IT Trenches


June 26, 2009  2:56 PM

Did you see this? – Microsoft Offline Virtual Machine Servicing Tool

Troy Tate Profile: Troy Tate

Microsoft has a very large library of Solution Accelerators. These solution accelerators are meant to be detailed guides and toolkits to help organizations be successful in the planning, deployment and management of Microsoft products and technologies.

One accelerator that recently came to my attention is the Offline Virtual Machine Servicing Tool. According to the Microsoft website:

The increasing use of virtual machines—for purposes ranging from support of older operating system environments to power savings—has created new challenges for IT.

In particular, virtual machines may be left offline (stored in a non-operating state) for extended periods of time, which conserves resources when the server capacities of the virtual machines are not needed or frees up physical computing resources for other purposes.

However, offline machines do not automatically receive operating system, antivirus, or application updates that would keep them compliant with current IT policy. An out-of-date virtual machine may pose a risk to the IT environment. If deployed and started, the out-of-date virtual machine might be vulnerable to attack or could be capable of attacking other network resources.

Therefore, IT groups must take measures to ensure that offline virtual machines remain up-to-date and compliant. At present, these measures involve temporarily bringing the virtual machine online, applying the necessary updates, and then storing it again.

In the future, image updating solutions may be able to update virtual machines while they remain offline. Until such solutions become available, the Offline Virtual Machine Servicing Tool, a Solution Accelerator from Microsoft, provides a way to automate the process of updating virtual machines. This tool is now available as a free download from the Microsoft Download Center.

Business Scenarios

You can use this Solution Accelerator to help you with business scenarios such as these:

  • Your IT organization is converting physical servers to virtual machines to reduce costs, including administrative overhead. How can you regularly update offline virtual machines while minimizing administrative costs?
  • Your IT organization has thousands of virtual machines stored for months at a time in a number of libraries. How do you keep the virtual machines reliably up to date?

This tool can be useful to those organizations already managing virtual machines or those considering deployment. Maybe it can make your life a little easier. Why not leave some feedback if you have used or are considering this tool?

Thanks for reading and let’s continue to be good network citizens!

June 25, 2009  3:37 PM

Tips for negotiating a managed services contract – the vendor selection process

Troy Tate Profile: Troy Tate

You have now received back the proposals from the vendors based on the RFP that you built according to the RFP anatomy described previously.

Maybe you forgot the steps before the RFP. You can go back and review:

The first post in this series covered two questions: Where are you? and Where do you want to go?

The second article in the series described the calendar of events or how many shopping days do we have?

This third article in the series covered the actual RFP (request for proposal) anatomy and contents.

This final posting will discuss the vendor selection process – planning for the wedding (or engagement).

Let’s get talking about vendor selection and awarding the contract! Continued »


June 24, 2009  6:24 PM

Did you see this? – SYSTEM CLEANING: GETTING RID OF MALWARE FROM INFECTED PCS

Troy Tate Profile: Troy Tate

I don’t know about you but I do get frustrated when a white paper is advertised and it has little or no meat to it. Most times it seems like the whitepapers offered by vendors today are light marketing fluff with little substance to help IT folks do their job better.

I came across a whitepaper/research document today that will help you do your job better if you manage systems that may become affected by malware. This means anyone that uses a computer could get some use from this document and website.

Check it out today. The whitepaper does not require any registration (another pet peeve of mine – check out bugmenot for Firefox if registrations bug you too!). The whitepaper is titled SYSTEM CLEANING: GETTING
RID OF MALWARE FROM INFECTED PCS
.

Thanks for reading and let’s continue to be good network citizens.


June 24, 2009  2:00 PM

Tips for negotiating a managed services contract – anatomy of an RFP

Troy Tate Profile: Troy Tate

The first post in this series covered two questions: Where are you? and Where do you want to go?

The second article in the series described the calendar of events or how many shopping days do we have?

This third article in the series will cover the actual RFP (request for proposal) anatomy and contents.

The fourth article will discuss the vendor selection process – planning for the wedding.

Hopefully you are now ready to dive into the RFP itself. Continued »


June 15, 2009  8:45 PM

Tips for negotiating a managed services contract – how many shopping days?

Troy Tate Profile: Troy Tate

The first post in this series covered two questions: Where are you? and Where do you want to go?

This second article in the series will describe the calendar of events or how many shopping days do we have?

The third article in the series will cover the actual RFP (request for proposal) anatomy and contents.

Continued »


June 12, 2009  2:29 PM

Tips for negotiating a managed services contract – where are you and where do you want to go?

Troy Tate Profile: Troy Tate

IT is not the first business of a manufacturing company. Nor is it very high on the list. Having said that, a lot of manufacturing (and other organizations) use various managed IT services. I will be writing a short series on how to negotiate managed IT services for your organization.

This first posting starts with two questions. Continued »


May 26, 2009  8:41 PM

Microsoft releases SharePoint Designer 2007 for FREE!

Troy Tate Profile: Troy Tate

SharePoint Designer 2007 is Now Free – Office SharePoint Designer 2007 provides the powerful tools you need to deliver compelling and attractive SharePoint sites and quickly build workflow-enabled applications and reporting tools on the SharePoint platform, all in an IT-managed environment.  You can use SharePoint Designer 2007 to create and deploy interactive solutions on the SharePoint platform, without having to write code.  It also provides the professional-quality design tools you need to create great-looking SharePoint pages that are compatible with a wide range of browsers.  Additionally, site administrators and IT managers can control exactly how SharePoint Designer 2007 is used to help ensure information workers have a managed and controlled experience.

If you are interested in learning more about SharePoint Designer 2007, please be sure to check out:

·         Microsoft Office Sharepoint Designer 2007 Product Overview

·         SharePoint Designer demos

·         SharePoint Designer webcasts

·         Help for SharePoint Designer 2007

·         Future direction of Sharepoint Designer 2007:  video

  Bookmark and Share     0 Comments     RSS Feed     Email a friend


May 26, 2009  7:34 PM

Repetition is one of the keys of learning

Troy Tate Profile: Troy Tate

I recently posted an update about Laura Chappell’s Chappell University Online seminars. I attended one of these seminars today. What a great experience! I always try to attend Laura’s events and always pickup a tidbit that makes my life as a network manager easier. She gives you information about tools you can use to fight the battle of “the network is down”. Most of the time the network is behaving as designed. It’s poorly written applications or too high user expectations that create issues. So, if you want be the expert on fighting the network is “bad” syndrome – check out Laura’s presentations – I did and I learned something new… Continued »


May 22, 2009  6:03 PM

Strong passwords? Try this test

Troy Tate Profile: Troy Tate

Passwords are the bane of security but currently and historically the primary authentication method for users. Check out this article by Roger Grimes and see how your password policy stacks up using the Excel spreadsheet tool he provides for download. You can use the to convince management how weak your password policy really is.

Test the strength of your password policy

Roger Grimes presents a useful tool for figuring out how susceptible your network might be to a password-cracking attack

Thanks for reading & let’s continue to be good network citizens.


May 22, 2009  3:24 PM

The Center for Internet Security defines security metrics

Troy Tate Profile: Troy Tate

As an information security manager I am always struggling with how to measure the security posture of my organization. As they say, you can’t manage what you can’t measure. There’s lots of talk out there about ROI (Return on Investment) or ROSI (Return on Security Investment). These may be business numbers for the bean counters but what do these really mean to the security posture of the organization.

The CIS worked with over 100 team members from government, private and academic organizations to design a set of metrics designed to measure security processes and outcomes. The list below shows some of the business functions covered by the current suggested list of metrics.

  • Application Security
    • Number of Applications
    • Percentage of Critical Applications
    • Risk Assessment Coverage
    • Security Testing Coverage
  • Configuration Change Management
    • Mean-Time to Complete Changes
    • Percent of Changes with Security Review
    • Percent of Changes with Security Exceptions
  • Financial
    • Information Security Budget as % of IT Budget
    • Information Security Budget Allocation
  • Incident Management
    • Mean-Time to Incident Discovery
    • Incident Rate
    • Percentage of Incidents Detected by Internal Controls
    • Mean-Time Between Security Incidents
    • Mean-Time to Recovery
  • Patch Management
    • Patch Policy Compliance
    • Patch Management Coverage
    • Mean-Time to Patch
  • Vulnerability Management
    • Vulnerability Scan Coverage
    • Percent of Systems Without Known Severe Vulnerabilities
    • Mean-Time to Mitigate Vulnerabilities
    • Number of Known Vulnerability Instances

Take some time and visit the CIS metrics page or download the consensus security metrics (registration required). You may find some useful tools in building and supporting an information security program for your organization.

Thanks for reading & let’s continue to be good network citizens.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: