WindowsNetworking.com Newsletter of April 2008

WindowsNetworking.com Monthly Newsletter of March 2011 Sponsored by: ManageEngine

Welcome to the WindowsNetworking.com newsletter by Debra Littlejohn Shinder, MVP. Each month we will bring you interesting and helpful information on the world of Windows Networking. We want to know what all *you* are interested in hearing about. Please send your suggestions for future newsletter content to: dshinder@windowsnetworking.com

ManageEngine Applications Manager: Comprehensive Windows Infrastructure Monitoring Software

Monitor your Windows Server, Exchange Server, MS SQL, SharePoint, .NET, Active Directory, etc, in your physical, virtual and cloud infrastructure. Troubleshoot performance problems quickly, plan capacity and get in-depth insight into performance issues through root cause analysis.

Download 30-day Trial.

1. To the (Private) Cloud with VDI

I've got to hand it to today's network administrators. They're being pummeled by the cloud - public cloud and private cloud - and wondering if they're going to have a job in five years. Then they hear that the cloud really isn't making that much progress and that they don't have to worry about their jobs - but then they find out that it's really the public cloud that is experiencing slow adoption, but that private cloud is hot hot hot! If that weren't enough, then comes the news that public cloud Infrastructure as a Service offerings (IaaS) are doing quite well, but Platform as a Service (PaaS) such as Azure and Google App Engine aren't doing as well. And finally there are all the cool new networking features included in Windows 7 and Windows Server 2008 R2, such as DirectAccess and Virtual Desktop Infrastructure that you need to learn if you're going to be involved in "next gen" networking. It's amazing that most IT pros don't just throw up their hands and say "I give up!".

Well, if you've been feeling that way, just take a deep breath and relax. The first thing to do is forget about the public cloud for the moment. It might take off, it might be taking off already, or maybe there are just a lot of industry pundits (supported by cloud provider dollars) who write about it to keep people stirred up. The headlines are enthusiastic; for instance, IDC reported last year that spending on public cloud IT services is expected to see "scorching growth" - from $16 billion in 2009 to $55 billion in 2014 - but if you look at the numbers and the chart closely, you see that even in 2014, that projected $55 billion is only 12% of the $460 billion expected to be spent on traditional IT products. That puts the cloud fears into a somewhat different perspective.

What's important here is that while the public cloud is one option, the most interesting aspect of the cloud is what is called "private cloud" - which is just another way of describing in-house virtualization. (Okay - private cloud has many definitions and some people won't agree that it's "just" about virtualization - but the fact is that virtualization is the foundation of the private cloud and without it, you can't have a private cloud).

Here's where it gets complicated. There are several types of virtualization: desktop virtualization, server virtualization, presentation virtualization, storage virtualization, user state virtualization and more. Virtual Desktop Infrastructure (VDI) is about desktop and presentation virtualization. With VDI, you can host desktop operating systems on a virtual server and connect to them using presentation virtualization (which, in the Microsoft world, is just a fancy term for Remote Desktop Protocol, a.k.a. RDP).

VDI in principle is pretty easy to understand. What you need includes:

  • A virtual server, such as Microsoft Hyper-V
  • Desktop operating systems running as virtual machines on the virtual server
  • A method to connect to those desktop virtual machines over the network, such as the remote desktop protocol
  • A policy-driven way to create and deliver virtual desktops so that each user gets a virtual desktop appropriate for that user's work requirements; one way you can do this is to use System Center Virtual Machine Manager

This is enough to get you started with VDI. A user then connects to a web site and selects a virtual desktop; the assumption is that the virtual desktops made available through the web site are based on the user credentials. The user then selects the virtual desktop he wants, and the virtual server then dynamically spins up a new virtual machine for that user to use.

But what about user state and application state? Users aren't going to be happy if each time they start a virtual desktop, they see a clean new operating system. Users like to customize their desktop environments to optimize their work. Well, don't worry. You can take advantage of other virtualization technologies to enhance the end user experience. For example, user state virtualization can be used to make sure that the user has access to his files and application configuration settings, and application virtualization (such as APP-V) can be used to dynamically assign the user the applications he needs to get his work done.

The beauty of VDI is that users always have access to a full desktop operating system that has all the applications the user needs to get his work done, no matter where they are. The user can connect from a low powered machine (such as an old desktop or netbook) and take advantage of the powerful hardware running the virtual server to power the users’ line of business applications.

Note that there are many implementation issues that you need to address with VDI, but most of them are not overly complex or difficult to overcome. However, there is one thing that can bring your VDI plan to its knees, and that's bandwidth limitations. You have to ensure that your intranet can support the additional bandwidth requirements introduced by users who connect to your virtual servers. Admins often underestimate the bandwidth toll extracted by VDI, so pay special attention to this issue.

In a similar vein, and for the same reason, VDI can be problematic for users who are off the local network. Internet connections that are less than 1.5Mbps will create a painful end user experience. And since users often have very little choice regarding the speed of the Internet connection at the places they happen to be at any point in time, you don't want to depend too much on VDI for remote users. The exception might be if you've deployed 4G LTE adapters to all of your remote VDI users; in this scenario, you know that users will always have the Internet bandwidth required for an effective VDI solution - at least as long as they're in an area that has LTE coverage.

What do you think? Could VDI in your private cloud be the future of your desktop deployment solution? Maybe it won't take over all your desktops, but do you think it will be part of your overall client OS solution? Or do you think VDI is just another marketing gimmick, and the coolness is more apparent than real, and that there really isn't a strong argument for using VDI because the value compared to a powerful thick client just isn't there?

