First it was Citrix, Now its VMware - the only common ground is Intel

Last month we reported on the breaking news that Citrix were working on a on exclusive project with Intel for Offline VDI called "Project Independence", the full article can be found here.

Well not to be outdone VMware at VMworld Europe have announced a similar project with Intel also to deliver their bare-metal client Hypervisor, codenamed CVP (Client Virtualisation Platform). Strangely the technology features and benefits are nearly identical to that of Project Independence.

To date AMD has been very quiet, and I wonder if something is on the cards here also, surely it would make perfect sense to penetrate as much of the market as possible?

Citrix XenApp 5 Feature Pack

Yesterday Citrix announced a Feature Pack for XenApp 5  

On the surface it looks like there are no new features but Citrix is changing the features included within each versions (Advanced, Enterprise and Platinum)

Taken from an official Citrix Blog from Sridhar and Vinny the feature breakdown in each edition is highlighted below

	Advanced	Enterprise	Platinum
Citrix XenServer	X	X	X
Application streaming	X	X	X
EasyCall voice services	X	X	X
Workflow Studio orchestration	X	X	X
Load testing services		X	X
Profile management		X	X
Provisioning services			X
Single sign-on			X

Some of the interesting things to note about this are the following:

XenServer is now free for everyone

Application Streaming is available to all editions to the local desktop also - so can be taken offline.

Profile Management is included with what was from the OEM agreement with Sepago, Dataplex would still recommend the utilisation of Appsense UEM for the management of profiles and personalistion due to the scalability and enterprise capability of the product.

Provisioning server is now included for XenApp server image streaming

EasyCall is now included with Advanced Edition which is a nice product if you have a SIP compliant phone system

Single Sign on has changed to allow offline usage and not just for XenApp sessions.

Citrix Confirm free XenServer Rumours

Citrix today confirmed that a new version of XenServer will be free to the masses. The features that are included are:

• Powerful Centralized Management enables full multi-node management for an unlimited number of servers and virtual machines; includes easy physical-to-virtual and virtual-to-virtual conversion tools, centralized configuration management and a resilient distributed management architecture
• Live Motion and Multi-Server Resource Sharing incorporates powerful XenMotion™ technology that allows virtual machines to be moved from server to server without service interruption for zero downtime; also includes optimal initial virtual machine placement and intelligent maintenance mode
• Proven Hypervisor Engine powered by the 64-bit industry standard Xen open source hypervisor developed jointly by more than 50 leading technology vendors, enabling users take full advantage of the latest performance, security and scalability enhancements in next-generation servers, operating systems and microprocessors
• Fast Bare Metal Performance supports an unlimited number of servers and virtual machines with industry-leading consolidation ratios, near native performance on the most challenging application workloads, and virtually zero overhead in both Microsoft Windows® and Linux environments
• Easy Setup and Administration features familiar interface with easy wizard-driven configuration, intuitive Web 2.0 style search, and built-in auto-help that makes the learning curve for new administrators a snap
• Integrated Storage Management that supports any existing storage system; includes built-in storage management features such as host-based logical volume management, and dynamic multi-pathing capabilities

To provide features such as HA Citrix Essentials needs to be purchased.

The features of Native XenServer and XenServer with Essentials are:


More information on the product set can be found here

Citrix to release XenServer for Free

Rumour has it that next week (Feb 23), during the VMware VMworld Europe 2009 conference, Citrix will give away for free its XenServer hypervisor.

There is no reference to a scaled down version of XenServer. It is reported that the Enterprise Edition with all its features will become free.

How to choose an Encryption Solution

Security is a necessary evil like it or love it, it's here to stay!  How you deliver security to your business depends on your adversity to risk and the nature of your business.  Encryption is ever more on the minds of security officers within most organisations but does not necessarily need to be the mine field vendors make it out to be.

In years gone by strong firewall solutions and anti virus used to suffice for many organisations, but with the threat of confidential data loss distributed through our USB storage devices this is no longer enough to protect a companies IP.

