|
|
|
|
|
|
|
|
|
Hi, my name is Aram Smith and welcome on my website. I work for Avanade, a joint venture between Microsoft and Accenture.
I have 17 years of experience in the ICT field and i am a dedicated Infrastructure Architect, specialized in Microsoft infrastructures and products.
In my role as Infrastructure Architect I am responsible for architecting, designing and implementation large infrastructure designs, but also responsible for Quality Assurance of the design and project phases.
In my career i have performed several large projects for customers such as ING, SNS Reaal, TPG, Royal Vopak, and Agility Logistics, but also performed several projects for Microsoft, such as the Quickstart/Quickplan Security Portfolio.
My specialties are Infrastructure Architecture with frameworks such as the Microsoft Reference Architecture (WSSRA) and the TOGAF
Also i have a dedicated focus to the area of Infrastructure Security with technologies such as Identity & Access Management and Public Key Infrastructures, but i also like the core technologies as Microsoft messaging & Collaboration-, Server- , System Center- and Security products.
See my proile on LinkedIn: http://www.linkedin.com/in/aramsmith or email me at aram@aramsmith.com |
9/8/2008Thanks to my contacts at Microsoft, I received a beta test code for their new online services.
Microsoft is building rapidly datacenters around the world, which must form together a 'Cloud'.
These centers are enormous, MS claims to process (install & deploy) 10.000 servers each month!!
From this cloud, Microsoft is planning to provide a lot of services, such as Exchange email, SharePoint Portal services, Office Communication, Live meeting and even CRM.
Think about this, messaging, collaboration, communication and even Business applications as a utility (like water & electricity) out of a wall socket.
The benefits are numerous; you don't need your own Exchange server, SharePoint Portal Server of OCS, you just buy these services as a package that has a fixed cost per employee, per month!
My fist experiences with MS online are very good, its fast and it offers all functionality, and of course there are some glitches, normal because it is still in beta phase. Unfortunately it is no available yet in the Netherlands, but soon, it will be.
If you want to know more, click on the picture for a full demo.
Was it on purpose? Or was it really a mistake? Google claimed that they have made an error in the Chome Eula. They copied parts of the EULA's of their other products.
"Reuse" as Google called it, but has no one actually take a look at it?
Google has now adjusted their EULA to avoid more hassle, check for yourself at: http://www.google.com/chrome/eula.html
Google alo claimed that the new eula 'retroactively' applies to users that has already downloaded and installed Chrome.
But how we know for sure that Chrome has not an "ET phones home" Syndrome? Only time will tell.
9/3/2008
Google hit the Internetworld again with their new and i have to say very sophisticated browser called Chrome.
Chrome has some very good features such as isolated processes per tab, isolated plugins, better memory management and so on.
However, there is a brutal catch in Chrome, which did not surprise me, if you take a good look at Google business model with GMail.
If you read the EULA (End User License Agreement) very well, you should take a very close look at section 11.
Section 11 states:
" 11. Content licence from you
11.1 You retain copyright and any other rights that you already hold in Content that you submit, post or display on or through the Services. By submitting, posting or displaying the content, you give Google a perpetual, irrevocable, worldwide, royalty-free and non-exclusive licence to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any Content that you submit, post or display on or through the Services. This licence is for the sole purpose of enabling Google to display, distribute and promote the Services and may be revoked for certain Services as defined in the Additional Terms of those Services.
11.2 You agree that this licence includes a right for Google to make such Content available to other companies, organisations or individuals with whom Google has relationships for the provision of syndicated services and to use such Content in connection with the provision of those services.
11.3 You understand that Google, in performing the required technical steps to provide the Services to our users, may (a) transmit or distribute your Content over various public networks and in various media; and (b) make such changes to your Content as are necessary to conform and adapt that Content to the technical requirements of connecting networks, devices, services or media. You agree that this licence shall permit Google to take these actions.
11.4 You confirm and warrant to Google that you have all the rights, power and authority necessary to grant the above licence."
In Dutch:
"
11. Inhoudslicentie van u
11.1 U behoudt de auteursrechten en enige andere rechten die u al bezit over de inhoud die u op of via de Services inzendt, plaatst of weergeeft. Door het verstrekken, publiceren of weergeven van Inhoud door of via de Services, verleent u Google een eeuwigdurende, onherroepelijke, wereldwijde, royaltyvrije en niet-exclusieve licentie op het reproduceren, aanpassen, wijzigen, vertalen, publiceren, verspreiden, publiekelijk uitvoeren en weergeven van deze Inhoud. Deze licentie is uitsluitend bedoeld om Google in staat te stellen de Services weer te geven, te verspreiden en te bevorderen en kan voor bepaalde Services worden ingetrokken, zoals gedefinieerd in de Aanvullende voorwaarden van die Services.
11.2 U stemt ermee in dat in deze licentie een recht voor Google is opgenomen om dergelijke Inhoud beschikbaar te stellen aan andere bedrijven, organisaties of personen met wie Google een relatie onderhoudt voor de levering van syndicatie-services en om dergelijke Inhoud te gebruiken in verband met de levering van deze services.
11.3 U begrijpt dat Google bij het uitvoeren van de technische handelingen die nodig zijn om de Services aan onze gebruikers te leveren, (a) uw Inhoud over diverse openbare netwerken en via allerlei media kan versturen of verspreiden en (b) wijzigingen in uw Inhoud kan aanbrengen die nodig zijn om die Inhoud geschikt te maken voor en aan te passen aan de technische vereisten van aangesloten netwerken, apparaten, services of media. U stemt ermee in dat met deze licentie aan Google het recht wordt verleend deze handelingen uit te voeren.
11.4 U bevestigt en garandeert aan Google dat u over alle rechten, bevoegdheden en volmachten beschikt om de bovenstaande licentie te verlenen."
This means in my opinion (correct me if i am wrong, i am not legal skilled), that whatever you 'push' or 'pull' (uploading & downloading) through Chrome, you grant Google the right to do whatever they like to do with your content, code, photo's, data etc, they may even share it with your competitors.
That is scarry!!!!
So please be aware when using Crome.
see for yourself: http://www.google.com/chrome/eula.html 8/20/2008
We have all our laptops secured with Bitlocker to protect our data, when a laptop is stolen or lost, the data is secured, even if the thugs remove the hard disk and attach it to a other computer as a secondary disk.
But I was wondering; how about the virtual environment, if a company runs multiple virtualized servers (with sensitive data), they are at risk, a virtual hard drive or VHD is easier to steal than a physical disk (just copy it).
So, how do we enable Bitlocker inside Hyper-V systems?
The downside of Hyper-V is the lack of USB and TPM (trusted third party module) support, almost essential for a Bitlocker configuration, almost I say, after some testing and thinking, I thought of a different solution.
The USB drive is used to store the startup key, but there is a way to use a virtual floppy instead of an USB key.
So, the procedure can be divided into 3 sections: Preparation, Execution and the Operation. I will explain all steps in detail. The procedure will support Vista and Windows 2008 and is not necessarily bound to Hyper-V, it can also be used in other virtualization platforms.
Preparation
The preparation enables bitlocker so that it can encrypt the C: drive.
- Install Vista or Windows 2008 inside Hyper-V (or any other virtualization product)
- Install the Bitlocker feature through the Server Manager Features option
- After installing start through a Run command: GPEDIT.MSC, this will open the Group Policy Editor
- Drill down to 'Local Computer Policy' à 'Administrative templates' à 'Windows Components' à 'Bitlocker Drive Encryption'
- Select 'Control Panel Setup: Enable advanced startup options.
- Make sure of the following selections:
- Close the MMC
- Now we have to create a virtual floppy disk, this can be done outside the Hyper-V guest and use the Hyper-V manager.
- With 'Action' à 'New' à 'Floppy Disk' a new floppy disk can be created
- Mount this one to the Guest system and format it.
- Now its time to install and run the Bitlocker Preparation Tool, which can be found here
- Install the tool and run it.
- Now reboot the system
Execution
After the reboot we have to enable Bitlocker to encrypt the drive, for this we open a command box and prompt the following command:
C:\windows\system32\cscript manage-bde.wsf –on C: -RecoveryPassword –RecoveryKey A: -StartupKey A:
This command initiates the encryption on C: and we store the recovery key and startup key on the floppy drive A.
Now you can copy the Recovery password from the screen to a text file.
Now the system needs to be rebooted, after the reboot Bitlocker will immediately start the encryption procedure (this will take a considerable amount of time).
You can see the status of the encryption process by initiating the command c:\windows\system32\cscript manage-bde.wsf –status.
Operations
Now after the encryption, each time a server start, the floppy must be mounted, it holds the startup key. Buuut this virtual floppy can be moved to a physical USB key and is only needed when starting up the system. 8/8/2008Well, almost, today Microsoft released SQL Server 2008, but only available to MSDn and Technet subscribers.
Mainstream release will be at 7th of August, then also evaluation versions will be available from Microsoft's SQl website.
Cool new features are: encryption of databases, key management, enhanced database mirroring, and enabling Geo datatypes.
Geowhat? Well:
- Implement Round Earth solutions with the geography data type. Use latitude and longitude coordinates to define areas on the Earth's surface.
- Implement Flat Earth solutions with the geometry data type. Store polygons, points, and lines that are associated with projected planar surfaces and naturally planar data, such as interior spaces.
Wauw!
See: http://www.microsoft.com/sqlserver/2008/en/us/overview.aspx for more info. 8/2/2008Microsoft has recently released (RTM) its brand new Virtualization platform,, based on a Hypervisor solution, the name: Hyper-V.
I think that, although it does not have the same sophisticated features as VMWare, it offers everything most companies need, at a much more cheaper price.
Using a Hypervisor technology means a total different system architecture than other virtualization products used before, my own experiences with Hyper-v is that it is fast and much more stable than the classic products.