Let me know! Send me a note at dshinder@windowsnetworking.com and I'll share out your comments.

See you next month! - Deb.

By Debra Littlejohn Shinder, MVP
dshinder@windowsnetworking.com

=======================
Quote of the Month - "Laughter and tears are both responses to frustration and exhaustion. I myself prefer to laugh, since there is less cleaning up to do afterward." - Kurt Vonnegut
======================

2. ISA Server 2006 Migration Guide - Order Today!

Dr. Tom Shinder's best selling books on ISA Server 2000 and 2004 were the "ISA Firewall Bibles" for thousands of ISA Firewall administrators. Dr. Tom and his illustrious team of ISA Firewall experts now present to you , ISA Server 2006 Migration Guide. This book leverages the over two years of experience Tom and his team of ISA Firewall experts have had with ISA 2006, from beta to RTM and all the versions and builds in between. They've logged literally 1000's of flight hours with ISA 2006 and they have shared the Good, the Great, the Bad and the Ugly of ISA 2006 with their no holds barred coverage of Microsoft's state of the art stateful packet and application layer inspection firewall..

Order your copy of ISA Server 2006 Migration Guide. You'll be glad you did.


   Click here to Order
   your copy today

ManageEngine Applications Manager: Comprehensive Windows Infrastructure Monitoring Software

Monitor your Windows Server, Exchange Server, MS SQL, SharePoint, .NET, Active Directory, etc, in your physical, virtual and cloud infrastructure. Troubleshoot performance problems quickly, plan capacity and get in-depth insight into performance issues through root cause analysis.

Download 30-day Trial.

3. WindowsNetworking.com Articles of Interest

4. Administrator KB Tip of the Month

Prevent use of writable CD/DVD drives

Let's say your company's security policy does not allow users to write to CD/DVD media using their computers. Then you order 200 laptops for your users and you find out that the vendor only supplies these laptops with writable CD/DVD drives in them. What can you do?

Provided the laptops are running Windows Vista or later, you can prevent your users from writing to the writable CD/DVD on their new laptops by enabling the following Group Policy setting for these computers:

Computer Configuration\Policies\Administrative Templates\System\Removable Storage Access\CD and DVD: Deny Write Access

Then regardless of what type of CD/DVD burning software they install on their laptops, they won't be able to write to writable CD/DVD media.

For more administrator tips, go to WindowsNetworking.com/WindowsTips

5. Windows Networking Tip of the Month

What happened to the Windows System File Checker?

Remember the SFC tool? It was supposed to check your system files in Windows 2000 and make sure they weren't corrupt. I haven't heard too much about the SFC over the last few years and wondered if it was even still around. I opened an elevated command prompt on my Windows 7 Ultimate computer and entered in the command line:

sfc /scannow

and then pressed ENTER. It takes a while for the scan to run on the Windows 7 computer. After it's done, you might see that everything is OK, or you might find what I did:

You can view the file, but you'll need to assign yourself permissions to do so. After opening the file, you'll find that there is really no summary information you can use to troubleshoot the problem. Fortunately, this machine is behaving well, so there's no reason to get overly worried about the results of the SFC. If I had been having problems with it, I'd need to follow up with a search on SFC and begin with the link below.

For more information about the Windows 7 System File Checker, click here.

ManageEngine Applications Manager: Comprehensive Windows Infrastructure Monitoring Software

Monitor your Windows Server, Exchange Server, MS SQL, SharePoint, .NET, Active Directory, etc, in your physical, virtual and cloud infrastructure. Troubleshoot performance problems quickly, plan capacity and get in-depth insight into performance issues through root cause analysis.

Download 30-day Trial.

6. Windows Networking Links of the Month

7. Ask Sgt. Deb

QUESTION:

Hi Deb,

I heard about something called the Microsoft Diagnostic and Recovery Toolset the other day. However, I didn’t get any information on what it does and where I can get it from. From what I could tell, it sounded pretty cool and useful - sort of a consolidated set of diagnostic tools that can run from a nice user interface to speed up repairs and troubleshooting. Any help is mucho appreciated!

Thanks! - Rockne.

ANSWER:

Hi Rockne,

Yes! The Microsoft Diagnostic and Recovery Toolset is a collection of tools you can use to configure and troubleshoot machines in your organization. It includes 14 tools that you can use right away to speed up your fixes. Some of the tools included with the Microsoft DaRT include:

  • ERD Registry Editor
  • Locksmith
  • Crash Analyzer
  • File Restore
  • Disk Commander
  • Disk Wipe
  • Hotfix Uninstall SFC Scan
  • Standalone System Sweeper

The DaRT is part of the MDOP collection of tools. MDOP is a suite of tools and utilities you get as part of your software assurance subscription. While DaRT is very cool, even more cool are the APP-V and MED-V applications which are also part of the MDOP offering. For more information about MDOP and DaRT, check out System Management : Empower Your Business System with MDOP.

ManageEngine Applications Manager: Comprehensive Windows Infrastructure Monitoring Software

Monitor your Windows Server, Exchange Server, MS SQL, SharePoint, .NET, Active Directory, etc, in your physical, virtual and cloud infrastructure. Troubleshoot performance problems quickly, plan capacity and get in-depth insight into performance issues through root cause analysis.

Download 30-day Trial.

TechGenix Sites

ISAserver.org
The No.1 Forefront TMG / UAG and ISA Server resource site.
MSExchange.org
The leading Microsoft Exchange Server 2010 / 2007 / 2003 resource site.
WindowSecurity.com
Network Security & Information Security resource for IT administrators.
VirtualizationAdmin.com
The essential Virtualization resource site for administrators.