We suggest the following:

  1. SECURE!
    Its easy to open ports on internet, but security is primal concern. Are you using optimal pre authentication at border ISA/TMG servers along with reverse proxy of resources inside. Are you using TMG URL filtering to block categories of URLs from access for employees. Are you using ISP redundancy to truly achieve failover of ISP links for agreegation of bandwidth as well as failover or high availability. NAP
    NAP Either you develop floor wise VLANs on network switches or rooms wise. With Microsoft Network Access Protection it is possible to design your network to segment based on membership of AD groups or attributes like departements which is more logical break down. 802.1x capable switches allows that. MetalSoft is first organization to enable such functionality in Pakistan, check our corporate profile below. Also with NAP you can block access to your network switches (wired as well as wireless) so that AD-domain joined machines land into a different network VLAN from guests besides auto remediation of missing OS patches.
    Are you worried about document security and information leakage?. Let us help you with Microsoft AD-RMS 128 bit encryption along with Federation outside to other organizations as well as MSN identities. It can be made to work even on blackberry and Apples devices. NAP
    NAP Centralize you authentication using Active Directory as source of identity for all applications using IdMfamily of products from Microsoft. Replication based solution from Microsoft allows to sync all identity stores from Oracle, IBM, Lotus, HR Modules and other platforms and applications with Active Directory. This allows automatic provisioning and deprovisioning of users accross multiple applications in organization and makes overall identity management automatically managed.
    Centralize your authorization using AzMan component of Microsoft for Active Directory. It is natural and easy to provide rights and permissions across the enterprise various applications like Oracle, IBM, SAP using Active Directory groups and users and AD-Snap Ins like of AzMan. Microsoft provides Authorization Management Solution built right into windows server Operating System to help achive that. NAP
    NAP Implement enterprise Single Sign On (SSO) between various applications like SAP, Oracle, IBM and windows active directory. Using Microsoft Active Directory Federation Services, it is possible to program this functionality.
    If your antivirus is being updated but not your windows desktop Operating systems, then you are only half way to be secured. With MS Forefront End Point protection deployed on top of MS SCCM, patching for both is performed and handled under same framework. NAP
    NAP You are worred about centralization of audit logs of all the critical servers and services but servers often run of limited log space. Consider MS System Center Audit Collection Services so that temper resistant, consolidation audit database can be developed with no worry for lossing crucial audit data.

    With Microsoft Unified Access Gateway it is possible to publish resources to internet for employees or external audience for VPN or other purposes. And it's done in much more secured way with UAG. It is possible to develop a single portal containing web access for exchange, web access for OCS/Lync and published sharepoint site all on a single portal address.

    Direct Access, Proxy access.

    Web Apps

    Sharepoint STS for external users

    With Exchange ActiveSync


    Provance ITAM

    helpdesk and service catalog

    Visio Services based monitoring

    Exchange upgrade/migration: first 2010 of region.

    DR Development

    DPM backup onsite cross site

    HyperV Farm or SQL Farm with active active clustering


    System Center

    Network OS Deployment


Deployment of these teachnologies is our experise and we cover almost all of the infrastructure products of Microsoft, Contact us for that for further information.


We host and hone best of breed Microsoft Infrastructure consultants at architect level capable of designing complex infrastructure solution. Contact us for further inforamtion.


Your servers are down, for exmaple MS Exchange is not operational and require help with timely bringing the services up, contact us.

Do check our profile for information on our customers and deployment examples and follow up with us for detailed information on any of the above.