Folks, Windows 7 Beta is going to expire on August 1, 2009 and will begin to reboot every 2 hours from July 1, 2009.

So if you are still on Beta, hurry up and download the Windows 7 RC and the product key from:

http://www.microsoft.com/windows/windows-7/download.aspx 

Also, the RC download program will stop on August 15, 2009 but you will still be able to insall an already downloaded software.

 So hurry and keep enjoying the power of Windows 7!!

Tech Ed India 2009 at Hyderabad brings to you the best of the IT Pro technologies in-depth coverage!

 Day 1: May 13, 2009

Day 2: May 14, 2009

Day 3: May 15, 2009

Whats More....

• Instructor Led Labs
• Hands-On-labs
• All MS Certifications FREE
• Community Events
• Contests
• Prizes

What will you take away???

Be There....  http://www.microsoft.com/india/teched2009

Ranjana Jain
IT Pro Evangelist
Microsoft India

Yes, TechEd is back in India after almost three years. Unlike previous years TechEd India is different in many respects

·         It’s happening only in one city, Hyderabad. The dates are May 13^th, 14^th and 15^th

·         It’s going to be the biggest ever TechEd in India in terms of participation. I am expecting thousands of people to attend this tech-festival

·         Good news for IT Professionals, there are more sessions and speakers in the IT Professional track. Some of the tracks for IT Professionals are Windows Server/Client, Security, System Management, Virtualization, Database & Unified Communications

·         You’ll find your favourite speakers from both Microsoft and rest of the industry

So don’t miss this event. See you all there. For more details and latest update please visit http://www.microsoft.com/india/teched2009/

Regards

TechNet India Team

• As part of Microsoft’s continuing efforts to protect its customers, Microsoft announced a collaborative effort with technology industry leaders and academia to implement a coordinated, global approach to combating the Conficker worm.
• This collaborative partnership between Microsoft, security researchers, ICANN and operators within the domain name system has proactively disabled a significant number of domains targeted by Conficker to disrupt the use of the worm and prevent potential attacks.
• As a company, we believe that technology innovation, customer guidance and partnerships are essential to addressing the increasing complexities of cybercrime. This community-based defense approach has enabled the technology industry, along with academia, to expand the boundaries of defense and better protect people worldwide.
• Microsoft also announced a $250,000 reward for information that results in the arrest and conviction of those responsible for illegally launching the Conficker malicious code on the Internet.
• For more information please see the press release at: http://www.microsoft.com/Presspass/press/2009/feb09/02-12ConfickerPR.mspx

Regards

Ravi Sankar

Windows 7 gets you what you expected!

Windows 7 , the next client release of Microsoft will be available in 32 & 64-bit versions.

Here are some things that you asked for in your Desktop OS:

For end –users

1.       Faster-Your system starts up, shuts down and resumes from standby faster, and your laptop’s battery lasts longer!

2.       Touch- Multi touch, ink and gesture support along with handwriting recognition allow you to create exciting new input capabilities. Managing large number of windows is much easier, with intuitive touch gestures to view multiple windows at once and remove unwanted windows.

3.       Faster Browsing- Build for the web with IE8, add rich media with Silver light and extend to rich client with WPF – using the same platform and tools

4.       Explore and Share - With Windows 7 and Windows Live, you can easily manage your documents, pictures, movies and music, regardless of which PC they are stored on, and share them with your friends and family.

5.       Search- Windows 7 includes all performance improvements from Windows Search 4.0, so search and indexing are much faster.

6.       Less Crashes- A new feature in Windows 7, Fault Tolerant Heap, mitigates the most common causes of heap corruption, significantly reducing the number of crashes you will experience!

7.       Power Saving - Windows 7 easily adapts to your activity. To save battery power, Windows 7 automatically reduces display brightness after a period of inactivity, much like mobile phones do today.

8.       Watch complete DVD on battery- Windows 7 will use less power in playing a standard-definition DVD than all earlier versions of Windows, so you are more likely to watch a complete movie with a single battery charge.

Features for IT Pros

1.App Compatibility- Windows 7 will run most if not all applications that run on Windows Vista, making Windows Vista to Windows 7 deployment easier. 

2. Powershell  v2 - Customers will be able to keep their PCs running smoothly with PowerShell & Group Policy management.

3. Bitlocker To Go- In Windows 7, BitLocker To Go will protect data stored on portable media (e.g., USB Flash Drives, USB Portable Hard Drives) such that only authorized users can read the data, even if the media is lost, stolen, or misused.

