Sybari Software provides security products that help businesses protect their messaging and collaboration servers from viruses, worms, and spam.
This document has now been updated:
I had forgot all about this little site, it worth checking out and placing and order or two:
Posted with permission from Paul Bowden.
We are pleased to announce the availability of the Exchange Server Best Practices Analyzer v2.1. The new version can be downloaded from here. Starting next week, for those running ExBPA v2.0, you will be prompted to upgrade to v2.1 the next time the tool is started.
List of enhancements included in ExBPA v2.1:
- HBA Collection – ExBPA.MSI package now installs the WMI extensions required for querying Host Bus Adaptors through the HBA API. This allows ExBPA to automatically collect configuration and diagnostic information from HBAs such as Emulex, Qlogic and LSI. The extensions need to be installed on the Exchange server. Either install ExBPA or the FCInfo tool on the server to enable collection of HBA information. NOTE: Once the extensions are installed on the server, ExBPA will be able to collect the information even when running from a remote workstation.
- Performance Baseline – In addition to the regular ‘Health Check’ scan, a new scan type of ‘Health/Performance Check’ can be run. This tells the BPA engine to sample key Exchange and Operating System performance counters and produce statistics showing the 90th percentile and maximum value. The list of counters is based upon the Exchange 2003 Performance Troubleshooting whitepaper. The performance statistics will be displayed in the “Baseline” report once the scan has completed. By default, 240 samples will be taken at 30 second intervals (i.e. 2 hour run). These defaults can be overridden with the following registry parameters:
Data: The total number of samples to collect (default: 240)
Data: The time to wait between each sample (default: 30)
1. The time estimation in the UI is fixed at 2 hours, it does not take into account any registry overrides.
2. ExBPA uses a global 3-hour timeout for processing each Exchange server. If you wish to increase the sample time beyond 2.5 hours, a modification will be necessary to the ExBPA.Config.xml. (MaxTime=”ALL,180;…”).
3. The percentage complete values shown during scanning are based on object completions. As the sampling process is implemented as a single object, the server completion state will appear to ‘stick’ between 35 and 40% for the 2-hour sampling period. This is expected.
4. It is possible to sample multiple servers at the same time. However, you should keep the number of servers in scope to a minimum (e.g. less than 10)
5. Unlike the regular ‘Health Check’ it is important to run the new ‘Health/Performance Check’ when the Exchange server is at its busiest. As ExBPA uses the performance data helper (pdh) library to sample counters, the overheads on the server should be no greater than regular sampling with performance monitor (sysmon). To reduce overheads, it is recommended that you run ExBPA from a workstation rather than the server console.
6. In the initial ExBPA v2.1 release, Error and Warning rules have not been implemented for performance data. These will be introduced in a web update.
7. The sample data is stored as a comma-separated list embedded within the output XML. The ExBPA UI does not support the graphing of this data, or direct conversion to performance monitor log format. The overhead of collecting and storing the data is small. For example, scanning an organization containing a single Exchange 2003/Windows 2003 server:
Health Check – 2,938 KB
Health/Performance Check – 3,078 KB
- Cluster Reporting – Reports such as the ‘Full Issues List’ separates physical nodes from the virtual server. The new format makes it easier to identify issues that need to be corrected on individual physical nodes.
- Wildcard Collection – The BPA engine now supports wildcard collection from the registry. This enables a new set of rules, in particular exclusion settings for file-level antivirus products and Windows firewall configuration.
- Latest Rules – Includes the latest Config XML file (rules database). Over 100 new rules have been introduced in v2.1 – see the list at the end of this e-mail. Specific areas of improvement include the recipient update service, third-party anti-virus checking, and debug settings. In addition to the new rules, over 30 existing rules have been reconditioned to provide better clarity.
- Better Screen Layout – The size of the main report window is now based on the screen resolution rather than fixed at 800×600.
- Scan Selection Information – When viewing the list of previous scans, the Config XML version used for the collection is now displayed in the details panel.
- UDP Support – In addition to TCP, the new version of the tool can connect to ports using UDP. For example, new rules use this function to test the availability of WINS servers.
- Checksum Operations – The BPA engine now supports the calculation of MD5 checksums. While the current rules database does not utilize this feature, it can be enabled in the future without updating the binaries.
- Command-line parameters used with EXBPACMD are now case-insensitive.
- For automatic updates, the tool now uses IE configuration settings if the default proxy server is not available.
- Better handling of Date/Time formats.
- Export functionality no longer deletes the original output XML file.
- The language of the tool is no longer derived from the regional settings. Instead, the OS language is used.
- Clearer instructions for when the scheduler can be used.
- ExBPA v2.1 is available for U.S. English only. Other languages will be refreshed later on in the year.
- In-place upgrades from ExBPA v2.0 to v2.1 are supported.
- The build number for ExBPA v2.1 is 7599 (Displayed as 2.1.7599.0 in the ExBPA UI. Files on disk will be version 6.5.7599.0).
Please send any questions and feedback to firstname.lastname@example.org. Thanks!
The Microsoft Exchange Operational Support Tools Team
List of new rules introduced in ExBPA v2.1:
Network card checksum offloading is enabled
Network card teaming is enabled
More information can be found on Paul’s blog, the Health/Performance Check feature looks really cool.
Looks like a great book:
TechNet Webcast: Accessing Exchange Server from Your Mobile Device (Level 300)
Tuesday, July 12, 2005 – 11:30 AM-1:00 PM Pacific Time
Paul Limont, Program Manager, Microsoft
Does your organization have all the mobile access it could in the areas of security, flexibility, and affordability? This webcast will discuss and demonstrate how Microsoft Exchange Server 2003 provides secure and affordable remote and mobile access to e-mail and personal information management software across a range of mobile devices. Come discover how to leverage the mobile capabilities of Exchange Server 2003 and the new mobility features available in SP2.
Momentum Webcast: Fighting Spam the Microsoft Way (Level 100)
Thursday, July 21, 2005 – 11:00 AM – 12:00 PM Pacific Time
Microsoft Technical Experts, Microsoft Corporation
Sixty percent of all email hitting your network is spam. Last year alone businesses lost $22 billion due to dealing with unsolicited email. Left uncontrolled, spam severely impacts bandwidth on your network, storage space on your mail server, and support time of your information technology (IT) staff. This webcast discusses how Microsoft Office Professional Edition 2003 coupled with Microsoft Exchange Server can maximize the protection of your company’s email while minimizing IT time spent maintaining your network. Join us to learn what you need to combat spam from one end of your network to the other.
TechNet Webcast: Implementing Messaging Security for Exchange Server Clients (Level 200)
Monday, July 25, 2005 – 9:00 AM – 10:30 AM Pacific Time
Kai Axford, Security Specialist, Microsoft Corporation
To ensure that messages can be read only by the intended recipients, it is as important to provide security for the clients of Microsoft Exchange Server 2003 as it is to secure the server itself. Join this webcast to learn about solutions such as using Secure/Multipurpose Internet Mail Extension and Information Rights Management to protect e-mail content. We will also discuss remote procedure call over HTTP to help secure client connections to Exchange Server 2003 via the Internet. The presentation concludes with a discussion about how to control access to e-mail attachments and how to manage and secure Microsoft Office Outlook Web Access.
Description of how Microsoft IT custom configures its SMTP servers to make its mail flow more securely and manageably.
Paul Flaherty has produced a BlogCast on troubleshooting IMF, well worth checking out:
This was posted on the Exchange teams Blog: