The Hyper-V experiment continues. My three Server 2008 VMs are extremely stable — no crashes at all, nine days continuous running. I made a number of restarts to address various upgrades and all three VMs came back automatically. Am also using a VM to test Windows 7, and no problems there either.
Now addressing how well Hyper-V handles Linux. Ubuntu 7.1 desktop installed with no problems at all, although still working on networking. My Linux skills are pitiful, so I draw no conclusions yet about whether the networking issues are related to Hyper-V or user error. Perhaps I’ll have to install the Unix services roll on the base server. Am also installing a more recent version, 8.1, and will probably throw a Linux server up there, too. From a CPU and disk perspective, no problem — this machine still has a gear or two on the upside.
I am running out of memory, however, now that I have 6 VMs on this 8GB machine. The culprit: SQL Server on the base machine. Why did I install that? I’ve been trying to get System Center Essentials (SCE) on to the base machine and that requires SQL Server. This is a very tangled web Microsoft has woven: you need SQL Server and Windows Server Update Services to run SCE. SQL Server, no big deal; WSUS, something of a project, as it involves Group Policy. So far I haven’t gotten SCE to install and may abandon the whole project.
It does point out an interesting conundrum: Hyper-V manager manages memory for VMs. Is it more efficient than the base OS is? In other words, if SQL Server were running in a VM, would it be using as much memory? Sounds like my next experiment.
I’ve succumbed to the call of the “tweet.” In the Web 2.0 checklist of the best, I can add Twitter to the short list with the likes of Facebook, LinkedIn and Yammer. And although the novelty still lingers, the whole thing seems like a lot of work. But is this constant connectivity beneficial in the business world?
Many execs are unsure about Twitter (what are the business benefits? Is it too time-consuming? Is it actually effective?). Further, with ROI more important than ever, the inability to measure Twitter’s influence and success is unsettling. Without a way to track ROI, how can anyone justify spending time throwing around status updates?
From a companywide perspective, the thought of being in constant contact with your peers and colleagues is attractive – but only if everyone is using it. If it’s just you and your five closest work buds in a Yammer social circle, where’s the business value in that? Shouldn’t this be about connecting with people you wouldn’t normally get the chance to share ideas with? But if the entire company connects and shares insight and ideas – well, then we may be on to something.
The Twitter turn-on for me was the spider-web effect. If I can follow a certain number of knowledgeable, credible people in my field (and get them to follow me) I’m exposed to their followers, possibly their followers’ followers and so on. So now, rather than just asking my team of co-workers if they know of a CIO with a PMO I can tap for article insight, I can tweet about it. With the right followers (and a little luck), I can find a CIO directly who wants to talk about PMOs. I can find out what people are saying about it, test the waters for interest levels, make connections – all in 140 characters or less. But, again, that’s with the right followers, and finding them can be tricky.
For now, I’m embarking on a Twitter trial (a Twial?) to weigh the business benefits. I invite you to follow me and share your thoughts on Twitter (or below): a beneficial trend?
So Windows 7 is out in beta. My colleague Mark Schlack took it for a test drive and wasn’t impressed (see Windows 7migration: First thoughts). Yet at some point, if you’re still a Windows XP user, you’re probably going to have to plan a Windows 7 migration, unless you decide to start now and go for Vista (Win7 won’t be out before the end of the year, at the soonest). Windows XP support starts to wane in April, and by 2014 it ends entirely. Gartner recommends you make your switch by 2012.
Now some XP users told our reporter Christina Torode that they’re sitting tight (see Windows XP users weigh dwindling support vs. Windows 7 migration). Some expect Microsoft will extend those Windows XP support deadlines due to customer pressure. I’ve certainly met many more midmarket CIOs who remain with XP than those who have gone through a Vista migration. Very few see anything worth migrating for.
Yet if Microsoft sunsets XP as planned, they’ll all have some re-engineering to do. Windows 7 is built on the same kernel as Vista, so if your apps won’t work on Vista, you’ve only bought yourself some time, not a pass on re-engineering. Unless, of course, you are going to explore some Microsoft alternatives.