4. Work from Anywhere - With the capabilities Windows 7 enables, users who have internet access will be automatically connected to their corporate network. A user who is sitting on a coffee shop can open his laptop, connect to the internet using the wireless access of the coffee shop and start working as if he is in the office. The user in this case will be able to not only use outlook, but also work with intranet sites, open corporate shares, use LOB applications, and basically have full access to corporate resources.

5. “Branch office caching”- The idea is to cache the corporate data downloaded by users locally in the branch office so it can be quickly accessed by others in the branch. With branch office caching, opening a document can take seconds instead of minutes.

6. “Enterprise Search Scopes” enables IT, using Group Policy, to deploy links to appear on the user’s Start menu or in Explorer.

7. AppLocker provides a flexible mechanism that allows administrators to specify exactly what is allowed to run on their systems and gives users the ability to run applications, installation programs, and scripts that administrators have explicitly granted permission to execute. For example, a rule could be written that says “allow all versions greater than 8.1 of the program Photoshop to run if it is signed by the software publisher Adobe.”

To get your infrastructure ready for Windows 7, the best step is to start deploying Windows Vista and MDOP today.

Download Windows 7 Beta today and learn more about it at:

http://technet.microsoft.com/en-us/windows/default.aspx 

Watch Windows 7 Beta installation complete process here:

http://ranjanajain.spaces.live.com/default.aspx?sa=186712167

Yes, you heard us correct. If you have a solution build on top of Windows Server 2008 or SQL Server 2008 or Microsoft Unified Communications then here is the deal. Tell us what you did, submit a paper or a video of the same to us and if your solution is innovative etc then you stand a chance to win the cool phone ...

More about the contest is available here. Ofourse there are some rules for the contest and I urge you to take a look at them.

Assuming most of the desktops in your current enterprise are installed with Windows XP (SP2/SP3) or Windows 2000, here is a list of problems you (administrator) might be facing with them.

Problems:

1.      The users on most of the desktops use administrative accounts to work on their PCs. This is usually done so as to enable to users to do all the common tasks on their PCs themselves, but this may pose problems like:

a.      Users can install software themselves. Once installed, software can compromise the overall health and control of the PC, as well as introduce security and data compliance issues. With every new piece of unknown software installed, desktop performance, security, and supportability is gradually compromised.

b.      No asset inventory control or license management. This can leave you in a position where you don’t know what has been installed and whether or not you have a license for the software.

c.       Important data files are often changed or deleted. With administrator accounts, users have full access to the system and can often delete files that are required for system stability and reliability or even booting into the operating system, running applications or performing other day-to-day tasks

d.      End users are able to change core system configurations. Users with admin rights can install drivers, change firewall settings, deactivate services, or deactivate anti-malware software, and add additional user accounts.

e.      Users are not restricted from attaching devices to their PCs. With unauthorized storage devices connected (such as USB drives and MP3 players), users can easily lose or steal important data, load malware onto PCs, or misuse company assets with personal devices.

f.        Systems cannot be centrally managed. In many cases software is not centrally distributed or tracked. If that is the case, computers will require manual setup and configuration.

2.      Many applications are written to require admin privileges. This is often because software developers tend to develop as local administrators. Many applications are designed to assume that administrative privileges are present.

3.      Applications can save their data (installation files, registry keys, and runtime data) to random locations. Applications written this way are difficult to support, because each application functions in a different way. If something breaks, it is difficult to troubleshoot the problem. For example- applications may store unknown file formats in “Program Files’ folder during installation.

So what is the ideal way in which the Windows systems must be managed and how can that state be achieved?

Read my next blog on what should be done to tackle these problems proactively, and the third one in the series on how can it be done.

Microsoft is launching it’s new series of small and midsize server solutions on 12th of November. The two products which are part of this launch are Small Business Server 2008 and Essential Business Server 2008. For more details check this out link. http://www.thedreamserver.com/

Hi, this is Ravi Sankar (http://ravisankar.spaces.live.com/blog ) again from the TechNet India team. This is the second blog post I am writing in response to the questions we received as part of virtual tech days (http://www.connectwithlife.co.in/vtd ). This time I am answering the questions from the session “Managing Virtual Infrastructure”

Q1: Is virtualization suitable for big corporations only? Or is it useful to small and medium enterprises also?

A1: Very good question. Virtualization technologies are useful to organizations of all sizes. Let me explain this with the help of an example.

Hyper-V is the server virtualization technology from Microsoft. By using Hyper-V in a data centre, a large organization can consolidate their server infrastructure into fewer number of servers. This will result in savings in terms of rack space, cooling, power, management cost etc.

