Author: admin

Establish Standards for Cloud Computing

Cloud computing is the latest hot trend in the IT world and among technology consulting companies.  To a point where almost every meeting I go on talks about this subject matter and does so in a very misinformed way.  The perception out in the marketplace is that the cloud is cheaper, more reliable, and secure.  That is simply just not the case unless the proper steps and procedures are followed.  When will we see cloud standards?  That is a really great question because the security questions of encryption and penetration capability still have not been addressed.  How reliable is the data in the cloud?

The protocol, data format and program-interface standards for using cloud services are mostly in place, which is why the market has been able to grow so fast. But standards for configuration and management of cloud services are not here yet. The crucial  standards for practices, methods and conceptual architecture are still evolving and we are nowhere close.  Cloud computing will not reach its full potential until the management and architectural standards are fully developed and stable. Until these standards are formalized and agreed upon there will be pitfalls and mishaps, which cannot take place.

The main premise of Cloud protocol is  TCP/IP.  The cloud usually uses established standard Web and Web Service data formats and protocols. When it comes to configuration and management, the lack of effective, widely accepted standards is beginning to be felt and I have seen the negative results.  There are several agencies and organizations working on cloud configuration and management standards, including the Distributed Management Task Force (www.dmtf.org), the Open Grid Forum (www.ogf.org), and the Storage Networking Industry Association (www.snia.org).

Currently there are, as of yet, no widely accepted frameworks to assist the integration of cloud services into enterprise architectures.   An area of concern is the possibility of changing cloud suppliers. You should have an exit strategy before finding a provider and signing a cloud contract. There’s no point in insisting that you own the data and can remove it from the provider’s systems at any time if you have nowhere else to store the data, and no other systems to support your business.

When selecting an enterprise cloud computing provider, its architecture should have the following:

• the cloud services form a stable, reliable component of the architecture for the long term;
• they are integrated with each other and with the IT systems operated by the enterprise; and
• they support the business operations effectively and efficiently.

Other groups that are looking to establish industry standards include the U.S. National Institute of Standards and Technology (http://csrc.nist.gov), the Object Management Group (www.omg.org) and the Organization for Advancement of Structured Information Systems (www.oasis-open.org).

iPad Can Be Used With Verizon Wireless

Verizon and Apple seem to be having problems about getting the iPhone on its network and being able to sell it.  It’s pretty funny that as a result, the carrier is getting the iPad instead. Apple and Verizon Wireless today announced that the Apple iPad will be available in more than 2,000 Verizon Wireless retail stores starting October 28.

AT&T still has the exclusive contract with Apple and of course someone got really creative with how to make this happen.  Verizon Wireless will not sell the iPad (Wi-Fi + 3G), the version of the tablet that runs on AT&T’s 3G network, it will instead sell the Wi-Fi-only iPad with its own Verizon MiFi 2200 Intelligent Mobile Hotspot.

The iPad will be available in three bundles:
•Apple iPad 16GB + MiFi: $629.99
•Apple iPad 32GB + MiFi: $729.99
•Apple iPad 64GB + MiFi: $829.99
As far as data plans for the iPad, Verizon will offer one: Up to 1GB of data for $20 per month.

Verizon’s bundle prices are the same as what you’d pay for the iPad with integrated AT&T 3G. But Apple and AT&T offer a choice of two service plans: 250MB a month for $14.99 or 2GB month for $25.
Incidentally, AT&T today also announced that it would begin selling the Wi-Fi + 3G iPad in its retail stores on the same day: October 28.
The upside to buying an iPad from Verizon? Versatility: The MiFi provides Internet access for up to five devices at a range of about 30 to 40 feet. But it is one more thing to tote along with you, though the MiFi is only about the size of a pack of cigarettes, but half as thick (3.5 by 2.3 by 0.4 inches).

It’s also one more thing you need to keep charged. Battery life varies depending on how many devices you have connected at once. In our tests, with four Wi-Fi connections, the battery dropped to one bar in an hour. In 90 minutes, it was almost fully drained. On the other hand, we were able to eke out 8 hours and 5 minutes of power on the iPad (Wi-Fi + 3G) running the 3G modem nonstop.  Lots of things to consider I suppose but it seems that this offering is a bit premature and not as seamless as it should be.

