Thanks for all of those who attended today, We had a great response to the session. We will post the recording of the session up some time next week so keep your eye out for that.
I have put the questions and answers from the session below, If you had more questions please let us know. A big thank you to John Pritchard for answering the questions during the session.
Question: Do you require Windows 08 for the direct access function? can it be implemented with 2003 server?
Private Answer: Direct Access requires WS2008 R2
Question: Is DirectAccess a built-in feature or paid extra?
Private Answer: DA is part of the Windows 7 Enterprise SKU – basically the enterprise/corporate version
Question: with regards to business users, why doesn’t MS make a professional / workstation version of server 2008 instead of doing a business version of windows 7. Keeping home and business OS separated so that they can be developed separately
Private Answer: the code base separation is a complex issue. WS2008 shares the same kernel as Vista. Win7 has a Vista Kernel. My take is that keeping the base the same ensures the security features are built into both home and corp environment
Question: does branchcache cache outlooks rpc-over-https traffic?
Private Answer: BC caches file downloads so a copied file is cached
Question: Does that caching affect the sharing security of the systems
Private Answer: Good question – need to check but I suspect you find that user access is preserved. Let me check with Jeff at the end of the session
Question: What if you plug in a BIT Locked USB key into a WinXP computer, do you get the same password request feature there? or is it only valid on WinVista >
Private Answer: It is supported for read access on XP and installs from the bitlocker appln on the USB mem stick to read the files
Question: what about brute force attacks
Private Answer: Same as per a bitlocker drive now. The key is stored under an encrypting key just like a hard disk. The data is protected the same and like any encryption the brute force will work eventually, just whether we are still alive when it succeeds is the debate 🙂
Question: does that gpo can be configured on server site or has to be local?
Private Answer: local gpo for workgroups and domain gpos for domain joined PCs
Question: is bitlocker backwardly compatible
Private Answer: Yes to Bitlocker Vista and WS2008. More cross compatible than back compatible. Does that help?
Question: Can this be made to be "dumb proof" for users: ie: once finsihed recording, it automaticlly emails the administrator or specified address? instead of creating the zipfile to be saved and manually emailed?
Private Answer: Good point – this would be a good integration for Operations Manager and Desktop Error Monitoring. Not available in the current version.
Question: When Downgrading windows, i would like to clear up a issue i was having with another friend, When you downgrade, are you required to let microsoft know and they issue a new key to you to use, or can you just use any windows XP pro key and when activating just activate by phone – i have called microsoft about it previously, but none could give me a clear answer from a legal stand point –> am i breaching licensing using any Windows XP pro key on a machine that is licensed for Windows Vista Business?
Private Answer: no breech – XP downgrade is permitted
Question: Is bitlocker what will do full drive encryption for hdds? Eg laptops. And does this utilize a hardware TPM chip?
Private Answer: Bitlocker using the TPM v1.2 and encrypts HDD, External HDD with Vista SP1 and with Win7 USB memory
Question: Will the Microsoft deployment tools (MDT) add the ability to restrict the installation of drivers to specific models of hardware (to address the co-existence of conflicting PnP drivers)? Thanks
Private Answer: Already there now with the database feature for drivers by make and model
Question: With DirectAccess can I customise what the users have access to? i.e. Internet access via the corporate network or via direct internet access.
Private Answer: Yes – can be customised once DA is established