Hilton has been operating as a Humanist Chaplain for some time and really likes being able to help people using evidence-based processes. HiltonT has been in the IT industry for quite a while now and was selected by Microsoft as their SBSC PAL in 2008-9, representing Australian SMB IT providers to Microsoft. This Blog is his outlet for his thoughts and feelings about life in general (including the IT industry). Some is good, some is bad, but all in all, its his viewpoint. Enjoy!
Sunday, August 31, 2008
ANZ-SBSC
We don't have access to the list of Australian nor New Zealand SBSCs due to Privacy legislation, so all we can do is keep asking for people to join so contact can be made and the community can be strengthened through discussions on the mailing list.
Regards,
The Outspoken Wookie
Saturday, August 30, 2008
APC SBSC Meeting
So, on Wednesday afternoon, a group of us sat down with Inese and Kathryn and discussed a number of issues. The main issues raised were as follows:
- the PAMs are about as interested in talking to a Certified/Gold Partner who focuses in the SMB market as a fish is interested in learning to ride a bicycle
- the dire lack of real content at the APC (and also the WPC). A few sessions were good, the rest was Groundhog Day (actually, a fairly contentless Groundhog Day)
- the SBSC program up until now has been basically worthless and this needs to change
- what ever happened to the Partner Roadshows - they at least showed that Microsoft cared somewhat about their partner channel
Well we're going to have to keep raising these issues with Microsoft until we get sick of it and either move to an Apple/Linux world for ourselves and our clients, we get tired of it and give in, or until we see some progress. I have no intention of giving in at all and will keep trying until I see some progress (and then keep going until Microsoft is continuing down the right paths)!
Now, those of us who were involved in this meeting who are going to the WESS Pre-Day at Tech Ed have been invited to a follow-up meeting to discuss progress on these issues. Hear that - to discuss progress. That means we're going to be finding out how far Microsoft Australia has managed to move in the last 3 weeks. I don't care if it is a femtometer, as long as there's been some forward progress then I'll be happy to know that we're actually making some positive changes in at Microsoft Australia.
So, as your SBSC PAL, I've been tying to bring to Microsoft Australia the issues that I've been hearing from you. I have another 10 months to keep doing this and I hope not only to keep hearing from you (and more of you than I currently hear from - there's about 500 SBSCs here in Australia and a whole 15 or so have responded to my requests for information and input - quite a dismal and underwhelming rate) about what issues you're having with the SBSC program, but I also hope to make some headway in making the program relevant to the SBSCs ourselves as well as our SMB marketplace. I also intend to try and make some headway in at Microsoft Licensing, Microsoft Virtualization and Microsoft Media Centre so that these products can all be improved generally, and especially for the SMB market.
I will post again with the results of the follow-up meeting. I hope to post a positive review of that meeting.
Regards,
The Outspoken Wookie
Password Related Vulnerabilities
There have been a number of vulnerabilities announced recently by iViZ that affect a number of products. These issues are either motherboard BIOS password bypass vulnerabilities, boot loader security model password vulnerabilities (using similar techniques) or disk encryption password vulnerabilities.
The worst reaction to these vulnerabilities was, unfortunately, from the Open Source Software product TrueCrypt (that I know a number of us use), however they have addressed these vulnerabilities in their latest release. A number of vendors have acknowledged these vulnerabilities and are working on fixes. Some have already been fixed.
So, if you use a motherboard, a boot loader or a disk encryption product, please have a look at this site and see if your and/or your clients’ systems may be affected by these issues.
Regards,
The Outspoken Wookie
Wednesday, August 27, 2008
Feedin' Time
So, when I came home from the VMWare User Group tonight (a presentation by Quest Software about their VDI offerings) I found the yellower of the Jungles all ready to feed, so I thawed out a pinkie and it was snapped up without a second thought. Woohoo! :) Now, I did the same to the paler of the Jungles and after a bit of coaxing, the pinkie was accepted. Excellent! :)
Now, I have the Bredli in the large vivarium with a heat mat under the lid of the hide and all seems good - he's been wandering around the viv, exploring, and spending time both on and in the hide as well as elsewhere. All looks good there. He'll easily be right to wait until after I get back from the SBS Pre-Day at Tech Ed.au in Sydney on Monday and Tuesday of next week and the Aged Care IT conference in Melbourne on Wednesday and Thursday next week.
Now, I have to make a decision quickly about SMB Nation '08/STS-125 as time's running out...
Regards,
The Outspoken Wookie
Tuesday, August 26, 2008
Should I Be Concerned?
OK, so the yearlings are about 60 cm long or so and the Bredli is about 1 m long. I've got a while yet before they decide to eat me.
