You are here: Home > Blog

Interview With DataCore

August 20th, 2010 | Posted by Shane Kalles in DataCore | General | Storage | Virtualization - (0 Comments)

Recently Steve Parlee, Moose Logic’s Director of Engineering, sat down with Tim Warden, DataCore’s Western Region Director of Sales. Moose Logic has installed a number of DataCore solutions over the last few years and highly recommends their software to anyone looking into storage virtualization. We’ve also mentioned DataCore a number of times in our blog and newsletters. If your still not sure what DataCore does, this is a great introduction to their storage solutions. In the interview, Tim Warden explains the benefits of the DataCore software and what their solution can bring to your data center.

And Just to Prove the Point…

August 5th, 2010 | Posted by Sid Herron in General | Security - (0 Comments)

Monday, I wrote a post about some of the latest trends in cyber crime.

Tuesday afternoon, our Web site was hacked.

We didn’t realize it until we landed on the Google blacklist this morning, although I should have suspected something when I noticed, on Tuesday afternoon, that both of our two instances of WordPress – the one that powers this blog, and the one that powers our “News” page – had stopped working. But, since I knew that I was a couple of revisions behind, I elected to upgrade my WordPress instances to the latest release. When they came back up working again, I didn’t probe any deeper. I should have known better.

Log analysis indicates that our FTP account was compromised. Beginning at about 3:18 pm PDT on Tuesday afternoon, a series of files were uploaded to our server from an IP address that appears to be located somewhere in the UK (in the London area, to be more precise). The file transfers were done using the FTP account for our domain. They went through our site and changed every index.* page. Specifically, they placed a “hidden iframe” immediately following the <body> tag.

For those who aren’t conversant with HTML, you can think of an “iframe” as a window on a Web page that displays content from another Web page. Except that, in this case, the height, width, and border width of that window were set to “0.” The point being that when your browser loaded the page from our site, it would also load the content from the other site, but it wouldn’t be visible on the page. That content was, no doubt, some kind of malware that was intended to do something bad to your system. The hidden iframe attack is one of the most common exploits out there, and is typically used for some kind of “drive by” malware distribution campaign where the bad guys try to place their hidden iframe on as many legitimate sites as possible. When you visit the site, your browser fetches the code, and now it’s a matter of how good the defenses are on your PC.

Obviously, we’ve changed the FTP account credentials. But, frankly, we’re still not sure how the account was compromised in the first place. It was a pretty strong password, and not one that you’d expect to fall victim to a dictionary attack. We’ve been running malware scans on the machines that we normally use when we work on the Web site, and have yet to come up with a “smoking gun” that would explain how the credentials were compromised.

So…what to take away from this? First of all, it’s no fun to become a statistic. Second, nobody is immune to this sort of thing. Even the CBS News Web site was hit by an iframe attack not that long ago. Nobody is too big or too small to be targeted. Third, change your passwords regularly, even if you think you have strong ones. Fourth, be suspicious when something unusual happens. I should have dug deeper Tuesday afternoon, but it was late in the day when it happened, and I settled for what looked like an easy fix. Finally, it’s a pain in the you-know-what to go through and clean up the aftermath of something like this. It’s cost me most of today, plus we’ve been on the Google blacklist all day and probably won’t come off of it until sometime tomorrow when they’ve had time to re-scan our site.

The bad guys are out there, and they do want your stuff. Be careful.

Citrix Has Your Back – Again

July 21st, 2010 | Posted by Sid Herron in Citrix | General | Mobile Computing | Remote Access | Security | XenApp | XenDesktop - (0 Comments)

I just read an interesting blog post over on ZDnet, entitled The Changing Face of IT: Five Trends to Watch. As I read through the article, I was struck by how Citrix solutions can enable IT organizations to deal with these trends. Consider:

  1. The consumerization of IT – “Workers are bringing their own laptops and smartphones into the office and connecting them to corporate systems. More people than ever are telecommuting or working from home for a day or two a week. And, the number of Web-based tools has increased dramatically…”

    Yep. In fact many companies are instituting “BYOPC” (Bring Your Own PC) policies, because in the long run it can be less expensive to give employees a fixed allowance and allow them to buy whatever they want than it is to issue – and maintain – a company-owned laptop. Citrix themselves instituted this policy a few years ago.

    If you’re using XenApp or XenDesktop to provide access to your key line-of-business applications, you don’t care what the endpoint is. If your employee prefers a MacBook, fine. Want to use an iPad? No problem. Connecting in from your home PC because your kids are sick? We’ve got that covered, too. Just install the Citrix Receiver and you’re good to go.

  2. The borderless network – “…today’s IT security model is more about risk management than network protection. Companies have to identify their most important data and then make sure it’s protected no matter who’s accessing it and from wherever and whatever device they’re accessing it from.”

    Citrix likes to say that their products are “Secure by Design,” meaning that security is built into them from the ground up. First of all, when you’re accessing your virtual desktop remotely, or running a published application from a XenApp server, the data never leaves the data center. The remote endpoint (whatever it is) is just sending keystrokes and mouse movements to the data center and getting back pixel updates. On top of that, we can encrypt that data connection using the Citrix Access Gateway.

    Citrix also gives you very granular control over whether files can be copied between client and server, and/or whether print jobs can be directed to a client-attached printer. In fact, using Advanced Access Control policies, those controls can be context-sensitive, i.e., you might allow files to be copied to the client device if the client device is a company-owned laptop, but not if it is a home PC; or you might allow client-attached printing if the client is connecting from a branch office, but not if the same user, using the same client device, is connecting from home, or from a hotel.

  3. The cloudy data center – Let me go on record as saying that the most cloudy thing about the cloud is trying to understand what someone means when they say the word. Not unlike the word “portal” a few years ago, the first question that usually needs to be asked in any discussion about cloud computing is: “When you say ‘cloud,’ what exactly do you mean?”

    But the point to remember is that when you’re delivering applications via Citrix, users don’t know and don’t care where the data center is or where the applications are being executed. It doesn’t matter. Want to move your entire infrastructure to a co-lo? Fine. Want to have multiple data centers with automatic failover from one to the other? We can do that, too. By some definitions of the term, we’ve been building “private clouds” since the release of WinFrame back in the mid-90s.

  4. The state of outsourcing – “Outsourcing is thriving in many different forms, and it’s reasonable to expect that it will accelerate.”

    We made the point above that users don’t know and don’t care where the data center is. The fact is, for about 90% of what they need to do, neither do the administrators. Virtualization in general, and Citrix products in particular, make it very easy to administer, troubleshoot, and repair issues remotely. We built the entire Evans Fruit Company infrastructure without ever having our engineer set foot on site. In fact, actually dispatching an engineer to a customer location is now the exception rather than the rule.

  5. The mobilization paradigm – “While PCs still make sense on the desks of knowledge workers, for all of these other workers who regularly move around as part of their daily job, the stationary PC often changes the natural flow of their routine because they have to stop at a system to enter data or complete a task. That’s about to change. Mobile computers in the form of smartphones and touchscreen tablets (like the iPad) have taken a big leap forward in the past four years. They are instant-on, easy to learn because of the touchscreen, and they have a whole new ecosystem of applications designed for the touch experience…”

    Very true…but these same users are going to still need to access your traditional line-of-business applications, which will not be transformed overnight into touchscreen enabled apps. It is axiomatic that, in IT, nothing ever actually goes away – instead, new technology just gets layered over the top of old technology…which is why you’ll still find applications running on big mainframes in a lot of enterprises. So how do you manage that transition?

    Once again, Citrix comes through. There’s a Citrix Receiver for the iPhone, one for the iPad, one for Windows Mobile phones, one for the Android, and just a couple of months ago, Citrix released a version of the Receiver for BlackBerry devices. And, of course, Receivers for Windows, Mac, and Linux PCs have long been available. I don’t know of any other product or technology that offers this kind of flexibility in delivering applications to users regardless of location, connection, or endpoint device.

    6. So a big “Thank you!” to Jason Hiner for an excellent post. You’ve just described, in a nutshell, why Moose Logic is still excited to be a Citrix partner after all these years. Just remember, as you work to adapt to all of these trends that are indeed changing the IT landscape, we’ve got your back.

, , , , ,

Is Office 2010 Worth It?

July 16th, 2010 | Posted by Sid Herron in General | Microsoft - (0 Comments)

Every time Microsoft releases a new version of Office, we all have to ask ourselves whether there is enough business value in the new and improved version to justify the time and effort of rolling out the upgrade, listening to our users complain about the things that may not work the way they used to, and helping them through the rough spots.

Since Moose Logic is a Microsoft Partner, we don’t have to pay for the Office licenses we use internally. Moreover, it’s important for us to actually use the technology that we’re promoting to our customers, so that’s another reason for us to upgrade. Even so, it costs us time and effort to upgrade everybody, and we have other critical applications that depend on Office – like the Word merge app that allows us to print quotes and sales orders from our MS-CRM records – so we have to make sure that those dependencies don’t get broken. So, like you, we have to ask, “Is it really worth it? Is there that much difference between Office 2007 and Office 2010?”

Well, actually there’s more than you might think, and J. Peter Bruzzese wrote an article about it over on infoworld.com earlier this week. Here’s just a quick bullet list of his “top 25″ new Office 2010 features. If any of them catch your eye, I’d encourage you to read his article for a more detailed description:

  1. Universal ribbon – the ribbon interface is now part of every Office application.
  2. Customizable ribbon – don’t like the defaults? Customize it.
  3. Backstage view (behind the “File” tab of an application)
  4. Paste preview
  5. Office Web Apps
  6. Protected View
  7. More themes
  8. Insert a screenshot
  9. Crop images to a shape from within the app
  10. New photo-editing options in Word
  11. Navigation pane in Word
  12. “Sparklines” (Excel)
  13. “Slicers” (Excel)
  14. 64-bit support, which allows for Excel workbooks larger than 2 Gb
  15. Video editing from within PowerPoint
  16. Broadcast slideshows (PowerPoint)
  17. Distribute slideshows as video (PowerPoint)
  18. Animation painter (PowerPoint)
  19. Sections (PowerPoint)
  20. Transition improvements (PowerPoint)
  21. Outlook conversation view
  22. Outlook MailTips
  23. Outlook Social Connector
  24. Outlook “quick steps”
  25. Outlook “Clean Up”

So, a tip of the antlers to Mr. Bruzzese for coming up with a great list. Again, if any of these catch your interest, I’d encourage you to read more about these features in the InfoWorld article.

,

Citrix Merchandising Server and Dazzle In Action

July 2nd, 2010 | Posted by Shane Kalles in General - (1 Comments)

Welcome to our first video post. OK so we have used video before but this is our first internally planned, filmed, and posted just for our blog and you, our readers. Let us know what you think and feel free to offer your suggestions for future videos. We hope to start uploading a new videos every week. So if you like the videos please tell us.

Now on to the actual video itself. This week we talk about Citrix Merchandising Server and Dazzle. A couple of products that we think you should really look into as they can make your life a whole lot easier. Steve Parlee (Moose Logic’s Director of Engineering and guy in the video) tells you a bit about each product but also walks you through a quick demo of how they work.

Citrix Wins (Again)

June 25th, 2010 | Posted by Sid Herron in Citrix | General | Microsoft - (0 Comments)

Congratulations to Citrix for, once again, being awarded the Microsoft Global ISV Partner of the Year award! For those of you keeping score, that’s four times in the last eight years that the award has gone to Citrix:

  • 2003 – Citrix wins Global ISV Partner of the Year.
  • 2005 – Citrix wins Global ISV Partner of the Year.
  • 2006 – Citrix is awarded a Microsoft Information Worker Solutions Specialization award.
  • 2008 – Citrix wins Global ISV Partner of the Year.
  • 2009 – Citrix is a finalist for the Global ISV Partner of the Year.
  • 2010 – Citrix wins Global ISV Partner of the Year.

This is an outstanding record of achievement, and all our friends at Citrix deserve hearty congratulations for it – but it’s important for another reason, too. It should send a clear message to Citrix customers and prospective customers that the Citrix/Microsoft relationship is as strong as it’s ever been. In fact, you could build a case that it’s stronger, because there are more touch points in that partnership than ever before. In addition to the value XenApp brings to Remote Desktop Services, you now have:

  • Citrix Essentials for Hyper-V, which brings significant enhancements such as Site Recovery Manager to Hyper-V.
  • Branch Repeater with Windows Server – the WANscaler WAN optimization technology running on a Windows Server-based appliance, thereby giving you a single branch office appliance that can function as a local Domain Controller, a provider of important services such as DNS and DHCP, local file and print services, and provide WAN acceleration and optimization.
  • Citrix XenDesktop, which has been endorsed by Microsoft as their preferred solution for VDI.

Those of you who were around the industry in the mid-90s may recall that, during the transition from NT v3.51 to NT v4.0, there were serious doubts as to whether Citrix would even survive. But against all odds, and thanks to some intensive negotiations, Citrix and Microsoft signed the deal that led to the introduction by Microsoft of NT4, Terminal Server Edition, and Citrix MetaFrame, which added value to NT4, TSE – and set the pattern for the relationship that has continued to this day.

Nevertheless, in the late 90s, even some of the folks at Microsoft didn’t know quite what to think about Citrix. Shortly after the release of NT4, TSE, a Microsoft employee who will remain nameless (partly because I don’t remember his name, but I wouldn’t reveal it even if I did) commented to me that he didn’t understand why anyone would spend money on Citrix, because once Windows 2000 was released, no one would need it anymore. I’m happy to say that you’re unlikely to find that attitude at Microsoft today – and part of the reason is that all of those Global ISV Partner of the Year awards also sent a clear message throughout Microsoft that this was an important, strategic partnership. A large part of the credit also goes to the outstanding liaison team Citrix has placed in Redmond. And I speak from experience: since we’re also here in Microsoft’s back yard, I’ve had the privilege to get to know some of the folks on that team. They’re great people, and the state of the Citrix/Microsoft partnership today is also a reflection of the hard work they’ve put in.

The last decade has been nothing if not interesting for us Citrix partners. I’ve lost count of the number of times the rumor has resurfaced that Microsoft (or someone else) was going to buy Citrix. (I think the most recent rumor had Oracle as the buyer.) And, invariably, every time Microsoft releases another version of Windows Server, there are still those who predict that, with this version, people won’t need Citrix anymore. Yet Citrix continues to find ways to add value, grow their customer base, and continue to grow their business – and that’s also a remarkable achievement.

So here’s a big shout-out to Mark Templeton and his entire team. I’m not going to try to list names, because there are way too many to list, and I know I’d leave out someone important. Besides, you know who you are. It’s been one heck of a ride (and it’s not over yet). Thanks for letting us share it with you!

,

Will There Be a Tablet Revolution?

June 18th, 2010 | Posted by Sid Herron in General | iPad | Mobile Computing - (0 Comments)

I read an interesting post over on ZDnet today that cites a Forrester Research report that predicts that tablets will begin to outsell netbooks in 2012. by 2014, they predict, more people will be using tablets than netbooks, and by 2015, tablets will constitute 23% of PC unit sales.

We can probably thank the iPad for most of the buzz that’s building around the tablet format lately, although tablets have been around for several years now. I’m on my second Motion Computing tablet, and had one of the original Compaq tablets before that, so I’ve used a tablet as my primary business computing device for the last seven or eight years, and I love them…although the way I use them has changed over the years.

When I first started using the tablet format, I thought it was very cool to carry it into a client meeting, fire up OneNote, and use the stylus to take my meeting notes. Over time, though, the “coolness” factor has worn off, and I’ve gone back to using pen and paper – mostly because I don’t have to wait for my pen and paper to boot up, and I never have to worry about battery life.

These days, I love it just for its portability. I’ve got a docking station in my office, and one at home, with external monitors in the two locations. It’s a snap moving back and forth between the two locations, and Win7 does a beautiful job of remembering the monitor settings. For several complicated reasons, the docking station is to the right of my external monitor in my office, and to the left of my monitor at home. I, of course, want to spread my desktop across both the external monitor and the tablet screen, and I also want, in both cases, to have the external monitor set as my primary monitor (because it’s bigger). When I was running Vista, I always had to open the display settings and drag the monitors back and forth when I moved between the two locations – Windows 7 always remembers.

When I travel, I snap on the removable keyboard, fire the tablet up in my hotel room, and just keep it there for the duration of my stay. I no longer need it for email when I’m out and about, because I have my AT&T Tilt (Windows Mobile) phone, and my Celio “REDFLY,” which connects to my Windows Mobile phone via bluetooth, for those times when I need a larger screen and/or keyboard to make reading and replying to email a bit easier.

Side note: Battery life is better as well. With a full charge, I can use my REDFLY and Windows Mobile phone to take notes all day in a training class using the version of Word that came with my phone. My tablet battery won’t last that long. The REDFLY has a substantial battery, plus it extends my phone’s run-time because it doesn’t have to power the phone’s display screen when I’m using the REDFLY. In fact, I can even hook it to the REDFLY with a USB cable instead of using bluetooth, and recharge it from the REDFLY…but I digress.

Personally, I’m intrigued by the iPad, and think it would make a great plaything, but don’t see enough business value compared to my Motion Tablet to make it a compelling purchase. I’m more interested in getting one just so I can demonstrate the Citrix Receiver for iPad to clients.

How about you? Have you ever used a tablet? Do you have one now? Is it an iPad? Have you ever used (or are you now using) one as your primary computing device? Do you have plans to acquire one and/or to support them on your business network? Inquiring minds want to know.

, ,

Time To Get Your Questions Answered

June 1st, 2010 | Posted by Shane Kalles in Education | General - (0 Comments)

Moose Logic is proud to announce a new weekly webinar series called “Weekly Q&A with Moose Logic” hosted by Senior Solutions Consultant Garry Corbin. Every Wednesday at 9am Pacific time we will be discussing another topic and answering your questions live, so check the schedule and make sure to sign-up for any topics that you have questions about. Here’s the schedule for the next 5 weeks:

In the future you will always be able to find the most up to date schedule on our upcoming events page. Also if you every have an idea for a topic you would like to see us discuss, send an email to sales@mooselogic.com and tell us your idea.

Copy Machine Security Risk

May 6th, 2010 | Posted by Sid Herron in General | Security - (0 Comments)

Here’s a 5-minute video you really need to watch. It’s a report by CBS News on what could be a huge security risk that most companies probably haven’t even considered: the office copy machine. And I’m not talking about the risk of someone copying sensitive information that they shouldn’t be copying – I’m talking about what happens when the copy machine is retired.

Most modern copy machines contain a hard disk drive. That’s why you can feed a stack of originals into them and walk away while the machine prints and collates multiple copies of your stack. But what you may not know is that most copy machines do not automatically delete those page images from the internal hard drive when they’re done printing. So when you turn that copy machine in at the end of your lease, you’re also handing over thousands of images of documents that you’ve copied on that machine.

Those copy machines are typically re-sold, with the hard drives still intact. Many are shipped overseas. And your documents are shipped right along with them, easily readable by anyone with commercially available hard disk forensic software.

Depending on the nature of your business, that may or may not be a big deal. But think about this:

  • Have you ever made photocopies of a new employee’s driver’s license or social security card for your files?
  • Have you ever photocopied an order form that contained a customer’s credit card information?
  • Have you ever photocopied your company tax returns, forecasts, bugetary information, or financial planning documents?
  • Have any of your employees used it to make copies of their own tax returns?
  • What about proprietary information or trade secrets?

And, of course, if you’re a business that deals with sensitive documents – such as a law firm, an insurance company, or a business that handles medical records – you (and your clients or patients) may have even more at stake.

So, please, spend five minutes and watch this video. Then, the next time you’re ready to retire a copy machine, find a way to get the hard drive out of it and destroy it yourself before it goes beyond your reach.

,

DNS Security Extensions and Why You Should Care

May 4th, 2010 | Posted by Sid Herron in Computer Basics | General | Security | Troubleshooting and How-Tos | WatchGuard - (1 Comments)

Tomorrow (May 5), at 17:00 GMT, all 13 root DNS servers on the Internet will begin using DNSSEC (Domain Name System Security Extensions) to reply to user requests. Here’s why you might care about this.

As most of our readers know, DNS is what translates the URL you type into your browser (like “www.mooselogic.com”) into an IP address (like “216.9.9.164″) that your computer can actually use to send packets of data across the Internet. If you have a Windows Server-based network, one (or more) of your Windows Servers is probably providing DNS services to the users on your network. But the DNS server on your network doesn’t automatically know where everything is. If it needs to resolve an address that doesn’t happen to already be in its local cache, it has to ask some other DNS server out on the Internet. Sometimes those queries go all the way to one of the root servers.

It’s been recognized for quite some time that the existing protocol used for DNS queries isn’t entirely secure. Therefore, the international standards bodies have been working on a more secure standard, which is DNSSEC. DNSSEC uses digital signatures to authenticate DNS responses, so your computer knows the response actually came from an authoritative DNS server.

So what’s the problem? The potential problem is that those DNS responses will arrive in significantly larger data packets than before. Specifically, rather than using UDP packets that are smaller than 512 bytes, the responses will not only be longer, but may be broken into multiple TCP packets. Some routers and firewalls specifically inspect DNS traffic to look for anomalies, and if you have older equipment that doesn’t know about the DNSSEC standard, these changes may very well look like anomalies, and be blocked. That would mean that your DNS clients or DNS server would not be able to communicate with the public root DNS servers, and that would mean that you would start having problems resolving DNS.

These problems may be intermittent in nature at first, because some DNS requests may be able to be resolved by using locally cached information…but DNS records typically have a “time to live” built into them, so eventually the cached information will expire and have to be refreshed. So if you do have a problem, it’s likely to get worse with time.

There are some tools available to help you determine whether you’re likely to have a problem. If you’re comfortable using a DNS query tool like dig (which is a command-line query that can be run from most unix or linux systems), you can find instructions on using it at https://www.dns-oarc.net/oarc/services/replysizetest. If you don’t have access to a unix or linux host, or don’t feel comfortable using such a tool, you can download a Java utility from http://labs.ripe.net/content/testing-your-resolver-dns-reply-size-issues, and run it on any system with Java run-time installed (which includes most Windows systems). Just download and save the file, then double-click it.

Watchguard customers should note that if you have a Watchguard Firebox or XTM appliance with current firmware, you should not have any issues with these new DNSSEC packets.

,

Latest Blog Feeds
Go to our Blog Page
Testimonials
“Our business is all about process and margins; we rely on Moose Logic to install and manage network solutions that enable us to control both. Moose Logic created solutions that transformed our business relationships and processes.”
Ron Horowitz
Birchwood Park Homes
Read our Newsletter
Copyright © 2010 All rights reserved.
Wordpress Delicate template designed by NattyWP