RSS

Exchange 2013 – Get-DataClassification command

I learnt something last week.

I was reading about Data Loss Prevention (DLP) implementation in Exchange 2013 when my attention got caught on “Data Classification”.

In Exchange 2007 and 2010, I was aware of message classification, but vaguely as I never had time focusing properly on it.

So I’ve decided to have a deeper look to the concept of classification.

In Exchange 2010, message classification is added by the sender of an e-mail before sending it, or through a transport rule. There are three default message classifications: Attachment Removed, Originator Requested Alternate Recipient Mail, and Partner Mail. The usage of these message classifications may vary.

i.e: You create a message classification, then you add it to a transport rule enforcing the appending of a disclaimer to the e-mail based on that classification.

In Exchange 2013, DLP adds to this “traditional” classification, the Sensitive Information Types. They are as various as Credit Card numbers, IP addresses, Driver’s license numbers, Passport numbers, Bank Accounts numbers,…

Exchange 2013 provides a set of types in the “Microsoft Rule Pack” that gets installed during the application deployment. To view the types, you can run the PowerShell command Get-DataClassification.

In each of them is defined the type of information to validate:

So, once you have associated a Sensitive Information Type to a Transport Rule (this association is then called a DLP Policy), if a user inserts information such as Credit card numbers, IP addresses, etc. in an e-mail and sends it, depending on your settings, Exchange 2013 can replace the message, drop it, reply with a warning to the sender, and so on.

But what I have found more interesting, is the introduction of Policy Tips in Exchange 2013.

Policy Tips work just like MailTips in Exchange 2010. They can help you warn the user before he/she sends the message being composed about sensitive information detected inside. This can help removing some processing on the server side (not significant but still useful), the user being warned BEFORE the e-mail is sent, and not after the server processes the message and finds it eventually non-compliant with a policy.

I think all this adds some more possibilities to security policies enforcement in organizations.

If you want to read more about DLP implementation on Microsoft Exchange 2013, please look at: http://technet.microsoft.com/en-us/library/jj150527(v=exchg.150).aspx

And more about Policy Tips : http://technet.microsoft.com/en-us/library/jj150512(v=exchg.150).aspx

 
Leave a comment

Posted by on August 22, 2013 in Exchange 2013

 

Tags: , , , , , , , , , , , , ,

Let’s celebrate the SysAdmins

After reading the words below I shared to my colleagues earlier today, one person asked me what I was thinking about when I wrote them.

I guess I remembered all those sleepless nights in the datacenter and the tremendous joy of overcoming a big outage.

There is something special when you know you have done well, when you know you have… saved the business.

Happy SysAdmin day!!!

🙂

 
Leave a comment

Posted by on July 27, 2013 in MCP, Personal

 

Tags: , , , , ,

Mount EMC SAN Volumes to Windows Server 2008 x64

For this procedure, I used QLogic HBA cards 2462 to connect my Windows Server 2008 x64 server (an IBM x3650 m2 with 2 x Intel(R) Xeon(R) CPU X5570 2.93GHz) to the EMC SAN.

I downloaded the x64 drivers from QLogic website (q23wx64Storv91718), along with the QLogic SanSurfer version 5.0.1b57.

I used the BIOS 2.1.0 from QLogic.

Navisphere agent and PowerPath tool (EMCPower.X64.signed.5.5.b289.exe) are needed to properly complete the SAN access from the Windows server. They are provided on the EMC support website.

I. Add the HBA card to the server

To connect an HBA card to the server:

· In a session with admin rights, Shut down the server

· Disconnect any plugged cable from the box

· Open the lid

· Locate the PCI slot and insert the Qlogic 2462 card

· Close the lid

· Start the server

· Open a session with admin rights

· Copy the file q23wx64Storv91718 and unzip it locally

· In Server Manager console, browse to Diagnostics -> Device Manager and locate the HBA device. Right-click it and select “Update Driver” and indicate the unzipped folder as path to the MPIO Driver version 9.1.8.17

· Install the SAN Surfer 5.0.1b57 tool.

Task Illustration
Select Next twice
Make sure the option of installing windows agent with the Manager GUI is selected (see in blue)
The installation goes to the Program Files folder under “QLogic Corporation” folder. You may change it if needed. Click Next twice, then Install
At the end of the installation, open the console from Start -> All Programs -> QLogic Management Suite -> SanSurfer

· In SAN Surfer browse to “Port 1” on the left side of the window:

a) Select “Parameters” tab and in Select Settings section drop-down list, choose “Advanced HBA Parameters” and configure settings as below:

b) Select tab “Utilities”. First click on button “Save Entire Image” and indicate a folder to save the configuration. Then click on “Update Entire Image” and select the .BIN file located in the BIOS 2.1.0 download unzipped folder.

