Hello - we've managed to get our hands on a Microsoft Roundtable.  It's a web-conferencing device with a 360-degree webcam and a hands-free phone built in... looks a bit odd though :-)

It works with LiveMeeting and Office Communications Server 2007 (OCS2007) and it's pretty impressive.   You get a 360 view of the meeting and the webcam switches to the active participant when they speak.  It will even track them around the room if they are moving about.

We're using it for a number of activities now and are finding it really useful, as LiveMeeting allows you to share your desktop and present using PowerPoint.  In the two weeks that we've had it it's been used to conferernce with people who are working from home and we've already held a customer service review and a pre-sales meeting to demonstrate our Email Archival service.   There are also savings in travel time/cost too, and we'll probably use it next week when I'm in Seattle.

If you want to see it in action, there's a great video here;

I've just updated an article about using Entourage with Exchange Server mailboxes on our web site here. The main update is about how to get perform a GAL lookup from the Entourage client without using LDAP.

Entourage functionality can be extended easily using scripts, including one to perform GAL lookups using OWA over the internet. It's simple to install and easy to use thanks to the readme file included in the download. You can get it from here.

Daniel

Microsoft released an update to Office 2008 for Mac yesterday, http://support.microsoft.com/kb/948057. There are a number of Entourage 2008 reliability improvements including contact and calendar synchronisation with Exchange server. This has been a problem for a lot of users, as contacts were not synchronising between Entourage 2008 and Exchange.

If have an Exchange mailbox and use Entourage 2008 you should think about installing the update.

Daniel

I'm often asked by users and our support team if it is possible to access shared calendars on a Windows Mobile device. The good news for WM5/6 users is that TeamCalendar.com have the solution.

Access is granted as normal in Outlook using the Share My Calendar option. You can install the software directly to the device over-the-air and is uses ActiveSync settings.

You'll need to have your mailbox on an Exchange Server 2003 SP2 server, which if hosted by Cobweb you currently are. No Exchange Server 2007 support yet, but it is expected soon...

Daniel

'just because it’s SaaS doesn’t make it good’ comments on TheRegister http://www.theregister.co.uk/2008/02/07/freeformdynamics_saas_reality_check/

My comments....

Although when we started Cobweb's Hosted Exchange service in 2002 it was in search of a recognisable product, with a brand and features that most potential customers would understand. We wanted to be directly compared with an on premise solution and compete on our value as managed service providers. Its my view that by being in the 'cloud' will one day give us a wider, richer more useful service versus a traditional on premise solution. Today this is still only partially realised, Exchange as a hosted service, has still a long way to go, with significant advances over the next couple of years.

If its in the cloud or not should not matter, its the value we bring to business function and flexibility that SaaS, and its suppliers should be judged on.

Expansys are offering a range Windows Mobile devices with good value data tariffs. My favourites are the "candy bar" style handsets like the HTC S730, or the Touch Dual (iPhone beater) slider.

Go to, http://www.expansys.com/t.aspx?f=1238&se=639 to see what is on offer.

Thanks to MessageLabs for the following content, quoted from their Intelligence Reports

http://www.messagelabs.co.uk/intelligence.aspx

The term “whaling” was first used in 2007 to describe the highly targeted phishing-style attacks against senior executives around the world across a range of organizations. Unlike more random attacks, these are more like surgical strikes, intent on stealing intellectual property or confidential information, and by the time the victim is aware of the attack, it is too late.

Although these attacks aren’t as prevalent as traditional virus outbreaks, they are however increasing in numbers. Since early 2007, MessageLabs has intercepted around ten targeted attack attempts daily, an increase from one per day one year ago, and two per week two years ago. In the early examples from 2005, the main targets were multinational industries, but this is no longer the case; many such attacks now are equally levied against small-to-medium sized businesses too.

The first major whaling attack in 2007 occurred on June 26 when MessageLabs intercepted 512 emails with a Microsoft Word document attached, which contained an embedded spying trojan. All of the emails targeted senior executives across a number of organizations in many countries. So precise were these attacks that the subject line of the email included the recipient’s name and job title.

The next significant wave appeared in September with MessageLabs intercepting 1,100 individual email attacks from the same criminal gang responsible for the June outburst. This series of attacks purported to be from an employment service regarding a prospective employee and included the target’s company name within the subject line. Again, the emails were targeted towards C-level executives and senior management, including repeated attacks at the same company through different C-level entry points.

Hello

So TechEd is over for another year and I thought I would share some of the figures from the week.

No of delegates - 5200 approx
No of delegate access PC's - 1300
Wireless Access Points - 90
Cisco switches - 40
Kilometres of copper cable used - 20
Kilometres of fibre used - 6
No of unique wireless devices seen - 4590
No of viruses detected - 0
Peak Internet bandwidth - 60Mb/sec

I have been very excited this week by what I have seen from Windows Server 2008 and IIS 7.0, they are both maturing into very capable products with many new features that will make my job as a Windows Administrator a lot easier and I look forward to start investigating how the new features can benefit Cobweb and our customers.

I will keep blogging over the coming months with updates on how things are going.

David

Dear all,

Sorry for the slightly strange title, I’m sure some of you get it. If not, click here. Today is the last day of TechEd and I am happy to say that it has been brilliant. An absolutely fantastic session by Laura Chappell this morning on network forensics and then a follow up security panel discussion with Laura and more top MS and non-MS security professionals. This was my biggest shock of the day:

During a routine threat analysis of anti-virus programs, some open source Trojan source code was downloaded from the web. It was then compiled and several scan engines were used on the binary. None of the engines picked up the Trojan, even though it was a well known threat.

The reason?

This binary had been compiled with Delphi 2005 and the original virus writer had used a previous version. Therefore the signature didn’t match.

I’ll leave you with that, and finish by saying goodbye for now and I hope to see a bit of Barcelona tonight as we finish early at 4:30pm and it will still be light.

21:00 It's Thursday night, and its the last day of TechEd tomorrow - and we've covered a mass of subjects and overviews which has made the whole event just fly by.  Today I've been following some of the security tracks, and got some useful insight - as well as attending the best named sessions so far.

The first session looked at Wireless networking security - "The Black Arts of Wireless Security and White-Magic Countermeasures".  The presenter, from Microsoft, went through a number of the methodologies that hackers use for getting in to - and then disrupting - wireless networking.  So we started off talking about a site called www.wigle.net, a growing database (13mln and counting) of wireless networks available, whether they are open/free, what their SSIDs are, MAC addresses, channel etc.  While this is a mostly US based utility, the world maps are worth a look if nothing else.  Looking at the results of some searches, most users are still using the default settings for their devices - something like an SSID of "Linksys".  This gives a hacker a great start - if the SSID hasn't changed, I would doubt the default password has either...  This was proven in a great example from the lecturer - he was working in a hotel, and the wireless was a bit slow.  So he connected to the router - used the default settings (widely available on manufacturer websites), logged in and increased the broadcast power.  If you haven't already, log in and get them changed.

The second session covered some Windows OS security - "How the Evolution of Military Strategy can be applied to Information Security Strategies in the Enterprise".  For this session I was perhaps expecting Sun Tzu's art of war (here), and while the grand title didn't deliver this it had some great advice for actively protecting your OS.  One that stuck for example was many viruses/trojans - for example Blaster and Sasser - use the cmd.exe file to deliver their service and infect a computer.  This was demonstrated by gaining access to remote machine through an hacking utility (an RPC exploit) which presented a cmd shell with system privileges.  Next, on the targetted machine, we changed the file security to Interactive access only (file can only be executed locally) and ran the same hack.  And it didn't work.  So this then would have been protection against these viruses, and potentially many others too.  Simple when you know.

Good morning,

It is now Thursday and it is amazing how these three days have rushed by.  I just wanted to give people an idea of the organisation that has gone into this event.

There are PCs everywhere, from the highly restricted 'feedback terminals' to the work terminals that you sign in with your MS events web site login.  Furthermore, they have an exchange server here so you can email any delegate and search by name / company.  When you launch outlook on one of these work PCs it will autodiscover your identity and set up your MAPI profile, there is full roaming profile support and you always print to the nearest printer.

Of course none of this is really rocket science, however it is still mightily impressive.  There is a session on Friday that describes how MSIT (the Microsoft internal IT department) created the infrastructure we have here.  I might go along.

