Thursday, December 15, 2011

New RC versions of System Center 2012 Products


  • System Center 2012 Configuration Manager RC provides comprehensive configuration management for the Microsoft platform that can help you empower users with the devices and applications they need to be productive while maintaining corporate compliance and control.
  • System Center 2012 Endpoint Protection RC, built on System Center Configuration Manager, provides industry-leading threat detection of malware and exploits as part of a unified infrastructure for managing client security and compliance that can help you simplify and improve endpoint protection.
  • System Center Operations Manager 2012 RC provides deep application diagnostics and infrastructure monitoring that can help you ensure the predictable performance and availability of vital applications and offers a comprehensive view of your datacenter, private, and public clouds.
  • System Center Data Protection Manager 2012 Beta provides unified data protection for Windows servers and clients that can help you deliver scalable, manageable, and cost-effective protection and restore scenarios from disk, tape, and off premise.
  • System Center Orchestrator 2012 RC provides orchestration, integration, and automation of IT processes through the creation of runbooks that can help you to define and standardize best practices and improve operational efficiency.
  • System Center Virtual Machine Manager 2012 RC provides virtual machine management and services deployment with support for multi-hypervisor environments that can help you deliver a flexible and cost effective private cloud environment.
  • System Center App Controller 2012 Beta provides a common self-service experience across private and public clouds that can help you empower application owners to easily build, configure, deploy, and manage new services.
  • System Center Service Manager 2012 Beta provides flexible self-service experiences and standardized datacenter processes that can help you integrate people, workflows, and knowledge across enterprise infrastructure and applications.

Go Here


Virtualization Resources

This is a link to a groups of resource about Microsoft Virtualization articles and videos.

Topics include

Deploy a private cloud infrastructure

SharePoint Virtualization

Virtualize Exchange 2010

Manage Storage Migration with Virtualization

Run 3-D Applications on Hyper-V Remote Clients

Use Virtual Clustering to Deliver High-Availability Applications

Disaster Recovery Using Virtualization

Hyper-V Cloud Fast Track Program
Download Microsoft Hyper-V Cloud Reference Architecture Technical White Paper.

Private Cloud Concepts
Consult the Microsoft Private Cloud team blog for advance about building your private cloud and virtualization projects.

Choose your Private Cloud Components
Learn what Microsoft products are available for private cloud solutions and how to combine them.

Microsoft Virtualization Learning Snack
Take an interactive tour of Hyper-V and Integrated Virtualization from Microsoft.


Smart Cards and Virtual PC

Using Smart Cards in Windows Virtual PC
Learn how you can use smartcards in any virtual machine (VM) created using Windows Virtual PC on Windows 7, just as you use smartcards on Windows 7. While each type of smartcard device comes with its own device driver software, that will need to be installed in the operating system (OS) on which the smartcard reader is being used, smartcards can be shared between the host OS (Windows 7) and the VM, or can be assigned exclusively to VMs.

Cross Post From Microsoft


Technorati Tags:

Security Articles On Windows Hyper-V

Security Tip of the Month: Simple Security Recommendations When Using Hyper-V
As more small to midsize companies consider virtualization solutions, questions about security and virtualization inevitably arise. Microsoft has a few articles on TechNet that outline some of the key aspects of a secure deployment of the Hyper-V virtualization technology, a feature of Windows Server 2008 R2. To complement the guidelines offered in "Planning for Hyper-V Security," Microsoft IT Evangelist Howard Wong offers some additional thoughts and security considerations around Hyper-V.

Planning for Hyper-V Security
Overall, you should secure the virtual machines running on the virtualization server according to your procedures for securing that kind of server or workload. This document provides best practices to help improve the security of your Windows Server 2008 servers running Hyper-V.


Hyper-V Security Guide
Find instructions and recommendations to help strengthen the security of computers running the Hyper-V role on Windows Server 2008. This guide covers three core topics: hardening Hyper-V, delegating virtual machine management, and protecting virtual machines.

Cross Post From Microsoft


SQL Server 2012 Release Candidate (RC)

SQL Server 2012 Release Candidate (RC) is now  will extend beyond traditional database capabilities with a cloud-ready information platform.

With AlwaysOn availability for faster failover and greater hardware utilization and in-memory ColumnStore for 10x the data warehouse performance gains. SQL Server 2012 will also enable breakthrough insights with business intelligence solutions such as Power View for stunning, interactive data visualizations and enhancements to PowerPivot. Lastly, SQL Server 2012 will uniquely support hybrid IT environments with common management and development tools, scale elastically, and extend applications directly to the cloud through SQL Azure.

To Download go HERE

To learn more about SQL Server 2012 , including

SQL Server 2012 Editions and Licensing FAQ

SQL Server AlwaysOn Video

SQL Server Column StoreI ndex

SQL Server 2012 Security

SQL Server 2012 Overview

go here


Free Windows Developer Training

Windows Azure Developer Camps are free, fun, no-fluff events for developers, by developers. You learn from experts in a low-key, interactive way and then get hands-on time to apply what you've learned. Find a camp near you, Here


Thursday, May 19, 2011

TechEd Office announces Service Pack 1 Unveiled for Office 2010 and SharePoint 2010

Scheduled for release at the end of June, SP1 will include updates across the client suites and server products. Check out the list of improvements and new features, and stay tuned for more details, on the Microsoft Office Blog.

Some announced  features include,

Across the client suites and server products, SP1 offers a sprinkling of improvements to make a strong 2010 release wave even stronger. During TechEd and beyond, teams on will update their blogs with more specific details of 2010 Service Pack 1 contents.

