Your are here: Home > Blog

Lamest Phishing Attempt Ever?

February 23rd, 2010 | Posted by Sid Herron in Computer Basics | General | Security - (0 Comments)

Yesterday, I received what just may be the lamest phishing attempt ever. I’m not sure whether the originators of this particular attempt were just plain lazy, or whether they were too dumb to properly disguise what they were trying to do. Regardless, this is a good object lesson in the kinds of things to look for to spot bogus email messages. Here’s the message (click to view larger screen cap):

Pathetic Attempt At Phishing


Let’s just walk through all the things that are wrong with this:

  1. It has my own email address in the “From” field. If I had sent myself a message about this, I’d remember – wouldn’t I?
  2. Grammatical error #1: “has just be released”
  3. Grammatical error #2: “Dear use of the mooselogic.com mailing service”
  4. You really expect me to believe that my own corporate support team is going to ask me to go to some Web site in Europe and run an executable file? Really? And you didn’t even bother to disguise the link?
  5. The whole message is self-contradictory – if the security settings of my mailbox have been changed, and I need to apply new security settings, how is it that I was able to get to my mailbox to see this email message?

This message could have been made a lot more believable by doing just a few simple things – and it’s worth noting what they are, because a lot of other phishing messages that are turning up in your users’ mailboxes are doing these things already.

First, they could have used an email address other than mine as the “From” address. Lots of companies have fairly predictable email aliases, such as “support@,” “webmaster@,” etc., that would be more likely to be associated with a support team.

Second, they could have been a little more careful about grammatical errors. It’s worth noting, however, that because a lot of phishing expeditions originate outside of the U.S. (the “ruhlmann.eu” domain happens to be registered to someone in France), and are put together by people whose first language is not English, it is not unusual to see grammatical or spelling errors, and this is, in fact, one of the best ways of spotting phony messages.

Third, they could have used a graphic that they lifted from my own corporate Web site. It’s not hard, all they have to do is create a dynamic link. The following HTML code:

<img alt=”Wells Fargo Logo” src=”https://a248.e.akamai.net/f/248/1856/90m/www.wellsfargo.com/img/hp/logo_62sq.gif” />

Will yield this (unless Wells Fargo has moved the location of the logo file):
Wells Fargo Logo
All I had to do was go to the Wells Fargo home page, right-click on their logo, choose “Copy image location,” which gives me the exact URL of the image file, and paste it into the HTML code of my page. I didn’t copy the logo graphic – I’m pulling it dynamically from their site. This is a very common practice in phishing emails that pretend to be from your bank, or from PayPal, or from eBay.

And, of course, I could link that graphic to any site I wanted, and if you weren’t paying attention, you might not notice that the site I’m linking it to is not really a Wells Fargo site. I might even further disguise the link by creating something like “banking.wellsfargo.com.myphishingsite.eu/pathtomalware/malware.exe,” hoping, of course, that you’ll see “wellsfargo.com” and not look any closer, and not spot the fact that the actual link is not to a Wells Fargo Web site at all.

This is also a very common practice. And if the originators of the email above weren’t so dumb and/or lazy, that’s how they would have disguised the link. Or, if they didn’t want to bother with a graphic, they could have at least disguised the text. Remember, you can have any words you want link to any URL you want. The HTML code is easy. Just do something like:

<a href=”http://myphishingsite.com/malware.exe”>Come look at the fluffy bunnies!</a>

And you’ll get text that says “Come look at the fluffy bunnies!” but that is actually linked to the malware executable.

Fortunately, many email readers, including Outlook, will pop up the actual HTML destination if you hover your mouse over the link, so that’s a good habit to get into before you click on any link in an email message.

Bottom line: this particular phishing message was fairly easy to spot. There are a lot of other messages that your users will receive that are much more cleverly disguised. But if you know what to look for, you can usually spot them. Your best defense will be to help your users learn what to look for. A good start might be to share this post with them.

,

Two Very Cool Utilities

February 22nd, 2010 | Posted by Sid Herron in Computer Basics | General - (1 Comments)

Today, I’m not going to focus on pressing business issues, Microsoft licensing, or the latest news from Citrix. Instead, I want to share a couple of software utilities that have made my computing world more pleasant. Both have free versions as well as “Pro” versions that cost a modest amount of money and give you more functionality. Both are Windows 7 compatible.

Managing Desktop Icons
First, I’m one of those users who puts a lot of icons on the desktop. I want my most frequently used programs (and even some of the less frequently used) right there where I can double-click them without having to navigate through the Start menu tree. (Yeah, I probably never entirely outgrew Windows for Workgroups v3.11 in that respect.) But the desktop can get, um, rather cluttered. Sometimes the icons don’t want to stay where I put them. I can use the “auto arrange” feature, but I don’t always like the way they get arranged.