Before choosing any encryption solution, it is essential to clarify exactly what the encryption is needed for to specify and classify the data that needs to be protected. 

While it is easy to think that encryption is simply encryption, (after all it is bundled on Vista through Bit Locker so available to the masses), there are big differences in the solutions available on the market; and of course the most suitable method will depend on your requirements.  A critical factor for enterprise systems is the ability to encrypt data automatically and seamlessly, without user interaction.

Hard drive encryption

The most type of data encryption is hard drive encryption, with the most common uses applied to notebooks.  Examples of this technology are found from McAfee, Sophos and Microsoft.  Uses can gain access to the hard drive and ultimately data through a pre boot password (PBA) which can also be integrated with 2 Factor Authentication.  

This is the simplest form of data encryption with the laptop rendered useless without the password.

Container encryption

An encrypted container is a virtual drive that automatically encrypts all of the data stored in it. Only the owner of the proper key is able to open the container and decrypt the data. For the authorised user, the virtual drive looks just like a partitioned drive.  Technically a contained is an encrypted file for one user, which means that users need to be aware of the file to save their data too - not too much of a concern if you have the right policy lock downs and re directions in place on the notebook 

File and folder encryption

These solutions make use of the existing folder structure on file servers or local hard drives, so that the network administration does not have to be interfered with. Also, standard processes such as automated backups are not affected. The only difference is that the files written to backup are encrypted.

So you need encryption - right?

Don't be put off by vendors pushing encryption jargon, algorithms and complex password as this can be very confusing.  The most effective way to establish a security policy and ultimately encryption solution is to keep it simple - it effects all users so has to be treated as important as a desktop refresh or application roll out.  If it is implemented without planning then it will be removed just as quick as it was implemented.

Key areas to consider when looking at encryption solutions are:

• End user impact
• Simplified administration
• Support for departmentals
• Emergency recovery in case of a key loss
  

What really matters is the product’s suitability for daily use. It is not just a commodity or cost factor but also a very important aspect of security.

Want to discuss your security concerns, contact Dataplex here

Conficker worm infects more than a million PCs

At least one million PCs, perhaps as many as 10 million have been infected.  By comparison, the Storm worm that spread via spam messages in 2007 is believed to have peaked at about 1 million botted PCs.

Conficker is a  two action worm: it spreads itself, and then it prevents infected PCs from being cleaned up. Once infected, the worm searches out servers and executes a brute force password breaking program. It also spreads itself to any shared hard drives.  It also makes a copy of itself on any device plugged into a USB port, such as any thumb drives, music players, or digital cameras. When that infected device is later plugged into another PC, it infects that machine, which then begins to similarly spread more infections.

What makes Conficker so difficult to stop is that at least once a day, each infected machine tries to connect sequentially with a list of 250 Internet domains for further instructions. Each day this list of 250 domains -- each one a potential command and control server-- changes.  Security vendors have  figured out the simple algorithm being used to derive this daily list. 

Kaspersky, F-Secure, Secureworks and Sophos  have begun registering some domains to cut off the bad guys from sending instructions via those domains.

DataCore's Storage Virtualisation and Business Continuity Software Solutions are VMware Ready Certified

DataCore Software, the leading provider of storage virtualisation solutions, today announced that its SANmelody(TM) and SANsymphony(TM) storage virtualisation solutions are now VMware Ready Certified(TM). "This certification assures resellers, joint customers and prospects of both companies of compatibility and interoperability with the latest features of VMware Infrastructure," said James Price, vice president of product and channel marketing, DataCore Software. "DataCore's VMware Ready(TM) certification underscores our commitment to maintaining and expanding the most comprehensive business continuity and disaster recovery solutions in the industry."

The VMware Ready Certified(tm) logo program recognizes VMware partner products that have been certified by VMware to work with VMware's products, making it easy for customers to identify solutions that can be used with confidence in VMware environments. DataCore's VMware Ready Certified(tm) storage virtualisation solutions provide radically simple High-Availability for VMware customers.

This is a great announcement from both Datacore and VMware and once again Dataplex are well placed to deliver end-to-end solutions from both manufacturers, providing highly available solutions at a vastly reduced cost.

VMware vCenter Server module: Heartbeat

The upcoming vCenter Server Heartbeat will be announced on Feb 24.

SearchServerVirtualization is reporting that the new module will implement a hot-standby achitecture, monitoring sever and network hardware, as well as the vCenter application instance itself.
Hearbeat can either restart the application or fail-over it through LAN or WAN.

Heartbeat is not developed by VMware. The name of the partner that is providing this solution will be unveiled at VMworld.

Whoever is the partner (SSV speculates on NeverFail Group) it only supports Windows installations and uses Microsoft SQL Sever as backend database.

HP unveils blade PCs and Citrix virtualization bundle

HP is unveiling the fourth generation of its blade PC line and bundling the devices with Citrix XenDesktop 3 virtualisation software.

The HP BladeSystem bc2800 and bc2200, due out in March, sit inside the data center letting users connect to them from any location and device, whether it be a thin client, laptop or regular desktop. Unlike a virtual desktop infrastructure (VDI) model in which multiple virtual machines are contained on a single server, each blade PC can only serve one user at a time. But 280 of them can fit into a single rack, and client virtualisation software helps deliver benefits related to security, availability, management and flexibility, according to HP. 

The HP bc2200 uses a single-core AMD Athlon 64 processor, while the bc2800 is based on a dual-core AMD Turion processor. Both blades are preinstalled with Windows Vista Business edition and support additional Windows operating systems and Linux. 

Symantec to Deliver Cloud based Backup Services

Symantec will begin offering an online storage service targeted at consumers by the end of next month.

The product is based on technology the company acquired with SwapDrive Inc. in June for US$124 million.

Symantec already offers 2GB of online storage for free with its Norton 360 security suite; additional allotments of 5GB, 10GB and 25GB per year can be purchased for $29.99, $49.99 and $69.99, respectively.

Symantec joins EMC on the consumer cloud storage front. EMC acquired Mozy in 2007 and released its first software-as-a-service storage application in January 2008.

HP releases its first LeftHand iSCSI SAN

HP is going to market with a SAS Starter SAN, the first new iSCSI SAN system from its $360 million acquisition of LeftHand Networks Inc. last year.

HP's plan for LeftHand is to sell its SAN/iQ software exclusively with HP server hardware. The SAS Starter SAN comes in a two-node configuration based on the HP ProLiant DL185 server chassis with 4.8 TB of 15,000 rpm SAS disk drives for approximately $35,000.

In addition, HP has increased up the LeftHand SATA Starter SAN starting configuration from 9 TB capacity to 12 TB, while keeping the $30,000 starting price. It will also continue to carry the Multi-Site SAN and Virtual SAN Appliance (VSA) from LeftHand's lineup.

For more on HPs Storage Virtualisation vision please click here.

Dataplex are an HP Virtualisation Specialist Partner.

Does FCoE spell the end for iSCSI?

Fibre Channel over Ethernet is coming along with some of the same benefits that have made iSCSI a success.

iSCSI has gained market share over recent years as organisations look for enterprise SAN solutions with a reduced price tag. Now, vendors are announcing a new wave of Fibre Channel products based on a new standard called Fibre Channel over Ethernet (FCoE) that, like iSCSI, rides on Ethernet.

While iSCSI is a robust solution, when it comes to throughput and performance, the technology does not compare what can be accomplished with today's Fibre Channel products. iSCSI is completely reliant on TCP/IP to handle transport needs, which introduces processing overhead into the storage equation as discussed here.

With an FCoE infrastructure in place, native Fibre Channel protocols will ride on an Ethernet-based backbone, with the ability to achiev speeds of up to 10 Gbps. Further, FCoE doesn't use TCP/IP; the protocol continues to use native Fibre Channel to communicate, although some modifications have been made in order for Fibre Channel to support Ethernet.