Fix Cached Credentials over VPN

Ever had a remote user who uses a laptop outside of the company network and their cached credentials somehow do not work or have been lost from the cache? I recently faced this same issue and with a little advice from a colleague, I was able to successfully get the users credentials cached once again.

The way I was able to accomplish this was the fact that we had VPN setup, and since most companies have some sort of VPN for their users to access email and documents, we were able to use this to our advantage.

Essentially what I did was log onto the computer using the administrator cached credentials. Once in there I made sure the VPN connection was setup to point to my server at the main office, and I went ahead and logged in. Once in, I used a random application on the desktop (I think I used firefox), I right-clicked, and selected the run as option. When the dialogue came up, I used the end users credentials rather than my own. What this does is it will try to validate the user credentials with the domain controller because we are connected through the VPN.

Once this is done and the application opens, you can disconnect from the VPN, log off of the administrator account, and try logging on with the end user.

I was successful in my attempt and I hope you are too!

iPad and iPhone Can Be a Security Risk

BVA has found that these types of mobile devises if not provisioned correctly can seriously be a security risk to your network environment.  Security policies need to be set forth to ensure security at all levels of access.  Apple iPad tablet device as well as the iPhone is slowly becoming a legitimate business tool, your employees will soon have them in hand and invade your business. The reality is that the iPhone changes the playing field for security and really surprised IT consulting companies and their administrators when it got released.   The users needs versus wants changed completely where being able to have a Smartphone that just sync’s calendars, contacts, and emails changes drastically. The iPhone hit the scene and next thing we were getting requests for it to be integrated into a businesses mail environment immediately. These requests were coming from owners and directors, decision makers were being demanding about making it work, totally side-stepping the security protocols set forth by years of experience and best practice.  The bottom line is that the line between corporate tool and consumer gadget has not just been blurred; it has been completely erased.  There have been several studies that have shown that when asked, the iPad and iPhones present the greatest smartphone security risk for IT.  It’s a scary thought that you have locked down your environment but since a new gadget gets releases to the market and owners want it, it diminishes the integrity of the system.

There was recently a few contents by security outfits where they had people hack the iPhone in less than 2 minutes and won a cash price.  This is a scary thought and quite frankly shows how easy it can be for the non-hacker.  Obviously it might take a little longer from a less talented hacker but it can clearly be done.  Apple has little intention to make their OS more secure because it’s not the market that they are targeting.  Again they are targeting the consumer, not the business enterprise.  I am sure there will be a point in time when that day comes but it is not in the near future.  If Apple at the very minimum addressed just the enterprise security, supportability requirements, and new hardware level encryption.  I want to be very clear that the OS on the iPhone is the same as the iPad as well as its security. Apple targeted the iPad primarily as a media consumption gadget for the residential consumer, not the business community but again we have seen this shift.  I am not saying that you should ban the iPhone or iPad but develop policies and procedures that address the rules of engagement for integrating the iPad with your network environment.

As you develop the policies, keep in mind that the iPad is unique and could fall into a few different areas for policies.  Here are some key points to keep in mind:

•    delivers notebook-like functionality
•    smartphone OS platform
•    normally placed in the policy bucket for computer usage and security policies, not recommended
•    a good policy bucket to consider – smartphone usage and security policies (recommended)
•    same smartphone OS was hacked in less than 2 minutes

Make sure that whatever policy selected addresses the most important factor here which is allowing or denying the storage of confidential or sensitive information on the iPad, or how e-mail, instant messaging and other communications conducted through the iPad fit within archiving and compliance requirements.

MAC Microsoft Office 2011- Finally Got it Right

It feels like I have been waiting forever for the new release of Office for the Mac.  With Microsoft Office for the Mac 2011 (Home and Student version, $119; Home and Business version, $149), Microsoft has finally gotten it right. After a string of disappointing releases, the new Mac version of the world’s most widely-used office suite is a spectacular success, and an unexpected triumph for Microsoft’s Macintosh group. Compared with Office for the Mac 2008 and its predecessors, Office 2011 is innovative, better-designed, startlingly faster, vastly more powerful, and far more compatible with Office for Windows. It even includes a few features that outclass anything in its Windows-based counterpart, Microsoft Office 2010 ($499, 4 stars). If you’re a casual, light-duty office-suite user or a student, iWork ’09 ($79, 4 stars) is still a great option, but if you’ve got heavy-duty work to perform on the Mac, you’ll want Office for the Mac 2011.  The cost for the suite is pretty reasonable for the applications you get.

Office for the Mac still has some minor weaknesses, and at least one feature that’s less powerful than in the previous version—Office no longer syncs calendars with iCal. Overall, it’s the best office suite ever for using the Mac as a serious platform for getting work done.  Office for the Mac comes in two versions, a Home and Student Version (single user package, $119; three-user family package $149) and a Home and Business Version (single user package, $199; licensed for two machines, $279). The Home and Student version includes Word 2011, Excel 2011, PowerPoint 2011. The Home and Business version matches the Home and Student version plus Outlook 2011, which replaces the Entourage mail, calendar, and contact manager app in recent versions.

Pros: Fast, flexible office application suite. Most powerful Mac office software. Highly compatible with Office for Windows. Well-integrated with OS X. Visual Basic for Applications recorded and programmed macros fully supported. Newly-designed Outlook replaces Entourage as mail/calendar/contact app.
Cons: No calendar synching with iCal. Outlook won’t synch with or retrieve mail from Exchange Server 2003 or earlier.
Bottom Line: Office for the Mac roars back with fast, powerful application suite the best of its kind for the OS X platform.

Removing Fake Microsoft Security Essentials

In today’s world of spyware, viruses, and malicious attacks, there are very few that have given me the thought that they could actually be real. Typically you get the one that pops up saying you have 95 viruses and that you need to pay to clean your system, which is an immediate red flag. Most of the time the spyware looks really fake, and by fake I mean they have no company name, or they just use a generic names like “Windows Security 2010,” and “Antivirus 2010.” I thought this always to be the case until just recently.

The call came in like any other, the user was describing that Microsoft Security Essentials had detected an infection and needs to be cleaned. I told the user to go ahead and click the clean option in Security Essentials and it will clean the file. When she did this, it said it could not be cleaned and the apply now button on the bottom changed to a “Scan Online” option.  It took me a second but I realized that I had never seen this option in security essentials ever before.

If you click on the Scan Online button, it will list a total of 35 antivirus programs, 30 of which are real and 5 which are rogue. The 5 rogue ones are:

  • Red Cross Antivirus
  • Peak Protection 2010
  • Pest Detector 4.1
  • Major Defense Kit
  • AntiSpySafeguard or AntiSpy Safeguard

When these are allowed on the system they will perform a fake virus scan and say you are infected. Each one is the same, but slightly different interfaces. They also block certain applications from running (ex. Internet explorer, Malwarebytes, etc…). Below are the steps I took to resolve my issue.

Removing fake Microsoft Security Essentials.

Because I was offsite, I had to remote into this particular computer from another PC on the network, but if you are in front of it you can use the same methodology. I immediately checked add/remove programs and Microsoft Security Essentials was not even installed!

I downloaded the process explorer tool (procexp.exe) from live.sysinternals.com on a separate machine and put it on a network share (you can put it on a usb drive if you are in front of the PC). You can also try Ctrl+Alt+Del if it will work because it did not work for me. I opened the network share on the infected PC and copied procexp.exe onto the computer and ran it. NOTE: It is not usually best practice to open network shares when infected with spyware or viruses as they sometimes spread via those means but I had no other choice.

Here I found the fix.exe file was running on the system and I killed the process. I noted the path of the fix.exe file that procexp.exe shows you:

Documents and Settings(username)Application Datafix.exe

I then went into windows explorer > tools > folder options > view and made sure show hidden files and folders was selected. I browsed to the folder listed above and removed the fix.exe file. While in there I also noticed another interesting file with a randomly generated name.

Documents and Settings(username)Application Datajsdfgs.bat

I opened this file with notepad and saw the code in the picture below. This looked very suspicious, so I removed this as well.

