To find out what LEAP is read my first blog post about LEAP 2009 or check out the LEAP web site (Dutch!)

LEAP is now also rolled out to other European countries; for my Belgian readers keep an eye on this web page; apparently it’s now fully booked but I’m sure there will be another course next year!

Master classes 3 & 4 were presented by Sasa Radosevic. I’ll write brief outlines below.

MC3 was titled : Core Infrastructure Architecture.

Due to everlasting (and expanding) pressure on IT
And industry trends

A better approach is needed. One that:

• Looks holistically across the infrastructure
• Addresses underlying structure and complexity
• Creates an integrated, uniform environment
• Adopts IT solutions that support proven best practices
• Prioritizes and sequences IT projects in a structured, systematic manner

That’s where Microsoft’s vision on this subject comes into place: DynamicIT which has some
Characteristics
- Unified & Virtualized
- Process-Led & Model-driven
- Service enabled
- User focused

and Goals
- Manage Complexity, Achieve Agility
- Protect Information, Control Access
- Advance the Business with IT solutions
- Amplify the impact of your users

Every organization can assess it’s IT infrastructure to identify where it’s at, and where it want to be, using the Infrastructure Optimization Maturity Model developed by Microsoft:

Sasa further told us where to get Architectural and design guidance, and the Microsoft products to manage virtualized infrastructures like the System Center suite. Also, an in-depth explanation of virtualization on the Microsoft platform was shown and told.

MC4 was also done by Sasa and was titled: Advancing Security

This session covered Microsoft and Security, risks and threats, core infrastructure security and identity and access control. First, we were shown a nice overview of threat evolution:

Often security is just seen as a technology aspect, but the process and people aspects are just as important:

And of course Microsoft has a optimization model for security on these three aspects:

Within the security development lifecycle creating the Threat Model is an important deliverable in the design phase:

Threat modeling is all about identifying potential threats within certain categories (STRIDE model):

The rest of the talk was about the products Microsoft provides to implement security at all levels:

- Edge protection with ISA or IAG
- Network transport security
- Rights Management Services
- Bitlocker drive protection
- Network Access Protection (NAP)
- Identity and Access management
- Authorization management
- Messaging security

Next week, the last session within the Netherlands will take place and it’s about the Knowledge Worker and Microsoft’s vision on this subject: The New World of Work.
After that, we’ll fly off to Redmond,  the second week of January to listen to what some people working within the lion’s den have to say :)