A blog covering Azure, Hyper-V, Windows Server, desktop, systems management, deployment, and so on …
So that overpaid bunch of people is at it again, justifying the employment of way too many marketing people.
My battery is running flat (lesson: switch to "power saver mode" when running on batter you idiot!) so I’ll probably finish this one tomorrow – some of us Irish folks are meeting up tonight for a couple of drinks/dinner.
As you should know, the next generation TCP stack in Vista was a big change for the better. It offers solutions to serious productivity issues when teamed with Windows 2008. Reminder: the Tolley Group Study.
Personal story: I’ve tried this with Vista accessing an SSL W2008 SharePoint server this week from Barcelona. The server is on the net in Dublin and I was on a crowded WiFi LAN. It was like being on the same LAN as the SharePoint server. I know that XP could not have had the same performance over this (very) latent link.
The presenter is a woman from MS Turkey. Needs for now: IT Pros need flexibility, mobility and performance. Users want seamless networking. They don’t care about wifi, broadband, LAN, VPN, etc. Windows 7 offers:
Mobile Access: Had to patch them now. Hard to manage. We have some functionality with native installs of SCCM 2007. Difficult for users to access internal resource remotely. Windows 7 offers a "corporate network boundary" to include assets no matter where they are. Easier to service remote PC’s.
Direct Access
We now get a demo of the seamless remote access to internal resources. It works as if she was on the LAN in MS. It works over IPv6 … IPv6 addresses are unique across all machines in the world. A DirectAccess server monitors traffic on the border. The PC has a client. It scans the destination address. If it’s a corporate internal address the client traffic is directed to the DirectAccess server running on Windows Serve r0208 R2 – "Split Tunnelling". You can use a proxy if you don’t like this process. This entire solution allows tunnelling over IPv4 UDP, TLS, etc. NAP can sit in here to ensure that the client only gains access if it is compliant with corporate policies. W2003 can be remotely accesses using IPv6 addresses – there’s a patch. IPSec is used to secure the session between the client and the DirectAccess server. It is not required within the corporate intranet but recommended (as usual – but rarely done). The solution assumes the client is on an insecure network. NAP assumes the client is non-complaint and must prove itself.
Strategy:
Windows 7 clients:
During deployment:
VPN Reconnect
Mobile broadband is unreliable. Windows 7 will persist network connectivity to automatically reconnect the VPN tunnel when the underlying network is back online. Seamless for the user. The policy defines how long of an outage is tolerated. Default is 30 minutes.
Mobile Broadband
Bad experience for user. Requires dodgy 3rd party software. More management. Windows 7 provides PNP for mobile broadband devices. End users just plug and connect. Better for network providers, admins and users.
Branch Office
There’s two optimised networking solutions, one for a deployment with a server and one without:
Either way, sessions/locks are maintained. Read is optimised, a write uploads the entire file 🙁 GPO manages things. There is no current policy for aging/retention of cached blocks. We want to get rid of servers from the branch office but the best solution is host based (requiring W2008 R2 for cache and server). The services supported are file share (SMB) and web (HTTP/HTTPS). SSL and signing supported.
Deployment: Distributed – GPO, Host – Role installation.
SMB Enhancements
Transport Caching: The Win7 client caches open file share files locally. Reads are local. Writes are written to the server. User transparent. Better WAN performance for the user.
Example. Client 1 downloads a file. Client 2 requests a download. Caching (distributed or host BranchCache) makes the blocks available to client 2 from client 1 or a server. Client 2 request a new open – it’s loaded from a local cache on client 2.
Improved Office Experience
Office is very chatty; constantly reading open file content. New optimisations consolidate this to a single stream of traffic.
Offline Files
We now get regularly admin controlled 2 way synchronisation of files – with windows for busy periods. This allows corporate data synchronisation and user experience optimisation over the WAN.
DNS Security
DNSSEC secures DNS against man-in-the-middle attacks.
URL QoS
QoS policies can be defined for specific URL’s. Consider a single web server with many web sites. Should all web sites be tarred with the same brush: some are more important than others.
Green IT
Wake on Wireless LAN: Wake up a host, perform maintenance, put it to sleep.