I was delighted to discover “Fences” by Stardock. All you have to do is hold down the right mouse button and drag on your desktop to define an area, and a little context menu will pop up that says, “Create New Fence Here.” Click on that, and you’ve just created a defined area on your desktop that you can name, resize, drag to whatever position you want, and then fill with desktop icons just by dragging them inside the “fence” (see below – click to view larger picture):

"Fences" Screen Capture


Double-click anywhere on the desktop, and all the icons disappear for that nice, clean, uncluttered look. Double-click again and they come back. Create a “snapshot” of your current fence configuration, so that if things do get scrambled by a random cosmic ray, you don’t have to re-create everything from scratch. I love it!

Multiple Monitors
Second, I have become highly dependent on multiple monitors. My primary business computer is a Motion Computing LE1700 Tablet. I have docking stations in both my work office and my home office. When I dock it, my desktop is automatically spread across a large external monitor as well as the screen of the tablet itself. My multi-media studio PC at home has two widescreen monitors that are essential when I’m doing multi-track hard disk recording. My personal desktop PC has multiple monitors simply because I reached the point where I found a single monitor to be annoyingly limiting. But I was always annoyed by not having an easy way to have different desktop images on the different monitors.

The answer for me was “DisplayFusion” from Binary Fortress Software. DisplayFusion can do a number of cool things, including random “slide show” changes of your wallpaper, and multiple taskbars on your multiple monitors. But the key thing for me was that I finally had an easy way to put a different picture on each of my monitors.

DisplayFusion Example


You’ll notice that the two pictures aren’t the same size. The one on the right is the screen of my tablet, which is only 1024 x 768, whereas my external monitor is 1280 x 1024. DisplayFusion doesn’t care about the size mismatch.

And in case you’re curious, yes, I took both of those pictures. Both were taken last summer in the Mountain Loop Highway area of Washington State. The one on the left was one of many incredible views on the way from Barlow Summit to the old, abandoned mining town of Monte Cristo. The one on the right is of Perry Creek just above Perry Creek Falls – about 2 miles in and 3300 feet up on the Perry Creek – Mount Forgotten trail. Yes, I’m lucky to live in such an awesome part of the country.

But I’m sure you have some awesome pictures of your own, and now you know how to put them to use with multiple monitors and how to manage that desktop icon clutter.

VSS and Snapshots

February 3rd, 2010 | Posted by Sid Herron in Computer Basics | General - (0 Comments)

“VSS,” or Microsoft’s “Volume Shadow Copy Service,” provides a means of requesting a “snapshot” of a data volume. In very basic terms, a snapshot captures an image of the data volume at a particular point in time. This can be useful, for example, in allowing backup software to back up a volume even though it is still in use and data may be changing while the backup operation is under way. It can also be used to facilitate a roll-back of the data volume to the point in time when the snapshot was taken.

You typically don’t want your snapshot to consist of a complete copy of your data volume, though. That would be a waste of disk space, and could take a long time to complete – and I/O operations on the data volume have to be suspended for the length of time required to take the snapshot, so we want that time to be as short as possible. Therefore, most products that use snapshots, including VSS, use a “copy on write” approach. Here’s how it works:

First, a table is created that initially contains nothing but pointers back to the physical data blocks in the original volume. This can be done very quickly, will take up very little space, and can immediately be used as though it was a complete copy of the data volume. As long as nothing has actually changed in the original volume, any read request that’s made to the snapshot for a specific block of data will simply be redirected back to the original volume.

When a write operation takes place on a block of data in the original volume, the existing data is first copied to a “recovery area,” and the pointer for that block in our snapshot table is changed so it points to the recovery area instead of to the original volume. The snapshot can continue to be accessed as though it was a complete copy of the original volume, because the point in time at which the snapshot was taken can be reconstructed by merging the unchanged blocks of data in the original volume with the blocks that were copied to the recovery area before changes were made.

As time goes by, and more and more changes are made to the original volume, the storage space consumed by the snapshot will continue to grow as more and more data is copied to the recovery area. Eventually, it will approach the size of the original volume. For this reason, snapshots are generally not retained forever – they’re kept until the purpose for which they were created has been fulfilled, e.g., until the backup operation has been completed, and then purged to release storage space.

That, in a nutshell, is what a “snapshot” is all about. For more information, check out the “Volume Shadow Copy Service Technical Reference” on Microsoft Technet.

Quick Tip For Your WatchGuard Service Renewal

January 25th, 2010 | Posted by Shane Kalles in General | Security | WatchGuard - (0 Comments)

As all IT professionals are aware, most hardware and software companies offer some type of support/maintenance renewal, WatchGuard Technologies is no different.

They offer a variety of subscription services with their WatchGuard XTM or Firebox X appliances. These services are either sold separately or as a bundle of services for one, two, or three year terms. Services available include:

  • SpamBlocker – with virus outbreak detection
  • WebBlocker – with HTTP and HTTPS inspection
  • Gateway AntiVirus – for signature-based protection from known threats
  • Intrusion Prevention Service – with comprehensive attack and spyware protection
  • LiveSecurity® Service – hardware replacement warranty, free software updates, 24/7 telephone support

For more information about what each service is please contact us here at info@mooselogic.com.

The main objective of this post is not about the services themselves but rather about the renewal process. Each WatchGuard system we sell comes bundled with LiveSecurity Service for the first year. Since customers who own multiple WatchGuard systems have often bought them at different times, and since it is possible to renew LiveSecurity for multiple years, it is often the case that a customer can have different WatchGuard units whose coverage expires at different times of the year. Some companies prefer to keep these renewals separate to spread out their renewal costs over the year while others prefer to have a single renewal date for all of their WatchGuard units.

When renewing a WatchGuard subscription, Moose Logic will place an order with WatchGuard and typically within 48 hours an email is sent to us as well as to the customer contact who was in charge of the renewal. That email will contain a license key for each renewal. The customer is responsible for logging in to their WatchGuard account and entering those license keys. This will result in the display of a feature key. At this point the customer needs to copy and paste that feature key into the actual WatchGuard unit, only then is the renewal complete – and the services the company has paid for will become available.

(Note that if you don’t have the time or skills to perform these tasks when you renew, Moose Logic will be happy to do it for you. Yes, we will bill you for our time – although if you are a MooseGuardTM Gold or Platinum customer, that work effort would be covered by your plan.)

Now there is a twist to this. If we change the date of the renewal (e.g., in order to synchronize renewal dates for multiple units) that change is implemented directly by WatchGuard, and NO LICENSE KEY WILL BE SENT TO YOU. Since no new license key is made available to the end user, no email is sent to remind you that you need to log into the WatchGuard online portal and retrieve the feature key to be copied and pasted on the physical unit.

So the important lessons of the day are:

  1. If you chose to synchronize your WatchGuard renewal dates it will take a little longer to get the renewal done (usually 4-5 business days) since someone at WatchGuard has to manually update your renewal dates, and
  2. It is important to mark your calendar so that you log in to your account after 4-5 days and see if the feature key is available.

If we’re handling the process for you (either because you’re a MooseGuard customer or because you’ve asked us to) it’s not an issue, because we know what the process is. But if you’re handling the renewal yourself…don’t just sit back and think that you’re done just because you’ve placed the renewal order. If the new feature key doesn’t get entered in your unit, the features you’re subscribing to are going to stop working – and that would be what we call, in technical terms, a “bad thing.”

, ,

Why You Need Good Backups

January 13th, 2010 | Posted by Sid Herron in Business Continuity | Computer Basics | Disaster Recovery | General - (0 Comments)

A few days ago, in the post entitled “Seven things you need to do to keep your data safe,” we were talking primarily about some simple things that individuals can do to protect their data, even if (or especially if) they’re not IT professionals. In this post, we’re talking to you, Mr. Small Business Owner.

You might think that it’s intuitively obvious why you would need good backups, but according to an HP White Paper I recently discovered (which you should definitely download and read), as many as 40% of Small and Medium Sized Businesses don’t back up their data at all.

The White Paper is entitled Impact on U.S. Small Business of Natural and Man-Made Disasters. What kinds of disasters are we talking about? The White Paper cites statistics from a presentation to the 2007 National Hurricane Conference in New Orleans by Robert P. Hartwig of the Insurance Information Institute. According to Hartwig, over the 20-year period of 1986 through 2005, catastrophic losses broke down like this:

  • Hurricanes and tropical storms – 47.5%
  • Tornado losses – 24.5%
  • Winter storms – 7.8%
  • Terrorism – 7.7%
  • Earthquakes and other geologic events – 6.7%
  • Wind/hail/flood – 2.8%
  • Fire – 2.3%
  • Civil disorders, water damage, and utility services disruption – less than 1%

If you’re in Moose Logic’s back yard here in the great State of Washington, you probably went down that list and told yourself, with a sigh of relief, that you didn’t have to worry about almost three-quarters of the disasters, because we typically don’t have to deal with hurricanes and tornadoes. But you might be surprised, as I was, to learn that we are nevertheless in the top twenty states in terms of the number of major disasters, with 40 disasters declared in the period of 1955 – 2007. We’re tied with West Virginia for 15th place.

