TechnoLawyer Blog: Networking/Operating Systems

Today's issue of TL Answers contains these articles:

Philip Franckel, Review Of Andrea ANC-700 USB Headset Plus Dragon Professional Tips

Edward Figlarz, Review: NView For Managing Multiple Monitors

Theodore Borrego, Our Law Firm's Advice About Moving From Windows XP To 7

Nancy Mertzel, Review: MessageSave As An Alternative To SimplyFile

Don't miss this issue — or any future issues.

How to Receive TL Answers
Do you believe in the wisdom of crowds? In TL Answers, TechnoLawyer members answer legal technology and practice management questions submitted by their peers. This newsletter's popularity stems from the relevance of the questions and answers to virtually everyone in the legal profession. The TL Answers newsletter is free so don't miss the next issue. Please subscribe now.

Originally published on November 23, 2011 in our free BigLaw newsletter. Instead of reading BigLaw here after the fact, sign up now to receive future issues in realtime.

No doubt you've read in BigLaw about all the midsize and large firms equipping their lawyers with iPads — or at least supporting iPads purchased by their lawyers. For example, the BigLaw Pick of the Week earlier this month, Damon Morey Makes iPads Standard Equipment.

Many methods exist for integrating iPads and other mobile devices into your legal environment. For example:

• Should you license, build, and configure mobility servers or gateways (e.g., WorkSite Mobility Server)?

• Should you encourage the installation of numerous purpose-built apps on your mobile devices directly (e.g., LexisNexis' Courtlink, WestLawNext, Linsay Associates' IPLaw)?

• Should you create a VPN connection to encrypt connections from your devices to your LAN?

• Should you implement an expensive and involved enterprise security solution (e.g., MobileIron)?

• Should you require that the IT Department authenticate/approve each device manually before it can be used to connect to your network?

• Should you require that all documents be synced when the device is on your LAN, or even when it is physically plugged into your computers, all of which must then run iTunes?

• Do you need access to applications other than document management, or web-based reference/resource apps? Wouldn't it be nice to be able to access all of your firm's various applications — from Elite to Concordance and everything in between?

Here's One Solution That Works Well

These questions can all seem daunting. There are no wrong answers or approaches necessarily. But some approaches and solutions are easier to implement than others, and some approaches are more or less secure.

Many firms want to use the iPad for a terminal services solution (e.g., Citrix or Microsoft's Remote Desktop Services) as a way to meet this challenge with a degree of simplicity. But what about security? If an employee loses his device, is there a window of opportunity in which a compromised device could be used to breach your network?

At Wolf, Greenfield & Sacks, my team and I have developed an easy-to-implement solution that is secure, and provides full access to your application environment for your iPad users. Here's what your firm will need:

1. A Windows 2008 R2 Remote Desktop Services (RDS) Server. Or a server farm if your environment could benefit from the load balancing/failover features of two or more application servers working in concert — and who couldn't really?

2. A Windows 2008 R2 Server configured as a Remote Desktop Services Gateway Server.

3. A two-factor authentication product that uses employee cell phones as physical tokens. Two options — PhoneFactor or SecurEnvoy.

4. An RDP client that supports Secure Gateways. Some possibilities include iTap RDP App for the iPad or Xtralogic Remote Desktop Client for Android, both with the Secure Gateway option, purchased from the App Store or Android Market respectively.

Security First: The Advantages of Two-Factor Authentication

So what is two-factor authentication? Two-factor authentication is based upon what you have (a digital certificate, a mobile phone, or land-line phone) and what you know (a valid login for your firm's network, and a valid password for the same). Two-factor authentication has been in use for many years (perhaps most readily recognizable in the form of an RSA SecurID token key fob), and is superior to other forms of security because it requires that you have both.

For example, if someone were to learn your password they would still be unable to connect to your firm's network without your mobile phone or a valid firm-issued digital certificate. And conversely, it is not enough simply to have the "key" (the digital certificate or cell phone) — one must also have a valid login and password pair to gain access to the network.

