Microsoft introduced its first analyzer tool for Exchange in 2004. Called by the catchy title Microsoft Exchange Server Best Practices Analyzer, the software proved to be so successful that similar software was rolled out for troubleshooting other aspects of Exchange.

Best Practices Analyzer emerged after Microsoft observed certain patterns when addressing critical situations with its support services. Critical situations require urgent assistance to solve a problem that’s disrupting service to an organization’s members and its important business operations. What Microsoft found was that not only were the number of critical situations growing, but that 60 percent of them were caused by configuration errors, not bugs in Exchange. Moreover, new critical situations arising in some shops were the same ones that had emerged in other organizations just a few months earlier.

Microsoft began by creating a utility to gather key information throughout an Exchange environment. When a customer faced a critical situation, they were told to run the utility and Microsoft would sift through the data to ferret out the root cause of a problem.

Collecting data was only the first step. Next, an engine was developed that could analyze the data and expose it to a set of rules. The rules established thresholds. If a key data item was outside the acceptable range in a threshold, the rule would “fire” and a red flag would be raised for support folks.

Continue reading Use Microsoft’s analyzing tools to keep Exchange humming

Virtual servers can benefit an organization’s data crunching needs in many ways. One of them is leveraging their native benefits to broaden the availability and recovery options for Microsoft Exchange 2010 deployments.

Most administrators can cite the benefits of virtual machines by rote:

* They’re portable so Exchange need no longer be bound to a particular piece of hardware. That means design decisions don’t need to be permanent. CPU and memory requirements can be changed with a reconfiguration and reboot. What’s more, new hardware can be be more easily accommodated because the virtual machine containing Exchange can be simply transferred to the new machine.

* They’re hardware independent so planners have greater design flexibility putting together the production as well as the disaster recovery components of a system.

Some virtual machine vendors, like VMware, have included robust availability features into their software. For example, the company’s High Availability product can act as a first line of defense against server failure. If a physical server or any critical component in a server goes down or fails, HA will automatically reboot the Exchange virtual machine on another physical server.

Continue reading Availability and recovery options when running Exchange 2010 in a virtual environment

Windows=based smartphones work best with Exchange.

Let’s face it, your users are going to want to connect  to your organization’s Exchange services with their mobile phones. Rather than allow that activity to grow willy nilly, you may want to impose some controls on the process. So it might make sense to know what smartphones play nicely with Exchange.

Smartphone makers have been steadily improving their handsets’ Exchange capabilities. What’s more, Microsoft has also moved, with the release of Exchange 2010, to better accommodate phone warriors. For example, with Exchange 2010 and ActiveSync, members of your organization get real-time access to their communications on literally hundreds of devices. Email, contacts and calendar items can be automatically synchronized over the air quickly.

What’s more, a user’s inbox becomes truly universal. Barriers to all forms of communication–email, voicemail, rights-protected messages, calendar requests, RSS feeds and saved instant messages–have been removed allowing one-stop access for members of your organization.

In addition, versatility and productivity of mobile email has been boosted with features like previewing messages with speech-to-text voicemail and creating a contest for messages with a conversation view.

Microsoft didn’t leave administrators out of the equation either. They have greater control over device access. They can create lists of devices to block, quarantine or permit access to their network. And budget-strapped IT departments will be glad to hear that the additional mobile support is included at no additional cost in Exchange 2010. Some of that cost, no doubt, is unloaded on smartphone makers, who have to pay a licensing fee to use ActiveSync.

Continue reading Smartphones that play nicely with Exchange

Are your users on Microsoft Outlook and Exchange server  complaining about lethargic performance? Here are some things to troubleshoot when you want to quell the griping.

1. Antiquated Software. Are you still on Exchange 2003? That old 32-bit warhorse will have a tough time meeting the email demands of a modern organization. New 64-bit versions of Exchange–2007 and 2010–support more memory and bigger buffers, as well as other speed enhancements. As a result, they can be from five to 10 times more efficient than 2003 in handling mail. While upgrading to a new version of Exchange isn’t an immediate solution to your problems, it’s something to advocate as a long term solution.
2. Mailbox Limits. Both Exchange 2003 and 2007 have 2GB limits on mailbox sizes. However, Outlook users can  exceed those limits. The rub is, the greater that 2GB limit is exceeded, the bigger the hit the user will see in performance. One way to address that problem is to deploy an archiving solution. It will automatically archive a user’s emails when his or her mailbox approaches or exceeds the 2GB limit.
3. Overstuffed Folders. Too many messages stored in a single folder will impair Outlook’s performance. Microsoft recommends that between 3500 to 5000 messages should be placed in a single folder. An archiving solution can address this folder problem, too, as well as creating more top-level folders or sub-folders in folders with high growth rates such as Inbox, Sent and Calendar.
4. Anti-Virus Software. Local anti-virus software can make Outlook work harder than necessary. Each time a message is opened, its body and any attachments to it are scanned by the anti-virus software. That can result in delays of as much as 20 seconds. An alternative to local virus scans is to scan messages in transit at the Exchange Hub Transport servers. With malware scans performed at the servers, you can disable scanning at the client end of things and boost performance for your users.
   Continue reading 10 reasons why Outlook is running sooooo slowly