There are far too many changes in SP1 to list here, but the list below is a sample of SP1 highlights to get things started. This is a list of things that you can do now that you couldn’t before, or things that are just better than they were with the original release:

  • Outlook fixes an issue where “Snooze Time” would not reset between appointments.
  • The default behavior for PowerPoint "Use Presenter View" option changed to display the slide show on the secondary monitor.
  • Integrated community content in the Access Application Part Gallery.
  • Better alignment between Project Server and SharePoint Server browser support.
  • Improved backup / restore functionality for SharePoint Server
  • The Word Web Application extends printing support to “Edit Mode.”
  • Project Professional now synchronizes scheduled tasks with SharePoint task lists.
  • Internet Explorer 9 “Native” support for Office Web Applications and SharePoint
  • Office Web Applications Support for Chrome
  • Inserting Charts into Excel Workbooks using Excel Web Application
  • Support for searching PPSX files in Search Server
  • Visio Fixes scaling issues and arrowhead rendering errors with SVG export
  • Proofing Tools improve spelling suggestions in Canadian English, French, Swedish and European Portuguese.
  • Outlook Web Application Attachment Preview (with Exchange Online only)
  • Office client suites using “Add Remove Programs” Control Panel, building on our work from Office 2007 SP2

Stay tune for more on this service pack.

Do you have IE6 apps but want to move to Windows 7

I hear this as a issue for a lot of companies.  Yes Microsoft has some great products for virtualizing old applications, But here some special. UniBrows is a add on for IE8 or IE9 that add a Tab in your browser that allow you to run IE-6 dependent web application unmodified in IE8 or IE9.

This solution work for those customers who need JUST browser backward compatibility. The cool thing about this add-on is that now you can migrate to Windows 7 easily.

UniBrows provides full IE6 functionality and behaviors, including ActiveX controls support and JavaScript functionality. Administrator-specified sites are rendered as if IE6 was powering the separate tab while other websites and nonconfigured URIs are loaded natively in IE8. The add-on can be deployed with standard IT methods, managed by Group Policy within IE8 (so company IT administrators can choose IE6-specific sites and applications to render as IE6), and also includes a Microsoft Management Console snap-in. In contrast to heavyweight virtualization-based mechanisms, UniBrows only requires 10MB of memory without changing a single line of code.

You can even had different version of Java running in your browser!


For a Trial Version go Here

Security Breach at Michaels Stores, Inc


(IRVING, Texas) Michaels Stores, Inc. has learned that PIN pad tampering may have occurred in its Chicago-area stores and that customer credit and debit card information may have been compromised.

The company was contacted this week by banking and law enforcement authorities after some fraudulent debit card transactions were reported over the weekend. Authorities believe the fraudulent transactions may be linked to legitimate transactions in Chicago-area Michaels stores.

Consumers who have purchased items from a Michaels store with a debit or credit card are encouraged to monitor their statements, report any suspicious account activity, and change any PIN numbers and other account security settings. Consumers who believe their accounts were used without authorization should contact the card issuer directly. More consumer protection tips are available at the Federal Trade Commission website at

The company is working to assist authorities in the investigation. For additional information and updates, visit Michaels website at


Security hole in Android Devices

Android devices running versions 2.3.3 and below could be susceptible to attack when they are connected to unencrypted Wi-Fi networks. Anyone else on that network could gain access to, modify or delete Android users' calendars, photos and contacts.

"It is quite easy," the researchers Ulm University from Ulm University in the southern part of Germany, wrote in a blog post Said  "The implications of this vulnerability reach from disclosure to loss of personal information."

Google has announced they are working on a fix.


Windows 7 Resource Kit Free

Get the official Microsoft RESOURCE KIT delivers in-depth technical guidance from those who know the technology best—Microsoft MVPs and the Windows 7 team. Covers new features, deployment, administration, security, and other essential topics.


By going to Here Use discount code TSW7R to receive this as a free eBook.


Wednesday, May 11, 2011

Free eBook Windows 7 Power Users Guide

Mike Halsey is a Microsoft MVP and author of Troubleshooting Windows 7 Inside Out from Microsoft Press. Mike has created eBook Windows 7 Power Users Guide is now completely FREE. The book is for people of all technical ability from complete novices to IT Pros.


The book contains 16 chapters and is a guide on how to get the very best out of Windows 7 from installation to configuration and advanced operations. It includes step-by-step guides, screenshots and diagrams on every page, quick tips throughout the book. This is a great resource for all Windows 7 users.

To download go here


Thursday, April 28, 2011

Security Hole - Nikon’s Image Authentication System

ElcomSoft Co. Ltd. researched Nikon’s Image Authentication System, a secure suite validating if an image has been altered since capture, and discovered a major vulnerability in the manner the secure image signing key is being handled. In turn, this allowed the company to extract the original signing key from a Nikon camera. The vulnerability, when exploited, makes it possible to produce manipulated images with a fully valid authentication signature. ElcomSoft was able to successfully extract the original image signing key and produce a set of forged images that successfully pass validation with Nikon Image Authentication Software.

ElcomSoft has notified CERT and Nikon about the issue, and prepared a set of digitally manipulated images passing as originals when verified with Nikon’s secure authentication software. Nikon has provided no response nor expressed any interest in the existence of the issue.

This is a Copy of the Notice ElcomSoft posted being cross posted to show an important security issue.

Monday, April 25, 2011

How to Avoid a Cyber Disaster

Date: April 27, 2011
Time: Noon - 1 PM ET

I will be presenting Planning for a cyber disaster makes recovering from one much easier. Still, as important as disaster planning is, it’s often overlooked or put off until it is too late. In this webinar, Global Knowledge instructor Jay Ferron will discuss planning for the unexpected, and he’ll teach simple tricks to reduce your company’s downtime before, during, and after a disaster.

