You are here: Home > Blog

Time To Switch Virtualization Platforms?

October 19th, 2009 | Posted by Garry Corbin in Citrix | Virtualization - (0 Comments)

Have you been considering moving from VMware ESX or vSphere to either Citrix® XenServer™ or Microsoft® Windows® Server 2008 Hyper-V™ – but been concerned about exactly how to go about it? Knowing what tools to use to make the migration go smoothly is often a major concern. Also, what kind of support can you get during the transition? And structured training on a new platform is not inexpensive, either. Now Citrix is trying to eliminate these obstacles with a new promotion that runs through March 31, 2010.

On October, 14, 2009, Citrix announced a new program called Project “Open Door”. Customers who switch existing VMware servers to XenServer or Hyper-V, and add Citrix Essentials™ for advanced virtualization management, will receive additional technical support, training, and conversion tools from Citrix at no additional cost.

The Project Open Door promotion will be effective worldwide from October 1 – March 31, 2010. Customers who decommission five or more VMware vSphere 4 or VI3 servers and replace them with XenServer or Hyper-V plus the Citrix Essentials solution, receive the following:

  • A free five incident support pack (5 by 8 hours) for every five servers converted
  • A voucher for six hours of online training for every five servers converted
  • Free migration tools for seamlessly transferring virtual machines from VMware to XenServer or Hyper-V

Check out http://www.citrix.com/opendoor for more information on the program. If you’re seriously considering making the switch, this just might be the time to do it.

, , , , , ,

SSL and Certificates – Part 1 of 3

October 16th, 2009 | Posted by Sid Herron in Computer Basics | Security - (0 Comments)

We’ve seen a lot of confusion regarding what SSL certificates are all about – what they are, what they do, how you use them to secure a Web site, what the “gotchas” are when you’re trying to set up mobile devices to synchronize with an Exchange server, etc. So we’re going to attempt, over a few posts, to explain in layman’s terms (OK, a fairly technical layman) what it’s all about. However, before you can really understand what SSL is all about, you need to understand a little bit about cryptography.

When we were all kids, we probably all played around at one time or another with a simple substitution cipher – where each letter of the alphabet was substituted for another letter, and the same substitution was used for the entire message. It may have been done by simply reversing the alphabet (e.g., Z=A, Y=B, etc.), by shifting all the letters “x” letters to the right or left, or by using your Little Orphan Annie Decoder Ring. (The one-letter-to-the-left substitution cypher was famously used by Arthur C. Clarke in 2001: A Space Odyssey to turn “IBM” into “HAL” – the computer that ran the spaceship.)

The problem with such a simple cipher is that it may fool your average six-year-old, but that’s about it – because (among other things) it does nothing to conceal frequency patterns. The letter “e” is, by far, the most frequently used letter in the English language, followed by “t,” “a,” “o,” etc. (If you want the full list, you can find it at http://en.wikipedia.org/wiki/Letter_frequency.) So whichever letter shows up most frequently in your encoded message is likely to represent the letter “e,” and so forth…and the longer the message is, the more obvious these patterns become. It would be nice to have a system that used a different substitution method for each letter of the message so that the frequency patterns are also concealed.

One approach to this is the so-called “one-time pad,” which is nearly impossible to break if it is properly implemented. This is constructed by selecting letters at random, for example, drawing them from a hopper similar to that used for a bingo game. A letter is drawn, it’s written down, then it goes back into the hopper which is again shuffled, and another letter is drawn. This process is continued until you have enough random letters written down to encode the longest message you might care about. Two copies are then made: one which will be used to encode a message, and the other which will be used to decode it. After they are used once, they are destroyed (hence the “one-time” portion of the name). One-time pads were commonly used in World War II to encrypt the most sensitive messages.

To use a one-time pad, you take the first letter of your message and assign it a numerical value of 1 to 26 (1=A, 26=Z). Then you add to that numerical value the numerical value of the first letter of the pad. That gives you the numerical value of the first letter of your cyphertext. If the sum is greater than 26, you subtract 26 from it. This kind of arithmetic is called “modulo 26,” and while you may not have heard that term, we do these kinds of calculations all the time: If it’s 10:00 am, and you’re asked what time it will be in five hours, you know without even thinking hard that it will be 3:00 pm. Effectively, you’re doing modulo 12 arithmetic: 10 + 5 = 15, but 15 is more than 12, so we have to subtract 12 from it to yield 3:00. (Unless you’re in the military, in which case 15:00 is a perfectly legitimate time.) So as we work through the following example, it might be helpful to visualize a clock that, instead of having the numbers 1 – 12 on the face, has the letters A – Z…and when the hand comes around to “Z,” it then starts over at “A.”