Passwords are a necessary evil for system security, but they need not be as evil as some organizations require them to be. Even “trivial” passwords can be secure, if their system-wide use is policed.

That’s the conclusion of a pair of Microsoft researchers and a Harvard computer science professor reached in a paper expected to to be presented at the Hot Topics in Security workshop to be held in Washington, D.C. next month. The trio–Stuart Schechter, Cormac Herley and Prof. Michael Mitzenmacher–maintain that users can be allowed to adopt simple passwords as long as too many of them aren’t allowed to adopt the same password.

“We propose to strengthen user-selected passwords against statistical-guessing attacks by allowing users of Internet-scale systems to choose any password they want–so long as it’s not already too popular with other users,” they write in Popularity Is Everything: A New Approach to Protecting Passwords from Statistical-Guessing Attacks.

One reason organizations impose password creation rules is to protect their users from brute force “dictionary” attacks. If a password can be found in a dictionary, then sooner or later a hacker will crack it. Passwords made up of non-words can foil such attacks. Passwords made up of hellacious combinations of upper- and lowercase letters, numbers and symbols are better yet. The problem for users, though, is that, for most of them, the most secure passwords are the hardest to remember.

Rather than modify user behavior–which is to damn security and choose as simple a password as possible–security pros often deploy a “three strikes and you’re out” lockout system to foil password horde attacks by hackers. With that system, if a password is entered incorrectly three times, the person attempting to log in to the account is locked out of it for a brief period of time. Crackers, who are great students of human behavior, quickly figured out a workaround to lockout schemes. The workaround has to do with how users choose passwords.

Continue reading How to choose a password according to Microsoft

If you didn’t believe there’s a lot to learn about Microsoft Exchange 2010, all you need do is pick up a copy of Microsoft Exchange Server 2010 Best Practices, by Siegfried Jagott and Joel Stidley. Make sure you use your legs when you do so, though, lest you injure your back hefting the 900-plus page book.

While Jagott and Stidley may not be household names, their credentials and experience appears impeccable. “Individually and collectively the authors who wrote this book have been working with Exchange 2010 for as long as many senior developers at Microsoft,” Microsoft Senior Program Manager for the Exchange Ship Team David Espinoza writes in the foreword to the book.

“They have done an awesome job of providing readers with the ins and outs of the full range of features of Exchange 2010, which will help you get the most out of the product,” he continued. “Exchange administrators will find the experienced, hands-on approach of this book valuable in designing and deploying Exchange 2010.”

“You wouldn’t want a book that only skimmed and introduced new features,” he added. “Fortunately for you, this book is based on the experience of years of successful development in complex environments and a teamwork approach to the final design process.”

As might be expected, this best practices volume will have a narrow audience. According to the authors, their work is aimed at experienced messaging architects, Exchange administrators, support professionals and engineers–especially those who are working in medium to large enterprise organizations and have at least one year of experience in administering, deploying, managing, monitoring, upgrading, migrating and designing Exchange Server.

Continue reading Best practices book published for Exchange 2010

It was heralded as a game changer when it was released  nearly six years ago, but now it’s being let out to pasture without a path back to the barn. It’s Windows XP Service Pack 2 and last week, Microsoft released the last security patches it’s ever going to release for that version of its operating system.

What made XP SP2 different from other maintenance releases from Microsoft was it added new features to the operating system and wasn’t just an amalgam of all the fixes and patches that came before it. What’s more, many of those new features beefed up the security of the OS in a way that profoundly influenced the modus operandi of the Black Hat community.

Among the security features added to XP by SP2 were a local firewall that was on by default, a security-status dashboard and nascent moves at using Data Execution Prevention (DEP) to block attacks. DEP works like this: as Windows monitors programs running under its hood, if it sees an application engaging in malicious activity, it will shut it down.