Using a fictional company as an example, Jay will walk you through the disaster planning process a security professional should use.


    • What a disaster is
    • How to plan
    • Techniques to reduce the impact of a disaster
    • What BCP is
    • Five rules for creating a good disaster plan
    • Testing your disaster plan
    • Funding the plan
    • How and where to get help with your disaster planning process

To attend this session click here


I will be presenting at TechEd  May 15 – 19 in Atlanta.

May 15 10:30am-12:30pm           

WCL271-WRK - Introduction to Testing and Remediating Win32 Apps

In this instructor-led workshop, we enhance your skills at troubleshooting and remediating issues with Windows-based applications. We walk you through the process of surfacing and understanding the problem, troubleshooting the root cause, developing and testing remediation options, and providing recommendations on the potential solution options. The lab exercises are designed to be as real-world as possible (you may be troubleshooting real applications!) to help you to practice and develop your ability to overcome issues related to the migration from Windows XP to Windows 7.

Product/Technology: Windows® 7

Audience: Designer, Web Developer/Designer

May 15 1:00pm-3:00pm               

WCL272-WRK - Introduction to Testing and Remediation Web Apps

In this instructor-led workshop, we enhance your skills at troubleshooting and remediating issues with web-based applications. We take you through the process of surfacing and understanding issues with version checks, rendering, ActiveX controls, and scripting, discuss the options for resolving them, and along the way discover and practice using many of the tools that we use daily in troubleshooting Windows-based applications. The lab exercise are designed to be as real-world as possible, to help you to practice and develop your ability to overcome issues related to the migration from Internet Explorer 6 to Internet Explorer 8.

May 15 3:30pm-5:30pm               

WCL272-WRK-R - Introduction to Testing and Remediation Web Apps

(see above description)

May 17 8:30am-10:15pm             

WCL271-WRK-R - Introduction to Testing and Remediating Win32 Apps

(see above description)

May 17 1:30pm-3:00pm               

WCL272-WRK-R2 - Introduction to Testing and Remediation Web Apps

(see above description)


Wednesday, April 13, 2011

Free study guides for Windows Server 2008 R2 Exams:

This free study guide covers material in the three Windows Server 2008 R2 Exams:
  • 70-640 Windows Server 2008 Active Directory Configuring
  • 70-642 Windows Server 2008 Network Infrastructure Configuring
  • 70-646 Windows Server 2008 Administrator R2

Windows Server 2008 R2 is the core server platform for companies transitioning to Windows 7 and the cloud. It is designed to capitalize on the move to virtual platforms, providing new web tools, management utilities and scalability enhancements that save organizations of all sizes time and money.

Click here


Friday, April 8, 2011

Microsoft is back in the US for another Springboard Series Tour!



Microsoft is back in the US for another Springboard Series Tour!

If you never attended this event and it local you should go.

May 2 – Toronto | May 4 – Detroit | May 6 – Chicago | May 9 – Indianapolis | May 11 – Dallas | May 13 - Columbus

The Springboard Series Tour is back! This 6 city tour brings the top product teams from Microsoft to you. We understand the questions and issues that IT pros deal with every day. How do I manage end users bringing consumer devices into the office? Should we look to the cloud for key solutions? Should I virtualize? What are the best tools to manage application compatibility and deployment? The Springboard Series Tour brings the experts and the answers.

Join us for a full day’s deep dive into the tools, solutions and options to help you do more with less. We will cover managing the flexible workspace, a first look at Windows Intune and Office 365. We’ll also show you some of the new Windows Slates and give you details around Microsoft’s strategy for Slate devices. We will preview  the new tools in the MDOP 2011 suite, a deep dive into managing and deploying Office 2010 and great tips and tricks to help you deploy Windows 7 and move your users from Windows XP with speed and ease.

REGISTER NOW and save your seat for this free day of technical demos, Q&A sessions, and real-world guidance from Microsoft experts.

Technorati Tags:


Wednesday, April 6, 2011

Security Is Everyone Issue

Here is another example of how 1 small problem can affect many customers.

Late last week, Epsilon detected that customer information of a subset of Epsilon's email clients had been exposed by an unauthorized entry into its email system. The affected clients represent approximately 2% of Epsilon's total client base.

The data stolen from Epsilon -- names and email addresses -- isn't considered as sensitive as social-security and credit-card numbers. But security experts warn that a cybercriminal could still use the information to commit fraud, especially if they know which email addresses are associated with customers of particular businesses.

The Secret Service is investigating this breach and people who receive spam should report it to

The Epsilon computer system was accessed by an unauthorized party. College Board customer first and last names and email addresses may have been obtained. The College Board sent out a warning about opening links and attachments from unknown senders and spam.

UPDATE (4/3/2011): In addition to The College Board, about 50 businesses who were clients of Epsilon at some point have also been affected. Customer names and email addresses from the following businesses were exposed:

Companies that use Epsilon include;



AIR MILES Reward Program (Canada)


Barclays Bank of Delaware (Barclay's L.L. Bean Visa card)



Best Buy

Best Buy Canada Reward Zone

Benefits Cosmetics


Capital One


City market

College Board


Disney Destinations (The Walt Disney Travel Company)

Eddie Bauer Friends

Eileen Fisher

Ethan Allen

Food 4 Less

Fred Meyer


Hilton Honors

Home Shopping Network (HSN)

Jay C

JPMorgan Chase

King Soopers



Marriott Rewards

McKinsey Quarterly


New York & Company



Red Roof Inn

Ritz-Carlton Rewards

Robert Half International

Smith Brands


TD Ameritrade


US Bank

Visa (Barclays Bank of Delaware/L.L. Bean Visa, BJ's Visa)


As of 4/4/2011, Epsilon estimates that the breach affected about 2% of its clients.


