SRK-TechBlog | Technologies Blog

Why SSL fate is doomed and TLS is the only option left

22. March 2018 Shahid-Roofi-Khan Blog (0)

SSL, which refers to Secure Socket Layer, is a protocol used to provide secure connections between a client and a server. A TCP connection can provide a reliable link between a server and a client but cannot provide services such as confidentiality, integrity and end point authentication. So, SSL was introduced by Netscape in early 1990s to provide these services. The first version of SSL, which is known as SSL 1.0, was never released to the public as it had many security holes. However, in 1995, SSL 2.0, which provided better security than SSL 1.0, was introduced and, in 1996, SSL 3.0 was introduced with more improvements. The next versions of the SSL protocol appeared under the name TLS.

SSL, which is implemented in the transport layer, can secure a protocol such as TCP by applying various security measures. It will provide confidentiality by using encryptions to prevent anyone from eavesdropping. It uses both asymmetric and symmetric encryption. First, using asymmetric key encryption, a symmetric session key is established which then would be used for encrypting the traffic. Asymmetric key cryptography is also used for digital certificates used to authenticate the server. Then Message Authentication Code, which uses various hashing techniques, is used to provide integrity (identify any unauthenticated modification done to the real data). So a protocol like SSL allows transmitting sensitive information such as banktransactions and credit card information over the internet. Also, it is used for providing confidentiality for services such as email, web browsing, messaging, and voice over IP.

SSL is now outdated and has many security issues where its usage is not much recommended currently. SSL 3.0 was enabled by default until recently in many browsers but now they are planning to disable in the future versions due to severe security bugs such as POODLE attack.

Power of Two Factor Authentication using Microsoft Identity Manager 2016

22. March 2017 Shahid-Roofi-Khan Blog (1)

Microsoft Identity Manager 2016 can increase the security and reduce help desk calls for password management substantially. It allows integration of authentication infrastructure with SMS gateway so that users mobile device can be used as OTP device for the password reset, unlock requirements.

The windows environment, becomes latest with the industry trend of using One Time Password that is sent using SMS Messages.

The last organization where we implemented this technology became a great value to the infrastructure.

Never Install SQL Ent or Standard edition. Always use developer edition. Here's why

18. March 2017 Shahid-Roofi-Khan Blog (0)

SQL editions can give you tough times, especially when you have used enterprise edition and later you find you cannot downgrade it to standard edition. Often times this is core requirement from the customer once they renew their Microsoft licenses.

Only edition flexible enough to be downgraded as well as upgraded is the developer edition which works for six months without any issues.

Once this period elapses you have chance to either upgrade to enterprise edition or downgrade the solution.

It will save you lot of wasted deployment hours.

SQL Editions

source: https://docs.microsoft.com/en-us/sql/database-engine/install-windows/supported-version-and-edition-upgrades-2017?view=sql-server-2017#-edition-upgrade

How to do Form validations and map document properties to document library columns. A sample run of requirement mapping to SharePoint.

15. August 2016 Shahid-Roofi-Khan Blog (0)

SharePoint 2013. Mapping of Sample Functional Requirements to SharePoint Solution using most of the out of box features of SharePoint.

Exchange 2016 - Reference Architecture

22. March 2016 Shahid-Roofi-Khan Blog (2)

Having designed Exchange Architecture for so many organizations, today decided to upload a common print for reference for all

Exchange Connector Simplified !

21. January 2015 Shahid-Roofi-Khan Blog (0)

Usage Scenario, We recently came across the scenario to utlize MS Service Manager 2012 to automate common help desk requests in the form of Service Requests in Self Service Portal so that users can make common requests right from portal. The challenge, We got limited

https://gallery.technet.microsoft.com/Exchange-Connector-8659edef?redir=0

Presented MS Pakistan for the launch of Windows 2008 R2 - Seems less live migration of Hyper-V

22. October 2009 Shahid-Roofi-Khan Blog (2)

Thanks to MS Pakistan Office for giving the chance to present newly released Windows 2008 R2 Operating System.

Presented live migration feature with car running inside of a virtual machine in running state, the VM was failed over to other node and car didn't stop.

That's even though the active compute was out and processing was shifted to another node.

https://zafar73.wordpress.com/2009/12/05/microsoft-joint-business-launch-windows-7-windows-server-2008-r2-exchange-server-2010-comes-to-pakistan/

BurjAlArab Hotel - Network based OS Deployment - Windows Vista

22. March 2007 Shahid-Roofi-Khan Blog (0)

Arabian Business News Paper Press Release: LINK

Microsoft did the case study for MS BDD 2007 for windows Vista performed at BurjAlArab Hotel

BurjAlArab case study.doc (520.50 kb)

Mon	Tue	Wed	Thu	Fri	Sat	Sun
24	25	26	27	28	29	30
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31	1	2	3	4