Sometimes, disasters come at you from completely unexpected directions. Witness the “Great Chicago Flood” of 1992. Quoting from the White Paper:

In 1899 the city of Chicago started work on a series of interconnecting tunnels located approximately forty feet beneath street level. This series of tunnels ran below the Chicago River and underneath the Chicago business district, known as The Loop. The tunnels housed a series of railroad tracks that were used to haul coal and to remove ashes from the many office buildings in the downtown area. The underground system fell into disuse in the 1940’s and was officially abandoned in 1959 and the tunnels were largely forgotten until April 13th, 1992.

Rehabilitation work on the Kinzie Street bridge crossing the Chicago River required new pilings and a work crew apparently drove one of those pilings through the roof of one of those long abandoned tunnels. The water flooded the basements of Loop office buildings and retail stores and an underground shopping district. More than 250 million gallons of water quickly began flooding the basements and electrical controls of over 300 buildings throughout the downtown area. At its height, some buildings had 40 feet of water in their lower levels. Recovery efforts lasted for over four weeks and, according to the City of Chicago cost businesses and residents, an estimated $1.95 billion. Some buildings remained closed for weeks. In those buildings were hundreds of small and medium businesses suddenly cut off from their data and records and all that it took to conduct business. The underground flood of Chicago proved to be one of the worst business disasters ever.

Or how about the disaster that hit Tessco Technologies, outside of Baltimore, in October of 2002? A faulty fire hydrant outside its Hunt Valley data center failed, and “several hundred thousand gallons of water blasted through a concrete wall leaving the company’s primary data center under several feet of water and left some 1400 hard drives and 400 SAN disks soaking wet and caked with mud and debris.”

How could you have possibly seen those coming?

And as if these disasters aren’t bad enough, other studies show that as much as 50% of data loss is caused by user error – and we all have users!

One problem, of course, as we’ve observed before, is that it’s difficult to build an ROI justification around the bad thing that didn’t happen. Unforeseen disasters are, well, unforeseen. There’s no guarantee that the big investment you make in backup and disaster recovery planning is going to give you any return in the next 12 – 24 months. It’s only going to pay off if, God forbid, you actually have a disaster to recover from. So it’s no surprise that, when a business owner is faced with the choice between making that investment and making some other kind of business investment that will have a higher likelihood of a short-term payback (or perhaps taking that dream vacation that the spouse has been bugging you about for the last five years), the backup / disaster recovery expenditure drops, once again, to the bottom of the priority list.

One solution is to shift your perspective, and view the expense as insurance. Heck, if it helps you can even take out a lease to cover the cost – then you can pretend the lease payment is an insurance premium! You wouldn’t run your business without business liability insurance – because without it you could literally lose everything. You shouldn’t run your business without a solid backup and disaster-recovery plan, either, and for precisely the same reason.

Please. Download the HP White Paper, read it, then work through the following exercise:

  • List all of the things that you can imagine that would possibly have an impact on your business. I mean everything – from the obvious things like flood, fire, and earthquake, to less obvious things, like a police action that restricts access to the building your office is in, or the pandemic that everyone keeps telling us is just around the corner.
  • For each item on your list, make your best judgment call, on a scale of 1 to 3, of
    • How likely it is to happen, and
    • How severely it would affect your business if it did happen.

You now have the beginnings of a priority list. The items that you rated “3″ in both columns (meaning not likely to happen, and not likely to have a severe effect on your business even if they did) you can push to the bottom of the priority list. The items that you rated “1″ in both columns need to be addressed yesterday. The others fall somewhere in between, and you’re going to have to use your best judgment in how to prioritize them – but at least you now have some rationale behind your decisions.

The one thing you can’t afford to do is to keep putting it off. Hope is not a strategy, nor is it a DR plan.

, , , , ,

Great Advice? Look Deeper!

January 7th, 2010 | Posted by Shane Kalles in General - (0 Comments)

I recently was reading the Puget Sound Business Journal and came across an article titled Customers must remember options when choosing a computer provider. Since Moose Logic is an IT services provider, I wanted to see what suggestions were being offered.

Now to clarify, I did find the article to have good advice (if you’re too busy to read the whole thing, the “quick tips” box they provide will give you the main bullet points), so what I’m about to say is in no way intended to be critical of PSBJ. Moreover, I feel that a series on how to choose a computer, networking, and/or IT services provider would be helpful to many businesses out there. But the article did get me thinking about how easy it is in this information-at-my-fingertips age for someone to suddenly surface and represent him/herself as a “guru” of some area of knowledge. And sometimes the less the average business person knows about the subject, the easier it is for said guru to masquerade as an expert whether s/he really is or not.

Henry Ford famously commented that he didn’t need to know all the answers, he just needed to know who to ask. As business people, we frequently need to hire or contract with someone who can answer our questions. The problem is that some things are so complex that we don’t even know what we need to ask! So we try to educate ourselves on the topic as best we can, if only to help make a decision on what – and who – to ask. Enter the self-proclaimed internet guru, offering their free advice hoping that you will click on their Web page ads.

So what’s my point? Well, I have a couple:

First, anybody can build a Web site for a modest investment and begin to dispense advice (even us :) ). But if there’s no way to verify the background of this guru, you have no way to know if the advice they are dispensing is worthwhile or effective. I could put up a site tonight and start handing out golf tips, but that would not change the fact that I suck at golf. In fact my tips would probably hurt your game more than help. Second – and this is particularly true in IT – there’s not necessarily only one right way to do anything. Just because something has worked for one person in one market in one geographical location does not mean that it will work for your business, your location, and the current market conditions.

OK, is there great free advice to be found out there in Internet-land? Yes, of course there is! (After all, you’re reading some here.) Just be careful whose advice you follow. Sure, my Web site on golfing tips may eventually fail after enough people try my suggestions and realize that I don’t know what I’m talking about…but in the meantime I may ruin a lot of people’s golf games. Small businesses cannot afford to make a wrong decision on an IT provider. Even though they have the same basic needs as a large business – a reliable IT infrastructure that supports whatever the business does to make money and protects its vital data – the business landscape is unforgiving and intolerant of even the slightest error by a small business owner. IT mistakes that might barely cause a budgetary blip for a large business can literally kill a small one. So do you really want to base the future of your business on an unproven guru of the internet age?

Bottom line: Take advice from those that post a resume, and ask for recommendations when looking to hire any new service provider.

Don’t just take my word for it – I’m just an Internet guru. (And if you don’t believe it, just ask me.)

Seven things you need to do to keep your data safe

January 5th, 2010 | Posted by Sid Herron in Business Continuity | Computer Basics | Disaster Recovery | General - (0 Comments)

Jeremy Moskowitz recently posted a great article entitled Backup Tips for the 21st Century: Backup procedures so easy, your Mom could (and should) do it. This is not directed at IT managers or anyone else who has to manage a business network, although there are certainly some common themes, which we’ll talk about a bit later. Rather, the article is targeted at the average home user – you know, those people who are always asking you to help them with some kind of computer problem, because you “know about computers.”

I’d strongly recommend that you click over and read his entire article, and share it with as many people as possible, because he goes into detail on why you should be doing each of these things. But just to give you a little taste of it, here are the seven things:

  1. Get an online backup service (e.g., Carbonite.com, Mozy.com, etc.)
  2. Get a full-disk backup program
  3. Backup to an external USB drive (in fact, get two or three – they’re cheap)
  4. Don’t keep all your backups in your house
  5. Rotate between at least two, possibly three USB drives
  6. Keep copies of your original disks, downloadables, keycodes, and drivers
  7. Test your restore procedure

Although he feels strongly that you should do all seven in order to be absolutely safe, he also points out that just doing one of them will make you better off than most people – who don’t do anything at all! (And if you only do one, he suggests #3.)

Why should people do these things? Because, in Jeremy’s words, “DISK DRIVES ALWAYS FAIL. ALWAYS. It’s a guarantee. Even the newest ones with no moving parts. They all fail. Eventually.” And he’s right. The only question is when. I’ve seen drives fail within days of being installed (not many, but some), and drives last for years. But eventually, they will wear out. When they do, the data on them is toast, so you’d better either have a backup or have deep pockets to pay someone who specializes in forensic data recovery, and who may or may not be able to recover your most precious data from the dead drive no matter how much you’re willing to pay.

So, how does this translate to sound business practice? Allow me to paraphrase his seven points, and combine a couple of them:

  • Make sure you’re getting a copy of your data out of the building. Use an on-line service, stream data to a repository at a branch office, or just take a copy home every Friday. But do something to get a copy out of the building.
  • Your backup strategy should encompass both machine images and file/folder based backups. If you lose an entire system, it’s a lot faster to restore from an image than to reinstall the OS from scratch and then restore the data files. On the other hand, if all you need is a single file, or a single email message or mailbox, you don’t want to have to restore an entire image just to get that one thing you need.
  • What he said about disks failing goes double (at least) for tapes. Tapes are far less reliable than hard disks. Their capacity is limited. They wear out quickly. The drives get dirty and are subject to a variety of mechanical problems. Unless you’ve either got an expensive autoloader or a night operator to swap tapes in the middle of the night, if your tape fills up you either cancel the job when you come in the next morning, or you finish the backup during working hours and live with the performance hit of doing that while users are trying to work. That’s why we believe so strongly in disk-to-disk backups.
  • Keep copies of your original disks, downloadables, keycodes, and drivers. (Not much I can add to that point.)
  • Test your restore procedure. (Not much I can add to that either.) If you don’t ever do a test restore, you only think you’re getting good backups. And if you’re not, you won’t know about it until you have a catastrophic failure and find out that your data is gone forever.

That’s all for today – you go read Jeremy’s post in full, I’m going to swing by the local office superstore and pick up a couple more USB hard drives…

, , , ,

Looking Back on 2009

December 28th, 2009 | Posted by Sid Herron in General - (0 Comments)

As each year draws to a close, it just seems natural to look back and reflect on how the last 12 months have gone. You’re probably doing it, and so are we.

It’s been a difficult year for everyone, but most of us have made it through by doing what we always do in difficult times: tighten the belt a notch or two, make hard choices, and focus on business fundamentals.

First and foremost, we’d like to thank our customers. Without your continued loyalty, we wouldn’t be here. We’ve tried very hard to bring value to your businesses as well – and we trust that if we have fallen short in some area, you’ll let us know. Constructive feedback is how we all get better at what we do.

2009 also saw considerable evolution in our Web presence, and our involvement in social media as another way to communicate with our customers. This blog you’re reading launched in October, and so far, we’re very pleased with the reception it has received. Earlier this year, we launched our Facebook Fan Page, and linked it to our Twitter feed. Social media has proven to be a great way to get breaking news – like critical security alerts – into your hands quickly.

We’ve also taken advantage of the not-quite-so-frantically-busy times to further our education, look at some new technologies, and come up with some ideas that we’re pretty excited about and will be sharing with you over the next few months. We welcomed the release of Hyper-V R2, and believe that it will be a great addition to our virtualization “toolbox.” We’ve learned a lot about Microsoft’s System Center Data Protection Manager, and think that it can be a great alternative to tape-based backups for small- and medium-sized businesses. We’ve partnered with Sun Microsystems, whose Intel-based servers make great virtualization platforms and great DataCore SAN nodes – with more storage packed into a 2U rack-mount chassis than either Dell or HP can currently offer.

The people who get paid lots of money to look into crystal balls and make predictions are predicting modest growth in 2010, with IT spending rising 3.5% or so. It’s a safe bet that more and more servers will be virtualized, and that virtualization will continue to expand into smaller enterprises now that it has become recognized as a mainstream technology. It’s also a safe bet that more and more organizations are going to be investigating desktop virtualization as they think about how best to roll out Windows 7. We also believe that a lot of the organizations that are just getting into virtualization are going to look at the cost of VMware and decide that “free” is a pretty good price for Hyper-V or XenServer. And we’re betting that the Citrix story will ultimately win out in the desktop virtualization space.

Our commitment to you is that we will be there with you in the coming year, doing what we’ve always done – which is to look for ways to help you make your business better, whether it’s by taking routine maintenance concerns off of your hands so you can concentrate on building your business, or by looking for ways to use technology to help you reduce costs, boost productivity, and improve agility and reliability in your IT infrastructure.

So here’s wishing all of you a happy and prosperous 2010, and we hope we can help you make it so!

,

What is Virtualization? – Application Virtualization

December 15th, 2009 | Posted by Shane Kalles in Application Hosting | Application streaming | Application Virtualization | General | Virtualization - (1 Comments)

To continue the discussion of “What is Virtualization?” that I started back on December 4, I bring you the next installment – Application Virtualization.

Application Virtualization is the isolation and separation of an application from its underlying Operating System (OS) as well as from other applications. The application is fooled into believing that it is working as normal, interacting with the OS and using those resources as if the application had been installed directly on the OS as normal.

Additionally, the application can be installed once within the datacenter and preserved as a “golden image” to be delivered out to the end users. This gives you one instance to manage, one instance to patch, one instance to maintain – all housed in one location. This will help cut IT application maintenance costs as well as help control licensing costs as it will be easier to track application utilization.

Since each virtualized application is isolated from other applications it becomes possible to deploy, on the same piece of hardware, applications that typically didn’t play nicely together in the past. This cuts down on the time needed to test application compatibility since each application resides inside its own “bubble” (much like teenagers).application silos

Traditionally, both desktop admins and admins who were in charge of Terminal Servers (and XenApp servers) spent hours and hours on application compatibility testing. When a new application was added to the official desktop or server image, or an existing application was upgraded, regression testing was necessary to insure that the new or upgraded application didn’t break some other application by, for example, overwriting a shared DLL file. By providing a method for virtualizing Registry entries and calls to particular folder locations, application isolation overcomes most of these headaches.

The real trick with application virtualization is the delivery method, since the delivery methods of these virtual applications is what separates the different vendor solutions in this field. The big three application virtualization solutions are Citrix XenApp, VMware ThinApp, and Microsoft Application Virtualization (a.k.a. “App-V”). These three vendors use either one method or a combination of delivery methods to get the applications to the end users.

Application Streaming: This refers to streaming the application over the network to the client PC on demand. The “secret sauce” here is in figuring out how to stream down just enough of the code to launch the application and allow the user to begin interacting with it. The rest of the code can be streamed down when the user attempts to use a feature that requires it, or it can be simply streamed down in the background until all of the application code is cached locally. An added benefit of streaming all of the code down is that it allows the application to continue to be used when the PC is not connected to the network. (E.g., you can unplug your laptop and take it on the road.)

The application streaming technology you use will determine the control and security of the application once it has been streamed to the end user device. For example, Citrix allows you to administratively set a “time to live” limit on how long apps will run in a disconnected state. If the PC isn’t reconnected to the network within that time limit, the app simply stops working – giving you some level of protection if a PC is lost or stolen. For another example, ThinApp allows you to make an application completely portable – you could carry the Office Suite with you on a USB stick, plug it into any PC, use it, and leave no trace behind when you unplugged the USB stick. (Note: Doing this with the Office Suite could result in a violation of the Office EULA!)

Another “secret sauce” ingredient is the ability to allow limited communication between applications, even though they’re running in their own isolation environments (the “bubble” referred to earlier). For example, your accounting application may need to call Excel to render the output of a particular report. Early versions of application isolation required these applications to be “packaged” together, i.e., installed into the same isolation environment – otherwise, the accounting app wouldn’t know that Excel was available, and you’d get an application error. The latest implementations allow enough inter-isolation communication to take place to avoid problems like this while still avoiding application compatibility conflicts.

Application Hosting: This method can take a couple of different forms. The first is to virtualize the presentation of a typical Windows application by installing the application on a Terminal Server (in most cases, a Terminal Server with Citrix XenApp installed on it), and connecting to that Terminal Server using some kind of remote communications protocol (e.g., Microsoft’s RDP, Citrix’s ICA, etc.). We’ve been doing this for years, and thousands of customers and millions of users access applications this way every day.

Most readers of this blog are probably familiar with the advantages of this deployment model: centralized deployment and management, tighter security, granular control over what can be saved and/or printed at the client location, etc.

Application Streaming can work with this kind of Application Hosting by allowing you to stream applications to your Terminal Servers rather than having to explicitly install them or build them into your official server image. Citrix XenApp customers have the rights to use the Citrix streaming technology to do this, and Microsoft recently announced that the new Server 2008 R2 Remote Desktop Services CAL (formerly called a Terminal Services CAL) will include the rights to use App-V to stream applications to Terminal Servers.

Web-based applications can also be legitimately called “hosted applications” – whether they’re hosted in your own corporate data center, or by some kind of application service provider (e.g., Salesforce.com). In this scenario, all that’s required on the client PC is a browser – at least in theory.

In fact, the browser then becomes an application that must be managed! For example, you may find that you require a specific version of Java to access a particular hosted Web application – and if the user has local admin rights to the PC, the possibility exists that s/he will inadvertently install something that breaks its compatibility with your critical Web application. Some Microsoft applications require the use of Internet Explorer (e.g., Microsoft CRM is not compatible with Firefox). Some applications may even require a specific browser version. (When IE7 was first released, it caused compatibility issues for users of Microsoft CRM v3.0.)

Also, as a general rule, a Web application will require a more powerful client PC as well as more bandwidth between the client and the Web server to yield a good user experience, compared to an RDP or ICA client device connecting to a Terminal Server.

There is, of course, the option of installing an application directly on a device either by physically visiting the machine with installation media in hand or by using some kind of central management system to push the bits onto the client’s hard drive. These options, however, do not fall under the definition of application virtualization that we’re using here.

The important thing to take away from application virtualization is that no matter how you approach it, it will save you money:

  • Hardware – being able to host multiple applications on a single piece of hardware without worrying about application incompatibility. This can virtually eliminate the “silos” of servers with different configurations in large XenApp environments that used to be necessary to isolate those problem apps that wouldn’t play nicely with any others.
  • Licensing costs – with all your applications being housed in the data center you will have a better understanding of how many instances of each application you are using and will be able to better track your licensing needs
  • Maintenance – being able to update or patch a single instance of the application rather than needing to physically update and patch each machine.
  • Management – less hardware to look after, less time spent with helping end users with application issues, less time spent in application regression testing

Hope this clears up that “what is application virtualization” question. However if you have more questions feel free to use the comments or contact me directly.

, , , , , , , , ,

What is Virtualization?

December 4th, 2009 | Posted by Shane Kalles in Computer Basics | General | Virtualization - (0 Comments)

Virtualization can mean different things depending on who you ask so we are going to take a broad look at what virtualization is, the different forms it comes in, and why it is so popular.