Technorati Tags: ,

Saturday, April 2, 2011

Learning PowerShell

If you are new to PowerShell, I found some good tutorial exercises here.

Addition links for PowerShell tools and scripts and blogs

  • Learn PowerShell Live: March 28–April 1, 2011 go here

  • 2011 Scripting Games: All Links on One Page can be found here


  • Jonathan Medd  blog is Here
  • The Windows PowerShell Team blog here
  • The Windows PowerShell Script Center here

Additional Docs- Windows Power Shell Owner guide is found here

Neat tool - PowerGUI, a graphical user interface and script editor for Microsoft Windows PowerShell can be found here

Podcasts on PowerShell can be found at;

Powerscripting Podcast

The 3 sessions that Scott Hanselman did on the subject

A great book Bruce Payette's 'Windows PowerShell in Action'

Technorati Tags:

Wednesday, March 30, 2011

SCVMM 2012 Beta Public Release Announcement

Microsoft announced the following, the public release availability of SCVMM 2012 Beta.

With this release you will be able to do:

  • Fabric Management
    • Hyper-V and Cluster Lifecycle Management – Deploy Hyper-V to bare metal server, create Hyper-V clusters, orchestrate patching of a Hyper-V Cluster
    • Third Party Virtualization Platforms - Add and Manage Citrix XenServer and VMware ESX Hosts and Clusters
    • Network Management – Manage IP Address Pools, MAC Address Pools and Load Balancers
    • Storage Management – Classify storage, Manage Storage Pools and LUNs
  • Resource Optimization
    • Dynamic Optimization – proactively balance the load of VMs across a cluster
    • Power Optimization – schedule power savings to use the right number of hosts to run your workloads – power the rest off until they are needed.
    • PRO – integrate with System Center Operations Manager to respond to application-level performance monitors.
  • Cloud Management
    • Abstract server, network and storage resources into private clouds
    • Delegate access to private clouds with control of capacity, capabilities and user quotas
    • Enable self-service usage for application administrator to author, deploy, manage and decommission applications in the private cloud
  • Service Lifecycle Management
    • Define service templates to create sets of connected virtual machines, os images and application packages
    • Compose operating system images and applications during service deployment
    • Scale out the number of virtual machines in a service
    • Service performance and health monitoring integrated with  System Center Operations Manager
    • Decouple OS image and application updates through image-based servicing.
    • Leverage powerful application virtualization technologies such as Server App-V

Production Support:  The SCVMM 2012 Beta is NOT Supported in production environments.

Resources and Feedback:

Use the SCVMM Community Forums to obtain general help, guidance, and assistance with the SCVMM 2012 Beta. You are welcome to submit suggestions or bugs via the feedback link on the SCVMM 2012 Beta Connect Site. When submitting bugs, please attach trace log details to help our team diagnose the issue. Information on collecting trace logs is provided in the SCVMM 2012 Troubleshooting Guide on SCVMM 2012 TechNet Library.

TechNet Library

The SCVMM 2012 TechNet Library is the definitive content source for all step-by-step instructions.

Go more information go here

Microsoft announces the Microsoft Virtual Academy

But wouldn't it be great if there was a simple, effective way to get the skills and training you needed to take advantage of this opportunity - and get the recognition and rewards you deserve?

That's where Microsoft can help give your career a boost.
Take your career to the next level

The Microsoft Virtual Academy offers no-cost, easy-access training for IT professionals who want to get ahead in cloud computing.

Developed by leading experts in this field, these modules ensure that you acquire essential skills and gain credibility as the cloud computing specialist in your organization.

MVA guides you through real-life deployment scenarios and the latest cloud computing technologies and tools. By selecting the training modules that match your needs, you can use valuable new skills that help take your career to the next level.

MVA courses include:

Introduction to SCVMM, Architecture & setup

Creating VMs, Template & Resources in VMM

Managing Windows Azure

SQL Azure Security

Identity & Access

Data security and cryptography

...and more at Microsoft Virtual Academy

To learn more go here


Battling the Zbot Threat

Here  is some information on a new threat for you. Many of the customers I have talked to, particularly in the finance industry, have been very concerned about a threat called Zbot (a.k.a. Zeus). Win32/Zbot can be used for a variety of illicit purposes including sending spam email messages, executing distributed denial-of-service (DDoS) attacks, and distributing malware. However, its primary purpose, and the one for which it was specifically developed, is to steal financial information from infected computers. The Microsoft Malware Protection Center (MMPC) has released a special edition of the Microsoft Security Intelligence Report (SIR) called Battling the Zbot Threat to bring you up to speed on this threat and the work that the MMPC has been doing to fight it.

(copy from Microsoft Security Newsletter but crossed posted due to relevancy)

Get the report here

Monday, March 28, 2011

New HPC Support Files and additional DOCs

Here are some new files  about High Performance Computing (HPC)that have been added to the Microsoft site.

First a simple example on how to build a small HPC cluster including a Video

  • The guide can be found here
  • A video of the process can be found here

Some new or additional documentation added;

  • Final batch of V3 APIs published to HPC Class Library can be found here
  • Configuring the Azure management certificate can be found here 
  • Steps to Perform Before and After Restoring the HPC Databases from a Backup can be found here
  • More MPI resources added to MPI Application Development for Windows HPC Server can be found here

Docs re-published on Download Center

  • Deploying Windows Azure Worker Nodes in Windows HPC Server 2008 R2 SP1 Step-by-Step Guide can be found here 
  • Deploying iSCSI Boot Nodes in Windows HPC Server 2008 R2 Step-by-Step Guide can be found here


Sunday, March 27, 2011

Come and get your Cloud geek on!

