail to receive email within one hour or lost username password, please check your username and password at http://www.nod32.com.hk/support/password.php.
10. Then download the Eset NOD32 Anti Virus system for free from here with the username and password provided.

Together with 1 month free trial evaluation default offers, you can effectively try the NOD32 for 4 months or 120 days before deciding whether to purchase the software or not. The best thing about this trick is that it’s possible to indefinitely extend the license and hence the valid username and password for NOD32, without any crack or hack, by applying again for another free 90-days of legal usage after the current user name and password expired, by using the same email address. So you can actually use NOD32 free for life without any keygen, crack, leaked user name or password. However, if you want to apply for multiple PIN or serial number for multiple NOD32 user name and password, you will need to use different email address for each of them, as the free giveaway of NOD32 license is limited to one per e-mail address, and if you reapply for a new license ID with the same email that you used before, then the existing license will be deactivated.

Read More

ARM Cortex-A9 Potentially Power Up Next Generation High End Smartphones

While Intel continues to push its X86 architecture processors for mobile computing, ARM is also keep on upgrading its ARM architecture by integrating multi-core while further shrinking its die size with smaller process technology. According to reliable source, ARM is already planning to migrate to 45nm process technology so that it can integrate multi cores technology, in an attempt to boost up overall performance without affecting the physical foot print and more importantly its power consumption which is crucial for battery life time.

The next generation ARM core product will be mainly targeted for high end smart phone mobile devices where multitasking and graphics performance are important. With the introduction of ARM cortex A9 as the successor of current cortex A8 which has been designed widely including the recently announced Apple’s 3Gs as well as Palm Pre, consumers can expect even better performance boost with its out of order execution while allowing multi-threading technology for scalable performance to handle tasks processing simultaneously.

No exact time line of when this will be available, ARM forecasts that it should reach the market by mid of next year. TI (Texas Instrument) is one of the potential candidates that will leverage on ARM cortex A9 for its OMAP4 which supports full HD 1080p decoding capabilities as well as an impressive 20 Megapixel still image capturing for multimedia centric applications.

Read More

Acer Plans Entry Level Windows Smartphones at $50

If you are an Acer fan and is hoping to get a cheap smartphone from this Taiwanese manufacturer, here is a piece of good news for you! Just recently, the company has unveiled a few series of Windows smartphone targeted for consumers that are tight on budget. These few models, named as C1, L1 and F1 will be available to consumer market by this autumn at a minimum price of $50.

Obviously, Acer is trying its way entering smart phone market by offering an aggressive pricing strategy. Besides functioning as a normal 2,8-inch touchscreen smart phone devices running on Wndows Mobile OS, these devices are also enhanced with GPS functionality utilizing Qualcomm Snapdragon chipset clocking at different core speed. In terms of product features, both C1 and L1 are similar, with 528MHz processor, 2 Megapixels camera except the latter model will be designed with additional slide-out numeric hard keypad that makes it a bit more expensive than C1 series. On top of these, a F1 model, which is targeted for high end market will be featured with Qualcomm’s Snapdragon chipset running at 1GHz as well as supporting HD media playback with impressive 12 megapixels camera module.

No exact hardware details as well as concrete pricing information yet, these Windows based smartphones are expected to be commercialized by this autumn.

Read More

PRTG Network Monitor

Optimize Your Network and Avoid System Downtimes

Businesses increasingly rely on their networks to move data, provide communication, and enable basic operations. Performance loss or system outages can seriously impact the bottom line of your business. Continuous network and server monitoring enables you to find problems and resolve them before they become a serious threat to your business:

* Avoid bandwidth and server performance bottlenecks
* Deliver better quality of service to your users by being proactive
* Reduce costs by buying bandwidth and hardware based on actual load
* Increase profits by avoiding losses caused by undetected system failures
* Find peace of mind: As long as you do not hear from PRTG via email, SMS, pager, etc. you know everything is running fine and you have more time to take care of other important business.

Read More

Baby BlackBerry For Toddlers

To expose kids to gadgets and assist them in learning, toy maker, LeapFrog has introduced an interesting mini BlackBerry, Text & Learn, which caters particularity to toddlers three and up.
The size of the LeapFrog Text & Learn is slightly bigger than a normal smartphone or BlackBerry even though it is nicknamed “Baby BlackBerry”. Toddlers can make use of this gadget to polish up their language, play games and also learn some basic computer skills. Toddlers can imitate their parents to send text messages and browse the “web”. They can enjoy messaging with a virtual pal Scault (a quasi-imaginary friend) while exploring web browsing (pretend mode). The tiny gadget also offers kids with a handful of gaming activities such as shape identification, letter matching, QWERTY keyboard navigation, etc.

Leapfrog has yet to reveal the pricing and the availability of this interesting Text & Learn. To give your kids that slight technological advantage and edge in life, a Baby BlackBerry might just be the gadget to invest in this year.

Read More