Phew!
Regards,
The Outspoken Wookie
Sunday, August 24, 2008
Trend Micro Products Web Management Authentication Bypass
- Trend Micro OfficeScan 7.0
- Trend Micro OfficeScan 7.3
- Trend Micro OfficeScan 8.0
- Worry-Free Business Security 5.0
- Trend Micro Client/Server/Messaging Suite 3.5
- Trend Micro Client/Server/Messaging Suite 3.6
NOTE: Other versions may also be affected.
The severity rating of this vulnerability is "Moderately critical" because of the possibility for Trend's security to be bypassed from a compromised system on the local network.
Regards,
The Outspoken Wookie
MFP Insecurity Woes...
We ensure that we securely wipe client hard drives before handing them on - to the point of dismantling the drives and shattering the platters where sensitive personal or secure information is concerned. We lock down our networks with firewalls. We run antimalware applications. We limit administrator rights to desktops. We employ NTFS security on files and folders. Do we look at the information on MFPs (Multi-Function Printers) before we pass them on to others?
Apparently a number of companies don't. Dick Morrell, a well known UK security bod has done some testing of this himself with the results which can be found here.
A little thinking outside the square here, but as the people responsible for our clients' data (in many circumstances), we need to do that. We need to think ahead and think like security people not network people. Unfortunately, this is not something that comes naturally to a lot of people. It is something we all need to work on in the SMB IT industry.
Regards,
The Outspoken Wookie
Fedora Servers Breached
More information can be found at http://blogs.securiteam.com/index.php/archives/1130 and https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html.
Regards,
The Outspoken Wookie
Where Will You Be October 4th?
MarketPlace Expo SOLD OUT!
Seattle, WA – August 22, 2008 - Boasting a completely sold out tradeshow hall and host hotel, SMB Nation 2008 will hold a Small Business Server 2008 (SBS) and Essential Business Server (EBS) LAUNCH PARTY on the Saturday night of its October 4-6, 2008 annual conference in Seattle. A 58’ Hatteras yacht will be christened the M.V. SBS 2008 on the pier at the party.
“With the SBS 2008 release-to-manufacturing (RTM) yesterday, we are thrilled to be timed perfectly for the SBS 2008 and EBS 2008 products debut and look forward to toasting its great success,” said Harry Brelsford, founder and CEO of the 20,000 member SMB Nation. “Our conference is uniquely positioned to motivate and educate the small and medium business (SMB) technology consultant, channel partner and computer guy and gal!”
SMB Nation 2008 appears to be outperforming similar technology events with the complete sellout of the MarketPlace Expo tradeshow hall and with attendance figures ahead of last year. “We believe the 600+ attendees will be treated to a unique educational experience and BE THERE for the start for the next generation of SBS and the first release of EBS!” Brelsford added. Over three busy days and nights, attendees will select from three (3) academic tracks including BusinessSpeak, GeekSpeak and “How To” that provide bona fide content without “being sold to.” SMB Nation 2008 has even added a “Speakers Behaving Badly” hotline where attendees can report any speaker from the 40+ content sessions that make commercial statements to insure the most pure attendee experience possible. “We want to avoid the wolf in sheep clothing phenomena,” emphasized Brelsford.
Sponsors and attendees will meet in the spacious Bell Harbor Conference Center. “At a time when similar technology shows are behind plan, we are ahead of plan” said Brelsford. “We believe this underscores the strength of the SMB segment and the optimism our sponsors have about the SBS 2008 and EBS 2008 opportunity.” Intel and Trend Micro are the platinum sponsors leading the event followed by HP and Microsoft. Gold sponsors include Autotask, CMIT Solutions, Aastra, SonicWall and Labtech. Silver sponsors include D&H, The Planet, Connectwise, Citrix, N-able, Reflexion, Tigerpaw Software, Nero, 19Marketplace, Symantec, StorageCraft, Acronis, Calyptix, MaxSP, Doyenz, EMC Retrospect, Quanta\Syspine, Zenith Infotech, Linked In, Backup Assist, CRU DataPort and WatchGuard. Bronze sponsors include Netgear, Untangle, CTL Computers, Level Platforms (LPI), MSP Partners, Linksys by Cisco, Comcast, Diskeeper, Expetec, New Global Telecom (NGT), Pronto Marketing, eFolder, CoreConnex, Highly Reliable Systems, SMB Books & Results Software, Technology Marketing Toolkit, Napera Networks, Independent Computer Consultants Association (ICCA) and Integrated mar.com.
Attendees can expect a high-quality conference with content that has been rigorously scrutinized by esteemed industry conference chairs (Dana Epp, Mikael Nystrom, Curt Hicks and Joe Moore). That has resulted in outstanding speaker selections such as Jeff Middleton, Susan Bradley, Ramon Ray and Amy Babinchak and popular topics such as How to Sell Your SBS\SMB Consulting Practice and Security in SBS 2008.
“So the last question is this. Where will you be October 4-6, 2008?” concluded Brelsford. Attendees can learn more and register at http://www.smbnation.com/.
About SMB Nation
Founded ten years ago by Small Business Server author Harry Brelsford, Bainbridge Island, Washington-based SMB Nation supports small and medium business technology consultants to improve their business and technical skills with publications (books, SMB PC magazine) and events (SMB Nation conferences and workshops). SMB Nation boasts worldwide tribal membership in 30+ countries exceeding 20,000 consultants, resellers, VARs\VAPs and channel partners. Harry Brelsford is a Microsoft Small Business Specialist (SBSC) and holds an MBA from the University of Denver in addition to MCSE, MCT, MCP, CNE, CLSE and CNP certifications.
Contact:
Harry Brelsford
CEO, SMB Nation
206-915-3072
harryb@smbnation.com
Friday, August 22, 2008
Microsoft to support VMWare under SVVP
Now, this is great news for SBS 2008 users in particular because of one serious oversight by the Hyper-V team. As most virtualization users are aware, Microsoft Virtual PC and Virtual Server cannot present USB devices natively to guest environments whereas VMWare Workstation and VMWare Server both are able to do this. Now, move to true Hypervisor virtualization and VMWare ESXi and ESX both allow you to see USB devices attached to the host. Hyper-V does not.
The issue here with SBS 2008 is that the SBS team decided to support only USB devices as SBS 2008 backup destinations. This means that this cannot work properly in a Hyper-V environment. Big oops there! At least the SBS Team listened to the logic of their beta testers and changed this so that they will natively support USB, but also allow you to use another device with a drive letter (unfortunately, not a UNC path which would have made the most sense). This is still an issue as you are not able to write to a device that is "shared" from the Hyper-V instance as this will breach the "Host+Hyper-V can only be used to host guests, not provide any other services such as DHCP, DNS, AD, File & Print Sharing, etc" restriction that is in the $28 Core+Hyper-V product and also Windows Server 2008 Standard.
So, with VMWare now being added to the SVVP list of vendors, if (and assuming) ESXi is a product that is validated, this means that SMBs will be able to run ESXi as their Hypervisor, SBS 2008 inside that, have USB devices plugged into the server presented to the SBS instance and have this fully supported by Microsoft.
Isn't it a shame Microsoft failed to get Hyper-V right?
Regards,
The Outspoken Wookie
SBS 2008 will RTM today
We are very excited to announce the RTM of Small Business Server 2008 today!
This is a huge milestone for the team here, as well as all of you who have
played a pivotal role in providing feedback on this product. We on the product
team want to say "THANK YOU!" for the hours you've spent installing builds,
discussing issues on the newsgroups, and filing all of those bugs we love! The
SBS Community CANNOT be topped, and this release is just another example of
that!
Volume Licensing product should be available around early October 2008 with the official launch being on November 12.
Regards,
The Outspoken Wookie
Monday, August 18, 2008
Jungle Pythons
The vivarium isn't as ready as I'd like it to be - I've not installed the plastic tubing in which I'll have the LED lights, but aside from that, it is pretty much ready to go. I've got the synthetic turf sections cut and installed (and a spare pair for when I need to clean the viv out), the heat mat for the top level where I want the heat and the water bowl all sorted. I've also got to get a bit more newspaper for under the turf (I'm not a newspaper reader, but a neighbour reads them regularly, so I'll get him to drop a few in occasionally instead of recycling them) and I'm pretty much set.
I'll leave them both to settle for a few days before I get them to pose for a few photos and I'll feed them later this week as well - they should be all settled and ready for a meal by then.
The larger viv isn't quite ready for the Bredli yet - the heat lamp needs a shield as ithese ceramic lamps get to around 200C on their surface - well and truly hot enough that if the Bredli gets a little too close, it can cause some serious damage. Aside from that, I've got the turf , water bowl and hides ready for that viv. So hopefully, Tuesday next week I'll be able to have this finished and be able to get the Bredli from Simon as well. Would be nice...
Regards,
The Outspoken Wookie
439 Days to Patch
Anyway, Microsoft has one other tendency regarding their patches - they take forever to actually release them. A classic example of this is the MS08-050 patch in the August '08 Black Tuesday patch release. This was first disclosed to Microsoft on 31 May, 2007 and Microsoft responded to Haifei Li of Fortinet’s FortiGuard Global Security Research Team on the same day. Then, after much delay, Microsoft finally publicly disclosed this vulnerability when they released the patch - 439 days after being informed of it.
