WindowsNetworking.com - Monthly Newsletter - March 2014

Welcome to the WindowsNetworking.com newsletter by Debra Littlejohn Shinder, MVP. Each month we will bring you interesting and helpful information on the world of Windows Networking. We want to know what all *you* are interested in hearing about. Please send your suggestions for future newsletter content to: dshinder@windowsnetworking.com

1. Windows XP: The Party's Over

According to NetMarketShare.com statistics as of February 2014, almost 30 percent of the computers on the Internet are still running Windows XP, the nearly thirteen year old desktop operating system that will no longer be supported after April 8 of this year – less than a month from the day of this writing.

Now, some might assume these are just the grandmas and grandpas out there running XP on their aging home computers, but those making such assumptions would be wrong. Go into any small business – doctor's office, small bank, local retail store, auto repair shop – and the chances are good that you'll see XP machines still in service. As the support deadline approaches, I have become acutely aware of how often I still encounter the sight.

I remember back when Vista was introduced, and many individuals and companies alike vowed to stick with XP "until you pry it from my cold, dead hands." Windows 7 soothed many of these savage beasts, and over the years, XP has slowly lost its stranglehold on the PC market share, but there are still too many holdouts for comfort. When the choice was XP or Vista, loyalty to your tried-and-true OS made sense. Today, those who continue to cling to the antiquated operating system really are rebels without a cause. And very soon, they'll be rebels without a safety net.

Why, then, are so many still in denial, refusing to accept that "resistance is futile?" Certainly cost is a factor, especially for small companies that are operating on ever-tighter budgets in today's shaky economy. It's not just the price of the OS license that's at stake, either. Many XP machines are so old that you might need new hardware to be fully compatible with Windows 7 or 8.

However, it's time to run those numbers again and factor in the potential costs of running XP "naked" – without security updates. According to the Ponemon Institute's 2013 study on the cost of data security breaches, the average cost in the United States came to around $188 per record for breaches that occurred in 2012, the most recent year for which the data is available. The direct monetary cost isn't the only consequence if those unprotected XP machines are compromised, though. The damage to a company's reputation when a data breach occurs can result in the loss of customers and even partner relationships.

Another consideration is that more and more fields are falling under government and/or industry regulations that mandate reasonable levels of security. Failure to comply can result in sanctions, loss of membership in industry organizations, fines and other penalties. Unpatched XP machines are not likely to be considered by those authorities to be an example of responsible security precautions. Even if your company isn't accountable to a regulatory body, clients or others who suffer losses due to a data breach caused by your negligence can bring a civil lawsuit against you that could cost many thousands of dollars to defend. Seen in this light, the cost of upgrading might turn out to be minuscule in comparison.

Of course, the fears surrounding moving to a new OS aren't just about money. Many small businesses get by with only part-time IT admins for whom IT isn't necessarily the primary area of expertise. The idea of rolling out a new operating systems to all the computers in the company, and/or deploying new hardware to everyone, might be overwhelming. However, it might help to know that it might not be as difficult as you think. If you buy new systems, they'll likely come with a brand new shiny OS already installed. Even if your hardware is relatively new (maybe you bought Windows 7 machines and "downgraded" to XP a few years ago), the installation process for today's new operating systems is really quite a bit easier than deploying XP was.

Finally, some businesses are hesitant because of the learning curve. They're afraid productivity will be lost because users are unfamiliar with the new ways of doing things and admins don't know enough about the new OS to properly support them. In fact, it's true that people are resistant to change and particularly with a major interface change (such as Windows 8/8.1), some will be unhappy and confused for a while. However, there are a number of viable options for dealing with that.

The Windows 7 interface isn't a huge departure from that of XP, and there are numerous improvements that can make workers more productive – not to mention support for technologies such as USB 3.0, which can vastly speed up communications with USB peripherals. There are third party products and configuration settings that can make the Windows 8 and 8.1 desktop experience almost identical to that of Windows 7 (and make it the default instead of the modern tile UI). Admins will find that once you're past the learning curve, the new versions of Windows are easier to support because they don't crash as often, perform better and are more secure.