All this is an IT perspective but to be honest the way that the lunch is organised is just as impressive, this is really the feeding of the 5000.  In an hour and a half.

Adiós

Hello

As I am now half way through TechEd 2007 I thought I would share some of my thoughts and discovereies on what I have seen so far.

My main focus of the past couple of days has been around web hosting and Sharepoint. I have been very impressed by what I have seen from IIS7.0. There have been some big improvements in IIS particularly relating to the administration of the service. It will be much easier to deploy multi-server web farms due to the new shard config files. No more configuring one server then copying the config to all the other servers in the farm. It is also possible to delegate permissions down to the site level which offers some new opportunities in the way that administrators and users interact with IIS7.0.

Of course IIS7.0 wouldn't be possible without a Server Operating System to run on and Windows Server 2008 is looking like a good offering from Microsoft. Whilst things could still change before it is released next year there is plenty that has matured nicely since Server 2003. I am looking forward to getting some proper hands on with the software to really try it out.

David

10:00 Good morning from TechEd Barcelona.  I finished yesterday's sessions with an overview of Microsoft's Business Productivity Infrastructure Optimisation (BPIO) and a Q&A of the IT Management speakers.  Microsoft's BPIO (http://www.microsoft.com/business/peopleready/bizinfra/default.mspx) is a maturity model and there is a short evaluation exercise on the site that can help to identify - in business optimisation terms - how mature services are in your organisation with advice on how to improve.  It's worth running through the exercise, though as with all such exercises get some of your team or your peers to fill it in too as some questions are open to interpretation!

The Q&A session was quite informative and eye-opening; not about the subjects we discussed directly, but more the state of the IT industry itself.  Indeed, the majority of the Q&A was dominated by questions in two areas - either "My business is trying to outsource my services, what can I do?" or "The tool you've just presented looks good, but have you got another tool that will set it up for me?".  The Gartner research is proved out really - the industry is changing - has changed - and business wants to know what we're here for.  IT groups that are still working on the principle that "We're IT, so we're important - we'll tell the business what to do" are going to have to change themselves before more radical action is taken on their behalf.  And I think that can only ever be a good thing.  I'll close on a quote:

When a great team loses through complacency, it will constantly search for new and more intricate explanations to explain away defeat.  Pat Riley

10:30 Today I'm attending a specific IT manager's track today at TechEd, and this has started with a great talk from Brian Gammage, vice president at Gartner research about the future direction of infrastructure and operations.  The session reinforced the need for IT individuals, teams, and companies to focus on the business output - the actual value of what they do in their environment as we go forward.  I'll share one slide here with you, being the current top 10 CIO concerns, according to Gartner:

• Delivering projects that enable the growth of a business
• Linking business with IT strategies and plan
• Improving the quality of IS service delivery
• Demonstrate the business value of IT
• Attracting, Developing and Retaining people
• Provide new information (analytics)
• Provide a flexible technical infrastructure
• Building business skills into the IS organisation
• Leading change initiatives (both IT and wider business)
• Improve IT governance

Very business biased and notably absent is security - and in a world where including consumers, IT spend is now breaching $3 trillion annually.  The reason?  Security is no longer a strategic priority.  It is simply expected.

14:45  I've been through two further sessions since my first post - about desktop management in the enterprise and how to build the datacentre of the future.  Of course - since this is TechEd, we're talking about how to do this with Microsoft's technologies (http://www.microsoft.com/systemcenter).

And Microsoft have got some challenges themselves  - currently supporting some 80,000 servers with growth expected to reach 400,000 servers by 2011.  Supporting such an infrastructure is almost unimaginable, and this makes no reference to any clients connecting to those services, expecting it to be available, 24x7.  So I'm quite excited about the services being offered and what they can mean for me and my teams - it is quite refreshing to see a powerful tool for SME companies that don't want to rollout of a huge system like HP OpenView's System Manager (here) - whether for cost or value.  The Microsoft service will in the future also include change, problem and incident management tools as well as a CMDB solution, similar to these solutions and we've been speaking to a host of companies working to include plugins for non-Microsoft technologies.  One specific feature that I can absolutely see value in is that the Configuration Manager service has built in content to help you with the attainment of compliance standards - for example to check that all servers have the same local security restrictions applied.