For more information on this patch, have a read of CVE-2008-0082.
I wonder, should vendors also be required to post their initial notification date on their vulnerability/patch announcements so we can all see how quickly they are reacting to vulnerabiliity notifications found by third parties?
Regards,
The Outspoken Wookie
Starbucks
The coffee served at Starbucks is OK. It is far from great, a fair way from good, and is the main reason the coffee company is going to close so many stores in an attempt to stop going bankrupt. Upping the quality and charging a reasonable price will mean that you do more business. People buy coffee for 2 main reasons - one being that it is there, hot, caffeinated and they will drink it. The other is because they actually like coffee.
I'm (generally) in the second category - I eat and drink what I like to eat and drink, and I don't really like Starbucks coffee. When in the US, I do like their T-Mobile Wi-Fi hotspots, so I put up with their coffee. I don't need their Tel$tra Wi-Fi hotspots in Australia, so I choose to drink better coffee at other locations and therefore Starbucks in Australia will not see any of my money. If their coffee was better, they most likely would.
Regards,
The Outspoken Wookie
Micro-GPS for Mangled Spines
Regards,
The Outspoken Wookie
Friday, August 15, 2008
VMware ESX/ESXi Deborking Finished
We have re-issued the entire ESX/ESXi 3.5 Update 2 release (ISOs, upgrade tar and zip files, and patch bundles). They are available for download at http://www.vmware.com/download/.
Please note this update is only relevant to customers who did not install the impacted release of ESX 3.5 Update 2 (build number 103908) or ESXi 3.5 Update 2 (build number 103909). If you have installed either of these please visit http://www.vmware.com/landing_pages/esxexpresspatches.html?elq=16CCB5044344468C94F2945159331C2E and install the express patch.
Regards,
The Outspoken Wookie
A frightening example of small-mindedness
Regards,
The Outspoken Wookie
Thursday, August 14, 2008
VMware ESX/ESXi Bork Continues
Dear VMware Customers,
We have released the express patches for the product expiration issue. Please go to http://app.connect.vmware.com/e/er.aspx?s=524&lid=3173&elq=5F0D115F069A45049F3C733B40898FEB for download and KB articles. Since our last customer email we have completed our verification tests that the express patches we’ve released are fully compatible with the VMware Update Manager. Please see the KB articles for deployment information regarding Update Manager.
The KB articles are kept up-to-date. Please refer to the KB articles for information and updates.
In our last update, we referred to an initiative by our support and engineering teams to find an option to apply the patch without the necessity of entering maintenance mode and VMotion of VM’s to other servers, or VM power-off and re-power-on. Our earlier tests have not found a consistently successful way to address this. We continue to investigate this possibility, as we know that it would reduce the maintenance burden on our customers who may not have a patched server available for VMotion.
We are on target to release updated versions of the ESX/ESXi 3.5 Update 2 patch at 6 PM PST today. This is for customers who have not already upgraded to the previously released version of ESX/ESXi 3.5 Update 2
Thank you,
The VMware ESX Product Team
...At least they are working on this as fast as they can and are releasing regular status updates.
Regards
The Outspoken Wookie
Wednesday, August 13, 2008
VMware ESX/ESXi 3.5U2 Bork Deborked
Regards,
The Outspoken Wookie
VMware ESX/ESXi 3.5U2 Bork
VMware Engineering has isolated the root cause and is working to produce an express patch for impacted customers today. The target timeframe is 6pm, August 12, 2008 PST.
Regards,
The Outspoken Wookie
WESS Pre-Day at Tech Ed.au
As there will be a number of hours of Level 300 material in the sessions on that day, I suggest that anyone in Australia (or who will be in Australia on 2 Sep) who will be working with SBS 2008 or EBS 2008 in any technical capacity signs up for this pre-day.
The link above will allow you to sign up for just this pre-day, this pre-day with the rest of Tech Ed, or just Tech Ed sans this pre-day (not recommended). Remember also that those who attend this pre-day will receive a for resale version of SBS 2008 Standard Edition once the product ships - which seriously offsets the cost of this very beneficial training.
So, not only has Robbie pulled out all stops and managed to get others inside Microsoft to acknowledge the SMB market needs tech support, he's also worked out a nice way to offset the cost. Go Robbie! :)
So, get off yer arses and sign up for this training - you KNOW you need it and you KNOW it will benefit you, your clients, and the SMB community as a whole.
