Archive for August, 2011

Exchange for Hosters

Tuesday, August 30th, 2011

As you know, this feature was removed from the current version of Exchange. There are some features back with Exchange 2010 SP1 back not as we had it in the past with legacy versions.

Now with Exchange 2010 SP2 we will get back functionality on a standard On-Premise Exchange environment.




Windows Anti-Virus Exclusion List

Wednesday, August 17th, 2011

A comprehensive all exclusion list for Windows Server Systems has been published on TechNet Wiki.


Active Directory .local domain design and the Cloud

Sunday, August 14th, 2011

In the past many IT architects designed the Active Directory namespace with .local domain. Even Microsoft distribute their best practises to not design this way but use common domain namespace.

Many administrators argued to be more save with a .local AD namespace. But security is not the option.

Now today this becomes an issue when you want to connect your AD namespace with cloud environment.

I’ve found the article from Mark Parris and I recommend you have look at it and be aware of this issue.


Most popular configurations on SonicWall UTM Appliances

Tuesday, August 9th, 2011

As an alternative for Microsoft TMG 2010 we are testing SonicWall Unified Threat Management Appliances.

Here you’ll find most popular configurations on SonicWall UTM which covers nearly all wizards you have for publishing and access rules on Microsoft Threat Management Gateway.

But there are some descriptions outdated like the one to publish Exchange, it is just for legacy versions but not valid for current Exchange versions. You keep in mind to modify.

A good choice is not to follow completely every description. Think about which part of each description meet your needs. As if you going to publish your web server, you don’t need a reflexive policy and mostly not a loopback policy.

And think about if you use a reflexive policy that this source will be restricted to the service you used for this policy.

If you use the Failover & Loadbalancing feature on SonicWall it usually makes sense to use static routing if you want to force certain traffic going through a dedicated WAN interface.

Especially when you have L2TP clients on your LAN, they will not be able to connect to the external L2TP server on customer site, until you add a static route like: ANY to ANY for service ‘IKE’ for one of the WAN interfaces.

PPTP passthrough works out of the box.

And keep in mind, until you don’t change the access rules on a SonicWall, all outgoing traffic can pass the firewall. So your first step  should be to create a service group containing the service you like to allow by default to pass the firewall and change the access rule on SonicWall accordingly.

Then you can create your address objects for resources on your LAN and allow services on additional access rules like DNS for your DNS server which makes public DNS name queries or your SMTP server to be able to send messages.


Best Practices for Microsoft Virtualization and Netapp Storage for Hyper-V

Wednesday, August 3rd, 2011

A consolidated version of the former articles about this scenario has been published by ‘NetApp for Microsoft Environments’ Team.

You’ll find the detailed documentation about NetApp Storage Best Practices for Microsoft Virtualization and NetApp Snap-Manager for Hyper-V here.

The NetApp best practices for Microsoft virtualization have been covered in sections 1-11 of the whitepaper and the best practices for SnapManager for Hyper-V follow thereafter.

They updated several sections and added new ones. Some of the must reads are the sections on backup and  recovery, AV  exclusions, automation , monitoring and management.

Under "Best Practices on SnapManager for Hyper-V", they added a section on how to perform disaster recovery using SMHV powershell cmdlets. There’s also a list of important KB articles that will be prove handy while troubleshooting common SMHV related issues.

They also posted a quick 10 step guide in the appendix section that has instructions to deploy Windows 2008 R2 Hyper-V Cluster environment on NetApp storage.