Wait for the update to complete. When prompted for a password, type “config” (unless you have set another password before).

· Do the same for “Port 2”.

· Shut down the server.

· Connect the FC cables.

· Restart the server.

· Back in SANSurfer, configure:

a) General settings: when prompted, just follow the wizard or open it from Wizard -> General Configuration Wizard

Task Illustration
Select Yes if prompted automatically
Select Next twice
Make sure you bind all disks and click Next twice again to complete the configuration

b) the LUN Masking from the menu Wizards -> LUN Masking Wizard

Click Next twice
Make sure you enable all LUNs and click Next thrice to complete the configuration

· After the server restart, install Navisphere Agent and PowerPath.

· Run the EMCGrab results to make sure your configuration is compliant.

 

II. Configure access to SAN volumes

Right-click “Command Prompt” from Start menu and select “Run as administrator”

In the command prompt type: DISKPART

Run the commands:

DISKPART> san policy=onlineall

DISKPART> list disk (you’ll be able to see the disks)

Disk ### Status Size Free Dyn Gpt

  ——–  ————-  ——-  ——-  —  —

  Disk 0    Online          136 GB      0 B

  Disk 1    Offline         300 GB   299 GB

* Disk 4    Offline         300 GB   300 GB

  Disk 5    Offline         300 GB   299 GB

  Disk 8    Offline         300 GB   300 GB

For each disk representing a SAN volume (where # is the number), do the following:

DISKPART> select disk #

Disk # is now the selected disk.

DISKPART> attributes disk clear readonly

Disk attributes cleared successfully.

 

DISKPART> online disk

DiskPart successfully onlined the selected disk.

 

You are now able to see your disks in the Server Manager console, under “Disk Management”, as Online Basic disks. You may continue formatting the volumes with DISKPART or in this console.

san 

To close DISKPART, type:

DISKPART> exit

You’re done!

 
2 Comments

Posted by on July 5, 2013 in Windows 2008 R2

 

Tags: , , , , , , , ,

How to Clear App Notifications When Logging Off Windows 8

Melissa did some good job, so I thought it is worth sharing it J

How to Clear App Notifications When Logging Off Windows 8

 
Leave a comment

Posted by on June 25, 2013 in Uncategorized

 

What’s New in Windows 8.1?

Some insights for IT professionals on TechNet website!

http://technet.microsoft.com/en-us/windows/dn140266.aspx?ocid=wc-nl-flash&loc=zTS1z&prod=zWin8z&tech=zOttechz&prog=zOTprogz&type=zOTtypez&media=zOTmediaz&country=zUSz

 
Leave a comment

Posted by on June 17, 2013 in Uncategorized

 

Google Doodle! You missed that one! Ethernet 40th anniversary!

Today is Ethernet 40th anniversary!

I thought we would have a Google Doodle celebrating this!

Google ! I am dis-app-oint-ed!🙂

 
Leave a comment

Posted by on May 23, 2013 in Uncategorized

 

Microsoft, what means the “Inactive Date” on my MCP Transcript?

You may have noticed your MCP Transcript mentions a future “Inactive Date” for some of your certifications.

I’ve found this good explanation on the BornToLearn blog and I think it’s worth sharing it:

http://borntolearn.mslearn.net/btl/b/weblog/archive/2011/03/23/transcript-and-certificate-changes-coming-soon.aspx#fbid=gnhaf2p-G0c

An excerpt of the blog article :

Let’s take a moment to discuss the Inactive Date, because I’m sure that some of you are reading that phrase and thinking “that’s Microsoft-speak for decertification date.” It isn’t—in fact, even if all of your certifications go inactive, you’ll still have access to your MCP benefits, and your inactive certifications will still appear on your transcript. All that’s changing is that we’re signaling to you, your clients, and employers that these particular certifications have outlived their market relevance. Just to clarify what we mean by market relevance is that in most cases Microsoft isn’t even supporting the technology through mainstream support. In other cases, it may be that the way that the technology was used (many years ago or with cloud it could even be a few months ago) when it was first released has changed, because we all know that technology is ever evolving and changing at such a rapid pace. This means the certification may have validated how to use the technology in a different way and since then we have not re-validated the skills necessary to use the technology in the market.”

 
Leave a comment

Posted by on May 21, 2013 in MCP

 

Tags: , , , , , ,