Let’s say that your message is, “Hello world.” Let’s further assume that the first ten characters of your one-time pad are: DKZII MIAVR. (By the way, I came up with these by going to www.random.org, and using their on-line random number generator to generate ten random numbers between 1 and 26.) So let’s write out our message – I’ll put the numerical value of each letter next to it in parentheses – then write the characters from the one-time pad below them, and then do the math:


  H(8)  E(5)  L(12) L(12) O(15) W(23) O(15) R(18) L(12) D(4)
+ D(4)  K(11) Z(26) I(9)  I(9)  M(13) I(9)  A(1)  V(22) R(18)


= L(12) P(16) L(12) U(21) X(24) J(10) X(24) S(19) H(8)  V(22)


So our cyphertext is: LPLUX JXSHV. Note that, in the addition above, there were three times (L + Z, W + M, and L + V) when the sum exceeded 26, so we had to subtract 26 from that sum to come up with a number that we could actually map to a letter. Our recipient, who presumably has a copy of the pad, simply reverses the calculation by subtracting the pad from the cyphertext to yield the original message.

While one-time pads are very secure, you do have the logistical problem of getting a copy of the pad to the intended recipient of the message. So this approach doesn’t help us much when we’re trying to secure computer communications – where often you don’t know in advance exactly who you will need to communicate with, e.g., a banking site or a typical Internet e-commerce site. Instead, we need something that lends itself to automated coding and decoding.

During World War II, the Germans had a machine that the Allies referred to by the code name “Enigma.” This machine had a series of wheels and gears that operated in such a way that each time a letter was typed, the wheels would rotate into a new position, which would determine how the next letter would be encoded. The first Enigma machine had spaces for three wheels; a later model had spaces for four. All the recipient needed to know was which wheels to use (they generally had more wheels to choose from than the machine had spaces for) and how to set the initial positions of the wheels, and the message could be decoded. In modern terms, we would call this information the “key.”

One of the major turning points in the war occurred when the British were able to come up with a mathematical model (or “algorithm”) of how the Enigma machine worked. Alan Turing (yes, that Alan Turing) was a key player in that effort, and the roots of modern digital computing trace back to Bletchley Park and that code-breaking effort. (For a very entertaining read, I highly recommend Cryptonomicon by Neal Stephenson, in which Bletchley Park and the code breakers play a leading role.)

Today, we have computers that can perform complex mathematical algorithms very quickly, and the commonly used encryption algorithms are generally made public, specifically so that researchers will attack and attempt to break them. That way, the weak ones get weeded out pretty quickly. But they all work by performing some kind of mathematical manipulation of the numbers that represent the text (and to a computer, all text consists of numbers anyway), and they all require some kind of key, or “seed value,” to get the computation going. Therefore, since the encryption algorithm itself is public knowledge, the security of the system depends entirely on the key.

One such system is the “Advanced Encryption Standard” (“AES”), which happens to be the one adopted by the U. S. government. AES allows for keys that are 128 bits, 192 bits, or 256 bits long. Assuming there isn’t some kind of structural weakness in the AES algorithm – in which case it would presumably have been weeded out before anyone who was serious about security started using it – the logical way to attack it is to sequentially use all possible keys until you find the one that decodes the message. This is called a “brute force” attack. Of course, with a key length of n bits, there are 2n possible keys. So every bit that’s added to the length of the key doubles the number of possible keys.

It is generally accepted that the computing power required to try all possible 128-bit keys will be out of reach for the foreseeable future, unless some unanticipated breakthrough in technology occurs that dramatically increases processing power. Of course, such a breakthrough is entirely possible, which is why AES also allows for 192-bit and 256-bit keys – and remember, a 256-bit key isn’t just twice as hard to break as a 128-bit key, it’s 2128 times as hard. (And 2128 is roughly equal to the digit “3” followed by 38 zeros.) Therefore the government requires 192- or 256-bit keys for “highly sensitive” data.