On April 19th GITCA and Microsoft are running an event called “24 Hours in the Cloud”. There will be 24 one hour sessions around the world covering a wide range of Cloud Computing topics. The presenters will be live on Twitter to answer your questions. There is something for everybody, developer, IT pro and SQL enthusiast. There is no question that Cloud Computing is here to stay and this is a unique opportunity to be educated and gain an insight as to where Cloud Computing is going. Stay tuned for more details, such as how to join the “Cloud 24 hour party”, as the event date approaches.

Click here for more info


Wednesday, March 16, 2011


Here are a bunch of links that you can use to learn more about Microsoft HPC server.

What is HPC Server 2008 R2 ? -

A set of Windows machines working as an HPC system to give users massive computing power.



Some of the nodes can be on-premise, like computer node or using Windows 7 computers as workstation nodes and yes you can use Azure as well.

Link to resources and whitepapers:

Microsoft Windows HPC

What's new in HPC Server 2008 R2

Technical documentation, IT resources:

Blogs and forums:

HPCS PowerShell, e-book:

General DOS and PowerShell scripting:

HPC-specific scripting:



Server 28 R2


Design and Deployment Guide for Windows HPC Server 2008 R2

HPC Server 2008 R2: Step-by-Step

Security in HPC Server 2008 R2

FAQ on HPC Pack editions & licensing

Design and Deployment Guide for Windows HPC Server 2008 R2

Networking and firewall configuration

Guide to Diagnostics Extensibility in HPC Server 2008 R2

Guide to Reporting Extensibility in HPC Server 2008 R2

Submission / activation filters:


Friday, March 4, 2011

Do you have the Excel spreadsheet from Hell…

Do you have an Excel spreadsheet that takes hours or day to complete?

Do you have that really fast computer with the note on it that says "Do not touch" while the computer working doing complex calculations complex..


Have you played the game of buying faster and faster computer to get you excel spreadsheet processing done faster

Yes you could go to Excel 2010 version 64 bit to address more memory, but if I am using custom XLL UDF there may not be a version of the custom UDF for 64 bit so what one to do ? And does that make my spreadsheet much faster? Excel allows you to create custom functions, called "User Defined Functions" (UDF's) that can be used the same way you would use SUM() or some other built-in Excel function or I can user Automation add-ins are suitable if your UDF deals a lot with the Excel object model; XLL add-ins are faster in financial and mathematical calculations. Note however that native code XLL add-ins work faster than managed UDFs.

I have clients who have these problems and have just resolved themself to it is just going to take day to get the data out; for example;

Insurance company

• Insurance company who need to do reserve requirements calculation which answer the question do the company have the minimum reserves require buy regulators’ this is based on Hundreds of thousands of policies and can take 4 weeks to calculate each monthly.

• A controller at big company who doing, what if scenarios on budgets and forecasting the same formulas over and over again and the process takes 1 week s each time

• Assist with Monte Carlo simulation for risk analytics and other suitable scenarios in Financial Services and Energy trading in Oil & Gas industry verticals.

If you look at your company you probably find this is an issues for someone who user the big, complex, spreadsheet I have a solution for you!

HPC Services for Excel 2010

Here is a way to have MUTIPLE Computers share the workload

*** What new is now you can use Excel 2010 PLUS edition and have multiple computers share the workloads ***

HPC Services for Excel 2010 - HPC is part of Microsoft Technical Computing solution

HPC stand for High Performance Computing

HPC is a group of computers or a cluster of computer consists of several servers networked together where each server in the cluster performs one or more specific tasks. Cluster components include Head Nodes, and Compute Nodes, Job Scheduler and sometimes Broker Nodes (for SOA enabled clusters.)


(Graphic from Microsoft HPC site)

Head Node - is point of management and job scheduling for the cluster. It provides failover and controls and mediates access to the cluster resources.

Compute Node(s) -Carries out the computational tasks assigned to it by the job scheduler.

There are many ways that you can run a cluster, here are the methods.

Method 1: use 7 computer that at night or during the week end can be used as computer nodes

Method 2: use Widows Azure as a cloud solution

Method 3: Build a Windows HPC cluster in house

To learn more about HPC and to use HPC with Excel go here

I will be creating more Blogs detailing this solution.

Tuesday, March 1, 2011

How to Avoid a Cyber Disaster

I will be presenting  a webinar for a cyber disaster makes recovering from one much easier. Still, as important as disaster planning is, it’s often overlooked or put off until it is too late. In this webinar, I will discuss planning for the unexpected, and he’ll teach simple tricks to reduce your company’s downtime before, during, and after a disaster.

Using a fictional company as an example, I will walk you through the disaster planning process a security professional should use.


    • What a disaster is
    • How to plan
    • Techniques to reduce the impact of a disaster
    • What BCP is
    • Five rules for creating a good disaster plan
    • Testing your disaster plan
    • Funding the plan
    • How and where to get help with your disaster planning process

Date: April 27, 2011
Time: Noon - 1 PM ET
To Registration Here

Thursday, February 24, 2011

Great Security Tool for Active Directory Admins Today Free!

I get ask all the time for tools or tricks that a administrator can use here a great one. AD Unlocker Pro.

You and administrator of a Active Directory Domain you don your due diligence and set a group policy that say after x tries lock user account , Now how do you audit and see what accounts are locked?

Here a very small utility that you can run that will show you what accounts are locked and Unlocking them with only one click.

This application also  can use alternate login (useful if your Active Directory Administrator account is not your default user account).



