Greetings from the Future (Or, At Least GMT+8)

It's the Saturday following my week here in Kuala Lumpur (aka KL) and TechEd 2007 SEA (aka South East Asia).  The week was a good time, and it was great to connect with the local 'softies, MVPs, partners, and of course, the regional customers.

I delivered two sessions, both basically repeats of my sessions at TechEd 2007 USA:

  • Implementing the IPsec Simple Policy Update for Windows XP and Windows Server 2003
  • Enabling Policy-Driven Network Access

The second of the two was based on my TLC interactive theater session by the same name.  However, I re-worked the slides and introduce a pretty neat demo. 

The demo illustrates a few of the Policy-Driven Network Access features of Windows Server 2008 and Windows Vista.  In particular, Network Access Protection (using IPsec enforcement), and  the Windows Firewall with Advanced Security.

Here's a snap-shot of my demo environment:

Policy-Driven Network Access Demo from TechEd 2007 SEA

The actual physical setup included two laptops and simple switch.  My trusty ThinkPad T60p booted the client side (Windows Vista Enterprise) off of my second hard disk in the UltraBay, and my Acer Ferrari ran the three Windows Server 2008 servers as VMs via Virtual Server 2005 R2 SP1.  I'm looking forward to trying these out on Windows Server virtualization!

I had also planned on showing our Secure Wireless LAN solution (aka using the built in 802.1X supplicant in Windows Vista, the WS08 Network Policy Server/RADIUS, and EAP-TLS), but the Linksys wireless access point I brought along was only rated for 120V/60Hz.  This certainly a disappointment.  I mean, no offense to our friends at Cisco, but come on!  Almost every piece of technology I own can handle, at the very least 100-240V.  Well, thanks to a local colleague, I was able to re-work the demo with a borrowed switch.

The demo was a bit of a re-work of the Security and Policy Enforcement demo I showed at WinHEC.  I cut the bits about how AD Rights Management Services integrates with MOSS, blah blah, and focused more on the network controls.  Like being able to perform network layer authentications using health (aka NAP Health Certifications) and User credentials (via the Windows Firewall with Advanced Security's "Allow if Secure" filters in conjunction with Connection Security Rules).  I plan on expanding the demo even further to include a few more bells and whistles (and a little more time spent on the back-end policy creation). 

I'll be speaking to an SBS User Group in Singapore on Tuesday, and I hope to re-run the demo there with these additional bells and whistles.

To close: We had our company meeting on September 6th.  This happened to coincide with flight from Seattle to Singapore.  Nevertheless, I attempted to get into the spirit of the Company Meeting, by wearing the bright orange (wow!) long sleeved T-shirt our entire team had planned on showing off at the big show, but for me on the airplane:

FF_Shirt_on_Plane

You can almost see the flag from the Windows Server 2008 logo on my left arm.  I attempted to capture the whole of the sleeve by flexing it a bit while using my Palm Treo 750's built-in camera to snap the shot.  At the same time, I was trying to avoid making it looking I was trying to show off my "guns" (even though I have been working out at the Pro Club and it would be nice if you did notice!).  Talk about team pride!

-- hama