AES uses a symmetrical key, meaning that the same key is used both to encrypt and decrypt the message, just as was the case with the old Enigma machine. In the next post of this series, we’ll talk about asymmetrical encryption systems, and try to work our way around to talking about SSL certificates.

, , ,

Why Did My Highly-Redundant SAN Eat My Data?

October 12th, 2009 | Posted by Scott Gorcester in Business Continuity | Disaster Recovery | High Availability | Virtualization - (0 Comments)

I am a big fan of virtualization. My feeling is that many – if not most – workloads in small to medium sized enterprises should be running as Virtual Machines on Virtual Servers. BUT please be very, very careful how you build those systems!

The truth about virtualization is that it is a platform with which you can provide a highly flexible computing environment. This includes a ton of wonderful features and benefits. But, before you go trip over your pants leg, here is a tip: highly available virtualization environments do sometimes fail! (Sooner or later, everything does.) So my recommendation is to be very careful in designing and protecting your HA solutions – provide two or more of everything. Virtualization technologies will save you boatloads of money if you build them right, so don’t scrimp on the details!

So here are my simple rules:

  1. Provide two or more Virtualization Hosts. Make sure they’re sized such that if one should fail, you have the capacity on the surviving host(s) to restart any critical workloads that are affected by the failure.
  2. Shared storage (e.g., a SAN) is a necessity for “Live Motion,” which allows you to move running virtual machines from one host to another, either to balance the workload or to unload a host so you can perform maintenance on it. It’s also what enables you to restart critical workloads on a surviving host if one should fail. But to keep the SAN itself from becoming a single point of failure, you should provide at least two SAN nodes that are configured to replicate your data.
  3. Back up your data and your VM’s using tools that allow both images and folder based backups. When recovering from a catastrophic failure, restoring a server image is often the fastest way to get things running again – but you don’t want to go to the trouble of restoring a complete server image if all you need are a couple of files. So a schedule that encompasses both kinds of backups is best.
  4. Make certain that you get data and server images offsite religiously. Rule #1 for Disaster Recovery / Business Continuance is to get the data out of the building.

These simple rules allow for a significant amount of reliability and flexibility. Even with inexpensive hardware and software (there are a number of excellent software products that are free to use), your systems can continue to run or be easily restarted within minutes of hardware failure. In many cases even the total loss of two servers (one virtualization host and one SAN node, for example) would be a minor event in terms of its impact on operations. If you are religious about taking your data and image backups offsite your entire system could be up and running within a day even if you were not able to get to your main location for some reason.

Since a virtualized infrastructure is so resilient, you can afford to use computer systems that are not necessarily top-of-the-line, but you can’t afford not to build it right. A long-time customer (you know who you are) once told us, “The worst thing I could do would be to spend $25,000 on my new systems when I should have spent $30,000.” The dollar amounts aren’t the important thing here – it’s the concept that when you cut corners on something, the chances are high that sooner or later it will come back and bite you. You’ll never be sorry if you take the time and effort to make sure you do it right.

, , , ,

What Do You Mean, You Can’t Find the File?

October 9th, 2009 | Posted by vharris777 in General | Partner Posts - (2 Comments)

How to Turn Information Sprawl Into a Competitive Asset with Business Search

By InfoFinder Search Technologies

Disclaimer: This is a guest post by one of Moose Logic’s vendor partners. While Moose Logic does promote and sell this partner’s products, the opinions expressed here are those of the post’s author and do not necessarily represent the opinions or positions of Moose Logic.

Ever lose something on your network? It could be a file, contact name, email, phone number, report, or proposal. You name it. Every organization has experienced an explosion of different types of data over the last decade. Every person has faced the frustration of searching for something on the network.

Company data sits everywhere: on the network, in emails, on intranets, and the information deluge only seems to worsen each year as disk storage increases in capacity and decreases in cost. Data is simply growing at a faster rate than our ability to manage it.

Is it really a problem?

Quite simply, yes. A UC Berkeley study found that workers are bombarded with an average 1.6 GB of data per day – everything from email, reports, and accounting data to text messages and blogs.

IDC further estimates that knowledge workers spend 10 hours a week searching for information, successfully finding what they need only half the time. Ineffective information access costs organizations up to $14,000 per employee each year in lost productivity.

Those are big numbers; but is it a problem at your company?

Start with yourself. You can probably remember plenty of scenarios. Remember that old proposal you wanted to retool for a new opportunity? Or how about the customer issue that required multiple painful meetings to ‘get the facts?’ Are there times when one department isn’t aware of what another is doing? How much knowledge gets lost in the system when employees change positions, change companies or when there’s a layoff?

If you’re not convinced, the next step is to ask around, or better yet, walk the floor. You may be surprised by what you find.

The good news? You’re not alone. This is an issue that impacts every organization of every size. The root of the problem is that our data grows in silos, and it’s growing at a faster rate than ever. A recent InformationWeek survey shows that most organizations are experiencing 5 – 20% annual data growth, most of it unstructured data.

What is unstructured data? You know it as emails, word documents, faxes, PDFs, web pages – all the stuff you see and work with on a daily basis – comprising 80% of most organizations’ content. Contrast that with traditional ‘structured data,’ the database applications we typically use to run operations, accounting, customer service systems, etc.

Putting Structure Around Unstructured Data

It’s not as impossible as it seems. Enterprise search solutions operate behind-the-firewall in a corporate network, giving employees a secure tool to find, use and share corporate information – irrespective of the type of data (structured or unstructured) or where it may be stored (file servers, email, application databases, etc.). An enterprise search system processes all the information in an organization once, constructs a consolidated index, and then uses this master index to service subsequent user search requests.

Enterprise search is nothing new. It has been around since the last decade, helping the largest of enterprises cope with data sprawl. Because ’behind-the-firewall’ search solutions must be carefully integrated in complex and diverse enterprise security schema, traditional enterprise search solutions more closely resembles integrator toolkits than off-the-shelf products – limiting their adoption.

Traditional enterprise search vendors require the participation of a system integrator to plan, develop, install, train and maintain highly customized and sophisticated solutions specifically tailored for each customer. Typical installation times are measured in months or quarters, rather than days or weeks; and the average cost runs $400,000 or more. As a result, traditional enterprise search solutions have focused primarily on the needs of large enterprises with limited appeal to the more modest needs of small and mid-tier businesses.

Right-Sizing Search for Small and Medium Businesses

Business Search solutions, such as InfoFinder, have been right-sized to address the time and budget needs of mid-sized and growing companies. The following chart illustrates the key differences between enterprise search and business search:

  Business Search Enterprise Search
Customer 100 – 2,500 Employees Fortune 500
Installation Plug & Play Customization Required
Deployment Time Days Months (if not quarters)
Price $00,000 (Tens of thousands) $000,000 (Hundreds of thousands)
Functionality Core Search (Out of the box) Search and more…(Lots of bells & whistles)

An Essential Productivity Tool

Business search solutions enable employees to search and find information quickly and easily without wasting time, boosting office productivity by as much as 25%. More efficient and accurate information access also means more effective business decisions. In addition, business search can be used to:

  • Improve the customer experience through faster service response times and better information quality
  • Ensure information continuity during corporate restructuring, downsizing, or merger & acquisition
  • Manage information risk and compliance associated with increased regulatory oversight
  • Reduce e-discovery information retrieval times

Are You Ready for Business Search?

Investing in search is not a trivial task. Investments can range from $30–250k for a mid-size organization. Make sure you review these critical questions as part of your evaluation process:

  1. How much information do we have? Many companies are surprised to learn they have 500,000 or more documents. Have your IT team scan the network shares, email stores, databases, intranet, and SharePoint pages to count the total number of documents. If you have more than 150,000 documents, you should consider a business search solution.
  2. How many different places is information stored? Counting up the actual silos of information is also critical; the higher the number, the better candidate you are for search. Make sure to include all your silos, including database application and external cloud/SaaS applications like Salesforce.com.
  3. How do people find information now? A quick internal survey asking your end users how they find information now is a great way to understand the wasted time and potential frustration your staff faces on a daily basis.
  4. What does the lost time cost me? The ROI tool below can help you assess the cost impact of inadequate search capabilities. Don’t stop there; find out if it’s also costing you customers.