The above advantages are applicable to a small and medium sized business organization (SMB) as well. Since SMBs face additional constraints in terms of quality infrastructure and skilled IT man power virtualization can offer them a more optimized IT solution by requiring less infrastructure and better server management technologies (backup, high availability, provisioning etc.).

Q2: How does System Centre Virtual Machine Manager (SCVMM) handle applications which are not cluster aware to provide high availability (HA)?

A2: SCVMM does not handle applications directly but through virtual machines. Hyper-V is cluster aware and can be configured to provide HA for all the virtual machines running on it. The applications running in these virtual machines may or may not be cluster aware. SCVMM can manage the failover of such virtual machines from one server to another server running Hyper-V.

Q3: What is template creation in System Center Virtual Machine manager (SCVMM)?

A3: Templates are virtual machines created and stored in SCVMM library with specific virtual hardware, OS and application configurations. Templates are created for frequently used virtual machine configurations so that it is easier to provision new VMs. It also allows automation of VMs through scripting.

As one of you said it is a one time activity

Q4: Is diagram view of virtual and physical machines created automatically in System Center Operations Manager (SCOM)?

A4: Yes, once SCOM is configured to monitor a Virtual Server or Hyper-V based computer it can generate a diagram of physical machines and associated virtual machines automatically

Q5: Is Hyper-V a Type-1 virtualization product?

A5: Yes, Hyper-V is a hypervisor based Type-1 virtualization product. Hyper-V is available either as part of Windows Server 2008 x64 editions or as a standalone product (http://www.microsoft.com/servers/hyper-v-server ) for bare metal implementation

Q6: How many Hyper-V based servers are required to virtualize my xxx number of servers?

Or How can I size my Hyper-V deployment?

Or How much memory is required to virtualize xxx number or servers?

A6: As an answer to all these questions I request you to visit the following URLs and read things related to virtualization.

http://www.microsoft.com/whdc/system/sysperf/Perf_tun_srv.mspx

www.microsoft.com/map

http://blogs.microsoft.co.il/blogs/lior/archive/2008/08/15/hyper-v-server-sizing-and-performance-tuning.aspx 

Q7: How powerful is Hyper-v?

A7: This is a very subjective question and it can be best answered with the help of some real customer  case studies given the following link http://www.microsoft.com/virtualization/case-studies.mspx

Q8: Is it possible to manage VMWare infrastructure from SCVMM?

A8: Yes, SCVMM allows the integration of VMWare into its console. Details can be found here. http://blogs.technet.com/chengw/archive/2008/04/29/managing-vmware.aspx

http://blogs.technet.com/virtualworld/archive/2008/06/02/managing-vmware-with-scvmm.aspx

Q9: Can Hyper-V run on 32 bit hardware or 32 bit OS?

A9: Hyper-V runs only on 64 bit hardware and requires 64 bit edition of Windows Server 2008 in the parent partition. However some of the remote management tools for Hyper-V runs on 32 bit OS. Also Hyper-V supports 32 bit virtual machines.

Q10: What kind of drivers used by virtual machines in Hyper-V?

A10: Hyper-V supports two different types of devices viz. emulated and synthetic. Emulated device drivers are used for backward compatibility with older operating systems whereas synthetic drivers are supported only in newer operating systems like WS2008 but provides better performance. To know more about emulated and synthetic devices please refer to the following links.

http://blogs.msdn.com/virtual_pc_guy/archive/2008/02/25/hyper-v-terminology.aspx

http://blogs.msdn.com/tvoellm/archive/2008/01/02/hyper-v-integration-components-and-enlightenments.aspx

http://searchservervirtualization.techtarget.com/tip/0,289483,sid94_gci1312278,00.html

Q11: How do I provide high availability for virtual machines running in Hyper-V?

A11: There are many articles available on Microsoft’s website on providing high availability to a Hyper-v environment. Here is one of them http://technet.microsoft.com/en-us/magazine/cc837977.aspx

Q12: What makes the rapid provisioning of virtual machines possible in a Hyper-v environment?

A12: Libraries, templates, PowerShell based scripting and self service portal features in System Center Virtual Machine Manager 2008 make the rapid provisioning of virtual machine possible in a Hyper-V based virtual environment.

Q13: What are the minimum system requirements to run Hyper-V?

A13: The answer depends on whether you are running a bare metal Hyper-V server, server core based Hyper-V and Hyper-V with full installation of Windows Server 2008. Here is the system requirements for running Hyper-v server

http://www.microsoft.com/servers/hyper-v-server/system-requirements.mspx

Q14: Where can I get a free copy of Hyper-V?