Smart network Power: idle NIC’s are put to sleep. DON’T USE FOR "SERVERS". Consider distributed BranchCache where clients rely on other clients for WAN optimisation.
Q&A
BranchCache is based on block level tech. Similar to DFS-R but new code.
Remote management via Direct Access gives seamless access for the IT Pro and user. Consider remote admin for ConfigMgr. It might now be dead. You can even ping a remote machine with this technology.
BrachCache: Any write activity sends the entire file over the WAN, not just the changed blocks. BOO! Riverbed and Citrix still have a window, even if you only care about SMB and HTTP(S).
The BranchCache is ACL’d and encrypted. Pre0-staging is possible but only via scripted download. MS provides a clever API for their or partner later use for direct media pre-staging (ideal solution).
BranchCache generated the most questions and interest from this session.
I mainly went there to introduce myself face-face to my MVP lead, Wally Mead. It was an interested session where Wally did a demo that people followed, just to show them the functions of System Center Configuration Manager 2007.
There’s loads of SCCM sessions here at TechEd EMEA 2008 and they’ll jump into more detail. Well recommended if you’re interested.
The Keynote presentation was all about Dynamic IT and how Hyper-V makes IT more efficient (power, hardware) and flexible (mobility and quick to deploy). MS’s argument is that virtualisation without management doesn’t give you dynamic IT. Hence, VMM 2008 and OpsMgr 2007 via PRO. You use a "single pane of glass" to manage the infrastructure, not point solutions, as you would have heard if you’ve heard me speaking about Hyper-V.
BTW, the venue is tiny. A huge amount of us were in another room watching a tiny screen. We could not see the presentations, speaker or demonstrations. Come on Microsoft! Amsterdam was much better than this place! And it smells too (don’t ask me what it smells like!).
The demo uses the food ordering demo built on multiple servers that MS has been using for a while. A web server running as a VM was no longer able to get required resources so it slowed down. OpsMgr recognises this. Via PRO, VMM can recommend an alternate VM and us quick migration to move the VM to another host with more resources. Of course, using Live Migration in Hyper-V in Windows Server 2008 R2, the VM has no perceivable downtime, e.g. VMotion in ESX.
Sidenote: I’m also reading at the moment that VMware are to cut software prices by 10%.
And there was a reminder that virtualisation is multiple technologies, not just machine virtualisation (servers and PC’s). MS purchased Kidaro to implement their own VDI solution aka VECD – a user logs into a virtual PC via a terminal or dumb PC via RDP. App-V is the renamed new version of Softgrid or application virtualisation. Applications are streamed into self contained packages. They execute on a PC but are not installed … they are self contained. Presentation virtualisation is Terminal Services – no explanation required there, I hope.
System Center manages it all – OpsMgr, VMM, Config Manager 2007 R2 (App-V).
"Announcements": Hyper-V server, VMM 2008, App-V 4.5 for SA customers and MAP. Nothing new to be brutally honest.
There is a claim that the MS Hyper-V and System Center solution for 5 hosts is 1/3 of the price of VMware VI. If you make use of authenticated host licensing with free OS’s for the guests then you certainly will see this.
MS deploys around 10,000 new servers a month. I’ve heard this before. The new data centers are huge, e.g. Grange Castle in Dublin – open in 2009. A new one in USA is powered using hydro-electric. Another uses local recycled water for cooling. They’re trying to do greener IT – virtualisation allows this. If you order a server in MS, virtual is the default. You need to justify and specify a physical machine to get it.
There was a demo of cross platform extensions, e.g. manage other OS’s and applications from System Center. Some of this is by MS and some of this is by 3rd parties (WS Man & Open Pegasus). This uses OpsMgr 2007 R2. Application showed modelling of Oracle, Apache, SUSE and Solaris alongside Windows and IIS. The model included synthetic transactions. This is 6 months old news 🙁 We also see a "new" feature in R2 for SLA management/reporting. That’s available now to OpsMgr 2007 customer as a free download (Service Level Dashboard Management Pack).
Operations Manager 2007 R2 will be a public beta by the end of November. I’m hoping there is actual new functionality in R2. I’ve not heard it yet 🙁
ForeFront: It’s based on System Center: MOM and WSUS. The new version will utilise existing installations of OpsMgr and WSUS. That’s a major improvement. Naturally, he reminds us that Active Directory is key to ID management.