Building your own model can help you see how this translates to the bottom line. In this example, we’ll take an organization with 500 employees. If we assume they spend 5% of their time searching, you can easily calculate the annual payroll cost of search. Let’s take a conservative approach and say only half the folks will use it, but they’ll be 10% more efficient when searching. Even with these conservative numbers, you’ve easily paid for the system through annual productivity gains.

ROI Model for Business Search

ROI Model for Business Search


And organizations need productivity gains. Given the economy, business search is one of the most strategic investments you can make.

, , , ,

Citrix Changes the Game Again

October 6th, 2009 | Posted by Sid Herron in Citrix | VDI | XenDesktop - (1 Comments)

Disclaimer: Moose Logic is a Citrix Solution Advisor, and the author has worked with Citrix products for well over a decade – which is about how long there have been Citrix products to work with. As a fan of the company and the technology, it’s sometimes difficult to be objective…but I’ll try.

Citrix has shown in the past that it is not afraid to make bold moves to shake up the market landscape. The most recent was the decision to make XenServer, the “type 1” hypervisor obtained through the acquisition of XenSource, free. With today’s announcement of XenDesktop 4, they’ve made another bold move – arguably the boldest and the most far-reaching retooling of their product line ever.

You can read the press release at the Citrix Web site, and also get all of the details of the new offerings there, as well as from the volumes that will be written in the blogosphere and trade press over the next few days. But the basics are as follows:

  • XenDesktop, in all but it’s most basic version, will include XenApp. With a single XenDesktop license, you will be able to:
    • Deploy a shared virtual desktop from a XenApp-equipped Terminal Server, or deliver published applications running on a XenApp-equipped Terminal Server.
    • Connect to a virtual instance of a PC Operating System running on your choice of virtualization platforms (XenServer, Hyper-V, or VMware) – the classic definition of “VDI.”
    • Connect to a blade PC, if your computing or graphics needs are so demanding that you need dedicated hardware.
    • Stream a PC Operating System in real time to a desktop PC across the LAN – allowing you to boot and run your PCs from a common master image.
    • Stream applications to XenApp servers, PCs (whether virtual or physical), or both, and, if necessary, cache them for off-line use.
    • (Coming very soon) stream a PC Operating System to a client-side hypervisor, where it can be cached for off-line use.
  • XenDesktop will be moving to a per-user license model – a major shift, since Citrix licensing has almost exclusively been based on concurrent use as long as anyone can remember. Sales of concurrent-use licenses for XenDesktop will be discontinued on November 16, when sales of XenDesktop 4 licenses begin.
  • XenApp Enterprise and Platinum users with current Subscription Advantage will be offered a screaming “trade-up” deal that runs through June 30, 2010.
  • Strategically speaking, XenApp is clearly taking the back seat compared to XenDesktop. It will continue to be sold in all existing editions, but is being repositioned as the best solution for customers with high user concurrency (greater than 2:1), or those who use it as a “point solution” (e.g., remote access over limited bandwidth connections, call center applications, etc.). This also is a huge shift, when you consider that XenApp is the product that made Citrix.

So…what’s behind these moves? Citrix clearly believes that the battle for control of desktop delivery is where the future of the company lies. WinFrame/MetaFrame/Presentation Server/XenApp has been the de facto standard for remote access and server-based computing for well over a decade. But if all you care about is deploying Terminal Services (a.k.a. Remote Desktop Services in Windows Server 2008 R2), the value proposition for adding XenApp to your Terminal Servers has been steadily declining – and with the new features of Windows Server 2008 R2, it declines even further. This is why Citrix has worked so hard to reposition the conversation as one about application delivery as opposed to remote access or server-based computing, and why they have continued to roll more features into XenApp – particularly the Platinum Edition, which is really a suite of products more than an edition of one product.

Now they are working to reposition the conversation yet again. Nearly everyone agrees that there will be a huge uptake of Windows 7 over the next couple of years. And as Brian Madden pointed out in a techtarget.com article recently: “…there’s no sense virtualizing your desktops just to end up with XP again. And when Windows 7 launches, there’s no sense migrating to it while still managing your desktops the ‘old’ way.” Clearly, the Windows 7 rollout is a perfect opportunity for organizations to rethink the way they deploy and manage desktops.

The message from Citrix is clear: Desktop virtualization does not equal VDI. VDI, as it is classically defined, is only one way to deliver a virtualized desktop. There are many other ways – which we listed at the top of this article – and all of them have perfectly valid use cases. Since Citrix has solutions that cover all of those ways, it makes sense to offer a single license that will allow customers to “mix and match” and choose the best virtualization solution for each use case.

As the old saying goes, “Nothing succeeds like success.” If this works out the way Citrix obviously hopes it will, it will, by definition, be viewed as one of the most brilliant marketing moves since the deal with Microsoft that led to MetaFrame. At the very least, I think it must be recognized as a pretty gutsy move. And it’s certainly going to be fun to watch.

, , , ,

Talk to the Moose, ‘cuz we listen.

October 5th, 2009 | Posted by Scott Gorcester in Customer Feedback | General - (0 Comments)

Welcome to the Moose Logic Blog!  There are many reasons why we launched this forum.  We want to provide information here that will be of value to you in terms of making your businesses better, making your jobs easier, and maybe even making your personal lives more fun and fulfilling.  And we hope that as you participate in the discussion here, you will help us do these things.  But we also hope that, by providing you with another way to communicate with us, you can help us get better at what we do.

Recently we participated in a Customer Satisfaction Survey with Microsoft.  This survey is one of many requirements we must fulfill in order to maintain our Microsoft Gold Certified Partner Status.  (Not that we’re complaining – there is nothing bad about doing a survey and getting feedback from your customers, and we appreciate the money and effort that Microsoft expends to make this available to us.) Being able to hear what people have to say about you is one way – and perhaps the best way – to improve. This particular survey is conducted by a third party and as such we don’t see the individual responses, only the overall averages for each category.

We do highly value the findings and spend numerous hours attempting to understand what these ratings actually mean.  We have been told by the company that produces these surveys that we ranked well above the industry averages in every category. Yet, we are mostly concerned with are the items we didn’t score 100% in.   So what this tells us is that we are better than average but we are not the best – and we are not satisfied with doing a “pretty good” job overall; frankly there is room for improvement.
Microsoft Customer Satisfaction Survey Results
Here are some of our key takeaways from this survey:

  1. Quality of products – We pride ourselves in specializing in the absolute best technology products available, yet this is one of our lowest scores, are there recommendations on additional products we should offer?
  2. Quality of Support – We know we had some struggles last year and some of this has been addressed.  Our score of course is reflective of these issues and we look forward to the next survey to see if our number in this area improves.
  3. Our lowest score was “Value Received.” We find this a concern as one could argue that this is the most critical metric we can measure.  Our most important concern is that our clients receive tremendous value from working with us, so what do we need to do to improve on the “Value” you receive from working with us?  Okay, I know one could argue that if we worked for free that might improve our “Value” but of course we all understand that if we are not able to maintain a viable business then; 1) We won’t be here for long and 2) the quality of our work would not be up to acceptable levels.
  4. 3 categories with 100% – Wow! I can’t thank everyone enough. To have many people take the survey and still come out with 100% is amazing. Funny that the other categories are not 100%, including “value received,” but you’d still buy from us again, recommend us to others, and rate “satisfaction” at 100%. The only conclusions I can come to is that our clients are happy and loyal and for that, thank you all.

Despite our best efforts this year to provide the best experience when buying, requesting support, or offering quality products, we see that we still have lots of room for improvement, and we need your feedback to help us improve. We hope that the Moose Logic Blog will give us another feedback channel – one that is more immediate than an annual survey. Please let us know how we can do better.

Finally, THANK YOU to all who participated, and thanks to everyone that has helped Moose Logic get to where it is today.  Please know that we welcome your input and will listen and learn from you.

, , ,

Latest Blog Feeds
Go to our Blog Page
Testimonials
“Our business is all about process and margins; we rely on Moose Logic to install and manage network solutions that enable us to control both. Moose Logic created solutions that transformed our business relationships and processes.”
Ron Horowitz
Birchwood Park Homes
Read our Newsletter
Copyright © 2010 All rights reserved.
Wordpress Delicate template designed by NattyWP