Hello

As this is my first entry onto the Cobweb Blog I thought I'd better start by introducing myself. My name is David and I am a member of the Windows Admin Team here at Cobweb Solutions.

Along with my two colleagues I am lucky to be attending TechEd 2007 in Barcelona this week. My primary focus for this week is to find out about the new products and services coming up from Microsoft particularly relating to hosting, be it Web or Sharepoint and how these new technologies can be applied at Cobweb in the future.

I will report back soon with my intial thoughts from the week.

David

Hello everyone.

I have just finished my first (ever) 'proper' session at Tech Ed and immediately I am thinking of how we can start to implement some of the ideas at Cobweb. My session was called "Notes from teh field: Defending web applications". I won't bore you with the detail but this stark statement stuck in my mind more than any of the others...

Attackers do not generally hack into systems now to crash or deface them, they want the data on those systems to make a profit.

This was especially interesting since these attacks get around all of the usuall security precautions and are very difficult to trace in the logs (since they look alot like normal activity). Solution: Secure development lifecycle, threat analysis _before_ the code goes live, code review and continuous monitoting.

I am now starting an Exchange 2007 deployment session - This will conclude my first day here and I am shattered but already looking forward to tomorrow. I will sleep well tonight.

11:00 CET  ...as promised, this is my first entry to the blog from TechEd 2007.  We've arrived, registered and have begun to get a feel for what this week is going to entail.  We've been here for about three hours, and putting to one side the free food and drinks (tea and coffee, of course, but various croissants, bottles of Coke, sprite etc.) this place is huge, and very impressive.  The lunch areas have to seat about 5000 people, after all...

Having already gone through three virtual labs for Microsoft Performance Point Server (something that will appeal to those with an interest in BI and with exposure to dashboards, scorecards and business modelling) I've found my way to the "Communications Network" area - an approach and use area of about 200 PCs with Vista and Office 2007.  I logged in and of course, the logon that I was provided before the event for the TechEd website is the same for this PC, and my event calendar, email and all my settings are here.  I know Microsoft have been "eventing" for some time, but this is well organised to say the least.

17:30 CET  A busy few hours with more virtual labs, the keynote speeches and a session on SOA - Service Oriented Architecture.  The keynote speeches were kicked off with a group of drummers on the main stage and each of us with a differently pitched 'tube' on our seats as we went in.  A few exercises in timing later, the group was warmed up for the speeches and these were aimed squarely at the new wave of products - Windows 2008, SQL 2008 and Visual Studio 2008 - all of which have new features and services that will add value to most enterprises.  I'll try and add some photos later on of what we've seen so far.

My next session is aimed at IT lifecycle management helping to enable continuous improvement.  The session links closely with the SOA talk and looks a little more at what we can work on now - rather than in the future.

Just a short post to say that myself and two of my team are lucky enough to be at TechEd Europe this week!  http://www.mseventseurope.com/teched/07/itforum/content/Pages/Default.aspx

I'll update the blog as the week progresses with what we've been up to, and looking at the line up there are some fascinating things going on.  If anyone is also going to the event, drop me an email and I may well see you here.

Get Safe Online is a little know campaign that's been running for a few years, and aims to be a single source of security information and advice.  Most of it seems to be aimed at small businesses which is a good thing.   

Get Safe Online Week runs from 12 to 16 November and there will be some online events and webcasts coming out soon i'm sure.  http://www.getsafeonline.org/

I'd recommend you take a quick at the "ABC 10 munute guide to security" which is on the front page currently.   It states the obvious, but you really should be using Windows XP by now, patching with Windows Update, turning on Windows Firewall and.... securing your wireless networks!!

In my continuing quest to find the perfect single device I'm now testing the Palm Treo 750 courtesy of O2. Based on my experience after using it for a day I think I may finally have found "the device" for me. In combining the PDA version of Windows Mobile in a form factor that combines both phone and QWERTY keypads along with a touch screen I have everything that I initially look for. Having worked for Microsoft during the early device OS "battles" it does seems strange to be using a Palm device running Windows Mobile.