See the accounts


Choose what account to unlock


and you can ever have application running to show when account is locked


For those of you who read my blog daily here a great deal

TODAY 2/24/2011 you can download and get a free copy

by clicking Here (follow the directions)

Monday, February 21, 2011

Security Guide for Protecting Malware Incidents

Microsoft today announced a free planning guide to help with Malware.The Infrastructure Planning and Design Guide for Malware Response empowers readers to take action quickly in the event of a malware incident by matching the technology solution to the business need and aligning business and IT from the beginning. This guide discusses three primary recovery methods: cleaning the system, recovering system state, and rebuilding the system. Each method presents different risks and benefits to the organization. The guide also describes approaches to investigating outbreaks and cleaning infected systems. Read this guide to make an informed decision about how to return the systems to operation while limiting the likelihood of the malware infecting additional systems.

The guide empowers readers in the following ways:

  • Shortens the time required to recover from a malware outbreak by describing the decisions to be made.
  • Provides a cost-effective and straightforward solution by matching the most suitable technologies to the business needs.
  • Prompts decisions to be made in choosing one of three courses of action: clean, restore, or rebuild a system.

To learn more about Infrastructure Planning and Design Guide for Malware Response click  here. To download the guidance, click here.


Tuesday, February 8, 2011

Two Live Cyber Security Webinars

The first webinar, "Protecting Your Network with Authentication and Cryptography," is scheduled for 12 pm EST Wednesday, February 9, and will focus on password protocols, user verification, symmetric and asymmetric encryption, and using cryptography to protect data.

In the second cyber security webinar, " Securing Communications," scheduled for 12 pm EST Wednesday, February 23, attendees will learn how to put into practice the cyber security concepts covered in the first webinar. They will learn about using cryptography to secure services and wireless networks and about using rights management for protecting data.

"In this cyber security webinar series, we'll discuss using cryptography, authentication, and encryption from theory to practice," said Ferron. "Grasping these concepts will help you understand the basics of keeping your data secure."

Webinar: Protecting Your Network with Authentication and Cryptography
Live Presentation: Wednesday, February 9, 2011, 12:00-1:00 pm EST

Webinar: Securing Communications
Live Presentation: Wednesday, February 23, 2011, 12:00-1:00 pm EST

Register for "Protecting Your Network with Authentication and Cryptography" and " Securing Communications" on the Global Knowledge web site. Recorded versions of these cyber security webinars will be available approximately one week after the live sessions.


Tuesday, January 25, 2011

Win a copy of Windows 7 Ultimate in our “Best Windows Story” Contest!

Microsoft is  giving away a copy of Windows 7 Ultimate to the ten (10) best Windows stories from IT Professionals. Stories can be related to how Windows 7 saved your company money, solving your application compatibility issues, deployment, management of your installations, and virtually anything else. The more compelling your story, the better chance you have to win.

Go HERE to learn more


Technorati Tags:

Windows 7and Server 2008r2 New Security Features


With the introduction of Windows 7 and Server 2008 r2 there are new security features that an auditor or IT professional should be aware of. As you roll out the new operating system, what are the issues and benefits that your company will see? What are the risks, benefits and issues that need to be planned for?

In this session I will be covering these important issues with the use of lecture, demos and group discussions.

If these are questions that you and your organization are asking, then we invite you to attend our session, “Windows 7 and Server 2008r2 New Security Features.”


The educational session will introduce attendees to the key issues surrounding deploying these new operating systems and using features that help reduce risk for enterprises and organizations.


· Windows 7 new features

o Demo of new features

o Tricks and demos

o Hard drive encryption

o Bitlocker to go

· Server 2008 R2

o New group polices

o New Audit and logging features

o NAP – Network Access Protection

o Direct Access

o Hyper-v (Server virtualization)

· Deployment Issues

o XP to Windows 7

o Discussion

o MDT 2010

o XP Mode

· Analysis of Windows Event Logs


● Audit and risk professionals whose organizations are considering Windows 7 and Server 2008 r2 Security Risks.

● Information Security professionals interested in learning about Windows 7, and Server 2008 r2 deployment issues, new features and benefits.

This Session is being offered to the

ISACA- Connecticut Chapter on January 31 from 8:30 AM - 4:30 PM

To register for this event click here

and again for the

ISACA – New England Chapter 

February 18  from  8:30 AM - 4:30 PM

2 Financial Center
60 South Street
Boston, MA 02111

To register for this event click Here


Monday, January 24, 2011

Security Webinar Securing Communications

In this session, I will cover the following topics by applying what you have learned in the first of three-part webinar series devoted to the subject of Protecting Your Network by using Cryptography to solve some IT issues.


  • Applying Cryptography to OSI Model
  • Securing Services with the use of Cryptography
    • Web Servers
    • Mail Servers
  • Right Managements for protecting data
  • Network Traffic
  • VPN in the following modes
    • Gateway-to-Gateway VPN
    • Host-to-Gateway VPN
  • Securing Network traffic with IPsec
  • Wireless Weaknesses
  • Securing wireless with Cryptography
    • We will explore WEP, WPA, and WPA2
  • Steganography

To attend this session on February 23, 2011 Time - Noon - 1 PM ET

Click Here

Part Three:  will be Disaster Recovery – April 27, 2011

Speaking at DOD Cyber Crime Conference 2011


On Wednesday Jan 26 I will be presenting 3 sessions, they are;

Presentation Title: Security for the Network Administrator

Date and Time: 01/26/2011, 0830-1020

Location: Great Hall D

Track: Information Assurance

Description: You are a new system administrator and have been trained to maintain that system. But have you been trained to secure it? Many network administrators are assigned the task of securing a network, but they have no idea how to do that.
Do you understand the “Big Picture” and how your actions could compromise the security of your vital data and systems? Most administrators are living in a silo of information and don’t have a real view of the big picture. This results from network administrators thinking “It’s Not My Job”. While true from an evaluation point of view, this can lead to major security issues.
During this presentation, we will help you break out of the silo and get the big picture. We’ll help you identify security issues and how and where to report them.