Note: This may/may not be related to the Fake Security Essentials

I then thought I had the issue resolved and opened IE which worked fine, but then when I tried running Malwarebytes to scan the system, it still would not start. This alerted me that there is still a bigger issue. I also tried doing Windows update and this would fail as well. I began looking at my internet connection settings and found that there were static IP addresses that had been put into my TCP/IP settings. I checked on the location of these IP address and they appeared to be coming from the Ukraine. I removed them from my internet connection settings and then Microsoft updates worked fine again.

I also loaded up the real Microsoft Security Essentials and ran a full scan where it found and removed a rootkit.

Win32/Alureon.H

Upon removing this file, Malwarebytes and all other antivirus/spyware scans worked properly.

And just for good measure I downloaded the Piriform ccleaner utility from  www.ccleaner.com and ran the cleaner utility to remove all temporary files. I also ran the Registry tool in the application as well to fix all broken links in the registry.

After the full completion of all the afore mentioned tasks, the computer was running great and had no issues.

NOTE: Some of the symptoms in these email such as the file with the randomly generated name, DNS pointint to the Ukraine, and the rootkit may not necessarily be on your computer. These were found on mine during the cleanup. They may have been their previously, that is why it is always good to do a full scan with a legitimate antivirus/spyware program. It is also recommended that you consult a trained professional or be fairly tech savvy before trying to accomplish this yourself.


The tools I used are listed below:

Process Explorer (procexp.exe)

www.live.sysinternals.com (you can download the full suite of tools here for FREE!)

Malwarebytes

http://www.malwarebytes.org/

ccleaner

www.ccleaner.com

Fixing Backup Exec Advanced Open File Option VSS Snapshot errors

 

For several weeks, I had been receiving the error message below on most of my backup jobs for servers on my network.  The errors seemed to have started all of a sudden, and I want to share my research and troubleshooting steps that finally allowed me to resolve this frustrating problem.  There is a wealth of information out there about this error – some of it good, some of it not so much.  Hopefully this blog will help bring together the points that I found most helpful in my quest to find a resolution.

Backup- servername.DOMAIN.COM

– AOFO: Initialization failure on: “\servername.DOMAIN.COMShadow?Copy?Components”. Advanced Open File Option used: Microsoft Volume Shadow Copy Service (VSS).

V-79-10000-11231 – VSS Snapshot error. Activity on a volume is preventing all volumes from being snapped. Try selecting the option ‘Process logical volumes for backup, one at a time’ , and then run the job again.

 

First things first, I started with the recommendations given to me in the error message.  To reconfigure our backup job to “Process logical volumes for backup, one at a time”, see this Support Document from Symantec: http://www.symantec.com/business/support/index?page=content&id=TECH69327&actp=search&viewlocale=en_US&searchid=1285083683731

Also, since the error specifically states that activity on the volume being backed up is preventing the snapshot from occurring, I did several things to quiet disk activity during the backup.  Here are a few things that I found that may have contributed to excessive disk activity on my servers:

  • Scheduled tasks that run during the backup
  • SQL Server Maintenance plans that run during the backup
  • Microsoft Indexing Service and Microsoft Search (If your server is a file server or Sharepoint server, this can be useful, otherwise, I would think that these services should be disabled)
  • Anti-Virus scheduled scans that may run during the backup
  • Defrag jobs scheduled during the backup (more on this later)

 Here are some other general tips that I found useful in ensuring my servers were optimally configured so that VSS snapshots can run successfully:

  • Free up disk space.  Having a low amount of free space can cause issues with VSS, backups, and system performance.  Here are some tips for freeing up space on the C drive:
  • Delete temp files in temp, WindowsTemp and your profile temp, which you can find by typing %temp% in the Run dialog and clicking OK.  
  • Check your log files in Windowssystem32LogFiles, as IIS can be reconfigured to start logging to a drive with more space.
  • NTUninstall folders in your Windows folder can be moved to another drive, or deleted.  However, you cannot uninstall updates once you do this. 
  • Many times, the WindowsSoftwareDistribution folder will get very large from cached Windows Updates.  You can safely delete this folder by stopping the “Background Intelligent Transfer Service” and the “Automatic Updates” services, deleting the folder, and restarting those services. 
  • Another place on your C drive that will sometimes grow very large is the WindowsInstaller folder.  If you download the Windows 2003 Support Tools, you can run msizap.exe –G to remove any orphaned patch files that live in the WindowsInstaller folder.
  • Once you free up disk space, you should defrag your volumes.  If you have off-hours where your server is not heavily used and you can schedule defrag jobs, I would highly recommend doing so.  I have found several references out there on the Internet that indicate a highly fragmented file system can cause VSS errors.  At the beginning of my quest to resolve this problem, I discovered that many of my volumes were highly fragmented.  I now have scheduled defrag jobs that run (outside of my backup window, of course!)
  • Make sure that you are up to date on all Microsoft Windows Updates and Service Packs.
  • Run Live Update to install all updates for Backup Exec.  Ensure that you are running all of the latest Service Packs (currently SP4 for Backup Exec 12.5) and Hotfixes.

Please note that after installation of Backup Exec Service Packs and some Hotfixes, it is necessary to update the Backup Exec Remote Agents on your remote servers.  You can redeploy those agents from within Backup Exec the same way you installed them originally – by going to Tools, and then selecting “Install Agents and Media Servers on Other Servers”.  Should that fail (as several of mine did), you can navigate to Program FilesSymantecBackup ExecAgents on your media server and copy the folder of the Windows agent for your server architecture – RAWS32 for 32-bit servers, and RAWSX64 for 64-bit servers to the remote server.  Then on the remote server, execute the setupaa.cmd to update your agent.  A reboot will likely be required.

Microsoft has released a VSS Update Rollup that addresses multiple VSS issues.   If you have the netdiag.exe tool installed from the Windows Server 2003 Support Tools, you can quickly find out if you have this update applied by typing netdiag | find “940349”.   If there is no output from the command, or it does not show v3 of this update, then you should download and apply this update.  This should be done on all servers being backed up, and this will also require a reboot on each server.  Information and a link to download the update are found here: http://support.microsoft.com/kb/940349

It can also be helpful to reregister the DLL files required for Microsoft Volume Shadow Copy.  I have included a sample batch file that can help reregister those files.

Cut and paste the following into notepad, and save it as FIXVSS03.BAT.  Run FIXVSS03.BAT to reset VSS configuration.

——begin cut here——

rem FILENAME: FIXVSS03.BAT
rem
net stop “System Event Notification”
net stop “COM+ Event System”
net stop “Microsoft Software Shadow Copy Provider ”
net stop “Volume Shadow Copy”
cd /d %windir%system32
net stop vss
net stop swprv
regsvr32 /s ole32.dll
regsvr32 /s oleaut32.dll
regsvr32 /s vss_ps.dll
vssvc /register
regsvr32 /s /i swprv.dll
regsvr32 /s /i eventcls.dll
regsvr32 /s es.dll
regsvr32 /s stdprov.dll
regsvr32 /s vssui.dll
regsvr32 /s msxml.dll
regsvr32 /s msxml3.dll
regsvr32 /s msxml4.dll
Cd /d %systemroot%syswow64
regsvr32 /s ole32.dll
regsvr32 /s vss_ps.dll
regsvr32 /s es.dll
regsvr32 /s stdprov.dll
regsvr32 /s msxml3.dll
regsvr32 /s msxml.dll
regsvr32 /s msxml4.dll
net start “COM+ Event System”

—–End Cut Here—–

Note: The syswow64 folder will not exist on 32-bit Windows 2003 servers, so the batch file may give errors during that part of the execution.  These errors can be ignored.

Finally, I found this Microsoft Knowledge Base article on changing the initial storage area that VSS uses when it creates snapshots.   See the More Information section at bottom of this document: http://support.microsoft.com/kb/826936

I found recommendations that this be set to the maximum 3GB size (3000 decimal).  You need to be sure that you have 3GB of disk space available if you increase this number to the max.  I set the size of the MinDiffAreaFileSize key to 3000 decimal and most of my servers then stopped having the VSS errors during the backup.  However, on my main file server, I received another VSS error that shows up in the Application log on my main file server that says:

Event ID 7001 in the Application log

VssAdmin: Unable to create a shadow copy: Insufficient storage available to create either the shadow copy storage file or other shadow copy data.

Command-line: ‘C:WINDOWSsystem32vssadmin.exe Create Shadow /AutoRetry=5 /For=\?Volume{0e23512e-ab34-11db-902d-0002b3c80089}’.