Even is your host OS crashes it doesn't have to affect your VM's. I also tried a failover technology for Hyper-V based on clustering, called 'Quick migration' (totally wrong name but whatever), I will go into that at another blog.
On Edge, a geeky Microsoft site about their technologies and products, the Program Managers and Architects of Hyper-V (John Howard, Ben Armstrong, Bryon Surace) explain, in 5 sessions, the architecture of Hyper-V and all its aspects, such as networking, storage, management, snapshotting etc.
These presentations are very, very good and if you are into Virtualization I strongly recommend to take the time to watch these sessions, even if you are a VMWare addict (I believe that true consultants should be 'agnostic' about products and vendors).
All sessions have I linked here:
Hyper-V Part 1 - Architecture - http://mschnlnine.wmod.llnwd.net/a1809/d1/edge/9/2/3/1/HyperVPart01_s_edge.wmv
Hyper-V Part 2 - VM Snapshots - http://mschnlnine.wmod.llnwd.net/a1809/d1/edge/0/3/3/1/HyperVPart2_s_edge.wmv
Hyper-V Part 3 - TAP and VSS Snapshots - http://mschnlnine.wmod.llnwd.net/a1809/d1/edge/1/2/3/1/HyperVPart3_s_edge.wmv
Hyper-V Part 4 - Disks and iSCSI - http://mschnlnine.wmod.llnwd.net/a1809/d1/edge/8/2/3/1/HyperVPart4_s_edge.wmv
Hyper-V Part 5 - High Availability - http://mschnlnine.wmod.llnwd.net/a1809/d1/edge/1/3/3/1/HyperVPart5_s_edge.wmv
So… have fun
Aram 7/31/2008
VMware just released a VMWare ESX server version for free. With ESX3i it is possible to have one System with Hypervisor, however it lacks the real VMWare technologies such as VMotion, HA and the ability to manage multiple systems in a Datacenter.
For these extensions you need to buy the ESX package. So we can call it VMWare ESX light.
ESX3i comes in two versions, an installable version and an Embedded version. This last one is a next step in Virtualization, several vendors such as DELL, HP and IBM will embed VMWare ESX3i in their server hardware; Hypervisor out of the box so to speak.
The installable version has also some typical specifications regarding the Hardware.
This makes Microsoft Hyper-V still a more accessible platform, if the system ruins Windows 2008 server and has a Hypervisor enabled CPU (Intel or AMD) you can easily activate Hyper-V. 6/4/2008Yes I am a Microsoft addict but never close my eyes for the new tech in life.
Virtualization is becoming key in most infrastructures, the days that it was used for Development and Test environments are over, Virtualization is moving to the production environments now.
One rather new aspect of virtualization is the application virtualization, of course we all now SoftGrid… ahum… AppVirt these days (how the heck did Microsoft come up with such a name?).
Another player in the market was Thinstall now acquired by VMWare. With Thinstall you can launch an application or even install an application that is not really installed or has any integration with the Host operating system… confused.. you will be in a second J.
Thinstall uses a thin (os) layer between the application and the Host Operating system, this prevents any integration with the OS such as file and registry but it still uses the available resources such as memory en cpu.
Packaging of an application is rather easy and deploying can be done with almost everything.
Want to know more? Look at http://www.thinstall.com you can download an beta2 of VMWare's new product.
1/4/2008Recently Microsoft provided a major update for the Zune, also supported on the Zune 1.0, the one that I have.
Now I must say, MS made major improvements on the Zune software, finally Podcasts are supported and integrated in the software. Also you can upload your music to your Zune, wireless!
I tried it, but it is very slow, and your Zune needs to be connected with the cable anyway to get power, Wireless drains your battery.
On my previous Blog I posted some tips and tricks to 'enrich' your Zune, now some of these are still valid, and because of the complains, I repost them:
Zune as Portable Harddisk:
- Make sure your Zune is not plugged in and your Zune software isn't running
- open up regedit by going to the start menu and selecting "run". Type regedt32 and hit "OK"
- Browse to HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\USB\
- Search for "PortableDeviceNameSpace". This should be contained in the Vid_####&Pid_####\########_-_########_-_########_-_########\Device Parameters within the above ...\USB\ The ##'s listed here will be numbers and letters specific to your Zune
- Change the following values:
- EnableLegacySupport to 1
- PortableDeviceNameSpaceExcludeFromShell to 0
- ShowInShell to 1
- Plug in your Zune, and make sure the Zune Software starts up.
- Hopefully at this point you can open up "My Computer" and browse your device, though it does NOT show up as a drive letter
Done! You will see two Zune's don'y know why, but hey, you have access
Multiple extension support
The Zune software is able to convert other file extensions, for that only two registry keys must be added.
you can find the file here: http://www.aramsmith.com/Files%20%20Documents/Multi-Extension%20Support%20Mod.zip
Please feel free to mail me any Zune tips & tricks at aram@aramsmith.com
Aram |
|
|
|
|
|
|
|
 |
|
|
|
|