A blog covering Azure, Hyper-V, Windows Server, desktop, systems management, deployment, and so on …
VMware announced on their 64bit blog that VMware ESX 3.0.1 will offer full support for a range of 64 bit gues operating systems. 64 bit computing is set to gain wider acceptance and in some cases become a requirement. The following operating systems will have 64 bit support:
Hardware requirements will be as follows:
64 bit computing will be especially important in the Microsoft world. Microsoft has decided to only release a 64bit edition of Exchange 2007.
WMware ESX is the market leader in enterprise level virtualisation. ESX offers the ability to deploy many virtual machines across a farm of servers with load balancing and disaster recovery while providing a near physical machine level of performance. ESX is a key technology for consolidating servers and making full use of the processing power that otherwise would be underutilised by many of the business applications that are typically deployed.
Microsoft has recently claimed that businesses will adopt Windows Vista like nothing else before it. Well, Houston, there may be a problem.
Anyone who sets out a clear mass deployment plan for XP desktops will be familiar with the difficulties of deploying and troubleshooting PC’s. The growing trend in the market is to treat the PC as a dumb appliance that you rebuild when it breaks with a major problem that you can’t fix in a few minutes. Applications are psuhed to the PC as required by Group Policy, Terminal Services, SMS or even Softgrid for Desktops. This rebuilding process can’t be easily done with OEM licensing because you only get 2 builds activations for an OEM key without having to speak to someone in Lord knows what country to clear your license key. Because of this, large business who want to save administration costs have ponied up for Volume Licenses, often in the form of a desktop core CAL. This OEM upgrade provides a Volume License Key that does not require activation. Microsoft had to resort to using the honour code with their VLK customers.
But change is on the way. Microsoft is planning to change the way VLK customers have been able to deploy and rebuild without having to bother with activations. The process of just rebuilding as required will be taking a serious administrative effort hit.
Microsoft plans to include Volume Activation in WIndows Vista volume license editions (Windows Vista Enteprise, Windows Vista Business and Longhorn Server). The short story is that you will have to activate your installation within 30 days or it shuts down like an OEM installation of XP.
ZDNet has some more details.
Some detailed information is here.
If you don’t like this then I would suggest you pass your feedback to your Microsoft partner solution providers and presales representatives.
A blank page has appeared on Connect that informs us a Beta for Virtual PC 2007 is on the way. It will be publicly available on the 11th of October. No other details are available.
Virtual PC 2004 is now a free product and one that any self respecting sys admin should aim to use. VMware’s excellent alternative still requires a purchase, giving Microsoft an advantage. VPC allows you to run virtual machines just like you can with Virtual Server 2005 R2. In fact, the machines are compatible.
I’ve used VPC before for lab work and for testing. Where I also see it being useful is where you want administrators to use non-admin accounts for day-to-day office work such as email and browsing and a dedicated account for admin work. Run-As is painful to use (who wants to keep banging in the password?) so an alternative is to run a VM with only the admin tools installed. The administrator can log into their physical machine with a non-admin account and into a VM with their admin account. This isolates their email and internet activity from their administrative rights and provides a layer of defense against viable threats.
Windows Vista Enterprise (requires software assurance) will include a virtualisation solution built into the OS. I’m guessing now that VPC 2007 will be a solution for those who do not buy Vista with software assurance.
The October edition of TechNet Magazine is out. You can read the free web edition online. This months theme is "Connect". In it you’ll find articles on:
Microsoft has just launched the beta for Forefron Security for Sharepoint. It’s Microsoft’s antivirus solution for this key Office System product. Microsoft aims to launch it at the same time as Microsoft Office Sharepoint Server 2007 and Sharepoint Services 3.0. This could be relatively soon, i.e. early 2007. Microsoft says this new product will deliver the following:
You can register for the beta on Microsoft’s Connect website.
I’ve just added a whitepaper on WSUS 3.0 to my website. I go into the reasons for automated patching, the options, an overview os WSUS 3.0, deploying it and configuring/using it.
Note: the document is based on Beta 1.
When people think about IT security, they think about firewalls and antivirus. Firewalls are important but only go so far as to protect your network against a direct attack. A firewall will only prevent illegitimate forms of traffic from the internet. It doesn’t stop traffic on legitimate ports or downloads. Firewall defences have been compared to eggs: hard on the outside but soft on the inside. Anti-virus will only protect you against known threats. Many organisations have made the mistake of thinking that firewalls combined with antivirus will give them a complete defence against threats. That’s a nice wish but it’s not true.
Consider the SQL Slammer virus that hit the Internet in early 2003. Within minutes of its release it crippled networks worldwide. How did this work? Surely people had firewalls in place? Yes they did. Was the antivirus up to date? Yes it was. The problem was that once it could easily get past the firewall and it was unknown to antivirus vendors. It also took advantage of a known flaw in Microsoft’s products that Microsoft had previously released a patch for. In fact they released the patch several months before hand and those organisations that had deployed it were protected against the virus. Microsoft had already released a free to use product called SUS that serviced the Windows product range but few had heard of it. In fact, few had any implemented process for regularly testing and deploying Microsoft updates.
In late 2003 a new virus started to cripple networks. Microsoft Blaster took advantage of a flaw in the RPC service. Surely in the time that had passed people had learned their lessons about keeping their machines up to date? It appeared that most had not. Microsoft had previously released an update to protect their products but few had deployed it.
Since this time Microsoft has spent much time campaigning and trying to raise customer awareness about the need to regularly test and deploy updates. A replacement for SUS called WSUS (2.0) was released. WSUS, again a free to use product, services all of the Microsoft product range and makes it easier for administrators or security officers to test and deploy updates on a production network.
My experience working on client sites and speaking with administrators is that both the awareness of this problem/solution and adoption of WSUS have been minimal. Many large organisation and government agencies do not maintain patch updates. This is either because they are not aware the solution exists, despites Microsoft’s efforts, or because they do not sufficiently understand the problem.
With this document I aim to show how you can manage updating your entire Microsoft network with minimal manual effort by using WSUS 3.0.
The document continues …
Microsoft has just announced Beta 1 of the second version of DPM. DMS offers:
Betanews is reporting that, as promised, Microsoft has released an early update to fix the VML vulnerability. It is available via the usual Windows Update mechanisms.