A14: Hyper-V is available to you when you purchase a copy of “Windows Server 2008 x64 edition with Hyper-V”. To download an evaluation copy of Windows Server 2008 please visit the following link

http://www.microsoft.com/windowsserver2008/en/us/trial-software.aspx

A full version of Hyper-V server can be downloaded free of cost from the following link

http://www.microsoft.com/servers/hyper-v-server/how-to-get.mspx

I am sure you folks are enjoying all the Q&A posted by my fellow Evangelists on this blog. The intentions are very much there to give you complete information even after our webcasts have got over. If you didnt get to read the Part I Q&A I wrote around the DMVs session, dont forget to read them too. Let me next give you the links to PPT and Session for your offline viewing if you missed them. Next, moving to the unanswered Q&A from the session. Here we go:

Question Asked: can we run data collector on sql server which is having sql server 2005 ?

The management data warehouse can only be installed on a server running SQL Server 2008.

Question Asked: different collection modes available for data collector

The Data Collector Architecture (http://msdn.microsoft.com/en-us/library/bb677355.aspx) explains the real backend work. Incidentally, this is an completely async process and uses a combination of SSIS, SQL Agent and SQL Relational engine magic. You can also manually collect and upload the data into SQL Server from the Management Studio.

Quesiton Asked: Could you plz tell something more about WMI event?

If you personally ask me, this is a super cool event one seems to miss-out from the SQL Server 2005 days itself. Anyways, check the complete documentation of WMI Events and SQL Server at: http://msdn.microsoft.com/en-us/library/ms180606.aspx. Infact, if you crank up your SQL Server Configuration Manager, it operates completely around the WMI Eventing Infrastructure. It is really powerfull and under-utilized.

Quesiton Asked: What is the Impact on Memory Usage and Performance of system of Data collection?

This my friend is a dicey question because the data collected is completely under your control. And everytime a collect and upload happens the runtime fires enough info into the database. Now when this happens is completely configurable and the purging is also configurable. Hence the stress on the IO and Memory is something in your hand. Moreover we use the SQL Server Agent infrastructure and it can also be configured to run at our specified interval rather than automatically every 10 sec or so.

Question Asked: Can we use data collector to pull the data from the the data provider or website that allows to fetch the data using webservices?

Though the question is vaugue I think if you get a chance to read through the Architecture (http://msdn.microsoft.com/en-us/library/bb677355.aspx) in detail things will get clear. There is nothing like a webservice or sorts available.

Question Asked: can we have single data collector to collect information from multiple instance ?

If you have multiple SQL Server instances you could configure the data collection processes on each of your instances to use a central MDW repository. In fact, It is recommended you do this to minimize the impact of the data collection process.

Question Asked: Can the Monitoring data be Stored outside the server being monitored

Your question seems to be similar to the one asked in the previous question. You can raise the collection as T-SQL Collector, SQL Trace, Perf Counter Collector and Query Activity Collector. You can read on each at: http://msdn.microsoft.com/en-us/library/bb677328.aspx.

Question Asked: Does it upload the data to the warehouse db on its own or we have to do it manually?

As described before, you have all the flexibility here. You can manually do it or schedule it at regular intervals via the SQL Server Agent process.

Question Asked: how much frequently is the data fed to dataware house from cache ?

Same as the previous question. You can completely customize it.

Question Asked: we can use this data collector for maintain performance related data for application or database or Visual studio application

Though this is a nice thought, currently we are restricted for collecting perf data using the DMVs inside of a SQL Server instance only.

Question Asked: Say If I run this tool, every 1 hour, for 30 days, how much of data space will it take?

There is no straight forward answer to this question. It depends on how much data you will be collecting. I have seen with an interval of 10 sec for the past ~25 days the current size is close to 400MB for me. But I this happens on my laptop which starts and shuts down often.

Question Asked: WIll Data collector effect MSDB ?

This is a good question. We do use msdb for DW activities. The data collector uses msdb for storing configuration information, run-time information, auditing, and collection history information. This database must be present on the instance of SQL Server that runs the data collector. Using msdb provides the following benefits: a) All the data needed to configure and run the data collector is in one location. b) Data collection configuration can be deployed across several servers without having to use the file system. c) The data collector can use existing SQL Server security mechanisms to protect the data. In addition, database roles can provide granular security, and there is no need to implement cross-database chaining. and finally d) Since msdb is a relational database, it is possible to ensure the referential integrity of the configuration and run-time data.

Hope these clarified some of your questions from the session and hope to meet you all again in the next VTD scheduled on Nov 25th and 26th. And guess what we will have 8 fabulous sessions around SQL Server. Dont miss the action and dont forget to register.

