I know lots of people who rave about Sophos Anti-Virus. I decided to give it a go in my lab. Both of the servers are firewalled and hardened. Nothing crazy, just some standard stuff which I won’t go into here. Anyway, I filled in the evaluation form and downloaded the package. I started the install and was greeted by about a dozen crash/debug requests. Installing the package causes the package to crash! Okey-dokey then. I won’t be installing that on our server deployment.
Month: June 2008
Kaspersky for Business Anti-Virus
I just did a quick evaluation of Kaspersky’s Anti Virus for Business suite. Based on "bang for the buck" I don’t think it’s up there with AVG. It’s got a bit of the "Sinmantec" about it’s interface. It doesn’t seem well thought out. The agent deployment is a 2 phase process. There’s a network agent that must be installed and then you install the anti-virus software.
The price is pretty good though, especially compared to Trend Micro! And Kaspersky’s engine does tend to rate very highly on the charts.
I like that it has a dedicated Windows Event log. That’ll make monitoring using something like SCOM a heck of a lot easier. However, when I dropped Eicar onto my test agent I was disappointed by the results. It prevented IE from saving the file which was good. It sent details to the central administration server. But there was no event recording this occurrence in either the Kaspersky or the Windows Event Logs.
Planning and Deploying RODC’s
Microsoft has released a document that describes the functionality of Read-Only Domain Controllers, when to use them and how to deploy them. You must read this document if you have a branch office infrastructure Active Directory. Using RODC’s in physically insecure branch offices is highly recommended.
Data Protection Manager Feature Pack
A feature pack that adds new functionality to DPM 2007 has been released for x86 and x64:
Issues Fixed:
- 946647 Description of the Data Protection Manager 2007 hotfix package: January 9, 2008
- 948373 The backup image may be corrupted if you use System Center Data Protection Manager 2007 to perform an online backup of a virtual machine that is running in Virtual Server 2005
- 950082 Description of the Data Protection Manager 2007 hotfix package rollup 2
- 948936 When synchronization runs in Data Protection Manager 2007, the DPM service may unexpectedly crash
- 951557 getKB -Data Protection Manager 2007 – Hotfix
Features Added:
- Support for backing up virtual machines on clustered Virtual Server 2005 R2 SP1 hosts
- Support for sharing tape libraries between multiple DPM servers
- Better tape utilization of tape capacity by co-locating data from multiple protection groups with similar retention range
- System state protection for Windows Server 2008
Note: Backup of SQL 2008 (Katmai) is not supported until the released version is publicly available.
Deploying Windows Server 2008 with “slipstreamed” Hyper-V RTM. Part 1.
John Howard has started documenting how to "slipstream" Hyper-V into the install image for Windows Server 2008. That’ll be pretty handy if you want to be able to rapidly deploy Hyper-V hosts, e.g. a rapidly growing farm of hosts.
Credit: John Howard.
Hyper-V Release Notes
If you are installing the RTM of Hyper-V then you really should read the release notes. There’s information in there relevant to backup, security and operations.
Delegation of Administration in Hyper-V
If you’re like me, you like to restrict as much as possible and delegate selected rights where possible. I’ve only just found out that this is possible with Hyper-V without using VMM 2008.
The Virtual PC’s Guy describes the process in his blog. This will allow you to grant selected rights to VM’s and Hyper-V to non-administrators on the Hyper-V server. To do this you edit an Authorisation Store using the Authorisation Manager.
Note that this is in the Hyper-V release notes:
"If the Hyper-V authorization store is located in Active Directory, then the removal of a user from a role does not take immediate effect. Either the server running Hyper-V (the computer that runs the Virtual Machine Management Service (VMMS)) or Active Directory needs to be rebooted to apply the changes. To avoid this issue, use an XML file as the store type. To fix this issue, reboot the Hyper-V server hosting VMMS, restart VMMS and Network Virtual Service Provider Windows Management Instrumentation (NVSPWMI) services or reboot Active Directory".
Lesson: Use groups, not users to grant rights.
Credit: Virtual PC Guy.
Using the Hyper-V Integration Components in WinPE
I just found a few links on adding the Integration Components to WinPE. Why would you want to do this? Simple; say you want to deploy operating systems to VM’s via SCCM, WDS or ImageX. There’s a lot more tools out there that will use a WinPE boot image too. You will need drivers, especially for the NIC to work. To get those, you’ll need the Integration Components. Mike Sterling has documented the process.
Credit: Mike Sterling.
EDIT:
Mike has updated the script that he used in the original post.
Getting Started with Hyper-V
The links on how using Hyper-V are now live. This is a good place to start if you are new to Hyper-V. Quite honestly, it’s really easy to use.
Update: Hyper-V RAM Loading
I’ve previously talked about my observations of how my 9GB RAM Hyper-V lab box used it’s memory and how Hyper-V has a RAM overheard and how you can calculate the maximum.
Last night I upgraded the lab box from RC1 to RTM. Today, I’ve noticed that I have a whole lot more of RAM to play with! In fact, 1.5GB of RAM was freed up on my 9GB RAM server. Before I could only get 7GB worth of VM’s up. Today, Hyper-V is looking much more efficient.