Microsoft Books

Have not read the book totally but I have obtained very useful information from what I read.

Valuable background information for any network admin working with Windows XP or Windows 2003 networks. You can find all information on the Internet but this brings the most usefull information together to quickly get up to speed on how to configure a secure environment

Ben and Brian, (my ex-Microsoft colleagues) have done a great job at providing well-rounded, valuable and actionable coverage of almost all aspects of Windows Security. Good job guys!

Thanks,
Sanjay
Formerly, AD Securty PM
www.sanjaytandon.com

I have previously done a review of the First Edition of the Microsoft Windows Security Resource Kit which I was very impressed with. All what I said for that book still applies. The first book applied to Windows 2000 and XP Pro. Since then there has been a major upgrade for XP in SP2 and the introduction of Windows 2003 which the Second Edition covers. As with the first book this edition is great for anyone that wants to learn how to secure their Windows 2000/2003/XP Pro operating systems/networks and is geared mostly to administrator types though anyone with such interest including power users will find it extremely helpful.

In just under 700 pages no book can be all inclusive about Windows security. The Windows Security Resource Kit goes into detail on many commonly implemented topics like password/account policy and on others it shows you the basics of what is possible and then refers you to online documantation/white papers if you are interested in a full implementaion which keeps the book affordable, readable, and under 10,000 pages. For example there is a full chapter 25 with detailed instruction on how to implement 802.1X security for wired and wireless networks. For Software Restriction Policies there are three pages but that is enough to make a user aware of what SRP is, how it can help you prevent users from installing and running unathorized applications, and the basics of how to implement it. As a MCSE in Windows 2003:Security and a common newsgroup participant I am often amazed at the number of admnistrators that are not aware of many the security features of Windows 2000/2003/XP Pro such as SRP or in particular ipsec. They would benefit tremendously from this book.

The two chapters on privacy were dropped and more room is devoted to W2003/XP Pro. Though a lot of the content is the same as the previous version much as been revised or added. Below are some that I considered of note though my list is not all inclusive of changes.

CH3. A much better table with descriptions of well known sids.
CH8. Using EFS with Webdav to keep files encrypted on the network and sharing of EFS files.
CH9. Full list AND description of all services for Windows 2000/2003/XP Pro.
CH10. Windows firewall including how to configure for scope and exceptions, using Group Policy or scripted intstallations using netfw.inf. Improvements for ipsec in Windows 2003 including default exemption handling.
CH.11 Group Policy for wireless networks and Software Restriction Policies.
CH.12 Interet Explore securtiy and pop up blocker.
CH.15 One of my favorite chapters on auditing. Includes tables with listing of more Event ID's for object access and policy change.
CH.17 Listed specific service recommendations for domain controllers for both Windows 2000/2003 and also listed a recommended ipsec filter for securing a domain controller.
CH.19 Much is changed in 2003 Terminal Servies. - Use of Software Restriction Policies, smart card logon, and SSL for TS with SP1.
CH.22 For RRAS a big change is the cability of remote access quarantine control. A step by step is given with a link to sample scripts to use or modify.
CH.23 Implementation of role separation for certificate authorities.
CH.24 IIS 6.0 is disussed with it's security capabilities such as default install state, Automatic Health Monitoring, and the all important Application Isolation.
Ch.25 A whole step by step chapter on 802.1X for wired and wireless networks including Remote Access Policies, IAS, and deploying user and computer certificates. 802.1X can greatly increase security of WEP by using dynamic wep and forcing key renewal if you still have to use WEP.
CH.27 Briefy discusses Windows Update Services and its advantages.
CH.29 How to install and use the Windows 2003 SP1 Security Configuration Wizard to help select a computer profile for "hardening" to disable uneeded servces, configure audit policy, and use ipsec filters to block uneeded ports! In my opinion this is a tremendous tool that also has a rollback capability. New features of netstat are shown [note that netstat -b can be used to show executeable to port use though not covered in the book]. Two extremely helpful new tools - portquery and port reporter.
CH.31 Great table on using built in and third party tools to capture state of the computer for incident response investigation. I am surprised however that msinfo32 was not mentioned as you can use it to generate a very useful report to a .nfo file.

There is much discussion throughout the book on use of ipsec to protect your network with either ESP/AH encryption/integrity or the use of an ipsec "filter" policy to manage access to computer ports. Included are examples of ipsec filters for domain controller, wins, and DHCP. As much as I like the book I disagree with the recommendation on pages 375-376 on implementing ipsec for the domain by implementing a client/respond policy for the domain and then a server require ipsec policy for the domain controller container. Refer to KB254949 for more details and be sure to throughly test and ipsec policies on a test domain before implementing. Poorly planned ipsec implementation can cause havoc on a domain. I highly recommend that you read the white paper on Improving Security with Domain Isolation to see ipsec can do to protect your domain with the proper ipsec policies.

All in all I still believe that the Microsoft Windows Security Resource Book is a top notch book for anyone to own who wants to learn how to maximize security on their computer or network within their risk manangement paramaters. The changes in Windows XP Pro SP2 and more so Windows 2003 are very significant. If you already own the First Edtition but have upgraded to Windows 2003 or want to learn more about how Windows 2003 can improve your security then this book is for you.

You could accuse me of a little bias...i used to work for HP..and Tony Redmond is regarded as a legend.

All of that aside...this book is brilliant. It covers everything you want to know, in all the excruciating detail you need. I design E2K7 architectures in my line of work...and this book is always within a .5 second reach.

Thoroughly recommended.

This book is one of the best "computer" books I've read. Compared to another book "unleashed" about Exchange 2007, this one gets straight to the heart of Exchange and gives you the knowledge you really need. It doesn't waste half a book explaining things that Exchange administrators should already know. If you need to know how Exchange really works, this is the better book on the market right now.

I purchased Tony's book after I had previously purchased another book on Exchange 2007. I found the first book too overwhelming with regard to detail and found that I had to read paragraphs when one or two words would have been adequate. Tony Redmond knows his subject; so well that he knows what you need to know, and what you don't. My installation went without a hitch (well, maybe a small hitch here or there). Definately the book for the knowledgable network admin who has had some Exchange and other email experience. Extremely helpful.

Ive been reading Tony Redmond's Exchange books since the one written for Exchange 4.0 Ive only just started reading the latest one for Exchange 2007 and so far this book has exceeded my expectations. The differences in Exchange 2007 from previous versions are vast, but Tony passes on this knowledge to the reader in a gentle, logical and very readable fashion. I had to smile when previous versions of Exchange were described as "...more like a monolithic messaging behemoth"!

I loved this book and found it to be extremely useful...If you use FrontPage 97, get the 2nd edition of this book called FrontPage 97 Unleashed, which is also written by William Stanek

No other FrontPage book compares. Clearly Stanek knows everything there is to know about Web publishing and design with FrontPage AND he's not afraid to share it with the world.

Great examples!

Great insights!

Great organization!

Sams marketing team is asleep at the wheel on this one. This book should be packaged with the FrontPage software and there should be in store promotions everywhere! William, find a new publisher. Sams is doing you a disservice.

Microsoft's FrontPage 1.1 is great, but I NEVER would have learned how to get the most out of the software without this book. If you use FrontPage 1.1, I highly recommend this book. If you use FrontPage 97, get the second edition. Either way you won't be disappointed. This book answered every question I had and opened a whole new world of possibilities. William, your book truly made the difference

Best coverage of FrontPage 1.1, which I still use. If you use FrontPage97, the second edition of this book covers it in great detail.

A Super Must Have book for anyone who's creative.

If you're new to Microsoft Image Composer, then you must get this book. Brian Johnson writes with clarity and humor which takes the intimidation factor out of learning this program. While MIC makes web graphics creation as easy as it gets, it's still a great help to have a guide to lead you through the short learning curve. Brian Johnson inspires confidence. With a little patience and this book, you'll be cranking out graphics like a pro. Power users of MIC may not lean anything new, but for the price, it's a good reference tool.

My FrontPage CD included the Microsoft Image Composer, but Inever really made much use of it. Then I bought the "Dummies'book and realized how much I had been missing. The first fourchapters, alone, were worth more than the price of the book. I recommend it to anyone who is at all creative, and not just for web sites.

I must give this book 5 stars. I am not a big fan of the " dummies" series nor am I new to web graphics. I had sooooo much trouble with MIC , even the bottun editor. I bought every book I could find and there wasn't many. This book was the winner, it did help clarify what Microsoft found it so hard to make easy. I do prefer Illustrator or even Freehand but if you are forced to use MIC this book you must have!

As an ex-Microsoft employee I have read almost every book published about the company by both Microsoft people and external observers. This is the one I recommend to others who want to understand what it was like at Microsoft in the early years. This book is unique in that it does not try to "teach" you how Microsoft works, but rather it allows individuals who were there tell their unique stories to illustrate what it was like inside one of the fastest growing high-tech companies. Common experiences like how strange it was not having to beg for supplies or even ask permission to do something you thought needed to be done ("just exercise good judgement") ring true, as do the experiences of coming to grips with a growing company and balancing one's work and family time. Microsoft may not be like this today, but it accurately portrays the experiences in the early years through the first successful launch of Windows and Windows becoming a product that most of us use today. Remember these are the tales of people who had to explain to others that they worked for a small company in the Pacific Northwest that wrote software -- for Microsoft was not always the brand it is today.

While Microsoft enjoys a great reputation as an industry leader in its field, and while its business success has never been in question, there are all kinds of stories about what it is like to work there. This book gives the reader an inside look at what is was like as the company was getting started. This is important to note because most of these depictions are centered on the early days of the company, long before it became the large organization it is today.

The book broken into chapters centered on each of the 19 people. Each chapter introduces the particular individual and provides a bit of information on their background. The individuals themselves have each written an essay on their time at the company, and particular insights they have.

What is fascinating is that the perspectives are all different, and even though some common themes emerge, each person was impacted in a different way by their experiences. As a result the essays themselves are a joy to read, and are more like a conversation or a series of relatable observations, than a detailed analysis.

Some are quite funny. One individual in particular had me laughing so hard with his dry humor than I nearly fell off the exercise equipment I was working on while reading. Some are sad, some a bit bitter, and one or two actually seem to regard the experience as life changing in a much broader sense than merely a career.

The most common theme is money, in particular how the stock options made them rich, or didn't. It is profound to read about the impact this had on their lives. Some seem grateful, others give a feeling of entitlement, and others seem genuinely haunted by what could have been. So powerful was the wealth that was created, that most who did well discuss in equal balance the security and flexibility it gives them in their lives, and the isolation that is created with family and friends due to their wealth. It seems most have some difficulty in reconciling the wealth they amassed with the correlated effort and career opportunity.

Overall, while I'm sure the culture of the company is really not captured perfectly by any of them, the reader is nonetheless able to see some transcending themes emerge from all of the stories. This is a fascinating book from a psychology standpoint, as well as a brief, but powerful, inside look into a legendary company culture.

Everyone knows that the culture and success of Microsoft is the stuff legends are made of. This book does an excellent job of looking under the surface of this technology giant to learn what really goes on behind the scenes. There are many books about Bill Gates out there, but this one focuses on the individuals who went for a roller coaster ride that not only changed their lives, but the world. For some it was like winning the lottery, and it's interesting to see how different people viewed and managed their sudden fortune. Everybody has a different experience, some are bitter and some enamored but I found all the stories very interesting and even entertaining. Carter did a great job of pulling in a mix of people and capturing the real story behind the success of Microsoft.

I read this book because a friend of a friend of a friend is one of the "insiders," and I thought it would be fun to see if I could recognize his story. I didn't have any specific expectations about the book as a whole - and I was surprised to find myself riveted from early on. These people tell their stories in a variety of ways, and they all had different experiences at Microsoft and came away with different perspectives - but they all tell the same very human tale of making hard choices, recognizing opportunity, dealing with disappointment, growing up, clarifying values, etc. The fact that the context is Microsoft definitely adds an interesting dimension to the stories, but this is more of a generic character study of smart young people struggling with the big questions of life (like money - lots and lots of money) than anything really specific to Microsoft. Also, I have to say that they're not all (at least from their stories here) likeable people - but that just adds to the realism of the book as a whole. This is a fascinating book!

This is by far the best ISA Server book on the market.
Worth every penny I paid for it.

This is THE book if you are looking to learn ISA 2004. It is structured in an easy-to-understand manner for windows admins who are familiar with Windows but may not have been exposed to ISA Server or are upgrading from ISA 2000. All in all this is the only book on the subject you'll need.

I found this book to be extremely helpful in understanding ISA architecture and how it might fit into our organization.

The book is well laid out, concise and readable. The first section lays out a high level view of ISA functions and provides a clear overview of how to assess which components are appropriate for solving specific network security issues. The section on deployment goes into more detail, explaining how to install and configure the various components of an ISA deployment. Part III on securing servers and services goes into the specific details of configuring ISA to protect messaging, web and RPC traffic.

Microsoft networking products continue to improve both in functionality and ease of use. Having guides like this make understanding and implementing new technology viable even for small organizations with limited budgets.

The book is poorly named. "Unleashed" suggests to me wild and wonderful things to do with complex features or even tricks and undocumented things. This is definitely a black Labrador on-the-leash kind of book, and it will get an administrator safely across the broad avenue that is an ISA installation. It's a great book in spite of the name.

I used "Unleashed" as a guide for installation of ISA Server 2004 (replacing ISA Server 2000) on the perimeter of a small office network that has ten servers on three different domains (including a web server and a mail server) and twenty workstations. I studied this book and Shinder's "Configuring ISA Server 2004" extensively before beginning the installation, and I had previous experience doing the installation and maintenance of the ISA 2000 installation that ISA 2004 replaced.

I preferred this book ("Unleashed") to the Shinder book as an installation guide, but I like Shinder as a reference because of its greater depth (twice as many pages). Both books promote ISA, but the Shinder books examines (in a defensive but very useful way) competing options to ISA more thoroughly. Shinder's book then would be more useful for those evaluating ISA versus competing products.

I also have the Microsoft MCSA/MCSE Training Kit. This book is the only ISA 2004 book that includes a 120-day trial version of ISA Server 2004. I have spent only two hours with this book but found the questions and answers at the end of each lesson helpful reflecting on key points. I did find a glaring error early on. It is not true that "the IP address assigned to the external interface [of the ISA server] must be routable ON [emphasis added] the Internet." The truth is that this IP address must be routable TO the Internet; and a private address (10.1.1.1 for example) will do just fine if there is (as in my case) a router with a public address between ISA and the Internet. Microsoft books are of coure authoratative and prep well for the exams in spite of an occasional error.

Our ISA server is connected on the Internet side with a private (nonroutable) IP address to an $89 Linksys router, which is configured with simple firewall filters. The Linksys router has a public IP address and connects to a Verizon DSL modem. A laptop in the DMZ between ISA and the router is used for testing ISA protection. The ISA server of course could be connected directly to the DSL modem; but we like the presence of the additional appliance (the Linksys router) as an additional level of defense. We run GFI (number one Exchange spam filter) on our Exchange server since ISA and most other firewall products only do token spam filtering.

"Unleashed" provided sufficiently detailed and accurate guidance for each step that I took: hardening the OS, installing ISA, configuring the networks attached to the ISA NICs, setting up firewall rules, publishing an IIS web server, publishing an Exchange mail server, and setting up Outlook web access. The total time required was only two hours even with a couple of errors.

ISA is a complex product with routing, caching proxy and reverse proxy servers, firewall (including stateful and advance application level inspection), VPN server, and simple spam filter. Michael Noel in "Unleashed" clearly shows how to use the greatly improved ISA administrative interface with its templates and wizards to configure my simple architecture and also more complex architectures that place servers in the DMZ as well as the limited single-homed topology with the ISA server in the DMZ. My company is not using VPN, but the book provides thorough coverage of VPN, which many be mission-critical to those with branch offices and road warriors.

Lastly, if you are new to ISA, be aware that ISA 2006 was released as a beta earlier this year. Many reviews suggest that ISA 2006 is not a major change. Microsoft says that upgrading from 2004 to 2006 will be supported. Amazon shows no titles as yet for ISA 2006. My guess is that the final release of 2006 will not come before the end of the year.

These cards are everyhting I hoped they would be. And very fast shipping too. I wouldn't hesitate to use this person again. Thank you.

The quick reference cards purchased from BrainStorm Inc. were an enormous aid to us. A life saver for the situation we found ourselves in. Thank you for your excellent service and timely distribution.

Given the differences between Office 2003 and 2007, these card are essential. They are easy to read and of high quality. I just bought my second set for a friend.

I teach Word and Excel and needed a quick start over the summer before school starts. These cards are great for both home and school.

Superb. I looked at, and bought, a number of books focused on studying for the Word 97 Exam. This was the best. It is carefully edited, concise, and accurate. I just took the Expert test and scored 90% with the help of this book (75% is passing). Highly recommended!

I've used Word97 for a while, just picking up what I can when I can. I don't intend to take the Word97 exam but I do want to learn the material. I found the explanations very clear and helpful. After reading just the first chapter I had many new tips to share with coworkers. Can't wait to finish!

This book is the best resource I've found for passing both the Proficient and the Expert exams. I passed both on the 1st try, however, I also encountered a few questions that were not covered in the book. Just make certain you have an above average user's knowledge before you try to take the exams. Otherwise, you may find this book cannot teach you all that you need to pass the exams.

I bought this book to prepare for the exam. I've used Word for years, but needed to make sure I had all the exam requirements covered. The book was perfect. It taught exactly what I needed to know. It was concise, and it presented each topic three ways: step-by-step narrative, review questions, lab exercises. I highly recommend it.

this book is just what I was looking for, when implementing some reporting functionality to our web app. The owc11 charting engine is powerful and flexible, and gives the developer a lot of control for customization. This book was very helpful, especially considering that there are not very many resources on the web on this topic.
I recommend this book to anyone who is looking to develop their own charting and spreadsheet controls. The book is a nice starting point with a clear explanation and lots of code touching up on a lot of the owc functionality.

The book is extremely insightful and the code snippets are helpful. There is nothing out there that has helped me to even begin to understand the OWC as this book has. There is definitely a deficiency in resources for developers to use these controls using .NET and this book fills that gap!!! If you plan on using the OWC in windows or web forms, this book is a must have.

I bought this book expecting it to be like the other O.W.C. books. This one is really worth it.
Lots of code examples and pictures. I found the material easy to read and definitely worth the price. I would strongly recommend this book for any body who wants to program using these components.

The Microsoft Office Web Components Black Book with .Net grew out of a desperate need for documentation on the Office Web Components. The Office Web components are fine pieces of software well suited for harvesting Microsoft Office functionality in web and windows applications. However, many developers are often frustrated by the lack of resources available. This book aims to address this need and is crafted primarily as a programming resource so the material is technical in nature but there are 2 chapters that discuss licensing and usage in non-technical terms. These chapters allow decision makers to quickly determine whether or not the components are suited to their need. For the developers, the book explores every angle of development for commercial applications. There is an abundance of code examples to help explain the concepts. But, the Black Book also discusses and implements wider strategies for using the components in Enterprise Software.

I use Photodraw on a daily basis, too, for my web graphics...for the last 9 years. I have tried other editors, but nothing is as useful to what I do with images as Photodraw. I am amazed, too, that I'm still using it, but I absolutely love it. I so wish MS had never let this one go.

If you're a PC person and want to do graphics like those Mac people with Photo Shop, this is the program for you. Nine years after I originally bought this product, I still use it on a daily basis. Those Photo Shop people have to do multiple tasks to get things done, when PhotoDraw V2 gets them done in one click. The ease of use of this product made me a believer in its capabilities.

I have owned MS Photodraw V2 for almost 9 years, having first purchased it with MS Office 2000. Like the other reviewers, I use it on a daily basis and I am still amazed with its functionality and the quality of the results. I also own Adobe Photoshop and use that occasionally but for most picture editing projects, I use MS Photodraw. Being able to crop, resize, add special effects (such as making a pic and animated .gif or putting 3D into the picture), cloning parts of an image, erasing/adding areas back into the pic, and adding text are just small examples of how I continue to use this product. Little did I know 9 years ago that I would still be using any computer program from that time period, but when Microsoft made MS Photodraw, they created a timeless jewel that continues to provide professional results.

I first bought this program when it was first released to modify digital photos. Little did I realize that I had purchased (for far less than the going rate today) the best to EVER come along. It did take time for me to maximize the full benefits of the program and over time I have purchased others since there has been no upgrade for PhotoDraw 2000. For example Digital Image Suite is relatively inexpensive and it definitely has some improved features but it lacks many of the best PhotoDraw 2000 features. I use both programs for images, saving and closing in one in one program and opening in the other. PhotoDraw 2000 saves in its own format so one needs to save as PNG or other format to work two programs so it can be cumbersome for the lesser motivated. Overall if I had to choose one program the winner would still be PhotoDraw 2000.