Hi, I am Ranjana Jain  (http://ranjanajain.spaces.live.com) . I was one of the presenters at the recently held Virtual Tech Days from Microsoft. I presented two sessions – a. Managing Windows Vista using Windows Powershell and b. A look at the performance changes in Windows Vista SP1. A number of questions were asked during these virtual livemeeting sessions, which may not have been answered by me primarily due to lack of time. However I feel it was important to address the queries of the attendees, so like Ravi, I too decided to do that in this blog. So here I have consolidated most of the queries asked during the sessions and have tried to provide all the info that you can benefit from.

Many more questions were also asked that may not have been articulated in the exact same words, but I am sure most of the information that was required has been provided as answers to these queries.

Q1. Can Desktop Settings of users be modified using Powershell?

Answer:  Yes, Windows Powershell is a complete administrative shell using which administrators can do anything on the computer they have rights to. This includes, modifying desktop settings, starting/stopping services, changing policy settings, editing registry and even managing event logs etc.  Here is a link where you can find scripts that have already been created to Manage Windows Desktop Settings: http://www.microsoft.com/technet/scriptcenter/scripts/msh/default.mspx?mfr=true .

Q2. Can we create batchfiles/scripts using Windows Powershell to automate the tasks?

Answer: Yes, infact creating scripts in Windows Powershell is much easier than creating scripts in Visual Basic, or other programming languages. All that you need to create a script for Windows Powershell is to write all the Powershell commands in a notepad as you would want to run in sequence on the Powershell, and just save the file with a “.ps1” extension i.e. <filename.ps1> . Now you just need to provide the complete path of this .ps1 script file at the Powershell prompts and execute it! -J Yippee!!

Q3. Can I activate Windows Vista using Windows Powershell?

Answer: Absolutey, infact a Powershell script already exists in our scripts database to activate Windows Vista: http://www.microsoft.com/technet/scriptcenter/scripts/msh/desktop/activate/default.mspx?mfr=true . These include scripts using which you can not only know the activation status but also use scripts to activate Windows both offline and online. -J

Q3. How do we run the Powershell batch files/scripts on remote computers?

Answer:  This was demonstrated as a part of the scripts I executed during the session. As I mentioned, that in most of the commands that used GetWmiObect , I could replace the “.” value for the /computername parameter with the UNC path of the computer on which you want to execute the command.
For example: - Get-WmiObject -Class Win32_BIOS -ComputerName.
The above command displays the BIOS information on the local computer. Replacing the “.” value in the above command with the UNC path of the destination computer will display BIOS info for the destination computer.

Q4. Can we edit registry using Powershell commands?

Answer: Absolutely, infact Regedit is not required to edit registry using Windows Powershell. Windows Powershell exposes Windows Registry as a data store ( like C: and D: drives) in the form of psdrives. Therefore you can access the HKEY LOCAL MACHINE registry hive as HKLM:\ and then use usual commands to edit registry. For more information and actual commands to edit specific registry information please view the session recording at: http://www.connectwithlife.co.in/vtd/           
For Example: $value = (get-itemproperty "HKLM:\software\microsoft\internet explorer").version

Q5. Is Windows Powershell a new version of Linux shell, as you can run all Linux shell commands in Powershell?

Answer: Windows Powershell was basically developed to bridge gaps that were there wrt administration using Windows Command Line (cmd shell). We had a large number of commands to manage Windows Server 2003. Many more commands were added with Windows Server 2003 R2. But the cmd shell could still not provide the intuitiveness of Bash , the object based simplicity of Perl etc. So there was a desperate need to have an intuitive and simple command shell that could be more useful especially to administrators. Do watch/listen to this video (an interview with Jeffery Snover , Windows Powershell developer) : http://www.microsoft.com/uk/technet/spotlight/sessionh.aspx?videoid=209

Q6. How can I use Powershell to administer most activities on Windows Vista Computer?
Ans: Powershell can be used to administer Windows Vista Computers in all ways that you can do it using the GUI. Many of such administrative activities were demonstrated in the VTD session and you can even download a Powershell Owner’s manual whre you can access most of the information on how you can use it even better to administer Windows Vista: http://www.microsoft.com/technet/scriptcenter/topics/winpsh/manual/default.mspx

Q7: Are the Powershell commands same for Windows XP and Windows Vista?

Answer: Although there are many commands that might look same for both the platforms, but yet there are many differences, mostly for administering features that were not present in Windows XP.

Q8: Can existing VB scripts be used on Windows Powershell?