The Ethernet involved isn't the same Ethernet you're using for client and server connectivity; FCoE will rely on what some are calling "Enhanced Ethernet". This means combining disparate cabling from Ethernet, Infiniband and Fibre Channel.

I suspect initially that this technology will be adopted by organisations already versed with FC technology.

Fiber Channel or iSCSI - The age old question!

Fibre Channel technology has been around since the mid-1980s and was a ratified standard in 1994. 

Fibre Channel SANs are generally more reliable than iSCSI SANs. F/C networks are in comparison to TCP/IP relatively small, this isolation reduces areas security risks and hardware failures.  By combining IP and storage traffic (iSCSI) unless properly segmented could mean that your mission critical storage traffic (VMware VMotion for example) is routed next to none critical requests to facebook for example.

Another area to consider is the reliability of F/C which by its very nature delivers fixed length frames in the order they were sent with a strong level of error checking.  iSCSI in comparison is delivered over TCP/IP which was designed to operate over unreliable networks which means an overhead on resubmissions and reassembly of IP packets.  As I/O workloads increase, so does the amount of data that must be temporarily written to memory. 

Fibre Channel performance needs to be considered against iSCSI, for a long time Ethernet has only be run at 1GB speeds. Recently 10 GB was released and has been gaining momentum. However this is new technology and still has a nice price tag associated with it.

F/C has numerous connectivity options from 1GB to 8GB fibre switches, each host requires a F/C HBA to offload the storage processing from the servers CPU.  iSCSI HBAs can be either software with standard NICs or specific iSCSI HBA hardware. Should you opt for the software option then this will place overhead on the CPU of the server and the dedicated hardware HBAs are not to dissimialr in cost to F/C HBA.

So roll on FCoE....

Citrix with their head in the cloud - The Amazon Cloud!

Amazon's EC2 offers Windows based VM's and Citrix has uploaded a pre-configured image of XenApp5 on 2003 server. So for a per cent charge rate for multiple metrics (Storage, Network, Capacity) you can have a highly available Citrix environment.

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides re-sizable compute capacity in the cloud, it's basically a system where you can rent (Xen-based) virtual machines by the hour, and you only pay for what you actually use.

The template image from Citrix has XenApp 5 pre-installed, along with the two-user developer license key. It also has a desktop, a browser, and WordPad all pre-published so you can start playing with it immediately.

The community Citrix blog details more here.

A quick walk through video is here.

5 Quick steps and you have a XenApp lab - lets see where this one goes

Google Sync pushes contacts, calendars to phones

On Monday (09/02/2009) mobile phone users, including those with Apple's iPhone, got a new way to sync and access information from the cloud. Called Google Sync, the new service lets you sync up both calendars and contacts from a specified Google account and will send changes over the air--both ways.

The service uses Microsoft Exchange's ActiveSync protocol to get the job done, and because of this can actively push changes as soon as they're made. Previously the only way to get this kind of near-instantaneous change was to sync up an existing Exchange account with Outlook using Google's other synchronization utility, Google Calendar Sync.

Cisco Nexus 1000V will arrive in H1 2009

One of the biggest enhancements expected with the next version of VMware Infrastructure (possibly called vSphere 4.0) is the new pluggable virtual infrastructure, which will allow customers to replace the standard VMNet virtual switch with 3rd party software switches.

Highlights of the switch are:

• The Nexus 1000V software on the physical server acts like a line card of a modular switch, described as a VEM (virtual ethernet module)
• The Nexus 1000V VEM is a direct replacement of the VMWare vSwitch function
• The Nexus 1000V VSM (virtual supervisor module) acts like the supervisor engine of a modular switch
• One Nexus 1000V VSM instance manages a single ESX cluster of up to 64 physical servers
• The form factor of Nexus 1000V VSM can be a physical appliance or a virtual machine
• The network administrator manages the Cisco Nexus 1000V (from the VSM) as a single distributed virtual switch for the entire ESX cluster
• Each virtual machine connects to its own Virtual Ethernet (vEthernet) port on the Nexus 1000V providing the network administrator traffic visibility and policy control on a per virtual machine basis. Virtual machines can now be managed like physical servers in terms of their network connectivity

The architecture of this can be seen below:

Citrix releases Powershell SnapIn for XenServer

Last week Citrix validated Powershell once again by releasing its Powershell SnapIn for XenServer.