Measures like those are why SP2 is given credit for forcing cyber bandits away from operating system and network-targeted attacks and toward desktop applications like Microsoft Office and Adobe Reader.

In its day, the SP2 firewall feature was a particular favorite of network administrators. It gave them the power to manage local firewalls. Prior to SP2, local firewalls had to be obtained from third-party vendors, and they were difficult to manage. That discouraged installation of the firewalls on local machines, which left them sitting ducks for malware once it breached an organization’s perimeter defenses.

Now that SP2 won’t be patched again no matter how severe the vulnerability uncovered, no matter what part of Windows may be involved, it is wise for SP2 shops to move to SP3, which Microsoft has pledged to support until at least April 2014. Should organizations start moving to SP3, it would be a major migration. It’s estimated that some 77 percent of organizations are still operating under XP and of those still using XP, 10 percent or more are using SP2.

It should be noted that Microsoft’s cutting its umbilical to SP2 affects more than just a machine’s operating system, but other components of the service pack as well, such as Windows Media Player and Outlook Express.

Continue reading So long XP SP2, it was good to know you

Changing passwords in Exchange 2007 is improved by SP3.

In a move that’s bound to make Exchange 2007 shops happy, Microsoft has released Service Pack 3 (SP3) for the application, which makes it compatible with Windows Server 2008 R2. The development is good news for organizations who may have moved to Server 2008 R2, but are balking at embracing Exchange 2010 because they’re not ready to make the infrastructure changes needed to accommodate the new software.

“We heard you loud and clear that this is enormously important to our Exchange 2007 customers, so we worked quickly to deliver SP3 in order to meet this requirement,” Microsoft General Manager for Exchange Customer Experience Kevin Allison wrote in a Microsoft blog announcing the release of SP3.

Here are six new features incorporated into Exchange 2007 by the service pack.

Continue reading Six new features added to Exchange 2007 by SP3

More and more companies are finding themselves in the crosshairs of lawyers filing lawsuits against them. That’s become a concern for electronic information managers because the first thing those legal beagles want to sniff is a company’s data stores. That means anything stashed on your Exchange servers is fair game for them. Previous versions of Exchange were weak in preserving data to meet the “discovery” demands generated by lawyers or regulators. Microsoft has changed that, though, with Exchange 2010.

With the arrival of that version of Exchange, administrators at last have a way to preserve documents  that might be needed to fulfill legal obligations imposed on them by outside forces. Placing a hold on a mailbox preserves a user’s deleted and edited items, including email messages, calendar entries and tasks. The hold applies to both the user’s primary mailbox and archive mailbox.

In the RTM version of Exchange 2010, the only way to implement a litigation hold was through the software’s shell structure with a statement like Set-Mailbox -identity “Name” -LitigationHoldEnabled $true. With the arrival of the SP1 beta of the application, though, holds can be created through the Management Console or Control Panel.

To set up a hold using the Console, you go to a mailbox recipient’s configuration and right click on the mailbox to access its properties. From the properties screen, you drill down to the properties settings for the Messaging Records Management item. There you can activate your hold by checking the box beside Enable Litigation Hold. You can also add a URL for a web page describing your organization’s policy governing holds, as well as any comments you may want users to see when they access their mailboxes after a hold has been imposed on them.

Continue reading Exchange SP1 won’t trash your important stuff

With data burdens for organizations increasing at dizzying rates, storage management has become more important than ever. That wasn’t been lost on Microsoft in its continuing development of Exchange Server 2010. The software maker has applied a new philosophy to how the application handles storage. It takes into account the declining price of storage and the pressure to improve performance across the storage infrastructure. It embraces using direct-attached storage instead of disk arrays, continuous replication to spare servers instead of RAID or clustering and cheap disk arrays as a substitute for tape backups.

Exchange 2010, as did Exchange 2007, has improved its handling of input/output loads for a given number of simultaneous users. One way it does that is by shelving a technique for storing copies of email messages that Microsoft has used in all previous versions of Exchange. In those versions, Exchange tries to store all copies of a message at a single location on disk. That saves disk space but reduces performance. Exchange 2010 stores copies wherever there’s free space. That may eat up more space, but Microsoft felt the performance improvement was worth it. Those kinds of improvements in Exchange 2010 opens the door for IT departments to use more economical alternatives to traditional and expensive solutions, such as substituting serial attached storage for network attached storage.

Continue reading Exchange 2010 has some storage twists