Answer: Before using VB scripts on Windows Powershell, you need to convert them to Powershell scripts. This is a simple task that can be done using existing tools:

http://www.microsoft.com/technet/scriptcenter/topics/winpsh/convert/default.mspx

Above al, you can find most of the scripts, tools, guides and resources on Powershell here:

http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspx

To learn more about working with Windows Powershell, you can also view many webcasts on Windows Powershell at: http://www.microsoft.com/webcasts

Virtual Lab on Windows Powershell can also be found at: http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032314395&EventCategory=3 

Moreover, if you are a Windows Administrator who hates writing a script (like me -J) , please watch: http://www.microsoft.com/uk/technet/spotlight/sessionh.aspx?videoid=214&PUID=000149505AA18347

Happy Powershell Learning -J  !!!

Hi I am Ravi Sankar (http://ravisankar.spaces.live.com/blog) from the TechNet India team. First of all let me thank everyone who attended the sessions under virtualization track. We have received hundreds of questions as part of the sessions and due to time constraints the speakers could answer only a few of them. So I am taking this opportunity to answer all of those questions.

A number of questions are either repeated or asked with same concepts in mind. I have consolidated those into fewer number of questions and answered here. In other words answers written here are not 1:1 replies of your questions but essentially covers everything you wanted to know.

Q1: Is there a virtual firewall or special security protocol in Hyper-V?

A1: The answer is NO. Virtual machines can be protected using the same firewall applications and security protocols used in physical machines. To know more about virtual networks please click here

Q2: Do I need to run antivirus software in all the virtual machines in a Hyper-V based server or is it sufficient to run one instance of antivirus software in the parent partition?

A2: Antivirus software should be installed in all virtual machines including the parent partition. Also depending on the applications installed, the requirement on antivirus software would vary from one virtual machine to another virtual machine. For example, the antivirus software required for a virtual machine running Exchange Server is different from a virtual machine running SQL Server.

Q3: I have a smart client application. Will this work in a virtual machine environment (as such) or does it require customization?

A3: I don’t see any reason for additional customisations. But I do not know the details of the application you have mentioned. So I suggest you to thoroughly test the application  before using it in production

Q4: Can my offline virtual machines be patched to keep it update?

A4: Yes, you can do this. Offline Virtual Machine Servicing Tool can be used to achieve this goal. Click here to download the tool. An update version of this tools is expected soon.

Q5: Please explain the ring model of CPU as far as Hyper-V is concerned.

A5: Hypervisors work at ring –1, OS kernel works at ring 0 and user applications work at ring 3. Ring 1 & 2 are not used in Windows

Q6: What are the specific CPU features required for Hyper-V to run?

A6: For any computer to run Hyper-V it should have a CPU from Intel or AMD with hardware assisted virtualization capability. For Intel processors this technology is called Intel-VT and for AMD processors this technology is known as AMD-V. Additionally Data Execution Prevention (DEP) should be turned on for Hyper-V to run.

Q7: Will the physical environment security applications take care of the full virtual environment or do I have to consider any additional products?

A7: Security applications such as firewalls and anti malware products remain the same for virtual environments. But these security applications should be configured to secure both parent and child virtual machines

Q8: Is System Management Server/System Center Configuration Manager a supported application on Hyper-V?

A8: Yes, SMS/SCCM products can be installed in a Hyper-V based virtual machine. Hyper-V based virtual machines can also be configured as SMS/SCCM clients.

Q9: Is there a “bare metal” installation type available for Hyper-V? Is it possible to install Hyper-V without installing Windows Server 2008?

A9: Yes and this type of Hyper-V implementation is known as Microsoft Hyper-V server. For more details please follow this link http://www.microsoft.com/Hyper-VServer

Q10: How the Hyper-v architecture can mitigate security attacks?

A10: Let’s look at different potential attack vendors on the virtualized environment.

Let’s say an application that encounters malware with some frequency (e.g. a web server) is running in one of the guest virtual machines above. It becomes compromised, but the malware would still need to compromise the guest kernel OS for the virtual machine (which is typically what happens when a physical machine is running an application with a vulnerability). From there the malware could potentially target a number of vectors for broader infection:

• The right arrow signifies that the malware could try to target other virtual machines running on the same box
• Alternatively, it could try to target the hypervisor to bring down the overall virtualization environment, or
• Try to target the VSPs through the VSC-VSP communications path. (Again, the virtualization service clients, or VSCs, enable virtual machines to be installed on their own Hyper-V device and to talk more directly with the virtual service providers which broker access to physical I/O.)
• Another option is to target the individual virtual machine worker processes where the majority of the code with Hyper-V resides

Let’s now look at how the Hyper-V architecture helps to mitigate these potential attack vectors

The hardware itself mitigates attacks on the OS kernel. The latest CPUs from Intel and AMD have the ability to run this in the most privileged part of the processor, otherwise known as “Ring 0”, and to block access to this from other components (e.g. guest virtual machines running in user mode) that should not have access.

The architecture itself creates isolation between other virtual machines, addressing the scenario of malware trying to attack other virtual machines from the infected virtual machine. If a guest wants to communicate with another guest, it must be done through the root partition. “Back-channeling” is not allowed – no two parts can communicate directly with each other, similar to how two machines connect on a physical network.

Regarding the other three attacks (on the Windows hypervisor, VSPs-VSCs, and on VM Worker processes):

• The size of the hypervisor, VSCs/VSPs are small (i.e. lower likelihood of vulnerabilities)
• When VSPs receive data from the VMBus, it is considered untrusted and requires validation
• If a VM Worker process (where most of the Hyper-V code resides) is brought down, it only brings down the VM session

In short, the separation of components from each other by privilege level and architecture helps enable defence-in-depth against malware attacks.

All of the above components have been extensively tested through the Security Design Lifecycle – threat modelling, fuzz testing, and security code review.

Q11: What is Microsoft Forefront and what kind of protection does it offer?

A11: Microsoft Forefront represents a suite of security products offering protection at client, server and network edge levels. Fore more details please refer to the following link www.microsoft.com/forefront

Q12: How many virtual machines can be created in a given instance of Hyper-V?

A12: Please follow this link to see the maximum supported configurations under Hyper-V. http://blogs.msdn.com/nickmac/archive/2008/07/04/hyper-v-rtm-maximum-supported-configurations.aspx . But these are not fixed numbers. They would change with newer hardware configurations and corresponding changes made to Hyper-V.

Another link: http://support.microsoft.com/kb/956710

Q13: Please explain the difference between monolithic hypervisor and microkernelized hypervisor.

A14: The diagram below explains the difference. Hyper-V follows the more secure and stable microkernelized architecture unlike many of it’s competitors.

Q14: What kind of hardware is recommended for Hyper-V?

A14: http://technet.microsoft.com/en-us/library/cc816844.aspx

In the recent Virtual TechDays that got concluded we had a number of sessions and there were questions that couldnt be answered. You can download the PPT for the "Top 10 DMVs Admin must know in SQL Server" at: http://download.microsoft.com/download/6/1/A/61A76FEB-8035-47BC-9573-A438F7513E6A/DAY2/TRACK4/Top_10_DMVs.ppt

Question Asked: What is ITW in SQL 2000 and What are DMVs?

ITW is Index Tuning Wizard and was available in SQL 2000 days. We rewamped it as DTA (Database Tuning Wizard) in SQL Server 2005 which was far more powerful than the SQL 2000 ITW counterpart. Now to get into the second part, Dynamic Management Views (DMV) provide greater transparency and insight into the database and a powerful infrastructure for proactive monitoring of database health and performance to make managing data more flexible and secure.

Question Asked: do we need to run DMV on prod server or we can run on the restored DB also

We need to understand one fundamental thing here, DMV's are like pseudo views / tables that are exposing the in-memory structures of SQL Server. These are useful to diagnoze any potential problems that might occur in that system. Some of these views are transient and some are cummulative and some get fulshed from time-to-time. Typical examples in these categories would incude Locks data is transient and changes every micro-second while data like the Index usage (seeks, scans etc) are cummulative and data like the query cache can get flushed if there is memory pressure from any other side. Having said all this, these data are NOT like metadata (e.g. sys.tables) which can be restored on another DB and analyzed. There is a way in SQL Server 2008 using Data Collector that we can do this and check the architecture here: http://msdn.microsoft.com/en-us/library/bb677355.aspx

Question Asked: all these DMV are part of SQL 2005

DMV's were very much intrduced as concepts inside SQL Server 2005 itself. AFAIK, there were close to 80+ DMV's with SQL Server 2005 RTM build. We increased this set to ~136 with this new version of SQL Server 2008.

Question Asked: How to get a list of all DMVs available for us to query upon....?

Here is a simple query that will help you answer this part:
SELECT * FROM sys.all_objects
   WHERE [name] LIKE '%dm_%'
                AND [type] IN ('V', 'TF', 'IF')
ORDER BY [name]

With SQL 2008 we introduced a number of DMV's around auditing, Extended Events, CDC, Filestreams etc.

Question Asked: what will calculeted by awe_allocated_kb

This value shows the overall amount of memory that is allocated through the AWE mechanism on the 32-bit version of SQL Server. Or, this value shows the overall amount of memory that locked pages consume on the 64-bit version of the product. This value comes from the sys.dm_os_memory_clerks DMV and the documentation for the same is at: http://msdn.microsoft.com/en-us/library/ms175019.aspx.