Regards,
The Outspoken Wookie
Sunday, August 10, 2008
Congrats Productiv
A nice piece of trivia is that Productiv were up against Dimension Data and Data #3, two very large, well established companies. So congrats to Productiv for coming head to head with "the big boys" and delivering a better solution.
Regards,
The Outspoken Wookie
Friday, August 08, 2008
Congrats Stu
Congratulations to Stu and the team at BCA on a job well done!
Regards,
The Outspoken Wookie
Monday, August 04, 2008
Australian Partner Conference Virtualization Pre-Pre-Day
So, I may not agree that MS is really there yet with Hyper-V, but I can see where they are coming from (they have imbibed the KoolAid and need to borg us all). :)
Microsoft's "Dynamic IT" method of "modelising" the infrastructure to be able to make judgements on the best way to deploy or redeploy hardware, servers and services does, however, make complete sense. Without having a holistic view of our client networks, how can we really know how to best implement virtualization strategies?
It was interesting to note that upcoming releases of Microsoft's server virtualization and also their application virtualization (previously known as SoftGrid) will both use the .vhd file format.
Their System Center Management Suite does look nice, however it is definitely not SMB-friendly as far as pricing goes. But that's to be expected right now.
Derek Moir and Philip Duff followed with a session on building your practice with Microsoft vittualization, going into more depth with System Cener Virtual Machine Manager, System Center Data Protection manager, System Center Operations Manager - all the components of the System Center "Server Management Suite Enterprise" which seem to integrate nicely (at least as far as the demo went) and offer management of the complete network infrastructure - VMWare, Hyper-V and real hardware systems, through to patch management and backups.
Leon Booth and Jeff Johnson then followed up on desktop optimization, dealing with VMware's VDI -Virtual Desktop Infrastructure - and comparing it to Microsoft's options - application virtualization (previously SoftGrid), presentation virtualization (Terminal Server), Microsoft Enterprise Desktop Virtualization (so, so not SMB) and Windows Fundamentals for Legacy PCs (which I call Windows Fundamentals for Lame Arsed PCs) which is a very expensive way to turn old clunkers into terminal server and MEDV clients. It is likely cheaper to buy the cheapest Dell you can find with Vista Business on it, upgrade it to XP Pro and run the clients on that. :) but anyway...
Basically, as Microsoft doesn't have its own VDI competitor - they do have partners in Citrix and Quest Software who have desktop virtualization applications - they make sure you know that there are other options which they claim will always be better. We all know that VDI will be ideal for some scenarios where TS and/or application virtualization will not be suitable, and we'll also have situations where application virtualization on a terminal server will be better, and all options and combinations inbetween. :)
The Microsoft Assessment and Planning Toolkit (currently at release 3.1) can be used to go onsite, take an inventory of the currently deployed servers and services, and build a report outlining where virtualization can be used to be a business enabler, not just a cool toy. It is a rather cool tool. :)
All up, was the Virtualization Pre-Pre-Day worth attending? Definitely. It gave me a better idea of where Microsoft sees their vitualization focus in the nearish future and it allowed me to make a few relevant comments about virtualization uptake in the SMB marketplace, which may well still be a lot higher than Microsoft realizes. I do hope the rest of the conference is as worthwhile as this session.
Regards,
The Outspoken Wookie
Australian Partner Conference Arrival
I spent a bit of time yesterday talking with Danny Beck, Fred Dennison, Rosemary Stark, Derek Moir and more of the Microsoft guys here at APC '08 and a number of us had dinner last night. Much of the discussion was around MS virtualization which was interesting. I'm not sure that Hyper-V in its current form (a Microsoft Release 1.0 has *never* been all that usable to date) is going to do much of what they'd like to see happen in the marketplace, but I do like most of their longer term thinking (which, of course, involves crushing their competition, which I personally don't think leads to a competitive and healthy IT industry, but we're talking Microsoft here who want to rule the entire planet's IT infrastructure and crush *all* of their competition into historic dust).
The MS Virtualization pre-day session today should be very interesting. I hope to gain a better understanding of where Microsoft sees virtualization going, what they see virtualization can enable and what their total picture of the virtualization marketscape is. I know that virtualization is an important thing to SMBs - the response I received when I asked about this at the last Brisbane SBS User Group proved that - and I hope that through some of the contacts I make here, I can bring this to the attention of Microsoft in my role as the SBSC PAL on behalf of all Australian SBSCs.
If there are any virtualization questions not specifically about SBS 2008 or EBS 2008 virtualization (information about which which will not be released publicly yet) that you have, please email me or reply here and I'll make sure to ask them in the session or after.
Regards,
The Outspoken Wookie