So XP users, unite: Are you going to clamor for extended support? Plan for a Windows 7 migration now? Start to work in Vista machines as you upgrade your hardware, as one analyst recommends in our article on migration tips? Go Linux? Let’s discuss.
A lot of budget-strapped CIOs are going to be telling their systems and storage directors to take another look at consolidation this year. These days, consolidation means virtualization. Only recently, that mainly meant VMware ESX. That is still the weapon of choice for many reasons, but suddenly Microsoft actually has a competitive product.
After a pretty feeble offering with Virtual Server 2005, Microsoft went the hypervisor route and now offers that as a built-in feature (excuse me, a “role”) on Server 2008 Enterprise Edition. Make that your base install and you can then put any version of Windows and some versions of Linux in VMs on the same box. I’ve been playing with it on a quad-core AMD box with 8 gigs of memory and hey, it actually works! Two years ago, Hyper-V vs. ESX was a silly conversation about marketing. Now you can actually start to compare them and make decisions about how to use them.
In my case, I put three guests (a domain controller, a file server and one just idling while I figure out System Center Essentials) on Hyper-V without the box breaking a sweat. More to the point, I didn’t break a sweat, either. Even a non-MCSE guy like me could do it. No muss, no fuss. If you have admins who can install and configure Windows Server, they can work this.
There are a lot of holes in the Hyper-V story. As of 2009, it’s not going to get you close to a fully dynamic data center. You can’t move VMs around willy-nilly. There aren’t the same kind of admin tools for DR or test/dev labs or many other of the niceties that VMware and many third parties now have.
Pricewise, it might not be that big a bargain, either. Enterprise Edition can run you as much as $3,999, which isn’t very different than buying VMware VI3 and one copy of Server 2008 Standard. The devil will be in the details of your volume purchase agreements as far as that goes – depending on the support agreements, VMware could actually cost less. Eric Seibert on Server Virtualization Blog recently remarked that the many differences between the products makes comparing them, especially from a cost point of view, an apples-to-carrots comparison.
As for performance, I haven’t seen any face-offs yet between Hyper-V and Server 2008. But if you’re trying to quickly collapse a lot of low-effort servers, maybe you don’t care about the ultimate in benchmark scores.
So it comes back to what it often does when choosing between Windows and something else: familiarity, integration and ease of use. In midmarket companies, you can’t always afford overspecialized IT staff. Maybe you don’t have budget or headcount for VMware specialists. Maybe you’d rather use your existing ESX licenses for more hard-core uses like email and ERP. Maybe you want to use similar tools to manage your physical and virtual servers.
The point is, CIOs will want to take a close look at the tradeoff between having one virtual environment (whether that’s Microsoft or VMware) or tiering their virtual environments. And finally, they have a reason to do that.
Twas the night before deadline and all through the office,
we worked with our heads down, appeasing our bosses.
But what to my weary eyes should appear?
The USPS delivery, bringing vendor-purchased cheer!
Brown, unmarked boxes of who knows what,
Cookies? Chocolates? Kitsch that is haute?
‘Tis the season! The lights, the cheer and, for some, the vendor gifts.
In the name of the holidays, vendors will often promote goodwill (future sales?) by giving gifts to employees they have worked with. Although thoughtful, some gifts can raise ethical and moral issues. For example, an extravagant gift could make the recipient feel a sense of obligation. You certainly don’t want gifts hampering employee objectivity when making purchasing decisions or recommending products or services to clients and users. You have an obligation to consider your company’s – not your own — best interests (as well as those of consumers or people looking to you for advice).
Most companies have strict human resource policies about what is considered a gift, what dollar amount needs to be reported to the company, what needs to be sent back (What, no spa weekend?!), etc. For some industries (such as health care) the giving and receiving of gifts can raise certain implications concerning the appropriateness of medical treatments given to patients and at what point the gift starts looking like a bribe.
So, how do you differentiate between a possible bribe and a simple thank you? Use common sense, read up on your company’s policy and if you find yourself in a gray area, it’s always best to check with your HR department.
With that said, you may not even really want what your vendor is sending you. Here are some examples of vendor gifts my colleagues have received and kept over the years (whether they wanted to or not):
- A large, corned beef-style chunk of buffalo.
- Electric ice cubes (sounded dangerous to me, although she swears by ‘em).
- A bottle of chocolate wine (yes, it was alcoholic).
- Mr. Potato Head.
- A box of mixed nuts doubling as a business card holder.
- A red velvet blanket teamed with Godiva hot chocolate (?).
- A bottle of whiskey. Period.
- A gift card for either a facial or a body wax at a local spa (No further comment necessary).
- Steaks. Packed in ice.
Feel free to send along any strange, interesting, bizarre and random vendor gifts you’ve received (or sent).
Share the gift of laughter
We’re almost at the end of 2008.
It’s been a year of cutbacks, layoffs, crashes and downturns. We’ve started using the word recession and are planning 2009 budgets accordingly. So, what happens next year? Forrester Research recommends investing in agility and innovation to accelerate out of the downturn, in a recent CIO-geared webinar presented by Forrester principal analyst, Bobby Cameron.
While interacting with IT executives on budgets and planning, Forrester found that 21% expected their budgets to either grow or stay the same in 2009. But most are anticipating a stagnant or cut budget and have moved into one of three planning scenarios: cutting, anticipating cutting or keeping their options open.
Although Forrester found that most companies are focusing on traditional cost-cutting tactics (such as using low-cost resources, eliminating large-sized efforts and focusing on short-term returns), it has seen some firms choose an alternate path — investing what they can into agility and innovation.
Why? Agile companies (those that can rapidly shift suppliers, trading partners or markets) are more likely to navigate through failing firms and slow economies. Companies investing in innovation will look for new business models and product/service offerings (alongside operational improvements) instead of just hunkering down.
When investing in agility, Forrester says, companies should focus on flexibility. For IT, that means applying SOA and creating flexible external interfaces to data and systems so that companies can more easily shift or change contractors, suppliers or partners. Innovation investments, such as utilizing Web 2.0 technologies to establish and spread ideas, can positively affect core business strategies by engaging internal and external sources in meaningful dialogue – without over-extending budgets.
There is no all-encompassing recipe for success, and Forrester recommends addressing the downturn based on current situations and industry:
- Those already cutting budgets should execute on those plans to cut, while preparing to make deeper cuts if things don’t turn around. They should also consider investments in agility and innovation, but only if there is enough breathing room.
- Companies anticipating cuts should invest in agility and innovation, keeping the commitments small and the returns short-term.
- And those companies keeping their options open should pursue agility and innovation aggressively to maintain company health and leadership.
Keep your heads up – most pundits are expecting a leveling of the economy by the end of 2009. Are you ready for another 12 months?
Last Friday, the FBI issued a warning about a security vulnerability that could be used by cybercriminals to make vishing telephone scams.
Vishing (combining phishing and voice) uses Voice over IP (VoIP) features to gain access to company information. In this case, the flaw was found in a free and widely used open source toolkit – Asterisk.
According to a posting on the Internet Crime Complaint Center, hackers who gain access and exploit the Asterisk flaw can potentially auto-dial thousands of people in an hour.
Security risk news spreads like wildfire and the FBI vishing warning was no exception — bloggers everywhere began weighing in. It was quickly learned, however, that the security scuttlebutt was actually an old issue.
According to a Digium blog post, the bug was originally found in March (AST-2008-03, a SIP guest permissions problem) and was patched for 1.2 and 1.4 versions of the software (1.6 releases were not vulnerable). The bug did not allow the arbitrary setting of caller ID and would work in only a limited set of circumstances.
It sounds quite similar to the telephone scams already known, no VoIP hacking necessary! The Federal Communications Commission already warns us about everything from the Mexico Collect Call Scam to the 90# Telephone scam.
Just another reminder to keep your information safe by making your passwords safer … and do your homework before going off on new exploits.
Bank of America has introduced a new security feature for customers – the SafePass Card. Adding more protection to transactions, the SafePass Card is Bank of America’s next layer of secure online banking.
Smartphones are being used as digital wallets, mobile online banking is occurring more frequently and Wi-Fi access points are turning into cybercrime hotbeds. The Georgia Tech Information Security Center’s Emerging Cyber Threats Report for 2009 cited malware, botnets, cyberwarfare and threats to VoIP and mobile devices as the top security threats to be aware of – all of which aim to steal your data.
It’s no wonder one of our largest banks is looking to provide more online peace of mind. With keystroke loggers infesting email, IM and (the recently popularized) infected links on social networking sites, cybercriminals can steal your two-step login information and gain access to your account. For customers wanting added protection, the SafePass Card generates a six-digit, one-time pass code, necessary to complete online transactions. Customers can either receive the pass code via text message or by purchasing a wallet-sized card ($19.95) that generates the code (think chip and pin meets Magic 8 Ball)
And who wouldn’t want more secure online banking? Malicious programs are on the rise and many companies are not prepared for them. Naspera Networks recently issued the results of a corporate network security survey. Two hundred small and medium-sized enterprises answered a series of questions probing them on network security and potential threats. According to the results, most companies surveyed were not as secure as they could be (or wanted to be). What were the networks’ weakest links? Respondents cited as the primary offenders computers not kept up to date, Wi-Fi security and encryption practices, unknown threats from mobile workers and laptops, an increased need to provide guest access and an overall lack of policy governing endpoint security.
The SafePass is a step in the right direction. Just don’t lose the card … or your mobile phone.
Facebook is keeping people linked together both personally and professionally. Knowing that, it’s important to keep an eye on the security of your accounts on social networking sites — and the integrity of your online persona.
Facebook won an $873 million judgment against Adam Guerbuez of Montreal, after suing him for spamming Facebook users with sexually explicit messages. Guerbuez hacked into member profiles using phishing tricks to get users to give up their login details. Once in, Guerbuez used the compromised profiles to send out mass messages (4 million) to friends of friends.
My first thought when I heard about this: What if my account had been compromised and, as a result, my boss (and Facebook friend) received messages from my account touting male enhancement pills? That would certainly not be cool, Guerbuez. No poke for you.
One may ask why I would be Facebook friends with my boss — Facebook, the sacred, secret window into my personal life, littered with an assortment of pictures, wall posts and (dare I say it) “bumper stickers?” I keep it clean on my Facebook profile and usually follow the “don’t friend me, I’ll friend you” credo. I have noticed more and more people opting to have two Facebook accounts (although Facebook expressly forbids multiple profiles) – a personal one and a professional one. I have considered this myself but then thought, don’t I have a LinkedIn account for that? Furthermore, if someone searches for someone and finds two Facebook profiles (one with a Sears-style profile picture and one including a tequila shot-athon — both pictures clearly of that person) it may look a bit sketchy. Or smart?
Today, it’s especially important to keep it clean on Facebook – 22% of hiring managers check social networking sites before hiring someone. This number has doubled since 2006 and will continue to increase as an additional 9% of hiring managers plan on screening applicants online in the future. On top of that, 34% of the managers who screen have dropped candidates from their lists based on what was found in their profiles.
Ah, ’tis the season of good cheer – and omens for e-commerce site crashes alike! A retail industry site I’ve grown fond of, Evan Schuman’s StorefrontBacktalk, is predicting chaos in the land of online shopping as a result of rushed IT projects, more customer handoffs for functions like payment and shipping (PayPal, FedEx and the like) and integration with other third parties (Facebook, MySpace) where transactions can run into trouble.
While this is no laughing matter for an industry and an economy hovering on the brink, the site’s editors seem to be rubbing their hands at the prospect of some hot news stories, come the day known as Black Friday.These editors have launched a Twitter feed in which they’ll blast news of any site crashes or slowdowns, which will serve either to vindicate their predictions or, more optimistically, show that the retail engine is all tuned up for the marathon month ahead. So we’ll see – I’ve signed up for the feed and will update this blog as news unfolds (or, doesn’t). In the meantime, here’s something to be thankful for: that your transaction processing, load balancing and Web services aren’t quite so visible to the public eye.