Flow on effect from the recent WannaCry and Petya epidemics. Applies to only new Azure VMs that are created through the Azure Marketplace, does not impact existing VMs. Funnily enough Server 2016 Core is the only VM image that still has SMBv1 enabled by default.
If SMBv1 is required, it can be re-enabled using the steps in this article: https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1-smbv2-and-smbv3-in-windows-and-windows
Walk into a conference room and instantly launch your meeting using the high performance, easy-to-use Logitech SmartDock. Transform your meeting with a rich, collaborative Skype for Business experience. Meeting organizers enjoy the familiar Skype for Business interface, and IT admins appreciate the easily deployed and managed Windows® 10 Skype meeting app.
SmartDock includes three USB 3.0, Dual HDMI Out, Gigabit Ethernet, and HDMI In. You can use the USB ports to integrate with existing audio-video solutions in the meeting room. Certified for Skype for Business audio and video solutions are recommended.
The real experience comes from the Skype for Business Room software, which is designed for easy meeting joins as part of a resource-based video conference room model. When a room receives an invite to a Skype for Business meeting, the meeting will appear on the Surface Pro screen. An attendee merely touches the meeting to join. During my visit we unfortunately did not have time to explore other options, such as using the room with a user login, but I assume that works also.
Office 2016The December 8, 2015 update Subscription: 16.0.6568.20xx - MSI: 16.0.4312.1001
Office 2013 Service Pack 1 (SP1) and the December 8, 2015 update - 15.0.4779.1002
Office 2010 Service Pack 2 (SP2) and the December 8, 2015 update - 14.0.7164.5002
MAPI over HTTP was not backported to Outlook 2007 or earlier versions. Therefore, Outlook 2007 and earlier versions will be unable to connect
Have an automated task in 365 that you want to Automate e.g.
Saving emails to Sharepoint?
Email you when specific SQL varies are entered into your Application in SQL?
Microsoft has just released Microsoft Flow to do this Automatically for you saving you time and administrative headaches
https://flow.microsoft.com/en-us/documentation/frequently-asked-questions/
If you have Office 365 for your Email , you might be making the next step and deploying the Office 365 suite's replacement Phone System ( PBX )
Skype for business gives your orgainisation
Available on
https://www.microsoft.com/en-us/download/confirmation.aspx?id=53885
At the Microsoft Inspire conference going on in America at the moment, we have been closely following, Microsoft has just announced it will be offering a package bundling its Office and Windows package into one
https://blogs.office.com/en-us/2017/07/10/introducing-microsoft-365/
They are calling it : Microsoft 365 Enterprise and comes with Office 365, Windows 10 Enterprise, Enterprise Mobility + Security.
It's going to be available in 2 flavours E3 and E5 depending if you would like PBX Functionality or extra security.
Microsoft 365 Business will be available in public preview on August 2, 2017.
Priced at US $20 per user, per month which comes to around 16 GBP
This will greatly simplify Licensing for Users and Business
How does this affect me?: Beginning October 31, 2017, Outlook for Windows clients using RPC over HTTP will be unable to access their Exchange Online mailbox.
What do I need to do to prepare for this change?: The necessary action depends on the version of Outlook in use in your organization.
If you are using Outlook 2007 or earlier, you need to upgrade. Outlook 2007 does not contain support for the MAPI/HTTP protocol. We encourage you to update to the Office 365 ProPlus subscription, or access Outlook via the web browser (which is included in your current subscription plan).
Outlook 2010-2016 customers will need to ensure their version of Outlook for Windows is set up to support MAPI/HTTP. At a minimum, you should ensure you have installed the December 2015 update.
Lastly, ensure your Outlook clients are not using a registry key to block MAPI/HTTP.
Another Cyrptovirus has reared it's ugly head in the wild called Petya. It's already infected an Ukrainian Bank , DLA Pipa Law Firm in the USA and a few other agencies.
So far there has been no kill switch found to stop mass infection.
It utilises the same flaws that Wanna Cry used with SMB 1 so if you have already disabled this you should be some what protected. This virus gets into organisations through Email to Spam Filters behind your email servers are a real time defense against these new virus as well as up to date Windows and anti Virus on your Firewall.
A Client Access License (CAL) is a license granting access to certain Microsoft server software. CALs are used in conjunction with Microsoft Server software licenses to allow Users and Devices to access and utilise the services of that server software.