The time for excuses is past. If you haven't upgraded all of the computers in your org yet, do it now. Tim Greene over at NetworkWorld says you're lucky you haven't already been fired. If you know others who are stuck in the sinking XP boat, show them this article. Friends don't let friends drive XP – especially after April 8.

By Debra Littlejohn Shinder, MVP
dshinder@windowsnetworking.com

=======================
Quote of the Month - Obsolescence never meant the end of anything, it's just the beginning. – Marshall McLuhan
=======================

2. Windows Server 2012 Security from End to Edge and Beyond – Order Today!

Windows Server 2012 Security from End to Edge and Beyond

By Thomas Shinder, Debra Littlejohn Shinder and Yuri Diogenes

From architecture to deployment, this book takes you through the steps for securing a Windows Server 2012-based enterprise network in today’s highly mobile, BYOD, cloud-centric computing world. Includes test lab guides for trying out solutions in a non-production environment.

Order your copy of Windows Server 2012 Security from End to Edge and Beyond. You'll be glad you did

   


Click here to Order your copy today

 


3. WindowsNetworking.com Articles of Interest

4. Administrator KB Tip of the Month

Find Disk Firmware Versions using PowerShell

Learn how to use Windows PowerShell to find disk firmware versions

Question: You need to check firmware versions on the disks of your Windows Server 2012 and Windows 8 computers (and above). How can you do this?

Answer: Use the Get-Disk function that is available beginning with Windows 8 and Windows Server 2012. Select the friendly name and the firmware version. This command appears here:

get-disk | select friendlyname, firmwareversion

Ed Wilson is the bestselling author of eight books about Windows Scripting, including Windows PowerShell 3.0 Step by Step, and Windows PowerShell 3.0 First Steps. He writes a daily blog about Windows PowerShell call Hey, Scripting Guy! that is hosted on the Microsoft TechNet Script Center; for more PowerTips check out the Hey, Scripting Guy! blog

For more great admin tips, check out http://www.windowsnetworking.com/kbase/.

5. Windows Networking Links of the Month

6. Ask Sgt. Deb

QUESTION:

Hi Deb,

I'm putting together a hybrid cloud infrastructure and I have a question about connectivity options between my on-premises site and my Azure Virtual Network. I've been testing some of the options I discovered in the Hybrid Cloud Design Considerations document and am getting comfortable with the configurations. One thing I'm worried about is that the document mentioned that the site to site VPN connection is essentially limited to 100 Mbps. When I get to the point where I end up joining my production network to the Azure Virtual Network there is the expectation that I'll have at least 500Mbps to the Azure Virtual Network and probably up to around 1 Gbps. The option of creating multiple site to site VPNs isn't attractive, and Microsoft doesn't make it very easy to do that – plus I don't want to hork my routing table to accomplish this. Does Microsoft have anything like the AWS DirectConnect feature?

Thanks! – Justin

ANSWER:

Hi Justin,

As always, our readers ask the best questions! Your concern is a valid one. The bandwidth limitations on the site to site VPN connection have been a thorn in Microsoft's Azure cloud side for quite some time. However, there is good news on this front. Microsoft recently released a preview version of ExpressRoute, which is very similar to the AWS DirectConnect. EspressRoute can establish connections to Azure at an ExpressRoute location (which is located at an Exchange Provider facility, essentially a telco provider who has partnered with Microsoft Azure) or directly connect to Azure from your existing WAN network (using an MPLS VPN) provided by a network service provider. The bandwidth you get will depend on which provider you choose. For example, if you use AT&T you can get as much as 1 Gbps. If you use Equinix, you can get up to 10 Gbps! Those are LAN speeds, which should provide you as much bandwidth as you need. You might want to start at the lower end and then move up, based on information you get regarding your usage statistics. Remember, the more bandwidth you want, the more you're going to pay (that's the nature of the cloud).

There is a nice technical overview of this solution on the Microsoft Azure MSDN site at http://msdn.microsoft.com/library/windowsazure/dn606309.aspx.