This is going to be pretty basic stuff so if you are looking for more advanced material I promise we will have advanced stuff in future posts.

Virtualization has been getting a lot of buzz the last few years as it moved from being “bleeding edge” technology to becoming an industry standard. You may have even heard that there are lots of benefits to virtualizing your datacenter…but you may not be sure whether it’s for you, how it works, or even what it means.

There are several kinds of virtualization, including server virtualization, storage virtualization, application virtualization, network virtualization, and desktop virtualization. But when most folks talk about virtualization, they’re referring to server virtualization, so that’s what we will cover today.

So, what is server virtualization?  Simply put server virtualization is the technology that is designed to allow multiple (virtual) servers to reside on a single piece of (physical) hardware and share the resources of the physical server – while still maintaining separate operating environments, so that a problem that crops up in one virtual server won’t affect the operation of others that may be running on the same physical “host.” To help explain what this means I’m going to use the house and condo analogy.

Let’s say you’re a land developer and you build residential property. You cut your land into smaller plots and build one house per plot. As part of the land development, you need to bring in all the utilities from the main street to each and every plot. All of this development costs money.  To make matter worse you know that your city’s population is growing, you’re running out of land to build on, and you also need to control the spiraling costs of building materials. How do you cut cost and provide more homes for a growing population on a limited amount of land?

Figure 1 - Typical cul-de-sac USA

Figure 1 - Typical cul-de-sac USA

Perhaps instead of building single-family homes and having one resident per plot you start building condominiums that hold several residents each. Now the utilities that are brought in to the condo complex are shared by all the residents and yet no one ever sees the other residents’ bills. You’re making more efficient use of the land you have and not wasting time and money bringing in utilities to each individual house. Plus one yard is easier to take care of than ten yards.

1 & 2bd Condos Available Now!!

Figure 2 - 1 & 2bd Condos Available Now!!

So how does this relate to server virtualization?

Each plot of land is a physical server, the structure you build on that plot is a server “workload” (i.e., Exchange, SQL, file server, print server, etc.), and the city is your data center. The utilities are things like power, cooling, and network connectivity. When there is only one workload per physical server, a lot of space and resources get wasted. It’s common to see only 10-15% (if that) processor utilization on physical servers which run only one operating system and one application.

With server virtualization we can now create several “virtual” servers on one physical piece of hardware – think of the hardware as little “server condos” if you like. Just as you can have one-bedroom, two-bedroom, and three-bedroom units in a single building, you can allocate differing amounts of processing and memory resources to the virtual servers depending on the requirements of each individual workload. Each virtual server can now share the physical resources of the host machine with the other virtual servers and never know that they are sharing. In fact, each virtual server “thinks” it’s running on its own dedicated hardware platform. By doing this you can now utilize 80-90% of the processing power of the hardware you own, and cut down on the total amount of power, cooling, and floor space you need in your data center.

For example (just pulling numbers out of the air), let’s say that you’ve been paying an average of $5K each for servers that would handle a single workload. If you need four of them, that’s $20K in hardware cost. But if you can buy one server for $8 – 10K to virtualize these 4 machines, that’s a significant reduction in hardware cost. And with fewer machines to plug in and keep cool, your savings can be up to 40% on power consumption alone. (Did you know that we’ve now reached the point where, over the service life of a typical new server, it’s going to cost you more to keep it cool than it cost you to buy it?)

Since the virtual servers are all located on one physical box you now have fewer pieces of hardware to maintain – allowing the IT staff to use their time more efficiently. You’ll save space in your data center. You’ll also cut down on the amount of waste (some of it hazardous) that must be recycled or disposed of when your hardware finally reaches its end-of-life.

You’ve also cut down time needed to bring a new server on line. In the past you would have had to acquire the hardware, assemble it, rack it, connect it to the network, install and patch the OS, install and configure the application, test it all, and finally put it into service. Now that the servers are virtual they can be created, configured, and put into production in a few hours as opposed to the weeks it used to take. In some cases, by using templates for commonly-needed workloads, it can take only minutes. This makes for a much more flexible and scalable environment.

So server virtualization can:

  • Cut hardware costs
  • Cut energy costs (for both power and cooling)
  • Cut system maintenance time and costs
  • Create a very scalable and flexible data center
  • Save space
  • Create a more environmentally friendly data center (a.k.a. “green computing”)

These are the main reasons that server virtualization has become an industry standard. According to folks like Gartner, we’ve now reached the point where the majority of new servers placed into service are being virtualized, and the majority of enterprises have made it a standard practice to virtualize all new servers unless there is a compelling reason why a server can’t or shouldn’t be virtualized. Virtualization also makes it easier to implement things like high availability, disaster recovery, and business continuity, but that’s a subject for a future post.

, ,