Test Layout

Last week a client got a nasty surprise when their Internet access was blocked by their ISP because the Zeus P2P virus had been detected from their IP address. Because all computers share the same IP address through NAT (network address translation), all of the computers were blocked. All of the computers at this site have up to date commercial antivirus software. But obviously Zeus P2P got past it. I'm noticing that this is becoming quite common. We see viruses getting in all the time through web pages, links in spam messages, and attachments to spam messages. After doing some research, it turns out that Zeus P2P typically communicates with UDP ports 10,000 and up. The best way to find specific network traffic is by using a packet sniffer. However, you can't use a packet sniffer effectively on switched networks unless your switch has a basic level of management capabilities and supports port mirroring. I configured the switch for this company to mirror traffic from the port th...

I've not been a big user of the Microsoft Forefront products. I've tended to use competing products either in software for antispam/antivirus or hardware for firewalling/reverse proxy. However, Forefront Protection for Exchange seemed to get a fair amount of traction with people that implemented Exchange Edge Transport servers. In September, Microsoft announced that many of the Forefront products are being discontinued. As of December 1, 2012, most cannot even be purchased anymore. See the official announcement here: http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-changes-to-forefront-product-roadmaps.aspx See an explanation from a former employee here: http://hal2020.com/2012/09/15/goodbye-forefront-it-was-nice-knowing-you/ So, if you were using some of these products, where do you go from here...... Forefront Protection for Exchange. If you are comfortable outsourcing email scanning then you can use Forefront Online Protection for Exchange. The online ser...

Today in class, we were testing out virtual desktop infrastructure deployment (VDI). Microsoft's VDI infrastructure is designed to allow users to have virtual desktops. Due to the restraints of our classroom environment all of the computers were unplugged from the network. As a consequence, in Hyper-V the external network was not up. This resulted in the following error during the creation of a collection: Server computer.domain.com either does not have a virtual switch configured or none of the configured virtual switches have an IP address assigned In our environment the computers all had the same external IP address and could not be reconnected to the network at the same time. The simplest short term solution was to connect each computer to a small switch that had no other connectivity. This brought up the link light on the external NIC and allowed the creation of the collection to complete. This is unlikely to be a concern in any type of real life environment because those w...