Securing HYPER-V environment & Best Practices

During monthly ITPro forum in Sri Lanka I’ve discuss the above mention topic. When Virtualization becomes commodity model in IT industry next concern would be security as  usual SmileDuring this presentation I’ve discuss about the importance of properly implementing the HYPER-V server and how we can use the tools and utilities give to secure the environment. HYPER_V architecture has been analyzed in detail level to understand how the components work with each other and where attacks can occur.

During this presentation I’ve highlighted the risk of running the HYPER-V role in a GUI method and the advantage on Server CORE. How to use the AZ Man and other Microsoft security tools to tight the security around the HYPER-V host and protect the guest machines.

View album

ITPro-June2011

VIEW SLIDE SHOW
DOWNLOAD ALL

View album
View album

You can download the presentation file from here.

Slow mailbox move in exchange 2010 sp1

Recently I was engage in a project of migrating Exchange 2003 environment to Exchange 2010. User was having around 500 mailboxes on various capacities. During the mailbox migration process we found out the process was extremely slow. 500 MB mailbox transfer took more than 20 minutes!

Doing some search around found out this is a due a recent change on the Exchange 2010 SP1. The value of “MaxActiveMovesPerTargetMDB”  was change from 5 to 2. This means only 2 mailboxes can be migrated simultaneously Sad smileNot a good idea and so far no idea why Microsoft did that. You can edit this value in “MSExchangeMailboxReplication.exe.config” to 5 from 2.

Open the above mention file from a notepad and locate the entry of MaxActiveMovesPerTargetMDB and change the value.

image

Once you do that you have to restart the Microsoft Exchange Mailbox Replication service in HUB CAS servers. Try doing the Mailbox moving and you’ll find the difference.

Note: This information specifically given “AS IS” there is no such documentation found in official in Microsoft web site.

Important patch update for hyper-v environment

Microsoft recently announced a remediation process for once of the vulnerability found in HYPER-V. The identified vulnerability s per Microsoft words as follows,

“vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.”

Out of the above I’ve highlighted the key things an end user need to give an attention about.

Patch has been already released and advised to apply he patch on the HYPER-V environment.

Microsoft contribution towards ip v6

Word wide IP v6 day is 8th June. I got the invitation to conduct a session on Microsoft contribution towards IP v6. Event has been organized by “Department of Computer Science & Engineering, University of Moratuwa and the Information
Technology & Communications Engineering Sectional Committee of the Institution of Engineers” wow that is a mouthful name Smile But for short TechCert.

I’ve decided to talk about how Microsoft company has been contributing to the IP v6 and the new features we use in Windows 208 R2 and Windows 7 combined to make the world ready to use the IP v6 technology. During the event I wanted to highlight the feature of Direct Access and how it contribute to people to make their connected life seamless.

Due to the limited time frame carrying out a live demo is not possible but managed to discuss the architecture of the Direct Access. Slide Deck can be accessed over here.

View album

IPv6 Day

VIEW SLIDE SHOW
DOWNLOAD ALL

View album
View album
View album
View album

Expanding hyper-v interoperability with another Linux OS

Microsoft announced few weeks back it will  provide support running Cent OS in HYPER-V. Cento OS is a popular Linux OS used by Enterprise companies and hosters.

Microsoft Open Source Community (Port 25) team has taken great initiation by providing their contribution on developing the relevant ICS for this OS.

With that addition Microsoft official support has been expand to 3 Linux flavors (Suse Linux, Red Hat and Cent OS)

Microsoft Cloud computing offerings

Today I’ve carried out a technical session on Microsoft Cloud offerings. My main focus has been to emphasize the advantage on Microsoft Private Cloud and how companies can adopt the technology.

Main attention has been given on Private Cloud implementation and how company can benefit out of it. Finally we had sneak view into the SCVMM 2012 console and it’s readiness on Cloud Computing.

Thanks again for NetAssist training institute for providing me all the background support to complete the session successfully.

View album

Microsoft Cloud Computing

VIEW SLIDE SHOW
DOWNLOAD ALL

View album
View album
View album
View album
View album

View album
View album
View album
View album
View album