Question Asked: What permission does a user need to access the DMV's

There are two types of dynamic management views and functions:
Server-scoped dynamic management views and functions (e.g OS, IO, Threads, tasks etc). These require VIEW SERVER STATE permission on the server.
Database-scoped dynamic management views and functions (e.g Index, Tables, partition, file etc). These require VIEW DATABASE STATE permission on the database.

Question Asked: Which DMV give me query plan or I will use old method to find query plan?

Here is a query that you can run to get the Total Elapsed time of queries and the number of times those queries were hit. It also give's you the query and the plan used for each of those.

select qs.execution_count
     , qs.total_elapsed_time, qs.last_elapsed_time
     , qs.min_elapsed_time, qs.max_elapsed_time
     , substring(st.text, (qs.statement_start_offset/2)+1
                        , ((case qs.statement_end_offset
                              when -1 then datalength(st.text)
                              else qs.statement_end_offset
                           end - qs.statement_start_offset)/2) + 1) as statement_text
      , qp.query_plan
from sys.dm_exec_query_stats as qs
cross apply sys.dm_exec_sql_text(qs.sql_handle) as st
cross apply sys.dm_exec_query_plan (qs.plan_handle) as qp

Question Asked: How are DMV's and DMF's changing the memory consumptions of SQL Server? consider the dm_exec_* which store the results of the current workload.

I think this has come a number of times from various people I have interacted. As described before, DMV's are in-memory structures and are anyway's used by SQL Server internally. It is with SQL Server 2005 that we started exposing them in an official manner rather than doing bit-manipulations with some DBCC commands. Hence there is nothing to be worried about the load or memory consumptions. It is not as alarming as you think.

Question Asked: does there is support for DMVs in SQL 2000?

DMV's were introduced with SQL Server 2005 onwards. Though these numbers are increasing from version to version these cannot be got with SQL 2000 version. If you are still using SQL Server 2000 version I would strongly recommend you to move to SQL Server 2008 version :).

Question Asked: it seems to be very hard to remember DMV names, is there any way to get list of DMV's and its usage?

Fair enough and I dont think you are the only person finding it difficult :). With SQL Server 2005 I gone to BOL a number of times, but with SQL 2008 the intellisense takes away half the problem. But if you want to learn more on DMV's and start using them then I would recommend you to book mark this page on MSDN: http://msdn.microsoft.com/en-us/library/ms188754.aspx

Due to time constraints we were not able to answer them during the session itself but I am sure these have got clarified now. Keep those questions coming and we will try our best to answer them during the session else dont forget to visit this blog post the event :). Hope this was of help, btw dont forget to login to the VTD site to register your views on Nov VTD Topics.

PS: These are the exact questions that were asked during the session. I have taken the relevant ones and compiled the same here for you. BTW, there are couple more blogs around other sessions that will get posted.

Vinod Kumar
Technology Evangelist
www.ExtremeExperts.com

Well, officially from the TechNet team we will have the ITPro tracks starting from tomorrow and there is a dedicated track on Virtualization spanning two days and we have industry speakers from our various organizations talking on different virtualization techniques used by them. We will also have a track on SQL Server and Windows Vista Client (on 19th) that we will talk extensively.

If you have not yet joined our party, feel free to login tomm @ 10AM here.

Our SQL Evangelist blogs on his day 1 experience on the SQL Server topics on the dev track here. Pass you comments and feedbacks ... We will be more than happy to hear you !!!

First, let me take this opportunity to Welcome all to this blog from the TechNet India Team where we try to share our experiences, information on various events/activities we do in India. This is also a channel where we solicit feedbacks from you folks who use our product day-in-day-out. Thanks again for all the innovation you do using our tools and technologies.

This blog cannot come at a better time than now. We are about to start our "Virtual TechDays" in less than a week, actually Sep 17th, 18th and 19th. We are going to give you a tough time in choosing our sessions, as much as 48 sessions with 4 tracks in parallel this is going to be one mega online event you dont want to miss.

From the TechNet side, we have topics around "Virtualization" which is big and we are having close to 8 sessions around this theme. Many of these sessions are done by Industry speakers who have used these technologies - hence this is more of what our customers have experienced. We also have tracks around SQL Server, Windows Vista that you can attend during these three days. BTW, if you are a developer you have choices of sessions around Client development, Mobile, Web development etc. So lots in store for you.

For detailed information around the tracks and sessions, feel free to visit / register at: http://www.connectwithlife.co.in/vtd/

 There are already links from our Evangelists around Virtualization and SQL Server on their blogs.

TechNet India