4/04/2012

What is the SCDPM 2010 (System Center Data Protection Manager) and its benefits for IT infrastructures ?

Overview

Data Protection Manager 2010 (DPM 2010) is part of the System Center family of management products from Microsoft. It delivers unified data protection for Windows servers such as SQL Server, Exchange, SharePoint, Virtualization and file servers -- as well as Windows desktops and laptops.
  • New in 2010 is the ability for roaming laptops to get centrally managed policies around desktop protection. Your laptop data will be protected whether you are connected to the corporate network or travelling.
  • DPM 2010 also provides native site-to-site replication for Disaster Recovery to either another DPM 2010 server or an off-site cloud provider.
  • Centrally managed System State and Bare Metal Recovery are also new in DPM 2010.
DPM 2010 seamlessly uses disk, tape, and cloud-based repositories to deliver an easy-to-use and best-of-breed backup and recovery solution for Windows environments from Microsoft. Windows customers of all sizes can rely on Microsoft to provide a scalable and manageable protection solution that is cost-effective, secure, and reliable.

Benefits

Benefits of Data Protection Manager 2010 (DPM 2010) include:

Unmatched Exchange, SQL, & SharePoint Functionality

DPM 2010 offers integrated support for advanced Exchange and SQL cluster configurations, shorter SQL backup windows without the need for compression, as well as advanced SharePoint data protection options.

Zero Data Loss Restores for Applications

DPM 2010 enables lossless recovery of Exchange, SQL, and SharePoint servers without the need for constant replication or synchronization by seamlessly integrating a point in time database restore with the existing application logs.

Host Based Virtual Server Backups

DPM 2010 includes support for host based backup of Windows Virtual Server guests. Using a single host based DPM 2010 agent to provide application consistent backups of any and all guests residing on a host. DPM 2010 can protect any operating system or application via this mechanism as long as they are running on a Windows host server.

Recover Files In Minutes Instead of Hours

A typical file recovery from tape takes hours and can be costly. The typical medium datacenter may have 10 to 20 or more recoveries per month. DPM 2010 enables the same recoveries in minutes, saving money for the business and time for IT administrators. Additionally, faster recovery keeps information workers productive because they spend less downtime waiting for their files to be recovered.

Eliminate the Back-Up Window of Your Production Servers

Massive growth in storage capabilities has increased the time needed to back-up file servers. Businesses also face the requirement for 24/7 uptime and the difficulty finding a non-disruptive time to perform a backup. Because DPM 2010 moves only the byte-level changes of the file servers it backs up, it effectively eliminates the downtime required to back up your file servers. Customers never have to plan for such "backup windows" again.

Enable Users to Perform Their Own Recoveries

Recovery and backup processes generally involve multiple administrators, each having unique expertise, adding to the data management total cost of ownership. Corporations collectively spend billions of dollars annually on recovering lost data. DPM 2010 solves these problems by enabling self-service user recovery, which lets you access and retrieve files directly within Microsoft Windows (versions XP through Windows 7) and Microsoft Office (versions 2007 through 2010)applications without administrator intervention, thereby lowering administrator costs and increasing productivity (check specific System Requirements for details).

Seamless media integration

DPM 2010 features seamless integration between disk and tape media. This includes an intelligent user interface that abstracts the operator from the need to separately manage disk and tape media, an integrated restore experience for both disk and tape, and rich media management functionality.

Storage Efficiency

Patented filter technology reduces the volume of full backups by as much as 90 percent in typical organizations, saving disk space and reducing full backup time from hours to minutes. VSS point in time snapshots further reduce the disk volume required, while Express full backup images increase number of available restore points which can be captured.

Remove Tapes from Branch Offices & Centralize Backups at the Datacenter

Today, the primary way to protect remote servers is for branch office staff to back up data to expensive removable media, such as data tape cartridges, and then manually transport the media to an offsite storage facility. Tape restores within this configuration can be expensive and slow. DPM deploys agents on the remote file servers to send the data back to the central data center where it can be more securely backed up by one IT administrator.

Advanced Functionality at Low Cost

Because DPM 2010 is part of the Windows Server System, it contains tools that are already in your server software, such as Microsoft Management Console (MMC) and Windows Explorer. IT administrators are already familiar with these tools, which reduces training costs. Along with the comprehensive report functionality included with the product, DPM 2010 can also upload all of its reports and alerts to the Microsoft Operations Manager console. 

Protection & Recovery for Exchange Servers

DPM 2010 protects Exchange server databases every 15 minutes.