The Palm enhancements to Windows Mobile make it really simple to dial a contact, and the device has enough grunt to cope with the 1,600+ contacts I have in Outlook, which are all now synchronised with the device (something which previous devices I've used have struggled with). Email and Calendar all work as expected and I have Word, Excel and PowerPoint to hand too.

I'm going to continue my testing over the next week or so and in particular I'm going to be looking at battery life. This is because the biggest annoyance I have found with the device is it's proprietary power connector – a standard USB2.0 power connector would have been so much nicer and would save me having to buy a whole bunch of new power adapters (maybe that's the reason given they always seem to cost so much!)

If you'd like to try the Treo 750 check out the O2 shop where you can get the device for free on contract!

Please let me know your favourite device and if you have a Treo 750 what you think of it.

I often see articles which talk about Email Etiquette, but not too many on the effective use of Calendars. One of the most useful and time saving features of Microsoft Exchange is the ability to quickly book meetings with colleagues and to be able to see when your colleagues are free. Until you have used this feature and organised a meeting with multiple people it is hard to understand how much time is saved compared to the endless round of phone calls and emails which were typically needed to book a meeting with more than a couple of people.

One of my biggest bug-bears with Outlook which I got caught with again today is when you try and schedule a meeting but someone has booked the time off as holiday, but used an all-day appointment to mark the time off. By default Outlook marks all-day appointments as "Free" so when you look at the Free/Busy information they look like they are available for your meeting.  So my request is - please always set the "Free/Busy" information on all your Calendar requests - it will make the lives of your colleagues much easier :-)

Let me know what your Outlook bug-bears are. I'll publish the most common ones as articles within our KnowledgeBase to help share the knowledge.

BlackBerry or Windows Mobile?  A question I am asked almost every day by customers wanting to know which device is right for their business.  I've always been a Windows Mobile device user, and in particular PDA versions of Windows Mobile devices.  One of the downsides of the the PDA version of Windows Mobile devices though is that they are not great phones, and so I still have a trusty Nokia phone for making all my voice calls.

Increasinghly I keep thinking to myself that I need to sort this out and get a new device which combines the two.  A couple of things have happened in the last week which made me look at this question from a different perspective.

First Toshiba very kindly loaned us 2 new Windows Mobile 6 devices the G500 and G900.  Both have a certain quality feel about them with the sliding keyboards "clunking" just so when you open them and the weight is just right too.  Trying the G500 first was a real eye-opener for me as it took me nearly 10 minutes to configure ActiveSync using old "triple-tap" text entry - very painful.  I've tested SmartPhone versions before but the G500 brought it home to me the benefit of having a QWERTY keyboard on my current device.  The G900 is a really powerful device and has a great screen and the fingerprint scanner is a great addition for secure mobile email but it still isn't a great phone.

Second Dale Vile of Freeform Dynamics a customer and IT analyst emailed me after he had tried a new Windows Mobile 6 device compared to his BlackBerry device he was used to.  One of the big things he noticed was how verbose the Windows Mobile devices are when synchronising your email - giving a novice user far too much and often confusing information.  From a simplicity point of view BlackBerry really do seem to have the edge still.

So what am I going to do?  Probably carry on for a while using both my Windows Mobile PDA and Nokia phone.  I'd love to hear your experiences of different mobile devices and which one I should try next...

Who do you want to host your applications?

Cobweb has been hosting Microsoft applications for nearly 7 years now and has around 4000 pretty happy customers. We know that our customers like the functionally of the applications they use as a service and they like the support we give them. So what happens when Microsoft start hosting the applications themselves?. A couple of recent articles here  and here show Microsoft's move into the hosting game. You can of course get Microsoft Live services for free or at low cost and it appears that if you are a business in the USA over with 5000 users you can get Microsoft to directly host services right now. But do you want them to? Having been a Service Provider to smaller business 1-1000 users for a while now we  know that whilst our model is one too many, all our customers do have individual requirements that a small business like Cobweb is ideally placed to service.  But I would be very interested to know what you think. The question is: Would you prefer place your business hosting of services like messaging and data management with a large corporate like Microsoft or a smaller Service Provider like Cobweb - Comments please

Mark