WindowsNetworking.com Newsletter of April 2008

WindowsNetworking.com Monthly Newsletter of April 2010 Sponsored by: SolarWinds

Welcome to the WindowsNetworking.com newsletter by Debra Littlejohn Shinder, MVP. Each month we will bring you interesting and helpful information on the world of Windows Networking. We want to know what all *you* are interested in hearing about. Please send your suggestions for future newsletter content to: dshinder@windowsnetworking.com

Management of Virtual Resources Made Easy

Achieve clarity and control of your virtualized infrastructure with advanced reporting, monitoring, and management.  SolarWinds Virtual & Server Profiler solves the pains of tracking VMs, managing capacity, and root-cause analysis from a single, easy-to-read console.
Gain visibility into your virtualized resources in order to understand how storage and applications are being used.

Try SolarWinds Virtual & Server Profiler Free

1. The End of The (Land) Line

Welcome to the April edition of the WindowsNetworking.com newsletter! Since we typically write about enterprise networking topics here, I thought that this month we would take some time to talk about another technology we all have to deal with - both at home and at the office - and that is the telephone. Love it or hate it, the telephone is a fact of life and it has extended its tentacles into virtually every part of modern existence. Depending on your approach to life, this can be interpreted as both a good or bad thing.

As an IT pro, you might not even have a land line anymore. A land line is, of course, that form of phone service that used to be called the Plain Old Telephone Service (POTS) and worked over an analog network.  Maybe you remember the land line fondly because dial tone was always "just there" - even when the electricity went out. Or you might remember it less fondly because you paid enormous monthly rates for local only calls and then were extorted with insane fees for calls outside of your local calling area. You might also remember the land line as the one where confiscatory taxes significantly increased the bill by double digit percentage points on top of the shakedown the phone company was giving you.

It is no wonder that people have moved to VoIP over the years. VoIP is significantly cheaper, you typically do not have to pay extra for in-country (or even in-continent) calls and it rides on top of your existing Internet connection. The call quality is good, and your wallet remains fuller. The only major drawback is that uptime might not be quite as good as with a land line, depending on the regulatory environment that your land line lived in.

And then there is the cell phone. What is the point of even having a VoIP connection if you have a cell phone? The cell phone goes everywhere with you, and it can even provide your Internet connection, too! It seems as if the cell phone should be the single hub that connects your Internet and voice communications.

I have no argument against that - but I do have a problem with a single point of failure. Sure, I could configure my Windows Mobile cell phone to be a WiFi hotspot (and I do from time to time) but what if the battery died (I mean died, dead - not just needed a recharge), or what if the phone had a fatal malfunction, or the cell phone's Internet connection died? Then I would be without both phone and Internet services - due to the single point of failure.

Another problem with using your cell phone for everything is that it can be expensive. Unlimited minutes plans are available, but they cost a lot, and international calls over a cell phone can result in a truly shocking bill (when Tom went to Israel for two weeks a little over a year ago, that month's cell phone bill was more than $800, as compared to the usual $190). And even if you have an "unlimited" data plan, cell phone carriers do not really believe in that concept; if you tried to use the cell connection for all your Internet activity, you would probably soon find your service cancelled.

OK, you need a cell phone anyway, and you need data services for the cell phone. But if you do much communicating, you also need something else. It is likely that you already have an Internet connection for home use anyhow. Even if your usage is low enough to depend on the cell phone, your cell phone isn't always going to be home, and your other family members will need Internet access when your cell phone is away. You can use that home Internet connection for your VoIP line.

But what VoIP service should you use? There are standard "traditional" VoIP services like Lingo or Vonage that cost around $30US/month. Now, that might sound pretty cheap compared to a land line or the cell phone bill. But it would be nice to cut this cost down to the bone, especially if you are using it essentially as just a backup line.

We used Lingo for six years and we were pretty happy with it. Then the call quality began to deteriorate, and multiple calls to tech support did not help. I tried everything they suggested, and more, but we still had a loud screeching background noise on all our calls. I suspected the ATA box was going bad, but they would not send a new one, so I started looking for a different solution.

This is what we have done: for outbound calls, we subscribed to Skype for $2.95/month. An advantage to this is that we can make these calls from any Internet computer. If the cell phone dies while on the road, no problem, just fire up Skype on the laptop. So Skype is a great backup plan for outbound calls to prevent the single point of failure problem when on the road (or even at home) and can be used during business hours when cell phone use counts against our allocated minutes, or for making international calls.

But what about inbound calls? I do not want the world to have my cell phone number. I do not want that phone ringing when I am driving and I do not want that number getting around to telemarketers. As far as Tom is concerned, he would prefer it if no inbound calls were possible. However, the rest of the world does not see things the same way as Tom. I am running a business here and I need to be able to receive calls, so we need a number that people can call, even if only to leave messages. We could do it with Skype's SkypeIn service, which costs an additional $60US/year ($5US/month), but Skype does not easily integrate with the multi-handset cordless phone system we have in the house that runs on the 5.4GHz spectrum.

However, we did find a nice solution that works with our system, which goes by the name of Magic Jack. Magic Jack is only $20/year ($1.67/month) for inbound and outbound calls. You have to buy the device for $40, but that includes the first year of service. The downside is that it is a USB key type solution, so it's not quite as flexible as Skype, and unlike with Lingo or Vonage, the computer has to be powered on all the time (not an issue if you have servers that run 24/7 anyway), but it does work nicely with the cordless phone system.

The result? We moved from the $30US/month Lingo VoIP services to Skype and Magic Jack combo which costs less than $5US/month. That change is saving us over $300US/year! That's money we can use to buy other things, such as a new 2 TB drive for the media center.

What do you do to keep your telco costs down? Let me know! I'll share your comments in the next newsletter and maybe others can benefit from your experience.

See you next month.

By Debra Littlejohn Shinder, MVP

Thanks!
Deb
dshinder@windowsnetworking.com

=======================
Quote of the Month - "The Internet is a telephone system that's gotten uppity." - Clifford Stoll
======================

2. ISA Server 2006 Migration Guide - Order Today!

Dr. Tom Shinder's best selling books on ISA Server 2000 and 2004 were the "ISA Firewall Bibles" for thousands of ISA Firewall administrators. Dr. Tom and his illustrious team of ISA Firewall experts now present to you , ISA Server 2006 Migration Guide. This book leverages the over two years of experience Tom and his team of ISA Firewall experts have had with ISA 2006, from beta to RTM and all the versions and builds in between. They've logged literally 1000's of flight hours with ISA 2006 and they have shared the Good, the Great, the Bad and the Ugly of ISA 2006 with their no holds barred coverage of Microsoft's state of the art stateful packet and application layer inspection firewall..

Order your copy of ISA Server 2006 Migration Guide. You'll be glad you did.


   Click here to Order
   your copy today

Management of Virtual Resources Made Easy

Achieve clarity and control of your virtualized infrastructure with advanced reporting, monitoring, and management.  SolarWinds Virtual & Server Profiler solves the pains of tracking VMs, managing capacity, and root-cause analysis from a single, easy-to-read console.
Gain visibility into your virtualized resources in order to understand how storage and applications are being used.

Try SolarWinds Virtual & Server Profiler Free

3. WindowsNetworking.com Articles of Interest

4. Administrator KB Tip of the Month

How to enable HTTPS/SSL encryption for Internet Printing Protocol (IPP)

If you use Internet Printing Protocol (IPP) to share or access your printers over the Internet, keep in mind that print jobs are not secure. However, you can enable encryption by setting up IIS with a security certificate so you can access the printer via the https address using SSL.

First, you need to create a self-signed cert using IIS:

  1. Open the IIS Manager from the Control Panel
  2. Double-click the Server Certificates icon
  3. Click the Create Self-Signed Certificate link on the right
  4. On the dialog box, enter a name, and click OK

Next you need to create bindings for HTTPS using IIS:

  1. On the left Connections list, expand the Web Sites, right-click your site name and select Edit Bindings
  2. On the bindings window, click the Add button
  3. Select https for the Type and choose the certificate name, and then click OK

Remember, you need to make sure port 443 is open on your firewalls. Plus, you will probably need to set up a port forward on your router to forward traffic on port 443 to the computer that is hosting the printer.

Then access the printer list with https://x.x.x.x/printers (where x.x.x.x equals your Internet IP address).

You can find this Administrator tip over here!

For more administrator tips, go to WindowsNetworking.com/WindowsTips

5. Windows Networking Tip of the Month

Which network do you trust? Do you trust your home network? Do you trust your work network? Do you trust the network you connect to in your hotel room? Do you trust the network you connect to when you go to a customer’s office? How are you making these assessments of trust? The fact is, you can never have enough information to know how much you can actually trust the network you are connecting to at any point in time. You might make educated guesses, but in the end that is all they are: guesses. That means your safest bet is to not trust any network. This appears to be good advice in general, because many security studies show that insider attacks are on the rise and they are the most damaging.

If you manage your corporate network, whether it is a small or large business, one of the most effective methods you can use to protect your network against rogue computers with malcontents is to prevent them from connecting to resources on your network. This means that while attackers might be able to connect to your network, they will not be able to access and steal or maim any of your data. How do you accomplish this? The simple answer is NAP (Network Access Protection). NAP has been around for a while, but has seen a slow adoption curve. Fortunately, there seems to be uproar in adoption of this technology that has been available since Windows Server 2008.

How to learn about NAP? Best thing you can do is to try it out in a Test Lab. I recommend that you start with learning about IPsec enforcement, since this is really the only method you should use if you are earnest about actually trying to secure your network. For more information on how to deploy NAP with IPsec enforcement in a test lab, check out this link.

Management of Virtual Resources Made Easy

Achieve clarity and control of your virtualized infrastructure with advanced reporting, monitoring, and management.  SolarWinds Virtual & Server Profiler solves the pains of tracking VMs, managing capacity, and root-cause analysis from a single, easy-to-read console.
Gain visibility into your virtualized resources in order to understand how storage and applications are being used.

Try SolarWinds Virtual & Server Profiler Free

6. WindowsNetworking Links of the Month

7. Ask Sgt. Deb

QUESTION:

Hey Deb,

I am using Hyper-V for a lot of my networked devices in Windows Server 2008 and was wondering what is up with Windows Server 2008 R2. Can you tell me what is new with Hyper-V in R2? We are thinking about upgrading to the latest version of Hyper-V but want to make sure it is worth the money and effort.

Thanks! - Kris H.

ANSWER:

Hi Kris,

There are four things that are new with Hyper-V in Windows Server 2008 R2:

  • Live migration
  • Dynamic virtual machine storage
  • Enhanced processor support
  • Enhanced network support

Live migration allows you to move a running virtual machine from one member of a Hyper-V cluster to another cluster member without interrupting the network connection or the user experience. Note that this requires shared storage, such as Fibre channel or iSCSI.

Dynamic virtual machine storage will allow you to add or remove storage from a running virtual machine "on the fly" while the machine is running. You can add or remove both virtual and physical hard disks, enabling "hot plug" scenarios.

With Windows Server 2008 R2, you can now use up to 32 processors per virtual machine (just in case you need them). There is also support for new Intel processor capability, such as Second Level Address Translation (SLAT) and Core Parking. SLAT is Microsoft's support for Extended Page Tables, which can significantly improve performance in virtualization scenarios. Core Parking enables the processor to "turn off" processor cores and consolidate workloads to fewer processes, enabling better performance at an overall lower energy cost.

Jumbo frame support, which was available for the physical environment previously, is now available for virtual machines. Virtual machines can use jumbo frames of up to 9014 bytes if the underlying network infrastructure supports them.

Management of Virtual Resources Made Easy

Achieve clarity and control of your virtualized infrastructure with advanced reporting, monitoring, and management.  SolarWinds Virtual & Server Profiler solves the pains of tracking VMs, managing capacity, and root-cause analysis from a single, easy-to-read console.
Gain visibility into your virtualized resources in order to understand how storage and applications are being used.

Try SolarWinds Virtual & Server Profiler Free