Protection & Recovery for Sharepoint

DPM 2010 provides best of breed protection and recovery for Microsoft Office Sharepoint technologies. 

Protection & Recovery for Microsoft SQL Server

DPM 2010 protects SQL Server databases every 15 minutes, and can restore not only to each of those 15-minute marks, but also enable you recover to any transaction point, or even to the very latest committed transaction following an outage.
Protection for Hyper-V Virtual Guests & Hosts
Including support for Live Migration scenarios using cluster-shared volumes (CSV) and restoring VMs to alternate Hyper-V hosts.

Extends Protection to the Desktop

DPM 2010 extends protection from mobile laptops to stationary desktops.

4/02/2012

What is the DirectAccess Technology ?

DirectAccess, introduced in the Windows 7 and Windows Server 2008 R2 operating systems, allows remote users to securely access enterprise shares, web sites, and applications without connecting to a virtual private network (VPN). DirectAccess establishes bi-directional connectivity with a user's enterprise network every time a user’s DirectAccess-enabled portable computer connects to the Internet, even before the user logs on. Users never have to think about connecting to the enterprise network and IT administrators can manage remote computers outside the office, even when the computers are not connected to the VPN. Forefront Unified Access Gateway (UAG) 2010 extends the benefits of DirectAccess across your infrastructure, enhancing scalability and simplifying deployment and ongoing management.Next time I will show you how to configure DirectAccess in Windows Server 2008 R2 and on UAG 2010 anmd maybe on TMG 2010.For more deatils click here.

How to monitor Internet usage with Fastvue for TMG

Real-time Network Monitoring for Microsoft  Threat Management Gateway

Real Time Dashboard
Alerts
Productivity Assessment
Active Directory Integration

Microsoft's Forefront Security Products

Overview

Microsoft Forefront delivers comprehensive, end-to-end solutions, both on-premises and in the cloud, to help protect users and enable secure access virtually anywhere. With our integrated portfolio of protection, identity, and access products, you can help secure your environment and manage access across data, users, and systems.

Multi-layered Protection

Forefront delivers leading malware protection solutions across endpoints, messaging and collaboration application servers, and the network edge.

The next version of Forefront Client Security, helps enable businesses to simplify and improve endpoint protection while greatly reducing infrastructure costs.

Forefront Online Protection for Exchange

Delivers layered technologies to actively help protect businesses’ inbound and outbound e-mail from spam, viruses, phishing scams, and e-mail policy violations.

Forefront Protection 2010 for Exchange Server

Incorporates multiple scanning engines from industry-leading partners into a single solution to detect viruses and spyware faster and more effectively than single-engine solutions.

Forefront Protection 2010 for SharePoint

Combines multiple anti-malware scanning engines from industry-leading security partners with file and keyword filtering to help provide comprehensive protection against the latest threats.

Forefront Threat Management Gateway 2010

Provides a secure web gateway that protects users from malware and other web-based threats.

Identity-based Access

Microsoft’s identity-based access technologies and Forefront solutions build upon Active Directory’s infrastructure to enable policy-based user access to applications, devices, and information.

Microsoft Forefront Identity Manager 2010

Delivers a comprehensive solution for managing identities, credentials, and identity-based access policies across heterogeneous environments.

Forefront Unified Access Gateway 2010

Provides comprehensive, secure remote access to corporate resources for employees, partners, and vendors on both managed and unmanaged PCs and mobile devices.

Simplified Management

Microsoft Forefront products include management capabilities that integrate with your existing environment to make it easier to deploy and manage your enterprise protections and maintain compliance. 

Forefront Protection Server Management Console 2010

Provides multi-server management for Forefront Protection 2010 for Exchange Server and Forefront Protection 2010 for SharePoint. The management console delivers an easy to use graphical interface for server discovery, configuration deployment, reporting, quarantine management, engine and definition update deployment and integration with Forefront Online Protection for Exchange.

Benefits

With new security point solutions multiplying in both number and complexity, you would think that organizations would have all the protection they need. But business security issues continue to grow, due in large part to the typical operational challenges you face every day, such as:
  • Integrating your security products so they work well together and leverage each other
  • Integrating your security products into pre-existing IT infrastructure
  • Managing and deploying security simply, pervasively, and without mistakes
  • Managing security as a single solution instead of a collection of disparate products
Forefront provides a comprehensive family of highly effective security products. By concentrating our efforts on the integration and management aspects of security, Forefront products can help prevent misconfiguration, enable your organization to deploy security products more pervasively, and give you a unified view into the security state of your networks. By addressing operational issues Forefront helps makes your network more secure — the configurations are correct, security is deployed where it is needed, and management and reporting are simplified.

What is the Forefront Identity Manager 2010 (FIM)

Microsoft Forefront Identify Manager 2010 (FIM 2010) can help address. Chief among these:
  • The burden of complexity on IT, which must manage identities across heterogeneous systems.
  • High help-desk costs associated with password resets and smart card deployment.

Key Benefits

  • Empowers people to accomplish self-service identity tasks.
  • Delivers agility through automation, self-service, and extensibility.
  • Increases security with management across identities, credentials, and resources.
  • Loss of end-user productivity because users cannot manage the routine aspects of their own identity and access.
  • Lengthy development time for identity management customization because existing developer interfaces require specialized knowledge.
  • Security gaps and risk to the business due to noncompliance with internal and external regulations.
FIM 2010 offers you a comprehensive solution for managing identities, credentials, and identity-based access policies across heterogeneous environments.
FIM 2010 empowers users with self service password reset and embeds self-help tools in Office so you can manage routine aspects of identity and access, gives IT Professionals rich administrative tools and enhanced automation, and delivers .NET and web services-based extensibility for developers.

What is the Forefront Unified Access Gateway 2010 (UAG)

Overview

Forefront Unified Access Gateway 2010 (UAG) delivers comprehensive, secure remote access to corporate resources for employees, partners, and vendors on both managed and unmanaged PCs and mobile devices. Utilizing a combination of connectivity options, ranging from SSL VPN to Direct Access, as well as built in configurations and policies, Forefront UAG provides centralized and easy management of your organization's complete anywhere access offering.
Integrating a deep understanding of the applications published, the state of health of the devices being used to gain access, and the user's identity – Forefront UAG enforces granular access controls and policies to deliver comprehensive remote access, ensure security, and reduce management costs and complexity.

Benefits

Forefront Unified Access Gateway (UAG) is designed to provide secure remote access in a way that extends application intelligence, security and control, and ease of use. Key benefits include:

Anywhere Access

Forefront UAG makes it easier to deliver secure remote access to your applications and resources, and improve employee and partner productivity, by combining an intelligent access policy engine with a variety of connectivity options including SSL VPN and Direct Access. Forefront UAG:
  • Empowers employees, partners, and vendors to be productive from virtually any device or location through integrated SSL VPN capabilities.
  • Delivers simple and secure access optimized for applications such as SharePoint, Exchange, and Dynamics CRM.
  • Extends networking connectivity with Windows Direct Access to existing infrastructure and legacy applications.

Integrated Security

Forefront UAG improves the security in remote access scenarios by enforcing granular access controls and policies that are tailored to the applications being published, the identity of the user, and the health status of the device being used. Forefront UAG further improves security by enabling strong authentication to applications and mitigating the risks of downloaded data from unmanaged devices. Forefront UAG:
  • Protects IT assets through fine-grained and built-in policies that provide access to sensitive data based on identity and endpoint health.
  • Easily integrates with Active Directory and enables a variety of strong authentication methods.
  • Limits exposure and prevent data leakage to unmanaged endpoints.

Simplified Management

Forefront UAG offers a single platform through which to deliver and manage remote access. With built in policies and configurations for common applications and devices, you can gain more control, more efficient management, greater visibility, and lower total cost of ownership. Forefront UAG:
  • Consolidates remote access infrastructure and management.
  • Simplifies deployment and ongoing tasks through wizards and built-in policies.
  • Reduces support costs by delivering a simplified connectivity experience for users.

What is the MS Forefront Threat Management Gateway 2010-TMG 2010

Forefront Threat Management Gateway 2010 (TMG) is a secure web gateway that provides comprehensive protection against web-based threats by integrating multiple layers of protections into a unified, easy-to-use solution. Forefront TMG allows your employees to safely and productively use the Internet for business without worrying about malware and other threats.
The Forefront TMG solution includes two components:

Forefront Threat Management Gateway 2010 Server

Provides URL filtering, antimalware inspection, intrusion prevention, application and network-layer firewall and HTTP/HTTPS inspection in a single solution.

Forefront Threat Management Gateway Web Protection Service

Provides continuous updates for malware filtering and access to cloud-based URL filtering technologies aggregated from multiple web security vendors to protect against the latest Web-based threats.

Key Benefits

  • Multiple Web security technologies in a single solution.
  • Multiple URL filtering data sources for better blocking.
  • Intrusion prevention against exploitation of vulnerabilities
  • Built-in, proven network protections of ISA 2006.