I then went back to that registry key and lowered theMinDiffAreaFileSize to 2000 (after making the registry change, you can cut the information in the event information after “Command-line:” and can paste it in a command prompt window to run a snapshot immediately.  Then go check the application log again to see if the snapshot was successful or not).  The snapshot failed at 2000 also, and finally has been running successfully set at 1000 for a couple weeks now.

I have now had successful backups now for a couple of weeks.  Hopefully this information is helpful is solving your issues with Backup Exec and VSS snapshot errors.

Capabilities and Limitations of the Apple iPad in a Standard Business Network Environment

The iPad is a great device. It’s light, ultra-portable, and you don’t have to take it out of your carry-on for airport security. It’s sleek and sexy. It’s remarkably versatile. Many people wonder: can I replace my Window laptop or MacBook with it? If I add a Bluetooth keyboard, is it a netbook?

You can try, but it’s like trying to get a Corvette to replace a pickup truck: they both serve the same fundamental purpose, but they each excel at different things. You can try to get your pickup up to 180 MPH, and you can try to haul a ton of bricks in your Corvette. With enough effort, “McGyver”-ing, and aftermarket accessories, you could no doubt accomplish each. But is it a good idea? And if you think it through ahead of time, do you really want to?

The longing to replace a laptop with an iPad is easy to understand. An iPad travels well. It’s simple to connect it to a Wi-Fi network, and you don’t have to wait for it to boot up. The battery lasts. When you’re not working, you can use it to play music, movies, or games. It’s a terrific reader for news and e-books. It’s a great email client for Gmail, AOL, and (if your company’s mail system supports it and the corporate policies allow it) Exchange mail, calendar, and contacts using ActiveSync.

But it’s important to remember that the iPad is NOT a laptop or a tablet PC. And, despite being an Apple product, it’s NOT a MacBook. It isn’t built on Windows or Mac OS X – its operating system (iOS) was originally developed for the iPhone. The interface uses multi-touch gestures and an accelerometer, making possible applications that can’t run on a PC or Mac. That also means that applications written for a PC or Mac can’t run on an iPad – unless the author specifically develops a version for iOS. Even then, they would need to publish their application through the Apple App Store (thus sharing their proceeds with Apple) – or you would need to jailbreak your iPad, voiding the warranty.

Importantly, the iPad (like the iPhone and iPod Touch) does NOT support Adobe Flash or Java, meaning that websites that use those technologies won’t behave as designed. Why not? Apple CEO Steve Jobs called the Adobe product insecure, buggy, battery-intensive, and incompatible with a touch interface.

The iPad is better at consuming information than it is at creating it. It’s great for creating and editing smaller emails and documents, but you’ll want a PC to create large or complex documents. Another challenge: once you’ve created or edited the smaller documents, you can email them from the iPad, but only one file per email. To send multiple files, you need to send multiple emails. This can be pretty cumbersome. You’ll note that as you explore the iPad you won’t even encounter the concept of a “file” as you would on a PC or Mac.

To think of the iPad as a replacement for a netbook, notebook, or MacBook is like thinking of the Corvette as a replacement for a Ford F350. Is it fair to call the iPad an overgrown iPhone? No. It’s a terrific multi-function device with some very valuable business purposes in specific situations. Should you expect it to behave like a Windows machine or Mac? You’ll only end up frustrated if you do.

Love the iPad for what it is, and don’t hate it for what it isn’t. And don’t expect your IT consulting company to help you make it do what it’s not designed to do – they can’t fit a ton of bricks in a Corvette, either.

So… what CAN the iPad do in a business network environment? In other words, what is reasonable to expect your company’s I.T. team to support?

  • Email access. If your company allows remote email access from a smartphone using POP or IMAP protocols, you can do it from your iPad. Note, however, that it’s up to you go get the iPad connected to the Internet on the remote Wi-Fi. If you have a 3G iPad, getting it on the Internet is strictly between you, Apple, and AT&T.
  • Calendar/Contact synchronization – if your company has a fairly new Exchange server and the network is configured to allow ActiveSync access. If you have a non-BlackBerry smartphone that wirelessly syncs Calendar/Contacts, your iPad can also.
  • Remote Desktop to a Terminal Server – if your company has a Terminal Server. If you have access using Microsoft’s Remote Desktop Connection software for either Windows or Mac, you can have access from your iPad. Be sure to get a good RDP app such as iTap RDP, which makes it easier to operate a Windows desktop from with the iPad’s smaller display, and makes the best use of the iPad’s direct manipulation and multi-touch gestures.
  • VPN access. If your company allows VPN connections from other devices, such as an IPSec VPN tunnel to a Cisco firewall or a PPTP connection to a Windows RAS Server, you can have the same connection from your iPad. You might use it to establish a Remote Desktop Connection to your office workstation, if your company’s policies allow this.

Now… what CAN’T you expect your company’s I.T. team to support? Pretty much anything not listed above. At its heart, the iPad is a consumer device, and is probably not included in the list of officially-sanctioned “clients” for your company’s server-based applications. There’s no doubt that the iPad will continue to evolve, and new apps are released every day that enhance its functionality and usefulness. But, as a mobile network device, it presents challenges in terms of data security, bandwidth usage, and compatibility. These translate into significant I.T. support costs, so don’t be too surprised if your company won’t support it.

Microsoft Exchange Cloud Offering Has Limitations – BPOS

BVA has seen a lot of ups and downs with the Microsoft in-the-cloud offering with Exchange.  We have been a BPOS partner for over two years with great success overall but have run into some small and large problems that we want to disclose.  One of the biggest problems with the offering is that Microsoft does not backup the mail data over 14 days through an OST locally on the users hard drive as well as one in the Cloud Store.  Another problem is the sub-folder size and being extremely careful with the deletion process with those sub-folders.  Meaning in one scenario, a client deleted a sub-folder that was greater than 2GB in size and as a result deleted it from the OST for recovery.  There is an outlook rule where it states that any sub-folder deleted that is over the size of 3GB will not go to the recycling bin but rather delete completely off the store.  There is no way to restore the the file from the cloud or the local OST which can be quite painful.  This has been verified with Microsoft and they really do not have a good reason of why this is the case.  Microsoft’s suggestion is to purchase an additional service called Email Archiving for an additional $4.25.  The cost for some of the BPOS offerings are as followed:

Technical Support (All Break Fix issues, Partner Care questions and routing)

BPOS Technical Support

Available to customers and  partners who  are acting on behalf of their BPOS customers

1-866-MSONLINE, 1-866-441-8425, (425)-704-4614

https://admin.microsoftonline.com/login.aspx?ReturnUrl=%2fDefault.aspx 23

http:/www.microsoft.com/online/default.mspx

BVA Recommends Blackberry Server Enterprise Express Edition!

Recently, BVA began recommending the Blackberry Server Enterprise Express edition to many of our small to medium sized clients due to the fact that it is now FREE. This seems to be a move by RIM due to the fact that there are so many Active-Sync phones (iPhone, Droid, HTC-EVO, etc…) that are flooding the market and can accomplish the same tasks as a blackberry (sync contacts, calendar, and email) with no expensive server.  It is extremely cost effective and very functional, and allows all of your mobile devices to be managed from a central location.

What is the price?

It’s free! Yep that is correct it now costs you nothing! You simply download the application and install it in your existing exchange environment (We recommend you have a professional do the install).

What do I need?

You need to have existing infrastructure with a Microsoft Exchange server or Small Business Server. It will support up to 75 users when installed on top of the Exchange server. If you require more users, it is recommended that you install it on a separate server.

What features does it have?

Although it is now free, there are still many features available. Blackberry Server Enterprise Express edition has an easy to use web based management console that can be accessed from any PC, making it very easy for consulting companies and administrators to create and manage users.

It also offers multiple IT policies to help govern your workforce. You can also push out applications, create groups, and even push device software updates seamlessly to the users.

GET IT NOW!

If you feel that your organization could benefit from this great FREE piece of software, let BVA help. We have installed the Blackberry Server Enterprise Express edition in a wide variety of environments and configurations. From a single small business server to companies with many servers, we can help you accomplish the task.

For more information on Blackberry Enterprise Express Edition, please see the video below.

[youtube]http://www.youtube.com/watch?v=9hlQX58IgGQ[/youtube]