Posts Tagged Server 2008

Using BitLocker To Go (and what to look out for)

As the world becomes overrun by USB keys and more and more people leave their data behind in black cabs, we need ways to protect this data.  Windows Vista introduced BitLocker drive encryption and with Windows 7, we’ve got BitLocker to Go, the ability to take drive encryption and encrypt our portable/USB devices.  Here’s how it works – and a few things to look out for along the way (if you’re comfortable as to how to encrypt devices with BitLocker to go, you can continue to the “what to look out for” area further down in the document)

  1. Insert your USB key and let it be recognised by Windows.
  2. Open explorer (either by going Start –> Computer or by pressing the windows key and E)
  3. Right click on the drive you’d like to encrypt and choose Turn on BitLocker…
    turn on bitlocker to go
  4. Choose how you’d like the drive encrypted:
    bitlocker to go encryption options
  5. Save the recovery key somewhere other than the USB drive 😉
    bitlocker to go recovery key
  6. Begin the encryption process
    begin encryption process
  7. Sit back and wait patiently as it encrypts the drive
    bitlocker to go encrption process
  8. When it’s all encrypted, you’ll now see a logo that shows it’s encrypted:
    bitlocker to go encrypted drive

Now, here are things to take in to account:

Q. Can I use BitLocker To Go to encrypt USB keys on all versions of Windows 7?

A. No, the full functionality of BitLocker To Go is only part of the Enterprise and Ultimate SKU’s.  You can read BitLocker To Go encrypted drives on Windows 7 Home Basic, Home Premium and Professional, but you cannot write to them.

 

Q. Once I’ve set up BitLocker To Go on a device, can I disable it?

A. Yes you can.  Click on Start and type “BitLocker Drive Encryption”.  Inside this control panel applet you can remove drive encryption.

 

Q. Can BitLocker To Go enabled devices be read on Windows XP and Vista (automatically)?

A. They can, but ONLY if the drive is formatted as FAT.  If it isn’t formatted FAT, the utility that allows the removable storage to be read will not be seen.

 

Q. Can I write to my BitLocker to Go enabled device on Windows XP and Vista?

A. No, you’re device, provided you can gain access to it, is Read-Only on XP and Vista.

 

Q. Can I download a utility in lieu of using the BitLocker to Go partition (again, provided my data is FAT)?

A. Yes, there is a utility you can download which will enable the partition to be read – again – providing it is formatted FAT:

http://www.microsoft.com/downloads/details.aspx?FamilyID=64851943-78c9-4cd4-8e8d-f551f06f6b3d&displaylang=en

 

Q. Windows 7 and Server 2008 R2 use the same codebase so can I use a BitLocker To Go encrypted device on Server 2008 R2?

A. Yes, you can, however, you MUST first install the BitLocker feature on Server 2008 R2 you’re wishing to read the BitLocker To Go encrypted device on

feature install

If you’re aware of any other “gotcha’s” with BitLocker To Go that aren’t listed above, please let me know and I’ll be happy to add them.

CREDITS:
Thanks to @xpworld for his inclusion on versions.

Tags: , , , ,

Want Microsoft to build your Hyper-V VM for you?

Recently released is a new set of VHD’s for your arsenal, created by Microsoft, for you.  Sure they come with 60 day evals on them, but they’re pre-built Windows Server 2008 images.  x86 and x64 flavours.  REMEMBER though – if you plan to go to Server 2008 R2, it will only be 64 bit…

Hyper-V based Windows Server 2008 virtual machines with an evaluation period of 60 days are available here:

  1. Windows Server 2008 Standard x86 (full install)
  2. Windows Server 2008 Standard x86 (core install)
  3. Windows Server 2008 Standard x64 (full install)
  4. Windows Server 2008 Standard x64 (core install)
  5. Windows Server 2008 Enterprise x86 (full install)
  6. Windows Server 2008 Enterprise x86 (core install)
  7. Windows Server 2008 Enterprise x64 (full install)
  8. Windows Server 2008 Enterprise x64 (core install)

Tags: , , ,

Vista and 2008 SP2 RC

Hot off the Vista team blog, SP2 is now considered RC.  Many changes, many updates and soon to be available to you for testing.  GA set to be Q2 of this year.

Read more about the release here or alternatively jump across to the Springboard site and see if there are any new things you can find out about it!

Tags: , , ,

SCE 2007 SP1 on Server 2008

Over the next month or so I’m going to be (attempting) writing a course on System Center Essentials 2007 running on Server 2008.  As monitoring becoming more and more mainstream and Server 2008 is proliferating the market (SP2 beta was released just recently – remember SP1 was the RTM), I figured no better time than now to write a course on it.  If you have an ideas or comments, please let me know and I’ll see what I can do to try and cover them or fit them in the course!  For now, here is the basic info if you want to get it up and going yourself on 2008 🙂

http://blog.exceedio.com/2008/05/01/installation-guide-for-system-center-essentials-sp1-on-windows-server-2008-x86/

Tags: , , ,

Is SQL 2008 Faster? Not Sure Yet

So, is it any faster?  Not sure.  Does it take longer to install?  Yes.  Does it seem better OOBE (Out Of Box Experice)?  Yes.

Today I’ve installed SQL 2008 on a Windows Server 2008 install with IIS and PHP to try and do some development work.  I’m interested in the performance.  So far, I can’t say as I’m disappointed, but watch this space for further results…

Tags: , , ,

DHCP NAP (the good and the bad)

Earlier I talked about NAP.  The easiest to implement is DHCP NAP, however easy comes with some gotchas.  With DHCP NAP you have a few catches to be aware of:

– The Network Protection Service must also run on the DHCP server (slowing it down)

– If you use a static IP address, you’ve just bypassed NAP

– There is no way to authenticate anyone nor is there any encryption

– Your NAP “Health Checks” are based on your DHCP lease times, which by default is 8 days!?

Albeit there a few drawbacks, it is good too…

+ Easy to add to an existing network

+ Easy to setup and administer

+ Integrates with Non-NAP compliant computers (Mac, etc) so it doesn’t totally lock down your DHCP server (probably both a + and a -)

+ Quick, dirty, easy

+ Integrates with the other three should you wish to combine the flavours

…so, go give it a try for yourself.  The best thing about NAP in Server 2008 is that it comes as a free addition to the server when you install it.  Simply enable it and away you go!

Tags: , , , ,

Protecting things with NAP

Network Access Protection (NAP) has been around for a while in various flavours, but now is becoming more and more mainstream.  Whilst not the silver bullet, NAP will help try to defend your network (albeit at a basic level) from dodgy characters.  There are four main ways to implement NAP in Server 2008 and they are:

DHCP NAP
IPSEC NAP
802.1x NAP
VPN NAP

Each naturally has its benefits and drawbacks, but watch out for NAP coming to a network near you.

Tags: , , , , , ,

The Windows Server 2008 Resource Kit Review

Over the past month or so, I’ve been covering technology here and there and I am going to continue to do so, but from today I’d like to introduce you to a new project:

The Windows 2008 Resource Kit Review
Read the rest of this entry »

Tags: , , , ,