Ewan Mellor, Principal Software Engineer at Citrix, posted some basic examples of what can be done with the Microsoft scripting language on XenServer.

Microsoft Works on Hyper-V Security

Microsoft is preparing a new key document for its virtualiation customers: the Hyper-V Security Guide.

The document is divided in three chapters:

• Hardening Hyper-V
• Virtual machine management and delegation
• Protecting virtual machines

The Hyper-V Security Guide is now in (public) beta testing so anybody can enroll for the program and download it here.

Citrix Releases XenDesktop 3

Citrix just announced the release and immediate availability of Version 3 of XenDesktop. XenDesktop 3 has several new features, including:

• Support for SpeedScreen multimedia redirection via ICA.
• Tweaks to how XenServer and XenDesktop interact, increasing the number of VMs you can run on a single physical server.
• OS streaming support (Citrix Provisioning Server) to physical desktops (in addition to virtual desktops in the datacenter).
• User Profile Manager v2
• Smart card support.
• Support for the same kinds of USB devices as XenApp.
• New branding element called HD-X (High-def Xen).

XenDesktop 3 includes new HDX technology that ensures users get a “high definition user experience” on any device over any network. HDX MediaStream technology provides users with seamless multimedia playback by leveraging the local endpoint device to render the new video and audio. XenDesktop 3 also adds HDX Plug-n-Play capabilities to enable users to easily connect a wide variety of USB peripherals to their hosted virtual desktops. These enhanced capabilities utilize existing infrastructure, without the need for proprietary chipsets or specialized hardware.

More can be found here

Product editions are here

VMware reacts to the Virtual Reality Check benchmarks

Ruben Spruijt (Solution Architect and CTO at PQR) and Jeroen van de Kamp (Enterprise Architect and CTO at Login Consultants), a couple of well-known and respected virtualisation experts that lead two separate Citrix and VMware solutions provider, have recently published their none sponsored benchmarks for XenApp performance in a virtual environment.

Their Virtual Reality Check project is a performance analysis of the leading hypervisors (VMware ESX, Citrix XenServer and Microsoft Hyper-V) when running typical Microsoft Terminal Services/Citrix XenApp workloads: a Windows XP virtual desktop loaded with Outlook 2007 and Acrobat Reader 8.

Some of their feedback was as follows:

"Not having the ability to overcommit virtual machine memory is an clear disadvantage when 
virtualizing desktops. Such a feature allows much more VM’s to be run than physical memory 
normally would allow, which makes a virtual desktop solution much more economical."

"XenServer is clearly optimized for Terminal Server and XenApp workloads, achieving near bare metal performance and even higher user densities than bare-metal configurations. This is possible because 32-bit 2003 terminal server with 4GB memory is relatively very efficient in comparison to other Windows operating systems."

While Microsoft didn’t comment , VMware immediately reacted: the company’s performance team published a new benchmark just few days (Jan 30) after the project Virtual Reality Check was announced (Jan 26).

"The VMware performance study compares XenServer 5.0 and ESX 3.5.0 Update 3 performance when running Citrix XenApp workloads and highlights some odd results compared to what Virtual Reality Check exposed:

ESX supports about 13% more users than XenServer at a given latency while using less CPU."

Simon Crosby, the CTO of Virtualization and Management division at Citrix, provides a possible read:the VMware "study" is not a thorough exploration of a valid set of parameters for the Terminal Services / XenApp workload.

I guess the war is just getting started and it will be interesting to see where this one goes.

NetApp discontinues SMB storage appliance

NetApp is removing StoreVault from its portfolio, StoreVault is a network storage appliance designed for small and midsize businesses. While NetApp will not provide any further product upgrades for StoreVault, which had recently been renamed the S Family/S550, NetApp will continue supporting the product for three more years.

NetApp is removing the low-end storage array to focus its efforts on midsize enterprises and large companies. This means that going forward NetApp will design products only for businesses that have at least 100 employees and at least one dedicated IT professional. 

"We will focus our efforts on building out our award-winning FAS2000 series by launching the new FAS2020 product bundles that are geared specifically for the MSE [mid-sized enterprise market. These bundles will provide MSE customers with enterprise level performance at a mid-market price along with easier ordering options."  

Data Breaches bad for the bottom line and customers

A study by the Ponemon Institute found the average cost of data breaches (detection to notification) is rising. The highest cost is that of lost business through lost confidence, which accounts for 69% of total costs.

Data breaches are not just a line item that can be easily accounted for, the key expense is lost business opportunities and a companies IP.

According to its survey, which was sponsored by PGP, the average cost of a data breach from detection to notification and response was $202 per record in 2008. That’s an increase from $197 per record in 2007.

According to the study, lost business accounted for 69 percent of data breach costs in 2008, up from 65 percent in 2007 and 54 percent in 2006.

Like previous studies, Ponemon reported that most breaches were not due to hackers, but negligence of insiders.  Third-party breaches tended to cost $52 more per record, averaging $231.

Once a breach happened, enterprises tended to invest in training and pursue encryption.

Organisations that have had a security breach seem to follow a similar pattern, the first thing they seem to do is they implement manual procedures and training, which makes sense given that so many of these breaches are caused by a negligent insider,” said Larry Ponemon, chairman of the institute. “But from a technology perspective it appears that the most frequently used technology after a breach is encryption and a more holistic and strategic use of encryption seems to be implied by our researcher findings.”

Should you need advice on data security and encryption please contact us on 0845 260 5757 or email us.

Microsoft to Release Windows 7 on October 3

It looks like Microsoft could be gearing up to release the successor to Vista in October of this year.

A recent report close to Microsoft has revealed that Microsoft would release the RTM version of Windows 7 on October 3, 2009. 

This means that there will be no Beta 2 release of Windows 7 and would be the first time that Microsoft has skipped a second beta release.

One reason for Microsoft to release Windows 7 sooner is to minimize the bad press and take up of Vista, which proved to be a letdown in terms of both commercial success and of popularity among users. Among all Windows versions, Vista has been the most criticised operating system that Microsoft has ever released.

Google GDrive More than Hype?...

There is rumour and speculation all over the internet at the moment regarding Google GDrive which is Googles new online storage offerings, the service would apparently be bundled with Google Pack, the company’s software download offering that includes products such as Chrome and Norton Security Scan.

Information leaked on the web outlines Google’s GDrive ambitions: “GDrive provides reliable storage for all of your files, including photos, music and documents. GDrive allows you to access your files from anywhere, anytime, and from any device - be it from your desktop, web browser or cellular phone.” This sounds very similar to Microsoft’s Skydrive and Live Mesh offerings and could be going toe-to-toe.

Could this be a challenge to Microsoft Skydrive and ultimately Sharepoint, this could be a reason why Microsoft are working on BPOS with a view to roll with it in early Q2 at a very aggressive price. No doubt this will be leading to some linked in services with Microsoft Azure.

For those of you not sure about Azure, it was announced in October 2008, and looks promising long term. Microsoft are ramping up their existing and new build datacentres to support this cloud/grid architecture.

Microsoft has been buying tonnes of Dell Servers which they will host and managed themselves, on which they will run a unique hypervisor "Windows Azure Hypervisor" this is not Hyper-V and rumour has it this is running a custom version of Xen in a grid architecture. This is a SaaS offering from Microsoft and a developers delight.