Presentation Title: Securing the Weakest Link

Date and Time: 01/26/2011, 1320-1420

Location: Great Hall D

Track: Information Assurance

Description: Network security issues are something organizations are faced with everyday. You can implement technologies such as IDS/IPS and firewalls to help lock down your network. However, have you considered how to protect your networks against non-technical intrusions such as social engineering?
This session will explore 10 things you can do now to help protect and defend your data, network, and personnel against social engineering attacks.
During this presentation, we’ll discuss the following topics:
-How Easy It is to Gain Information That Can Put You at Risk
-How Social Engineering Can Also Be Done via Technology
-Case Studies and Examples of Techniques That Work to Social Engineer Users

Presentation Title: Understand the Security Concerns Associated with Virtualization

Date and Time: 01/26/2011, 1500-1600

Location: Great Hall D

Track: Information Assurance

Description: Many organizations realize the benefits of implementing virtualization. In fact, by implementing virtualization, you can reduce the physical number of host computers. But does it reduce or add risk to your infrastructure?
The goal of this session is to take a look at all of the issues and identify areas of concern as a cyber specialist.


7 Overlooked Network Security Threats for 2011

Here is a link to a great article on network security.

Threat Area
Worst Case Scenarios

1. Insider Threat
Enterprise data including backups destroyed, valuable secrets lost, and users locked out of systems for days or even weeks.

2. Tool Bloat Backlash
Decision-makers become fed up with endless requests for security products and put a freeze on any further security tools.

3. Mobile Device Security
A key user's phone containing a password management application is lost. The application itself is not password-protected.

4. Low Tech Threats
A sandbox containing a company's plan for its next generation of cell phone chips is inadvertently exposed to the public Internet.

5. Risk Management
A firm dedicates considerable resources to successfully defend its brochure-like, ecommerce-less web site from attack, but allows malware to creep into the software of its medical device product.

6. SLA Litigation
Although the network administrator expressed reservations, a major customer was promised an unattainable service level for streaming content. The customer has defected to the competition and filed a lawsuit.

7. Treacheries of Scale
A firm moves from a decentralized server model to a private cloud. When the cloud's server farm goes offline, all users are affected instead of users in a single region.

To read the full article go here


Security Webinar Authentication and Cryptography

Brief Overview:

I will be presenting a session on  "Authentication and Cryptography," I will examine the following topics:

  • Verifying who is a user and to what they have access
  • Different ways a user can be validated to computer and network resources
  • How Cryptograph is used to protect data
  • Symmetric and Symmetric Encryption
  • What are hashes?

In our webinar session on February 23, 2011, we will discuss Using Encryption to Protect Your Data. In the last webinar of this series entitled Disaster Recovery, we will take this information from theory and show you how to use this technology.


In this session we will cover:

  • Identification:
    • Something a user knows
    • Something a user possesses
    • Something a user is or does
  • Issues
    • Distribution
    • Cost
    • Tracking
  • Elements
  • Password Protocols
  • Hashes
  • Kerberos
  • Cryptography Benefits
    • Confidentiality
      • Encryption
    • Integrity
      • Message digests
    • Authentication
      • Public-key cryptography
    • Non-repudiation
      • Digital signatures
  • Symmetric Encryption
  • Asymmetric Process
  • Digital Signatures
  • Certificate Authorities
  • Models
  • Lifecycle
  • Distribution

To attend this session on  2/9/2011 at  Time: 12:00 PM ET

Click Here

Then on February 23, 2011, I will discuss Using Encryption to Protect Your Data. In the last webinar of this series entitled Disaster Recovery, we will take this information from theory and show you how to use this technology.

Other session that you may want to look at include

Cyber Security Part One: Identity Theft

Understanding Cyber Security Physical Security

Understanding Cyber Security Risk Management


Friday, January 21, 2011

Active Directory Federation Services 2.0 RTW Update

Active Directory Federation Services 2.0 helps IT enable users to collaborate across organizational boundaries and easily access applications on-premises and in the cloud, while maintaining application security. Through a claims-based infrastructure, IT can enable a single sign-on experience for end-users to applications without requiring a separate account or password, whether applications are located in partner organizations or hosted in the cloud.

The Windows Server 2008 R2 setup package for AD FS 2.0 was updated on 1/5/2011. This updated package contains hotfixes that will prevent the errors described in the following support articles from occurring whenever AD FS 2.0 is installed on a server running the Windows Server 2008 R2 operating system:

Get the update here


Tuesday, January 18, 2011

Windows Upgrade Starter to Home Premium Deal

The current deal is if you buy a netbook with starter you can upgrade to Home Premium  for only 19.95 !  You just need to purchase Windows anytime upgrade at the same time !

Windows Anytime Upgrade?

With Windows Anytime Upgrade: Windows 7 Starter to Home Premium, your customers can upgrade their new netbook PC safely, quickly, and easily. Then they can customize it with themes and photos and enjoy entertainment anywhere. By taking advantage of this offer, customers get everything in Windows 7 Starter, plus more:

  • Live Preview See lots of open programs and windows at a glance with live taskbar previews.
  • Netflix – Customers can watch what they want in one place. With Windows Media Center and a Netflix account, they can stream thousands of movies and TV shows directly from Netflix.
  • Internet TV – Use Windows Media Center to find and watch a variety of TV shows on the Internet.
  • Remote Media Streaming – Customers can go on the road without taking all their entertainment. They can enjoy music, photos, and videos from their home PC with remote media streaming in Windows Media Player.
  • Desktop Personalization – Help your customers make their PC look the way they want. They can personalize their desktop with their own photos, themes, and sounds.