Microsoft give you a guide here
http://download.microsoft.com/download/6/8/9/68964284-864d-4a6d-aed9-f2c1f8f23e14/CAL_Suite_Bridges_Overview.pdf
I have created a cheat sheet :
Products Which Require CALs:
Core CAL Suite (User & Device Options):
CAL Equivalents of your On-Prem Rights from your Online Subscription Licenses (Most Popular Plans – see Product Terms for more details):
Additive CALs:
Enterprise CAL Suite (User & Device Options – Includes Everything in Core CAL Suite:
Be careful installing this update on Exchange Servers per Microsoft Recommendations
https://redmondmag.com/articles/2017/06/13/avoid-net-framework-4-7.aspx
There are some also Current Known Issues Listed here
https://support.microsoft.com/en-us/help/4015088/known-issues-in-the-net-framework-4-7
Careful installing this manually or approving this via WSUS!
The new step forward for anyone currently using Citrix XenApp and or XenDesktop v6.5 the Upgrade path is Citrix Version 7.14 or maybe migration to another product altogether such as Citrix in VDI per below or Microsoft Terminal Server.
https://www.citrix.co.uk/global-partners/microsoft/azure.html
If any of these questions are going through your head , please contact us today so we can guide you in the right direction
If you haven't heard in the news recently British Airways had an IT meltdown last weekend causing thousands of passengers to be grounded.
http://www.bbc.co.uk/news/uk-40081112
Some points to take away for your network and IT Infrastructure:
Everything critical should have dual power supplies. The incident currently is being blamed on a power surge or cut. If either of these were to happen, this should not have caused any issues. Each rack should have a PDU for UPS and PDU for UN-UPS power meaning you are protected from either of these
Highly Critical devices should be in a highly available state! Whether this be a server using Vmware Highly Available option, or 2 sets of routers in automatic HA, technology makes this easy to implement and can be shared across production and Diaster Recovery Site.
You should have a plan for Diasters - Another blame for the recent outage was due to lack of personnel on the ground to fix and manage the problem. If you have mission critical devices to your business you should have a proper monitoring and oncall person 24/7 so your TTF ( Time to Fix ) is reduced due to knowing about the problem 5 minutes after this has happened.
Cyprtolocker Variances such as the recent "WannaCry" have been around for years. The main reason this hit the news headlines is of big outbreaks across the NHS and other global organisations.
Per below we've put together a list of things you can do to mitigate this for this strain and other strains :
http://www.response-it.co.uk/news/2016/10/27/ransomware-the-small-business-guide?rq=Cryptolocker
Done with finding out the version? Here are the links to the updates for all of the Windows versions for which it has been released. Note that if you aren’t sure if you use 32-bit or 64-bit version of Windows, you can simply download both patches — one of them will work for you; trying to run the wrong one will bring up an error box but will do no harm.
You can also be extreme and disable SMB 1 totally from your network however careful with this as things such as VCentre use this for domain authetnication!
Microsoft have put together a full list here thats uses SMB1
https://blogs.technet.microsoft.com/filecab/2017/06/01/smb1-product-clearinghouse/
Part of Response IT's duties for our customers is to help with their Software Asset Management and Licenses. Find the most cost effective solution for their needs and make sure this is kept in a way to produce to Software Vendors if ever the need for Audits. One of the benefits from buying software from Us is that this happens automatically for you.
Game Changer ....
Salesforce was a close creator of the vison of Software being a service instead of a product. The solution would be paid for in a subscription which would let you use it and have access to all the future updates instead of a once off purchase. Some people like paying for things outright as they can see the final price , however when things get more expensive due to celeverer functionality, the cost goes up and this doesn't become viable. Some key companies who have followed :
Microsoft
The whole microsoft license sheme has changed from a direct one purchase now to a monthly per user model, no more software assurance rules like MDOP, VDA, per device. And the upgradability on these licenses are mearly a flick switch so computers can be upgraded to be joined to the domain , and functionaly for 365 Users can be changed by changing their price plan ( per user not for the whole group !)
Adobe
They have been on the front runner for this for sometime, and probably due to the cost of their product its been a great welcome. Initial outlays from Adobe Creative Suite where a big hit for one company , and change thing between users where complex and needed software for auditing. Now this is managed in a central dashboard for all the companies products that can be switched around when needed and activated by email straight to the user.
Employee's sometimes in a rush were forced to buy software and or hardware themselves which would get them up and running however to check if they had purchased the correct version E.g. Home instead of a professional version of Windows to Join to the domain and Audit the purchase for future SAM Adutis and expense the purchase under the right cost center!
Companies can now check their monthly spendature on Software and Software Vendors can see in realtime companies use which means auditing can be done efficently without SAM Consultants or Software
As instant measurements are so easy , licenses can be re-assigned in realtime making sure no license is doubly users and users who have left the firm do not leave with it on their personal device
All in all , this helps everyone , simplier equals easier to manage which reduces the overall costs ! Microsoft are even stopping SAM
https://www.theregister.co.uk/2016/04/13/microsoft_we_have_a_bullet_ready_for_12_competencies/
If your organisation has Office 365 with Enterprise Mobility Suite (EMS), you’re probably already familiar with Intune, Microsoft’s solution for mobile device and application management.
You can use EMS as a Single Sign on Solution to over 1200 Software as a Service Cloud Applications such and salesforce and box across devices and browsers
Active Directory Premium gives you full Active Directory into the cloud so you don't need local servers for management of Active Directory , see here for a full list of differences
Group membership can be requested by users to the groups Owner and this can be approved from the cloud
User Password resetting can be done in the cloud and automated to be self service to reduce the time for users to fix their issues and load on helpdesk staff
Intune is also your go-to solution for managing shared tablets in limited-use mode. With Intune, you can bulk provision, secure, and centrally manage shared tablets configured to run in limited-use mode.
This makes IT’s a job a lot easier: you don’t have to configure settings on individual tablets, and you don’t have to do anything differently than you would for devices not in limited-use mode. With Intune, your transactions, inventory, and other information are protected, no matter what your tablets are used for.
Azure Information Protection (AIP) allows you to classify and add security directly to your sensitive data so that it's always protected and identifiable.
Admin creates policies for data classification, labeling, and protection. Sally, an accountant, creates a document that has customer PII, including credit card numbers.
When Sally saves the document, it’s automatically classified CONFIDENTIAL and encrypted with permissions
When she emails the document to her team, she accidentally includes two unauthorized users. Sally’s team are able to open the file, but cannot print, save, copy text, or forward the file. The two unauthorized users are unable to open the file or forward the email.
Sally and IT can view successful/unsuccessful attempts to open the file. Sally or IT can quickly recall the document from unauthorized users.
Microsoft Azure Information Protection is included in the Office 365 Enterprise E3 and above plans.
Extra Licenses can be found here
You need to install the client Manually ( AzInfoProtection.exe )
You should then have the task bar and can change categories
Hyper-converged infrastructure (HCI, also called a hyper-converged integrated system. HCIS) refers to integrating virtualization of storage, computing and networking in a data center into a single appliance.
Compatibilty out the box : Storage, Networking and Computing providers have come together with their products to offer something out the box that has been thoroughly tested together. No more searching three providers on compatibility when updating a single firmware for a device.
Support ; Single point of support for all of your hardware
Management : Again single management interface for all your virtulised hardware
Faster setup : You can have new infrastructure setup to expand your ERP system or increase your VDI seat count in less than one hour!
There are multiple hyper converged providers at the moment , but we've had great Demo experience with HP's solution per below
Companies will tend to expand on their existing infrastructure due to their already inhouse expertise on existing technologies and human nature of staying the same however this can unnecessary increase costs and manageability by not looking at all solutions at the time of expansion.
Discovery is the process of finding search terms in your organisations data. Searching your who organisations files for keywords can be difficult and duanting task unless all of it is in a collaborated cloud system such as 365.
For example if you need to trace a client named "client 1" due to a legal case you can use the below method to search your company Documents stored in Sharepoint, Company Emails in Exchange Online and User Data stored in One Drive for Business
You can also Upload Old larges PST's to 365 to Exchange and or sharepoint giving you discovery of all your archived email and mailboxes
After April 11, 2017, Windows Vista customers will no longer receive new security updates, non-security hotfixes, free or paid assisted support options, or online technical content updates from Microsoft. Microsoft has provided support for Windows Vista for the past 10 years, but the time has come for us, along with our hardware and software partners, to invest our resources towards more recent technologies so that we can continue to deliver great new experiences.
If your running Windows Vista , you won't be one of our customers , but please upgrade to a new version of windows or contact us to help you!
https://support.microsoft.com/af-za/help/22882/windows-vista-end-of-support
Exchange 2007 has officially now been dropped by Microsoft today
https://blogs.technet.microsoft.com/exchange/2016/04/11/exchange-server-2007-t-1-year-and-counting/
A great product which was the base for Exchange 2010 and up helping with DAG setups and using powershell , it will be sad to see it go!
This was bundled in with Small Business Server 2008 so if you are using this version you will need to look at migrating your users elseswhere!
1) Upgrade and Migrate to the Cloud e.g. Office 365 (using their FastTrack service if you have a Minimum of 50 Users Seats)
2) Upgrade and migrate your server to Exchange 2013 ( Can only do one jump so no Exchange 2016 ! )
