One of the cool new features in Windows Server 2008 (which is currently available in beta) is Network Access Protection. This feature allows network admins to set up comprehensive network controls to allow access only to the proper computers and users, and based on a set of "health" criteria determined by the admin. For example, let's say you want to require antivirus software to be up to date and patches installed before allowing a VPN connection to the LAN. NAP lets you do that. Wireless and wired networks can be significantly enhanced for local and remote access. It's the next wave of access management and control, and any IT network admin needs to get familiar. This is leaps and bounds above the "NAP-lite" capabilities from Server 2003.

This podcast interview with Jeff Sigman covers the subject well, and give you a quick preview into what the capabilities are. Listen, download the beta and give it a try.

RunAs Radio Show #13 | 7/4/2007 (34 minutes)
Jeff Sigman Gives Us Network Access Protection

The final installment of interviews from Microsoft Tech Ed US 2007 in Orlando, Richard and Greg talk to Jeff Sigman, the Release Manager for Network Access Protection (NAP). Jeff digs into exactly what NAP is all about, how it interact with Windows Server 2008, Vista and Windows XP.

Links: RunAs Radio web site and RSS feed

As always, we welcome your input and ideas for the show - Just email info@runasradio.com and let us know what's on your mind! We might even read your email on the air, and we are always interested to know what you would like to hear more about as we book our guests.

Went out this evening for a hour or so ride with a friend on the dirt bike and ATV. Had a great time, but I need to remember when I come to a sudden end of a road, the front brake is not the first one to grab. I can't believe I did that.

Ouch. Thank God for helmets and gloves. Sorry for the detailed picture. A reminder's a reminder. And it's a knee, if you're trying to figure that out.

I've had one past motorcycle mishap that resulted in injury, which involved a deer in the roadway. This one was just me being stupid. I also had a ATV screw up once that I got a bit of a bruise on, and that's about it. This time, a couple bruised and beat up knees, some scrapes on my chest and a sore, sprained wrist are pretty much all the injuries I walked away with (plus a bit of a sprained ego, I suppose), which is excellent considering I went over the bars and straight into the packed gravel road. I did what I learned in sports as a kid - walked it off and got back on. And took it really easy the rest of the ride, heh.

Anyhow, I am posting this embarrassing moment to serve as a reminder to me and to others not to be a sloppy idiot on a motorcycle. The rear brake is down there by your right foot. Right foot good. Right hand bad.

Right foot, right foot, right, foot right foot, right f...

Doh!

Another Fourth of July has come and gone. This year - as I have for several years past - I operated a public fireworks display, this time for the community of Walla Walla, Washington. It was my first time there, and I enjoyed the place and people. It was also my first time running a show in the state of Washington - the past seven or eight years of this have all been shows in Oregon. We shot the show in a sports park and school area on the VA grounds, and the audience was able to sit and watch from all angles around. There's a great hillside under a water tower nearby that makes for an optimum viewing spot.

My crew was terrific, and despite the fact that it was extremely hot (over 100 degrees Fahrenheit and sunny all day as we set up the show as well as the next morning while we finished cleaning up), we all had a good time and the show went off well - safe and to the cheers of the crowd. That's what we want. Even the playground sprinklers that came on automatically at around midnight while we were still cleaning up were no big deal, heheh. We just went back to the hotel for the night and returned in the morning.

Update: Travis wrote a bit about the crew experience at the show and Jenn posted some pretty terrific pics she shot.

Below is a video with some excerpts from the show. The video is five minutes long, which is a little more than one fifth of the actual length of the show (which came in at just under 25 minutes, right on target). So, you get a good flavor of the opener, mid-show shots and volleys, the build up to larger shells, some layered height effects, and of course the finale - which was pretty spectacular, if I do say so myself. Several thousand shells and pyrotechnic components from one inch to four inches in diameter made up the show.

I'll add a couple show setup pictures later today or this weekend. Enjoy.   : )

I dropped by an at&t wireless phone store yesterday while out cruising around, and checked out the iPhone, which they have a large stock of apparently. I walked in and asked, "Do you have one I can look at?" The answer was "we have lots you can buy if you want to." I got the impression there are a lot of lookers but not a lot of buyers. They certainly are not having stocking problems.

Anyhow, I spent about 10 minutes checking out the phone, and overall I was pretty darned impressed. Certainly the overall user interface is great, and the screen is pretty amazing. I like the clean, simple, intuitive UI for sure. The Apple architecture and usability people did some pretty amazing work, and this is their first phone.

So again - I'm quite impressed. I considered buying one on the spot and my impulse-purchaser controls kicked in and I left. Important to take the time to do things like breathe. And think. Stuff like that.

So, it's great. There were a few things, though, that I had a hard time getting past during my quick run with this device phone piece of electronic art.

One of those things is the on-screen keyboard. Unless you use a finger and type one letter at a time (no thumb-typing here for sure), it's just not workable. So, if you're sending quick messages a short line at a time you're okay. But typing longer emails or notes won't work from a practical standpoint. For most users that's probably okay. For me that's a big deal.

Next, there's no 3G support - just EDGE. Which is cool in terms of keeping battery consumption minimal but not so fun in terms of data speed. However, the iPhone has WiFi capability, so in some cases there's a fast option.

One more thing I noticed - or at least could not intuitively find - is a lacking ability to copy and paste text. If someone knows how and it's possible, please let me know and I will go back and check that out.

Finally, the lack of some things that might be software-fixable (or I missed the options, so again, correct me if I am wrong): The camera appears to only do still pics, not video. I didn't see MMS capabilities but you can email images. I could not find a way to record audio. Again, all of these are software things so they can change (and this is, after all, the first release).

So - people have asked me the $600 question (I can't see buying the 4GB model, after all):

Will I buy one?

Not yet probably, but it's very very tempting.

I can actually see it happening soon though - and that's actually a surprise to me. I didn't expect to quite so won-over. It's that usable and that nice. Despite my nit-pick list above, overall I think it's great. The phone is sleek, fast, even artistic in it's UI experience. And the things it does, it does quite well. Everything else is left out (at least for now). That's refreshing compared to other models of "smart" phones that try to be everything to everyone and in the process get bogged down in their own usability, stability and performance weaknesses. Apple seems to know where to go as well as when to stop. Others could definitely learn a lesson from that.

Who else has tried one? What did you think?

Identity and Access Management (often referred to by identity geeks as IAM) is a field I have come to know and love. There's been a resurgence in the past few years in this space, brought on by a number of builders of critical mass. One of those drivers, in the financial services industry, was some "guidance" issued by the FFIEC (United States federal government agency that regulates banks) in 2005 that requires banks to use stronger authentication for online banking services (better than just user name and password). In addition, the general discomfort across all industries that use the Internet as a true platform for doing business has become a motivator, especially in the wake of multiple news cycles about fraud and data theft. In a nutshell, The Internet is a technology platform that is being used for something it was not originally architected to do, and as a result there are some critical gaps from a technology perspective - especially in the area of security. Many defensive "point" solutions have been cobbled together over the years to plug holes in the metaphorical levee, but at some point you have to start thinking about either building some serious reinforcements or - quite possibly - building a whole new dam to serve the needs.

Over the past couple years the open source community, Microsoft, and a number of other companies large and small have embarked on a bit of a shared crusade (and a good one, at that) to first redefine and then re-architect identity on the Internet, how it works and what the principles are that guide and drive Identity going forward. It's been a rare and refreshing community effort, and as a result we are starting to see some real-world traction in markets like financial services; Interest is growing outside the circle of academics and programmers that are implementing the new systems. Interoperability is being seen as critical and that's likely the one things that will drive success. And while we can design a great system that can solve all the world's ills, adoption is the second-to-final gauge of success in this case (longevity and strength are the final-final determining factor, but we can't truly get there without meaningful and across-the-industry adoption).

One of the architects of this whole concept in redefining and improving Identity on the Internet is Kim Cameron. He writes the Identity Blog (worth a subscription if you're not already there) and was the publishing author of his "Laws of Identity," or what he refers to as "the missing layer of the Internet." I had the good fortune to play host to Kim and his compadre, Rich Turner (both work for Microsoft) when they spoke at a security conference I hosted a couple months ago. They discussed identity in general as well as CardSpace, Microsoft's effort in the larger community effort to add this missing layer to the Internet schema.

Richard Turner is the Product Manager for Microsoft's Identity Platform Developer Marketing group and owns Windows CardSpace Product Management there. While at the Microsoft TechEd conference in Orlando a few weeks back, I found him and pulled him aside for about 45 minutes to chat with Richard Campbell and me for the RunAs radio show we do each week. You can hear the interview here:

RunAs Radio Show #12 | 6/27/2007 (47 minutes)
Richard Turner Checks Our Identity

Another Tech Ed US 2007 interview from Orlando, Richard and Greg sit down with Richard Turner and discuss how CardSpace impacts the IT professional. CardSpace (formerly code-named "InfoCard") is a key technology in Microsoft's Identity Platform.

Links: RunAs Radio web site and RSS feed

As always, we welcome your input and ideas for the show - Just email info@runasradio.com and let us know what's on your mind! We might even read your email on the air, and we are always interested to know what you would like to hear more about as we book our guests.

I recently ran up against a self-induced application disaster on my Blackberry 8800 (that's what I get for messing with stuff I know will probably break), so I needed to do a clean reset of the device to it's factory defaults and then start over again from scratch. I'm not too keen on the idea of reloading the OS if I don't have to (with over the air configuration I have not used a USB cord on my blackberry except for once since I got it), so I started poking around trying to find the on-board reset capability (they call it "wipe" the handheld device). Nothing like trying to find a command deep in the bowels of a multi-layered system. But, this is one that people should not find it easy to accidentally choose...

So, since I finally found it, note to self for the next time I need it:

Blackberry "Wipe-Handheld" command list (at least for my 8800 - same or similar for other models)

• Options menu 
• Security Options
• General Settings
• Menu
• Wipe handheld
• Enter password ("Blackberry" or your business-assigned security password)

Useful if you're like me an have a tendency to muck around under the hood too much and gak things up. And yeah, that's a word. Gak.