* For Internet TV, you’ll need Internet access. Free Internet TV content varies by geography. Some content may require additional fees. Internet TV is not available in all countries.


Offer is good Nov 7 to April 2 while supplies last

Thursday, January 13, 2011

Cell Phone a Security Nightmare?

Is a cell a phone was just a phone?

The current cells phone today is smart phones with more power that you desktop that 7 years old. Think of what you keep on your phone, Mail Contact, Schedules, and other data what would happen if that device was lost or stolen or compromised and theft or you competing got that information

Here are some simple things to do.

Don't Lose Your Phone - Know where you phone is at all times and do not leave it out at bars and public places, Keep it with you. Do not leave it in you parked car.

Lock you phone and set a password (a strong one not 1111, 1234 etc.)

Here's how to find time-out settings on various smartphone OSs:

    • Android: now supports PINs and passwords
    • BlackBerry: enable the password, and set the security time-out options.
    • Windows Phones: can set or change the password, and also set the screen time-out.

Remote wipe means that if your phone is lost or stolen, you can remotely clear all of your data--including e-mail, contacts, texts, and documents--off of the handset, thus keeping that information out of the wrong hands. Check with you Company or Phone provide about this service

Trojan Horses, Malware, and Viruses and Third-Party Apps

  • Software protection: like Lookout that can protect the Phone and the anti-viruses manufacture have software as well.
  • Third-Party Apps can become an issue, once an apps is installed it can access to your personal data and location. You need to think or ask what the app does and what information will it share?

List of State Breach Disclosure Laws

I found this resource list, it show the State Breach Disclosure Laws, you can search this site for your state and what you need to do or what your legal responsibilities are.

Click Here 

Wednesday, January 12, 2011

Microsoft Security Essentials free to small Businesses.

Microsoft Security Essentials will become free to use for organizations with up to 10 PCs.

Originally released last year for single-PC use at home, Microsoft Security Essentials was designed as a comprehensive security solution in a lightweight package.

Microsoft Security Essentials can be downloaded, installed and put to work with just a few clicks. Upon installation, it scans the PC to make sure it’s clean from the start. Once Microsoft Security Essentials is working, it downloads updates and schedules scans on its own.

Over the past year, the product has won awards and certifications from a number of independent agencies, such as ICSA Labs, West Coast Labs and PC Advisor, and last January, PC Advisor named Microsoft Security Essentials to its list of the “Best Free Software.”

This is a full-featured, top-tier security solution that Microsoft is offering to small businesses for free. You don’t need a credit card. It requires no registration, no trials, no renewals. It doesn’t collect any credit card information. It runs well on older hardware. It’s easy to use, easy to get, and it’s from a trusted source. Basically, Microsoft Security Essentials just works.”

But if the product is so successful, why offer it for free? According to Microsoft’s internal research, although 80 percent of PC owners in the U.S. say they have the most up-to-date antivirus protection, in reality only half that many actually do. Often they have signed up for free trials or subscription-based services that have lapsed. Others are just using outdated versions of security software on older hardware.

Microsoft Security Essentials is now available in 74 markets worldwide and 25 languages. To learn more about Microsoft Security Essentials and download the product for free, visit


Copy-and-Paste Coming to Windows Phone 7

A series of Windows Phone 7 updates are coming over the next few months, including adding the copy-and-paste feature and improving the phone’s performance when loading or switching between applications.

Microsoft also is working to make Windows Phone 7 available from Sprint and Verizon in the first half of 2011, and more languages will become available later this year.


New Microsoft Touch Mouse Announced



Microsoft Touch Mouse is the new multitouch mouse for Windows 7 that will let you click, flick, scroll and swipe so it’s easy and fun to interact with your PC.

Designed to enhance your Windows 7 usage, the Touch Mouse combines the virtues of a mouse with the rich natural language of gesture to offer a more intuitive way to navigate your PC. Touch Mouse also features BlueTrack Technology so you can track virtually anywhere, anytime.1

Top Features and Benefits

· New! Multitouch surface lets you use natural gestures to snap, navigate and control content with a touch of a finger.

· New! Flick scrolling functionality lets you quickly scroll and pan through windows and documents.

· New! Improved task switching on Windows 7 gives you superior mouse performance and experience on the PC.

· BlueTrack Technology allows you to ditch your mouse pad and mouse on virtually any surface,1 including granite, marble, carpet and wood.

· Snap-in Nano transceiver gives you the option to leave the transceiver plugged into the computer or conveniently store it in the bottom of the mouse.

· 2.4GHz wireless technology gives you a confident wireless connection.

· Ambidextrous design for use with either hand.

See the Difference

Touch Mouse Gestures — Easy as 1, 2, 3

Touch Mouse lets you do everything you’re used to doing with a mouse, such as point and click, but also adds gestures with one, two or three fingers to amplify the Windows 7 operating system by creating simple shortcuts to the tasks you want to do most. clip_image002

Shorter Shortcuts for Windows 7

With the Touch Mouse, you can use your mouse to do tasks that normally involve the keyboard.


Availability and Pricing

Touch Mouse will be available in June 2011 for the estimated retail price of $79.95 (U.S.).2 It will be available for presale starting today at and the Microsoft Store online.

Touch Mouse is backed by a worldwide three-year limited hardware warranty. The limited warranty and license agreement are available at

Some information in this fact sheet relates to pre-release products, which may be substantially modified before they are commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

1 BlueTrack Technology does not work on clear glass or mirrored surfaces.

2 Estimated retail price. Actual retail price may vary.


Technorati Tags: