Saturday, March 28, 2015

Install Microsoft Security Essentials on Windows Server 2012

 on  with No comments 
In ,  
Microsoft Security Essentials, commonly referred to as MSE, is an anti-virus and anti-spyware package for the Windows platform.  It's free of charge for home users and for businesses with up to 10 PC's, and available as part of Microsoft System Center 2012 to deploy in environments with more than 10 PC's.  It can leave a lot to be desired at times with it's ability to detect and remove every infection on your PC, but for it's price point it's a pretty good product, especially when combined with a regular scan with Malwarebytes.

I don't use Windows a lot at home, pretty much only in the lab.   But in the lab, I go with MSE.  However, there is one problem in that that it simply refuses to install on Windows Server 2012 and later.  But with a little effort, you can get around that.  Here's the process, in 9 simple steps.

  1. Download a copy of MSE. 
  2. Right Click on the mseinstall.exe.
  3. Click on Properties.
  4. Click on the Compatibility tab.
  5. Check Run this program in compatibility mode for:
  6. Select From the drop down menu Windows 7.
  7. Open a Command Prompt as Administrator.
  8. Navigate to your Downloads folder (ie. cd C:\Users\%username%\Downloads).
  9. Run mseinstall /disableoslimit and follow the installer prompts.
When you update the program, you won't be able to automatically update the scanning engine, only the definitions.  

Friday, March 6, 2015

Making a Case for EIGRP

 on  with No comments 
In , , ,  
The following is a position paper written for a technical writing class. The views reflected in this paper do not necessarily reflect those that I hold, I often like arguing in favor of something that I do not agree with for the purpose of assignments such as this. Enjoy. Once the routers, and switches have been selected, the basic network layout has been drawn out on every physical and logical level, and the Internet connection has been chosen and ordered, there is still one crucial decision to be made. The network still needs to standardize on a routing protocol. For any network with more than a handful of devices capable of routing network traffic, this is yet another decision that is going to make or break the network. If the wrong protocol is selected, or it is not configured optimally, those expensive Cisco routers will perform more like the Netgear devices that can be found at Best Buy. For most enterprise networks, EIGRP should be logical choice for the routing protocol. A routing protocol is a means for routers to share information about where networks are. When a router first comes online, it knows only the networks that it is directly connected to. A routing protocol allows that router to share the information about those networks with it's direct neighbors, and its neighbors to share their routes with it. The router will then take the neighbor routers networks and add them to its routing table, along with how to reach them, and then shares the newer, larger table with it's neighbors. This process repeats until every router knows about every single reachable network. Each routing protocol's purpose is to accomplish this basic task, however there are many differences is in how the protocols communicate this information with other routers and the methods used to determine the best path to every reachable network where multiple paths exist. The routing protocol must also determine when a route is no longer valid and should be removed from the routing table (Odom, 2005). The two most prevalent routing protocols used in enterprise networks today are EIGRP (Enhanced Interior Gateway Routing Protocol) and OSPF (Open Shortest Path First). While RIP and Integrated IS-IS are still available as potential choices, those are typically only used for the smallest and largest of networks, respectively. EIGRP is a Cisco proprietary protocol, meaning that it only runs on Cisco routers and switches. OSPF is an open standard, which means that you will find it available to run on nearly all modern network devices. Both of these protocols have their own strengths and weaknesses, and both are candidates for nearly all types and sizes of networks. So if both of these protocols will work on your network, then which is the right routing protocol for you? Proponents of OSPF are quick to point out that EIGRP is a Cisco proprietary protocol and therefore should not be relied upon in a production network. The proprietary nature of EIGRP presents two major problems, they'll tell you. The first problem is that it because it runs only on Cisco equipment, it can only be used in networks that are built completely from Cisco equipment and will always be built completely (or nearly completely) from Cisco equipment. Next, because EIGRP is Cisco proprietary, it is not properly documented via Internet RFCs like an open standard such as OSPF is. An RFC is an open document maintained by the Internet Engineering Task Force (IETF) which define the standards that the Internet and other network technologies are based on (Winer, 2000). Complete and understandable documentation of a protocol is vital as an administrator must understand the protocol quite throughly in order to deploy it. Recent numbers indicate that Cisco is still on top of the market for both routers and switches, and their lead continues to grow. According to Infometrics Research, Cisco's sales of Ethernet switches accounted for 68.5 percent of the market in the first quarter of 2010, which is up from the 64.5 percent it held a year ago. Cisco's sales of routers accounted for 52.9 percent of the market in the first quarter, up from 45.6 the previous year (Burt, 2010). While this is far from the near 100% market share that would be required to indicate that the majority of networks are entirely Cisco, it does indicate that a significant number of such networks exist. It would be correct to state that not all devices currently used in the enterprise support EIGRP, but it would be unfair to not acknowledge the same is true about OSPF. An odd device here or there that does not support EIGRP can still have it's routes redistributed into EIGRP. And while it is true that Cisco's proprietary protocols are not documented via the common RFC series of documents that open standards such as OSPF are, that is not to say that EIGRP is not properly documented. Those of us who have spent time studying for Cisco certifications are very familiar with Cisco's online documentation, often referred to as the “Doc CD” from the days when the Internet was not as wide-spread and you would receive a copy of this documentation on a CD in the mail. EIGRP is documented here quite well, and it is trivial to search and navigate this documentation. If the online “Doc CD” is not for you, then Cisco Press may be. From books covering the most basic of Cisco Certifications, the CCNA (Cisco Certified Network Associate), all the way to specialized titles such as EIGRP Network Design Solutions, Cisco Press also documents the EIGRP protocol extensively. Proprietary protocols have earned an often deserved bad reputation over the years with companies such as Microsoft refusing to disclose how their technologies work. However Cisco has been quite open with it's protocols, and not just EIGRP. Now that we've established what EIGRP is not, let's focus on what EIGRP actually is. EIGRP is classified as either a hybrid protocol, or an advanced Distance Vector Protocol, depending on who is describing it. It shares the simplicity of Distance Vector Protocols such as RIP or IGRP, while it's performance more closely matches advanced Link State Protocols such as OSPF or Integrated IS-IS. In fact, EIGRP is based on IGRP, hence the name, Enhanced IGRP. And this is the first big selling feature of EIGRP, just how simple it is to deploy and maintain. EIGRP can be enabled on a router with fewer than 10 commands, and no knowledge of the network beyond that router is required. The same cannot be said for OSPF which requires advanced knowledge of the entire network and careful planning of it's deployment. To properly design an OSPF network, one must first divide the network into smaller areas. Different vendors have different recommendations on the number of routers that should be in a single area ranging from as few as 50 to as many as 200, though it's not often that high (Moy, 1998). This limit may require the network to be divided in ways that are not logical in relation to the actual operation of the network. These areas must contain network addresses that can be summarized, which is required to share routing information between areas (Moy, 1998). If you are migrating an existing network to OSPF, this may require a substantial portion of the network to be readdressed. Devices which are assigned static addresses will have to be assigned new addresses, and DHCP pools will have to be adjusted. Finally, on a subnet with more than 2 routers, OSPF requires one of these routers to be elected a Designated Router, and a second to become the Backup Designated Router. This again requires prior planning of every router's configuration as well as potentially moving routers to ensure that the Designated Router on each link is one that is up to the task. EIGRP on the other hand does not require a network to be split into areas, summarization can be implemented anywhere that the administrator chooses, or even not at all, and it's neighbor relationship do not require any elections. There is also no artificial limitation on the number of routers that can be involved in an EIGRP network, the only limitation is how many routes your routers available memory can store and process. Besides the simplicity of it's configuration, the next big selling feature of EIGRP is it's support of unequal cost load balancing. Other routing protocols are only able to load balance traffic across multiple links if all of those links are of equal cost, or in other words, the links share the same speed, distance, latency and any other characteristic used to determine the cost. Only the fastest link(s) out of all the possibilities will be inserted into the routing table to be used as valid paths for traffic, while the slower routes will go unused (Doyle, 2005). An administrator can cheat and modify the cost of all the links so that they are equal, but then the faster links will be underutilized. So in a network with multiple redundant links that are of varying cost, only EIGRP can properly utilize all of the bandwidth available. In a network or nearly any size, multiple redundant links to every location is advisable. But why would an administrator want to install all of these redundant links and then not have an optimal amount of traffic flowing over them? One final capability of EIGRP, though admittedly not as useful in today's primarily IP only world, is the ability to route IPv4, IPv6, Appletalk and IPX traffic all with one single routing protocol. EIGRP is the only routing protocol that supports routing all of these types of traffic, and in a multiple protocol environment, this makes it the only logical choice. The only alternative is to choose OSPF for IPv4 and IPv6, IPX RIP for IPX, and RTMP for Appletalk traffic. Running three different routing protocols on a single router would use a significant percentage of that routers resources for overhead tasks, significantly lowering the amount of actual data that can flow through. Furthermore, EIGRP is compatible with legacy routers and servers that run the standard IPX RIP and Appletalk RTMP protocols as well as legacy TCP/IP routers running the older IGRP (Doyle, 2005). For a proprietary protocol, EIGRP plays quite nicely with others. When choosing a routing protocol for an enterprise network, there are a lot of factors to consider. Once a routing protocol has been selected and deployed, it is not likely that another change will be allowed or even possible, so an administrator has to make the correct choice the first time. In the right hands, EIGRP and OSPF will both do the job well. In the wrong hands, EIGRP will still do the job well, while OSPF will drag along as if the network is running on a handful of consumer grade routers and switches that were bought off the shelf at Best Buy. EIGRP is much simpler to configure than OSPF, but yet it converges (reaches the point where all routers know about all reachable networks) just as fast, and in some cases faster. For any network that does not rival the entire Internet in both size and complexity, EIGRP is the obvious choice for routing protocol.