TechVirtuoso

Virtual PBXs, are they the future?

0 Comments March 11, 2010 : By Frank Owen · Category : IT Technology, Telecom

Phone Systems have evolved over the last 10 years.  With the death of the traditional PBX and the new VoIP movement businesses have more reasons to upgrade and more feature sets to choose from.  I previously managed the IT department for a small company that relied heavily on the phone system.

They purchased a (at the time) a state of the art system and spent a big chunk of change thinking it would last them forever.  Fast Forward 10 years and that same system that cost them hundreds of thousands of dollars is now worth 30K (if they found a sucker on the street) and they were spending thousands of dollars every month on maintenance for the ancient piece of equipment sitting on the wall.  They were stuck with a dinosaur and were quickly falling behind their competitors.

(more…)

Intel 8-Core Nehalem-EX coming this March

0 Comments March 8, 2010 : By Tim Davis · Category : IT Technology, Virtualization, Windows Server

Is 4 Cores of raw physical processing power not enough for you? Do you often find your servers bogged down from never ending number crunching?

Never fear, Intel hears your cries for extreme power. Intel is readying it’s launch of Nehalem-EX processors for this month. The new processors will boast 8-cores, 16 threads and support for up to 8 processor sockets on a single board.

(more…)

Not everything made by Cisco is made of gold

0 Comments : By Jake Sonelly · Category : Featured, IT Technology, Review

The scenario:  You’ve found yourself working at a company that is experiencing phenomenal growth.  The employees have actually decupled in the past year and show no signs of slowing in the near future (on this note, when was the last time you saw the “decupled” in print?). You have inherited a network that is truly a Frankensteinian creation that not even the original architects understand any more.  You have noticed that you neither have a working firewall nor a decent VPN system, though Cisco VPN is used by a handful of key employees to connect to a Cisco 1800 series router.  The IP scheme for the organization, which spans three sites, is using the 192.x.x.x address space. You wish to straighten everything out with a minimum of downtime and as seamless as possible for the end-users.  What do you do?

Well, instead of telling you what to do, allow me to tell you what not to do.  Not just that, let me drill into your collective skulls what not to do.  Are you ready?  Here it comes:

Do not, and this is key, so write it down… do not buy a Cisco SA 500 series device.

(more…)

KVM over IP; coming to a Desktop/Laptop near you!

0 Comments February 4, 2010 : By Frank Owen · Category : IT Technology

Today I saw a tweet from @DellServerGeek about a new technology that Intel has developed in partnership with RealVNC for the new Intel vPro 2010 series chips.  This amazing technology will allow IT Support to be able to connect to a machine, even when the machine can’t boot and resolve the users issue without the need for a technician to be sent out on site.  This KVM over IP technology has been around for some time in the server realm with DRAC cards from Dell or Lights-out boards from HP but I believe this is the first time it has been tried on Desktop/Laptop machines.

This new technology will not only allow the remote technician to take control of the machine but also will give the technician the option to turn the machine on or off remotely as well as rebooting the machine when it does not respond to keyboard or mouse gestures.  You can also use the IDE Redirection option to remotely boot to a cd or image.

Check out the RealVNC site for videos and more detailed information!

Access Denied: Giving users local administrator permissions on their machine?

0 Comments December 8, 2009 : By Michael Stanclift · Category : Featured, IT Technology

A recent email discussion over a education security listserv got me thinking about the topic of giving users administrator rights to their local machines. This is a common discussion that comes up about once every month or so, when ever someone new joins the group. The discussion usually starts by asking for methods of removing administrator access in environments where rights have already been given, and then nosedives into a long discussion about the ethical and practical reasoning behind it.

There seems to be two schools of throught about all of this.

  1. Lock the user out of everything that would prevent malware from being installed or the user installing software they’re not suppose to, at the expense of user frustration and IT time spent approving and installing software requested by users.
    Basically, the users are stupid and cannot be trusted. IT will have to monitor them.
  2. Give the user access to everything and let them install whatever they want, at the expense of user frustration and IT time spent removing software they’re not suppose to have and malware that have been installed as a result.
    Basically, trust the users and clean up after their messes when they don’t understand what they’re doing.

In an educational setting, specifically in higher education, you have a lot of competing interests. You’re a business, selling a product (education) and have to compete with other businesses (schools) to gain more customers (students) — therefore, security like what you’d have at any enterprise is necessary. However, you have a group of highly educated and often times very ego-centric individuals called faculty that feel they have a right to gain access to anything and everything in order for them to independently do their job without interruption from IT, or having to ask them for assistance. I would imagine it’s something like working with engineers, but in this case 95% of the people have no idea how to use a computer. Last but not least, the university is an ISP, providing Internet access to students and employees on their personal machines. But that’s a topic for a future entry.

The idea that users need administrative access to their computer or that they somehow have a right to it is wrong in my opinion. When I go into my office, I have services provided to me by other departments on campus that I do not have full control over. If I need a light bulb replaced in my office, do I have a key to go do it myself or do I just call Physical Plant and have them come over? Sure it’d be faster and probably easier for plant to just go take care of it myself. Just because you can give someone full access to a machine, and they’re used to it at home, doesn’t mean they should have that access at work.

I have full access to the thermostat at home (well, I take that back… my wife does… I’m just a user there too) but I can’t just go adjusting the HVAC system at work how I want.

We make as much software as possible that we’ve pre approved user-installable through Group Policy Software Deployment and soon though System Center once we have that up and running. Our staff maintains a repository of approved software installs that require us to do it, so when the user cannot do it themselves it only takes us a few minutes. If a user walks up to our support center, we can usually get the software installed on their laptop right away. We’ve given our Help Desk very easy to use remote access software and can usually get stuff installed for them within 24 hours, if not as soon as they call in or email.

Does malware still get installed on systems where users lack administrative access? Yes. Which brings me to another point.

You also need to look at the amount of damage that can be done in the time period where a user with administrative access disables anti-virus to install something, or even where the AV client doesn’t detect it and the user isn’t aware enough to see what has happened. A few years ago, the malware was about annoying the user or deleting files, but as it has changed to becoming a security breach where data can be stolen often without the user even seeing they’ve been infected.

My wife works for a multinational accounting services firm, where she and her co-workers have access to information that would probably make any hacker wet their pants with excitement. Yet, they have administrative access to their company issued laptops, since they spend most of their time outside of the corporate office. In one case, she told me where one of her co-workers went weeks with a system she knew was infected with porn-popups, yet was “too busy” to do anything about it, like take it into the office and let IT look at the system. Did she know better? Despite required company IT education and training, probably not. Did my wife? You betcha.

That infection may have been harmless, or just designed to generate traffic to your friendly neighborhood porn site, but would the next one be so lucky? Sure, you may put good AV on systems and monitor them daily, but they can’t catch everything. It seems like we should be fighting to do everything in our power to prevent this from happening, even if it means it’s more difficult for the user and IT. The risk of not doing so outweighs the easy of use.

Do your users have administrative rights? Why or why not?

Catchalls, On Behalf of and Google Apps

0 Comments : By Frank Owen · Category : IT Technology
As most of you know for quite some time I have been looking for a way to consolidate multiple email accounts in one nice interface.  I run a small business and have many email accounts that go directly to me.  It would be nice if I were able to log into one web based email service and be able to read/respond the emails from these accounts in one centralized location.  Every service I tried there was a downfall of some kind.  I really liked Google’s email solutions but they had one draw back; the on behalf of annoyance that has bugged many Google mail users since they started to allow users to send email from a different email address.

I got an early Christmas present in July when someone pointed me to this blog post on Google Apps blog.  FINALLY they have setup a work around for the “on behalf of” problem.  I immediately started to go through in my head how this was all going to work.  I did a Google Search on setting up Google Apps to see what other users were doing and I found an article about a completely different approach to managing emails.  Users are setting up a domain on Google Apps and setting their main email as the catchall for the domain.  Brilliant!  Now, when I sign up on a website I use thewebsitename@mydomainname.com and can have my filters automatically tag the emails coming in.  Also, if the website sells my information or gets hacked and I start getting spam I can blackhole the email account and decrease the amount of spam I receive on a daily basis to almost nothing.

Catchalls have been around for sometime and I am surprised over time other users haven’t figured out the benefits of using a catchall email account with a domain like I have setup in this situation.  This is a great setup for any user or a small business who wants to look like more than a one man shop.

KVM over IP and a Bad Demo

0 Comments November 26, 2009 : By Frank Owen · Category : IT Technology

We are going through a major Avaya upgrade at work.  Since we are moving to VoIP we are making changes to our network as well as some of the infrastructure to prepare for the upgrades.  We have a bit left over from the budget so we are trying to fit a KVM over IP solution into the current budgeted numbers and I can tell you it has been pretty challenging.

I have previously used the Startech KVM over IP product as well as one of their switched PDU’s and I was not impressed.  The pricing fit into our budget but I didn’t want to buy crappy equipment jut because it fit into our price range.  After looking through the CDW website I found a solution from Aten that I liked so I contacted my CDW rep to schedule a demo.  He also said I should look at a Belkin solution and a Avocent solution all within the budget.

In the mean time Belkin had a demo available on their web site.  I signed up for the demo and it worked pretty well but I was hoping for a more robust solution so I waited for the Aten demo to be setup.

The Aten demo started off like most demos, with a power point presentation written word by word by a sales representative.   The technician that was supposed to be joining the call was running late and after the sales rep. finished his power point, he hunted down the technician and got him on the phone.  The technician shared their screen and logged into one of their units.  He jumped around a lot and the connection between him and the KVM device was severed twice during the 20 minute demo.  He claimed it was network issues at his local site and nothing to do with the Aten equipment.

After the warm and fuzzy feeling disappeared after seeing the bad Aten demo I asked my CDW rep to get a representative from Avocent on the phone.  We scheduled a demo with Avocent and everything went very well.  I was very impressed with their product and everything worked the way it should.

I figured I would end this post with a little bit of advice to any sales representatives reading this.  If someone asks for a demo of your product this is your chance to close the deal.  Make sure everyone is on time, you don’t just read directly from a power point AND when it comes time to show your product it actually works.  I would say if you could only choose one of these points to excel at… the last one is the most important.

Android road warrior has phone, ISO connectivity

0 Comments November 23, 2009 : By Shane Pitman · Category : IT Technology

junefabricsAs I stated in my previous post, I have left the world of BlackBerry and Microsoft Exchange behind and transitioned my e-mail, calendar, contacts, and mobile platform to Google Apps and Android. Doing so was no small decision, as my “day job” requires that I have access to all of these items and that they work in unison with each other, my desktop, my laptop, and that I have access to my data anywhere at any time.

I own an IT consulting firm, and as you can imagine, that means that I am not always in the office, and don’t always have connectivity available. With my BlackBerry, it was as simple as loading the Sprint SmartView software on my laptop (similar applications are provided by most carriers) and using my BlackBerry’s data connection. However, SmartView doesn’t work with the Samsung Moment, and Sprint has made the (poor) decision to do away with tethering or “Phone-As-Modem” options on their Simply Everything plans which are required plans for their smartphones. I speculate that their reason for doing away with tethering is an effort to drive customers to the increasing number of mobile broadband devices that they carry, including the new Novatel MiFi 2200 router, but I’ll save that gripe for another post.

(more…)

Goodbye RIM, Microsoft, hello Android, Google Apps

0 Comments November 20, 2009 : By Shane Pitman · Category : IT Technology

androidThose of you who know me, know that I have been an avid BlackBerry proponent for many years. I held fast to the opinion that BlackBerry coupled with Microsoft Exchange was the solution for business mobile communications. Be it BlackBerry Enterprise Server or Microsoft ActiveSync, I held steadfast in my opinion that nothing could perform as well or better in maintaining perfect harmony between my desktop, my laptop, my phone, and anywhere access to my information. I am here to say, that era has ended. A moment of silence, please. Now that the mourning is over, let me tell you the changes I’ve made, how, and why.

First, let me say that I had not been looking to leave the BlackBerry/Exchange family, but I was holding out for a full screen BlackBerry with a physical keyboard, a slider if you will. Those of you who follow mobile devices closely, especially those who follow BlackBerry hardware, are well aware of the numerous design concept drawings, mock-ups, etc. of a BlackBerry slider that have been floating around for at least a year. Never revealing just exactly when we would see such a device, RIM has only been willing to confirm that several design options have been considered. This secrecy is nothing unusual among device manufacturers, but the lack of information and an opportunity provided by a competitor presents a precarious position, and, in this case, caused a long time RIM fan to jump ship.

(more…)

HP ProLiant G6 Q&A

0 Comments October 14, 2009 : By Shane Pitman · Category : IT Technology, Other

HP_logoEarlier this week I had the opportunity to join in on a discussion with Greg Huff, HP’s Chief Technologist for HP’s ProLiant servers team, as a followup to the HP ProLiant Tech Day and Web Jam event that we attended back in March. While the discussion was focused on some of the material that we had gone over back in March, a few points were raised that I wasn’t aware of. Points that, in my opinion, HP should be putting a little more emphasis on in their marketing and advertising. Primarily, the amount of HP’s intellectual property that makes its way into technologies that most probably aren’t aware of.

For example, we discussed some of the intellectual property (IP) that HP has had a hand in developing, and has licensed to manufacturers to be included in their products. As an example we discussed a series of network adapters made by a variety of hardware vendors that include some HP IP in their design. These adapters are sold in systems from just about every vendor, and are fully functional network adapters that have the same basic performance specs across the board. However, because HP participated in the development of the technology, there are some functions that are only available if that technology is in an HP product. So you take two different servers, one from HP and the other from another vendor, and both have the exact same NIC in them. The core functionality of the network interface is exactly the same on both systems, but the HP system could have capabilities that don’t show up at all on the other vendor’s system. Abilities such as being able to eliminate extraneous cabling by controlling data flow at the core level of the NIC itself. I asked Gregg about  other examples of these core hardware differences, and while some of the details are out there in individual white papers, there isn’t a list that points out the differences across the hardware spectrum.

As a follow-up to this discussion, HP has presented us with an opportunity to participate in a Q&A session with their ProLiant G6 folks, and we would like to get some participation from you, our readers. So if there’s anything that you’ve ever wanted to know about the HP ProLiant G6 line, or any suggestions or concerns that you feel should be addressed, please feel free to submit them here. HP will collect your submissions and they could make it into an upcoming interview and blog series that HP plans to kick off soon.

Older Posts »

© 2010 TechVirtuoso, LLC. All trademarks are property of their respective owners.