Thanks for all of those who attended today, We had a great response to the session. We will post the recording of the session up some time next week so keep your eye out for that.
I have put the questions and answers from the session below, If you had more questions please let us know. A big thank you to John Pritchard for answering the questions during the session.
Question: Do you require Windows 08 for the direct access function? can it be implemented with 2003 server?
Private Answer: Direct Access requires WS2008 R2
Question: Is DirectAccess a built-in feature or paid extra?
Private Answer: DA is part of the Windows 7 Enterprise SKU – basically the enterprise/corporate version
Question: with regards to business users, why doesn’t MS make a professional / workstation version of server 2008 instead of doing a business version of windows 7. Keeping home and business OS separated so that they can be developed separately
Private Answer: the code base separation is a complex issue. WS2008 shares the same kernel as Vista. Win7 has a Vista Kernel. My take is that keeping the base the same ensures the security features are built into both home and corp environment
Question: does branchcache cache outlooks rpc-over-https traffic?
Private Answer: BC caches file downloads so a copied file is cached
Question: Does that caching affect the sharing security of the systems
Private Answer: Good question – need to check but I suspect you find that user access is preserved. Let me check with Jeff at the end of the session
Question: What if you plug in a BIT Locked USB key into a WinXP computer, do you get the same password request feature there? or is it only valid on WinVista >
Private Answer: It is supported for read access on XP and installs from the bitlocker appln on the USB mem stick to read the files
Question: what about brute force attacks
Private Answer: Same as per a bitlocker drive now. The key is stored under an encrypting key just like a hard disk. The data is protected the same and like any encryption the brute force will work eventually, just whether we are still alive when it succeeds is the debate
Question: does that gpo can be configured on server site or has to be local?
Private Answer: local gpo for workgroups and domain gpos for domain joined PCs
Question: is bitlocker backwardly compatible
Private Answer: Yes to Bitlocker Vista and WS2008. More cross compatible than back compatible. Does that help?
Question: Can this be made to be "dumb proof" for users: ie: once finsihed recording, it automaticlly emails the administrator or specified address? instead of creating the zipfile to be saved and manually emailed?
Private Answer: Good point – this would be a good integration for Operations Manager and Desktop Error Monitoring. Not available in the current version.
Question: When Downgrading windows, i would like to clear up a issue i was having with another friend, When you downgrade, are you required to let microsoft know and they issue a new key to you to use, or can you just use any windows XP pro key and when activating just activate by phone – i have called microsoft about it previously, but none could give me a clear answer from a legal stand point –> am i breaching licensing using any Windows XP pro key on a machine that is licensed for Windows Vista Business?
Private Answer: no breech – XP downgrade is permitted
Question: Is bitlocker what will do full drive encryption for hdds? Eg laptops. And does this utilize a hardware TPM chip?
Private Answer: Bitlocker using the TPM v1.2 and encrypts HDD, External HDD with Vista SP1 and with Win7 USB memory
Question: Will the Microsoft deployment tools (MDT) add the ability to restrict the installation of drivers to specific models of hardware (to address the co-existence of conflicting PnP drivers)? Thanks
Private Answer: Already there now with the database feature for drivers by make and model
Question: With DirectAccess can I customise what the users have access to? i.e. Internet access via the corporate network or via direct internet access.
Private Answer: Yes – can be customised once DA is established