Using an employee's mobile phone as a physical token is an elegant way to achieve two-factor authentication. Employees will always have it with them. And use of their mobile phone to effect this authentication is as easy as (1) entering your user name and password (what you know) at the RDS Gateway, (2) answering your phone (what you have) when the service calls you to confirm the login, and (3) pressing "#" to complete the authentication process. For convenience, firm-owned laptops can be equipped with digital certificates (again, what you have) that permit access without requiring a call-back.

Install and configure the RDP client on your mobile devices
The key here is the Secure Gateway support, which permits you to specify both an externally accessible gateway (via IP or DNS), and an internal hostname for pass-through to your RDS Server or Server Farm itself once the two-factor authentication has been achieved.

This solution will work not only with iPads, but also on any Android OS tablet (Samsung Galaxy, Motorola Xoom, etc.) — so long as you purchase an RDP client app for the device that supports Secure Gateways (Xtralogic, iTap).

For that matter, any non-Windows-based remote computer (Unix, Linux, Mac) can connect using this infrastructure as well — again, so long as an RDP client that supports Secure Gateways is available (and they are).

And of course you need not worry about an RDP application when your employees use Windows PCs. With employee mobile phones serving as the "what you have" component of a two-factor authentication solution, employees can securely use any Windows computer (e.g., a kiosk computer at a conference) to remotely access your network.

Conclusion

If your firm has struggled with architecting a solution that provides the level of access to firm applications you would like to support, I think you can recognize the simplicity, security, and power of the solution provided above.

Written by Matthew Berg, Director of IT at Wolf, Greenfield & Sacks, P.C..

How to Receive BigLaw
Many large firms have good reputations for their work and bad reputations as places to work. Why? Answering this question requires digging up some dirt, but we do with the best of intentions. Published first via email newsletter and later here on our blog, BigLaw analyzes the business practices, marketing strategies, and technologies used by the country's biggest law firms in an effort to unearth best and worst practices. The BigLaw newsletter is free so don't miss the next issue. Please subscribe now.

Originally published on July 19, 2011 in our free BigLaw newsletter. Instead of reading BigLaw here after the fact, sign up now to receive future issues in realtime.

Many large firms use System Center Configuration Manager 2007 (SCCM), often in concert with Windows Server Update Services (WSUS), to push software updates and patches out to their server and desktop computing environment. Many even use it to deploy new operating systems.

While SCCM, if properly configured with all the appropriate levers pulled and buttons pushed, is a powerful tool for managing and manipulating the desktop and server environment, it falls short as a proactive monitoring tool of these same environments.

Enter System Center Operations Manager (SCOM).

How Does SCOM Work?

Once the server, service accounts, and database are configured (much like SCCM), SCOM has a Discovery wizard that can use the Active Directory or IP address subnets/ranges to identify new "target" computers or devices. Devices and appliances are a bit different (see below), but for computers running a Windows OS, the SCOM server can then push out the SCOM agent to these discovered computers automatically.

And then the magic happens. Once the agent is installed, it begins to monitor a myriad of data points accessible on its host — from event logs, to application states, to CPU, memory, and disk usage. And really, that is just the beginning of what SCOM can monitor and report back to you.

Microsoft's Management Packs: From Basic to Best Practice

If the SCOM agent is up and running on a given target computer, and it is able to call home, then a basic heartbeat is established. But if the target computer is a Microsoft Windows-based computer, and the appropriate "Management Pack" (downloadable for free from Microsoft) is installed on the SCOM server, then the alerts can report a whole lot more than just an up or down OS state.

The Windows 7 client agent, for example, monitors everything from boot performance to memory exhaustion analysis to shell performance to hardware and software component failures.

On the server side, when using the SQL Management Pack for example, the monitor will not only tell you that a backup failed, or let you know about a long-running SQL Agent job, but it will also let you know if your databases aren't configured according to Microsoft's Best Practices (e.g., "The auto close flag for database Northwind is not set according to best practice.")

The Exchange Management pack reports delays in SMTP queuing, log file growth, mailbox availability, etc. You get the picture.

What About Non-Microsoft Servers, Appliances, and Network Devices?

If your non-Microsoft servers, appliances, and network devices can be configured with Simple Network Management Protocol (SNMP), you can create your own device Management packs (if you are familiar with the data being served up by a given device), or download or purchase the non-Microsoft Management Packs pre-configured to give you access to all of the minutiae detail that the SNMP agent on a given device provides.

As with Microsoft SCOM agents, SNMP-managed devices operate via a software agent installed on each device, the sole purpose of which is to report on device-specific health data. And if it's a name-brand, enterprise class product (e.g., Cisco routers, EMC SANs), you can be sure that every major manufacturer provides SNMP ready to go on all of their shipped products.

When freebie Management Packs are not available (e.g., VMWare), you can buy them from companies that know how to "speak" your server/appliance/device's SNMP language. Some examples:

Veeam Software's nworks Management Pack for VMware

Jalasoft's Smart Management Pack for VMware VirtualCenter

Bridge Ways' System Center Ops Manager

Or you can browse for your product in the SCOM Management Pack Marketplace.

Conclusion

Whether you work for a massive, multi-site international law firm, or a midsize law firm with one, two, or three locations, SCOM is an invaluable tool for staying on top of the health of your firm's computing environment. With SCOM, you can manage your environment as proactively as possible. Don't wait for your users to tell you that you have a problem. Get SCOM up and running and you'll know before they do!

Written by Matthew Berg, Director of IT at Wolf, Greenfield & Sacks, P.C..

How to Receive BigLaw
Many large firms have good reputations for their work and bad reputations as places to work. Why? Answering this question requires digging up some dirt, but we do with the best of intentions. Published first via email newsletter and later here on our blog, BigLaw analyzes the business practices, marketing strategies, and technologies used by the country's biggest law firms in an effort to unearth best and worst practices. The BigLaw newsletter is free so don't miss the next issue. Please subscribe now.

Today's issue of TL Answers contains these articles:

Harry Steinmetz, My Law Firm's Switch To Macs

Bryan Sims, How I Use Paper And What I Keep On Paper In My Paperless Law Office

Caren Schwartz, Review: CrashPlan, Gillware For Cloud Backup; Replacing Quicken

Ronald Cappuccio, Review: PHONEslips 12 For Client Relationship Management

Don't miss this issue — or any future issues.

How to Receive TL Answers
Do you believe in the wisdom of crowds? In TL Answers, TechnoLawyer members answer legal technology and practice management questions submitted by their peers. This newsletter's popularity stems from the relevance of the questions and answers to virtually everyone in the legal profession. The TL Answers newsletter is free so don't miss the next issue. Please subscribe now.

Today's issue of TL Answers contains these articles:

Kerry Hubick, Review: PCmover Plus Windows 7 Upgrade Tips

Keith Collins, Review: iPhone 4S (Upgrade From A Treo 755p)

Edward Zohn, Review: Hosted Microsoft Exchange

Don't miss this issue — or any future issues.

How to Receive TL Answers
Do you believe in the wisdom of crowds? In TL Answers, TechnoLawyer members answer legal technology and practice management questions submitted by their peers. This newsletter's popularity stems from the relevance of the questions and answers to virtually everyone in the legal profession. The TL Answers newsletter is free so don't miss the next issue. Please subscribe now.

Today's issue of Fat Friday contains these articles:

Andrew Weltchek, Why I Bought An IPad 2 Instead Of A Laptop Plus My Favorite Apps

Steven Schwaber, Windows 7 Rebuttal: The Redmond Emperor Has No Clothes

Joseph Marquette, Why Annual Maintenance Plans Are No Longer Optional

Leslie Shear, The Benefits Of Reading Literature In Law School

Don't miss this issue — or any future issues.

How to Receive Fat Friday
Our most serendipitous offering, Fat Friday consists of unsolicited contributions by TechnoLawyer members. You'll no doubt enjoy it because of its mix of interesting topics and genuinely useful knowledge, including brutally honest product reviews and informative how-tos. The Fat Friday newsletter is free so don't miss the next issue. Please subscribe now.

Today's issue of Answers to Questions contains these articles:

Kent Davis, XpressDox: Document Assembly Somewhere Between HotDocs and Pathagoras

Simon Laurent, The Best Way to Work With Multiple Monitors in Windows 7

Kerry Hubick, Review: PCmover for Your Windows 7 Migration and Upgrade

Joel Johnson, Review: Pathagoras for Document Assembly

Don't miss this issue — or any future issues.

How to Receive Answers to Questions
Do you believe in the wisdom of crowds? In Answers to Questions, TechnoLawyer members answer legal technology and practice management questions submitted by their peers. This newsletter's popularity stems from the relevance of the questions and answers to virtually everyone in the legal profession. The Answers to Questions newsletter is free so don't miss the next issue. Please subscribe now.

Today's issue of Answers to Questions contains these articles:

Douglas Thomas, The Secret To Getting Paid By Your Clients (Foonberg Meet Kohaly)

Robin Meadow, Review: DtSearch V. X1 V. Windows 7 Search

Edie Owsley-Zimmerman, Should You Build Your Own Practice Management System?

Terry Rosenthal, Tip: Timeslips Address Violation Errors

Thomas Stirewalt, Tip: HP Scanjet 6250c Scanner And Windows 7

Don't miss this issue — or any future issues.

How to Receive Answers to Questions
Do you believe in the wisdom of crowds? In Answers to Questions, TechnoLawyer members answer legal technology and practice management questions submitted by their peers. This newsletter's popularity stems from the relevance of the questions and answers to virtually everyone in the legal profession. The Answers to Questions newsletter is free so don't miss the next issue. Please subscribe now.

Today's issue of Answers to Questions contains these articles:

Mike O'Horo, The Secret to Charging Flat Fees for Legal Work

Ann Byrne, Reviews of Ergotron's Dual Stacking Arms and 3M's Adjustable Keyboard Trays

Robin Meadow, Review: Fujitsu ScanSnap S1500 Scanner

Ron Fox, Migrating From DOCS Open to Worldox

Yvonne Renfrew, Windows XP to Windows 7 Upgrade Tip

Don't miss this issue — or any future issues.

How to Receive Answers to Questions
Do you believe in the wisdom of crowds? In Answers to Questions, TechnoLawyer members answer legal technology and practice management questions submitted by their peers. This newsletter's popularity stems from the relevance of the questions and answers to virtually everyone in the legal profession. The Answers to Questions newsletter is free so don't miss the next issue. Please subscribe now.

Originally published on May 31, 2011 in our free BigLaw newsletter. Instead of reading BigLaw here after the fact, sign up now to receive future issues in realtime.

I wish it were otherwise, but malware isn't going away. If your midsize or large law firm doesn't have a comprehensive and layered defense in place to prevent infections, you run the risk of your firm's data being exposed, the personal (and too often financial) information of your employees being compromised, your billers losing valuable time from the infection itself or its remediation, and the malware "cleanup crew" in your IT Department developing nervous twitches.

This issue of BigLaw first lays out the basics for those of you in management (you can stop there), and then delves into some of the nitty gritty details for those of you in the IT Department.

The Basics: What You Need to Keep Your Firm Secure

A sound defensive strategy for your firm should include all six of the following protections at an absolute minimum.

1. Hardware firewall protecting your LAN.

2. Web-filtering server/proxy/appliance for all internal Web browsing. For example, Websense or Microsoft Forefront.

3. Anti-spam (and anti-malware) hosted email services (which can also queue your mail in the event you have an ISP or mail server outage). For example, Postini or Barracuda Networks.

4. Anti-malware client on all of your PCs. For example, Microsoft Forefront Endpoint Protection (FEP), Symantec, Kaspersky, ESET, or Sunbelt.

5. A software firewall on all of your PCs. For example, Windows Firewall or ZoneAlarm.

6. User Access Control (or UAC) on Windows Vista and Windows 7 PCs. Learn it. It's your friend. Don't disable it.

Servers: 64-Bit Can Prevent a Performance Hit

Admittedly, some folks turn off UAC and the Windows Firewall because they "get in the way." I would humbly suggest that you can't afford to permit that. But what can get even stickier is whether you take it any further than these core defenses. The following four options are often skipped because of the CPU and I/O overhead they can introduce in the server and client environment respectively.

1. Anti-malware on Exchange.

2. Anti-malware on SharePoint (because of the high volume of user-originated content).

3. Anti-malware on other Windows Servers in your environment — especially file and Web servers.

4. An endpoint Web filtering/protection product on all of your PCs for safe-browsing off-LAN. For example, ZoneAlarm, or Websense's Data Security products.

I am not here to preach. Okay, well, I guess I am. As such, I strongly recommend reconsidering your decision not to have antivirus solutions in place on your most vulnerable server environments.

Once you make the jump to Exchange 2010, your 64-bit hardware should have more than enough juice to fulfill its own mission as well as carry a slight added burden of providing anti-virus scanning. If you absolutely refuse to install antivirus on your mailbox server(s), you can always install it on your edge transport server(s). Read some of Microsoft's own thoughts on the matter.

Clients: Microsoft's "Free" FEP v. The Competition

No matter the complexity or simplicity of your solutions and policies, the most critical (and vulnerable) component of your layered defense is ultimately where the rubber actually meets the road (or more accurately: the user meets the Internet) — the anti-malware client installed on your user PCs.

Why is the word "free" in quotes above? Well, if you want antivirus on your home PC, or if you have a home-based business, then Microsoft Security Essentials (same product as FEP minus the ability to centrally administer it via System Center Configuration Manager (SCCM) is a truly free anti-malware product. If you fall into either of those two "home" classifications, go for it.

But importantly for this newsletter's audience, FEP is included under the Core CAL license (I assume that, as a medium to large firm, you have a volume licensing agreement including at least the Microsoft Core CAL license). If you are an Enterprise License customer, you are licensed for nearly the entire Forefront Architecture (Exchange, SharePoint, Lync Server, Unified Access Gateway, Exchange Online, etc.) minus only the Threat Management Gateway, which you must license separately.

But does FEP work as well as Symantec, Kaspersky, ESET, or any of the other products out there? From our firm's anecdotal experience, yes!

We have not discerned any observable drop in our protection since shifting to FEP from Sunbelt's Vipre. And even if we (hypothetically — which is not a foregone conclusion) lost a tick in performance, we would have made up for it in the improved manageability of having the updates all feed through our Windows Server Updates Services (WSUS) server and all administration and reporting effected through SCCM. (If you are already using SCCM then you could have FEP deployed today, by the way. The SCCM deployment packages for FEP are included on the install media you can download from the Microsoft Volume Licensing Service Center.)

Anecdotally, we have encountered situations in which FEP found something that Vipre didn't, just as there were situations in which Vipre found something that Symantec didn't (back when we switched to Vipre) — and vice versa. But if you'd like more than anecdotal support for justifying the switch, I think you'll find that, performance-wise, while there are a handful of products out there with a better track record, FEP is better than most, and within easy striking distance of even the best.

All large firms today have volume license agreements in place with Microsoft. To do otherwise would be financially irresponsible when you consider the per-seat cost savings alone — never mind the additional training and support benefits that come with a volume licensing agreement.

So why not take advantage of what your firm already owns? Historically, the answer you might have given is "Because I can get a better product from …" (Symantec, Kaspersky, etc.). But Microsoft's new anti-malware product is, if not at the very top of the standings, at least a solid and legitimate player in the field. And the advantages of its tight integration with SCCM, WSUS, and your Windows-based PC's native Windows Update infrastructure, give it a true edge over the competition.

Written by Matthew Berg, Director of IT at Wolf, Greenfield & Sacks, P.C..

How to Receive BigLaw
Many large firms have good reputations for their work and bad reputations as places to work. Why? Answering this question requires digging up some dirt, but we do with the best of intentions. Published first via email newsletter and later here on our blog, BigLaw analyzes the business practices, marketing strategies, and technologies used by the country's biggest law firms in an effort to unearth best and worst practices. The BigLaw newsletter is free so don't miss the next issue. Please subscribe now.