Enterprise Business Server 2008: the 3 server solution for medium sized enterprises. Some announcements on November 12th.
Windows Server 7 aka Windows Server 2008 R2. R2 is the official name. There is an "M3" pre beta release available for download. The 3 focus points:
1) Virtualisation
2) Management
3) Better Together
Now we get the demo of Branch Cache. We see a streaming video over a slow WAN link. The performance sucks. But the data is being cached by a branch office server on the local LAN. Data is cached as it traverses the BO server and is locally replayed with out traversing the WAN whenever the data is requested again. Access security is maintained – this is not a proxy. This will be fantastic for branch offices and similar latent network architectures if this really works when it’s released. Could be a real cash saver when compared with Riverbed Steelhead or Citrix WanScaler.
AC Milan (the football club) runs Hyper-V, System Center, SQL, Vista and Office 2007. That explains David Beckham 🙂 They use the solutions for business: to analyse the health of and extend the careers of their players. It’s called "Milan Lab". Lots of player interviews in the demo about how they’ve improved thanks to MS 😉 Why don’t Paul Allen’s (MS founder and retired executive) Seattle Seahawks do this? They’re crippled by injuries.
Next version of SQL is named as "Kilimanjaro". A new feature to make data analysis easier via Excel called "Gemini". This was a troublesome live demo by a jolly Italian gentleman. Holy Blue Screen Batman;I thought MS banned live demos! It integrates with SharePoint. Nice. Not very exciting to an IT Pro like me.
Now onto Software + Services. Here comes BPOS (Business Productivity Online Services) and Azure. There’s a demo. The local AD is replicated to the online service. Yes – BPOS allows integration of on-site services with online services. Think of ADAM replication with AD. You also have Exchange integration between on-site and online. Your online user accounts can be managed on-site. Sweet. You can have on-site, online or hybrid implementation such as what I just described. This will be very popular for small businesses and large ones with branch offices. The services will be available from partners in Europe in the Spring.
Azure Services Platform: A SaaS platform for cloud computing. Using familiar tools, devs produce solutions and IT pros deployed it on the MS cloud platform. The solutions is "out here" on a fluid hosting platform. The speaker had nothing else to say. I’m sorry but Azure is the biggest thing that MS has done in years and deserves more time and a demonstration. It ties together so many technologies in a really useful way to resolve real business issues and cloud computing is a very current topic. Boo!
I just arrived in Barcelona and was met by what felt like a hurricane. There doesn’t appear to be a dedicated bussing system in place this year between the airport and the conference centre. Instead I caught a taxi, not feeling like getting lost on a mass transport system for the day. Between the taxi and the conference centre I got SOAKED. I smell like wet jeans! If you’re reading this in the conference centre right now, that’s me you smell in the black IMTC 2008 baseball cap.
I’ve registered and and I’m sitting in the arrivals hall, making the most of the free wifi access. I’m looking outside and I can see this place has either gotten battered by the weather or hasn’t been well maintained. My first impressions of the building: it’s a glorious tribute to 1980’s architecture 😉
My advice to anyone coming here: bring waterproofs and don’t be an idiot like me and forget your international power socket adapter kits. I’m facing the prospect of trying to hunt some down – I’m not thinking that will go well.
The hall opens tomorrow at 8 and we have between then and 2PM to play in the hands-on labs. Based on my experiences in Amsterdam, they’re usually crowded at the best of times. The keynote will be at 14:00 tomorrow (Monday). Hopefully the speakers will remember that this is an IT Pro crowd and not start telling us about the wonders of the newest generation of Visual Studio tools – 99.999% of us couldn’t care less. There’s other cooler things to talk about: Azure, Windows 7, BPOS, Hyper-V 2.0 and VMM 2008.
I’ll hang around here a little while and let the rain die down. When my battery dies I’ll brave the elements and head into the city to find my hotel and maybe some food – I haven’t eaten in 14 hours and I’m starving!!!! No, Aer Fungus, I won’t pay €9 for a dried up sausage and a slice of bacon swimming in fat.
Damn I hate airports and airlines … at least I can enjoy the rest of the week until I face them again next Saturday.
Anywho … my agenda for tomorrow as of now is: