The content of this post was based on Windows Server 2008 R2. However the concepts remains applicable and the implementations are much the same with those in Windows Server 2012.
The ability to deliver a desktop with full fidelity over a network, while deploying applications on demand and with hardware independence, is an IT reality with Windows 7, Windows Server 2008 R2, and Application Virtualization (App-V) which is part of Microsoft Desktop Optimization Pack (MDOP). This screencast highlights how these three amazing technologies work as a solution platform, by demonstrating key user scenarios. Notice that if to implement the VDI solution in a Windows 2003 functional level domain, one must extend the AD schema to Windows Server 2008 level.
For more information, I have also published a number of blog posts and screencasts on Microsoft virtualization solutions including:
Virtually speaking about Cloud Computing series by Yung Chou includes
About This Video
In this installment of Virtually Speaking, Yung Chou dives deeper into explaining the basics of cloud computing and how it works. Tune in as Yung goes through the 5 -3-2 principal of cloud computing as he examines the various service delivery models that are available as well as how each scenario can impact your business.
Video: WMV | MP4 | WMV (ZIP) | PSP Audio: WMA | MP3
Are you ready for Private Cloud? Take a free 10-minute assessment
If you're interested in learning more about the products or solutions discussed in this episode, click on any of the below links for free, in-depth information:
In the TechNet Webcast: Microsoft Solutions for Windows Vista Management (Level 300), I will demo a number of capabilities for managing Vista desktops and Windows environment in general. Microsoft Advanced Group Policy Management (AGPM) 3.0 is one of the 5 components in Microsoft Desktop Optimization Pack for Software Assurance (MDOP) 2008 R2. AGPM enables the change-approval workflow of Group Policy Objects (GPOs) and is something I thought worth a special introduction here. Meanwhile I am also developing a screencast and will publish it here soon.
AGPM is to help customers better manage GPOs, particularly those with complex information technology (IT) environments. A robust delegation model, role-based administration, and change-request approval provide granular administrative control as described in the overview whitepaper and shown below. For example, you can delegate Reviewer, Editor, and Approver roles to other administrators — even administrators who do not have access to production GPOs. The Editor role can edit GPOs but not deploy them; the Approver role can deploy GPO changes. AGPM also helps reduce the risk of widespread failures. You can use AGPM to edit GPOs offline, outside of the production environment, and then audit changes and easily find differences between GPO versions. In addition, AGPM supports effective change control by providing version tracking, history capture, and quick rollback of deployed GPO changes. It also supports a management workflow by allowing you to create GPO template libraries and send GPO change e-mail notifications. Step-by-Step and Operations Guides of AGM 3.0 are also readily available.
For those who are interested in finding more, MDOP 2008 R2 was RTM in September of 2008. Here are demos, more demos, and FAQ. Subscribers can download MDOP 2008 R2 from the TechNet and MSDN subscription sites. The availability of the components is as follows through Microsoft Volume Licensing Service (MVLS):
The official MDOP blog is the channel to get the latest.
Windows Virtual PC is the latest Microsoft virtualization technology designed for Windows 7. It is the runtime engine for Windows XP Mode to provide a virtual Windows environment for Windows 7. Windows XP Mode, a new benefit of Windows 7 Professional and Windows 7 Ultimate, provides a virtual Windows XP SP3 runtime environment within Windows 7, and allows one to install and run Windows XP specific application directly from your Windows 7-based PC. Notice Windows XP Mode is 32-bit only while Windows 7 has both 32-bit and 64-bit versions. Windows XP Mode is a full virtual version of Windows XP SP3 and follows the same support lifecycle as Windows XP whose support phase ends in 2014.
On the other hand, if running Windows Vista or Windows XP on a physical machine, one can use Microsoft Virtual PC 2007 to run multiple operating systems at the same time on the same physical computer. There are noticeable differences between Windows Virtual PC and Microsoft Virtual PC. For instance the former requires hardware assisted-virtualization, supports USB, and is integrated with Windows XP Mode, while the latter does not. Here is the information to Compare some of the many features of Virtual PC 2007 to Windows Virtual PC.
What Are Office Web Apps
The concept of Office Web Apps is essentially your Microsoft Office in the cloud. Enterprise customer can deploy Office Web Apps in a private cloud, while for Windows Live users Microsoft makes Office Web Apps available free in the Internet.The following is a screen capture of editing a presentation with PowerPoint Web App. A quick review is also available in Office Web Apps Overview.
Office Web Apps are online companions to Word, Excel, PowerPoint, and OneNote giving you the freedom to work on Microsoft Office documents with browsers including Internet Explorer 7 or later for Windows, Safari 4 or later for Mac, and Firefox 3.5 or later for Windows, Mac, or Linux.Office Web Apps are entirely Web-based, and there's no additional software to download or install. Office documents can be created and stored in a server supporting Office Web Apps right from the browser session without the need of a locally installed Microsoft Office client.
Using Office Web Apps a user will be able to view Office documents seamlessly in the browser with great fidelity, create new Office documents and do basic editing using the Ribbon. There are however some differences between the features of Office Web Apps and the Office 2010 programs. When making changes requiring functions beyond what are available in an Office Web App, or as preferred, one can easily open and edit the document in Office locally installed on your computer, and later save it back to the server. The ability to open Office documents directly from Office Web Apps into the desktop application is available on computers running a supported browser and with Microsoft Office 2003 or a later version of Office (for Windows PCs). This functionality will also be available on computers running a supported browser along with the forthcoming Office for Mac 2011.
What Is SkyDrive
A free, password-protected online storage available with a Windows Live ID by Microsoft, SkyDrive is. With a Windows Live ID, a user can store up to 25 gigabytes (GB) of files as of July, 2010. The upload operation accepts a file up to 50 megabytes (MB) in size. A user can arrange files with folder and subfolders, and keep private files in the personal folder while placing those to be public in a shared folder. To share a folder or individual file, a user can set permissions accordingly followed by inviting others with email. Shown below is one way to create Office documents in SkyDrive.
Although SkyDrive provides a location for storing files online, it is nevertheless not an FTP site, nor does it function with an FTP client. Further Microsoft may limit the number of files that each user can upload to SkyDrive each month. Individual seeking support on SkyDrive can participate the conversations and look for answers in SkyDrive Forum.
Office Web Apps , SharePoint, and SkyDrive
For enterprise customers with on-premise SharePoint installation, Office Web Apps require SharePoint Foundation 2010 which is free from Microsoft. On the other hand, Office Web Apps does require volume licensing. Office Web Apps can deliver Word, Excel, and PowerPoint files on many devices. Supported mobile viewers for Office Web Apps on SharePoint include Internet Explorer on Windows Mobile 5/6/6.1/6.5; Safari 4 on iPhone 3G and 3GS; BlackBerry 4.x and later; Nokia S60; NetFront 3.4, 3.5, and later; Opera Mobile 8.65 and later; and Openwave 6.2, 7.0 and later. To roll out the services in an enterprise environment, TechNet has documented specifics including planning and deploying Office Web Apps.
For consumers, Office Web Apps are part of the Windows Live offerings. A user with a Windows Live ID can user Office Web Apps to create, upload Office documents which are stored in SkyDrive. Supported mobile viewers for Office Web Apps on Windows Live include Safari 4 on iPhone 3G and 3GS, and Internet Explorer 7 on the upcoming Windows Phone 7. Viewing Excel files via a mobile browser is currently only available with Office Web Apps on SharePoint 2010.
Start Using Office Web Apps with SkyDrive Today
A supported browser and a Windows Live ID are all you need to create, view, edit, and share your Office documents in the cloud. Your teammates can now work with you on projects regardless if they have a locally installed copy of Microsoft Office.
<Next: Office Web Apps Overview>
This book, by Mitch Tulloch with the Microsoft Virtualization team, is for IT professionals who want to learn more about Microsoft virtualization and virtualization-enabling technologies. It convers many areas of virtualization solutions including: Virtual Machine Manager 2008, Application Virtualization, Presentation Virtualization (Terminal Services), Desktop Virtualization, etc. You can download the book here.
When it comes to cloud security, many times I have heard people simply claim it is not secure, yet fail to give specifics. And consequently all too often a cloud security discussion soon turns into a religious or linguistic debate, instead of focusing on what the concerns are and how to address them. Another interesting observation is that somehow an assumption seems fundamentally put in place is that if it is not compliant, it is not secure. Which is incorrect as explained later. This blog examines a few important concepts and strategies to better understand how to approach cloud security in general.
Compliance vs. Security
In cloud computing, we must recognize that security and compliance are two topics and not necessarily consequential. There are some scenarios that perhaps cloud computing is not able to become directly complaint due to an inability to provide all required security specifics. This however does not necessarily suggest cloud computing is not secure. For instance, a customer may demand an affinity or some predictability of an application and the physical server that the application is running upon. This is a fundamental disruption in cloud computing. Notice one of the 5 characteristics of cloud computing is resource pooling so that resources can be identified, allocated, monitored, managed, and de-allocated dynamically and on demand while providing high availability and location transparency of service instances, which is a necessary condition for offering elasticity (also one of the 5 characteristics) with current technologies. Resource pooling means upon which server a cloud application instance will run is based upon the availability of a targeted resource in an intended pool at the time of allocating. To specify on which servers an application can run will abolish the ability to sustain high availability and on-demand capacity of a running instance. By default, cloud computing can not and should not offer affinity of hardware and a running instance. Does this mean cloud computing is not secure? The answer is “Huh?” since compliance and security are here two different matters.
Context and Scenario
Cloud is a broad topic and adds a few layers of abstraction. So be specific on an examined topic. Reference the 5-3-2 principle and consider separations of responsibilities to set the context and describe the scenario that you believe security may be an issue.
One should first answer the above questions to make certain an issue is relevant to specifically cloud computing and if a consumer or a service provider is responsible. If it is not cloud computing specific, it should not be discussed as a cloud computing issue. The abstractions of cloud computing all too often confuse people and complicate an issue more. If one is able to discover what it is, how it can happen, who is responsible, and if it is a cloud specific issue, there is a great opportunity that a solution will service itself.
Notice that a key enabler of cloud commuting is virtualization. And cloud security is conceptually not that much different from security considerations for virtualization and on-premises computing in general. There are various layers in cloud computing, as highlighted in the schematic on the left, and defense in depth is directly applicable and a best practice. In on-premises computing, corporate IT has control over all layers. Now in cloud computing, depending on which delivery method and deployment model in cloud computing, there is a separation of responsibilities among a service provider and consumers, and resources under certain layer are owned and managed by a service provider. For instance, a service provider will manage all layers in SaaS. So a user does not need to know where and how the system is maintained and managed, other than the URL of the subscribed service and an authorized account to use the service. Microsoft Office 365 and Online Services are SaaS offerings. And both offer customers enterprise email, collaboration, and unified communications capabilities without the need to own IT infrastructure which encompasses all layers as shown. Which also means a subscriber will have no control over any layer. Meanwhile, in PaaS a user will have control on Applications and Data layers, but not those below. Microsoft Windows Azure is a PaaS example, provides an environment for development, deployment, and management, and enable IT to code/test/publish/manage a cloud application delivered with SaaS in public cloud. It is a very powerful, efficient, and strategic platform that cloud applications can be developed, deployed, and managed highly transparent with on-premises establishments with IPSec connectivity. The IPSec connectivity can be easily achieved upon the availability of Windows Azure Connect. In IaaS, layers above virtualization are managed by a subscriber. Namely a customer now has the responsibilities to harden and patch OS as well as all applications and services running in a virtual machine deployed by IaaS. Microsoft’s IaaS solutions are focused much on private cloud. For many, the concept of IaaS remains a bit remote and foreign. The good news is that with the upcoming release of System Center 2012, building and deploying a private cloud will be a relatively straightforward and easy process. Expect a few of my upcoming blogs to examine some of the key concepts on Windows Azure Connect and System Center 2012.
It’s About Trust
Either on premises or in cloud, at some point you just have to start trusting whoever is going to provide the service. If one thinks about it deep enough, it should become apparent that trusting is one of the root issue on cloud security. Will you trust someone to keep you data? No? Looking around and think again. We all have in fact already been trusting many others in carrying out our everyday business. We trust our Exchange admins whoever they are to run our email and inspect our inboxes with or without a notice, internet service provider to route our messages and connect us with customers and partners, couriers to deliver our confidential packages among branch offices, etc. Hosting applications and data is certainly serious and critical to business. However not all data are confidential and must be in a vault guarded with only employees. What needs to happen first is to examine data relevant to business and identify those which absolutely can not be off premises. Then assess if it makes sense to go to cloud with those data basically can be outsourced.
From a cloud computing consumer’s point of view, in addition to establishing best practices on those resources within one’s control, the ultimate questions are the trustworthiness of a service provider and if a consumer can trust someone else to host one’s data, application, and infrastructure, as applicable. This question is rudimentary and a key concept towards employing IT as a service.
How does cloud computing apply to me? The million dollar question on every IT Pro’s lips is the topic of discussion for today’s episode of Virtually Speaking and Sr. IT Pro Evangelist Yung Chou is here to help answer it. From why you should care, to how you can make it work for you in your career and business be sure to listen in on this very informative session.
Our team has been delivering Windows Server 2008 content and the following is a list of April’s webcasts. I recommend your reviewing of them as part of a daily or weekly training routine to bring your understanding of the features and capabilities offered by the product to a 300 level in a short and predictable period of time.
24 Hours of Windows Server 2008
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 10 of 24): IIS 7.0 Diagnostics and Troubleshooting (Level 300)
Friday, April 4, 2008 9:30 A.M.–11:00 A.M. Pacific Time
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 11 of 24): IIS 7.0 Web and Applications Support (Level 300)
Wednesday, April 9, 2008 9:30 A.M.–11:00 A.M. Pacific Time
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 12 of 24): Migrating and Upgrading to IIS 7.0 (Level 300)
Friday, April 11, 2008 9:30 A.M.–11:00 A.M. Pacific Time
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 13 of 24): Server and Print Management (Level 300)
Wednesday, April 16, 2008 9:30 A.M.–11:00 A.M. Pacific Time
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 14 of 24): Windows PowerShell (Level 300)
Friday, April 18, 2008 9:30 A.M.–11:00 A.M. Pacific Time
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 15 of 24): Windows Deployment Services and Microsoft Deployment (Level 300)
Wednesday, April 23, 2008 9:30 A.M.–11:00 A.M. Pacific Time
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 16 of 24): Windows Server 2008 Active Directory Features (Level 300)
Friday, April 25, 2008 9:30 A.M.–11:00 A.M. Pacific Time
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 17 of 24): Migrating to Active Directory Domain Services in Windows Server 2008 (Level 300)
Wednesday, April 30, 2008 9:30 A.M.–11:00 A.M. Pacific Time
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 01 of 24): Overview (Level 200)
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 02 of 24): Server Virtualization with Hyper-V Features and Architecture (Level 200)
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 03 of 24): Managing Hyper-V (Level 200)
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 04 of 24): Presentation Virtualization with Terminal Services RemoteApp (Level 200)
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 05 of 24): Terminal Services Gateway and Terminal Services Web Access (Level 200)
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 06 of 24): Deploying and Migrating to Terminal Server (Level 200)
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 07 of 24): IIS 7.0 Overview and Architecture (Level 200)
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 08 of 24): IIS 7.0 Advanced Management (Level 200)
TechNet Webcast: 24 Hours of Windows Server 2008 (Part 09 of 24): IIS 7.0 Centralized Configuration (Level 300)
Group Policy On-Demand Webcasts
TechNet Webcast: Group Policy Fundamentals (Part 01 of 14): Introduction to Group Policy (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 02 of 14): Applying Group Policy (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 03 of 14): Creating and Editing Group Policy Objects (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 04 of 14): Managing Group Policy with GPMC (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 05 of 14): Managing Group Policy Operations with the GPMC (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 06 of 14): Group Policy Processing Behavior-Initial Processing of GPOs (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 07 of 14): Group Policy Processing Behavior-Using Objects to Affect GP (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 08 of 14): Group Policy Administrative Templates (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 09 of 14): From Basic to Advanced: Security (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 10 of 14): From Basic to Advanced: Security Templates and IPSEC (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 11 of 14): Designing and Planning Group Policy (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 12 of 14): Managing Your Group Policy Environment with GPMC (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 13 of 14): Troubleshooting Group Policy (Level 200)
TechNet Webcast: Group Policy Fundamentals (Part 14 of 14): Group Policy Best Practices (Level 200)
TechNet Webcast: Active Directory Inside Out (Part 01 of 11)—Active Directory Logical Concepts—Level 200
TechNet Webcast: Active Directory Inside Out (Part 02 of 11)—Active Directory Physical Concepts—Level 200
TechNet Webcast: Active Directory Inside Out (Part 03 of 11)—Active Directory Replication and the Operations Masters Role—Level 200
TechNet Webcast: Active Directory Inside Out (Part 04 of 11)—Installing and Managing DNS—Level 200
TechNet Webcast: Active Directory Inside Out (Part 05 of 11)—DNS Features and Configuration—Level 200
TechNet Webcast: Active Directory Inside Out (Part 06 of 11)—Interoperability and Migration from Novell Directory Services—Level 200
TechNet Webcast: Active Directory Inside Out (Part 07 of 11)—Migrating File Resources from NetWare to Active Directory 2003—Level 200
TechNet Webcast: Active Directory Inside Out (Part 08 of 11)—Deployment and Interoperability with NT 4.0 and Windows 2000—Level 200
TechNet Webcast: Active Directory Inside Out (Part 09 of 11)—Administration Features—Level 200
TechNet Webcast: Active Directory Inside Out (Part 10 of 11)—Replication Features and Forest to Forest Trusts—Level 200
TechNet Webcast: Active Directory Inside Out (Part 11 of 11)—Group Policy Management Console and Software Restriction—Level 200
Yes, it is happening. Ecma Office Open XML Document Format appears to win approval as an ISO/IEC Standard. And ISO and IEC have approved Office Open XML document format standard. Open XML offers great opportunities in the areas of file and data management, data recovery, interoperability with line-of-business systems, and the long-term preservation of documents. The separation of Open XML markup, schemas, and data makes it possible to report information from various applications and systems without translating the information first.
Why IT decision makers care about Open XML? Here are media briefings and a technical discussion on Microsoft Office 2007 Open XML File Formats.
In today’s episode Yung Chou shows us how to use System Center 2012 App Controller to easily configure, deploy and manage virtual machines and services across private and public clouds. In part one of this series he demos for us how to connect App Controller to Windows Azure.
After watching this video, follow these next steps:
Step #1 – Start Your Free 90 Day Trial of Windows Azure and deploy VMs in the cloud Step #2 – Download and install Windows Server 2012 and System Center 2012 Step #3 – Learn, build, and experiment IaaS
Websites & Blogs:
A noticeable capability now available in System Center 2012 SP1 is to COPY a stored VM from on-premise private cloud fabric to Windows Azure. This COPY process is to be initiated from App Controller with an established connection to an intended Windows Azure subscription. A prerequisite of copying a VM is that the VM must be in a “stored” state. Storing a VM and later deploying the stored VM may appear conceptually plain. They are actually quite interesting operations in implementation. These processes under the hood make several transitions while on the surface with App Controller the user experience is amazingly streamlined and simple. The logical model of the associated operations is actually a great tool to better understand how the private cloud fabric works. The following schematic depicts the conceptual model of copying a VM from on-premise private cloud fabric to Windows Azure.
Form a user’s point of view, the process to COPY a VM to Windows Azure requires first storing the VM. A VM once stored becomes a library object, or specifically an object in Cloud Libraries of the Library workspace in VMM admin console as shown below. To store a VM either in App Controller or VMM admin console, simply right-click a target VM and select the option to store it. At this time, the process actually moves/exports the VM from the default VM path (configured in Placement of the associated host properties) to “Stored VM path” defined in the associated cloud properties. Both paths are set with VMM admin console as illustrated in the following.
Once a VM is stored, as shown below the status of the VM will be set as “Stored.” Notice that the operations of storing a VM are very much like those in exporting one. The process will capture the state packaged with the content and configurations of the VM.
At this time, an authorized user can then in App Controller initiate a COPY process to bring a stored VM to Windows Azure. A stored VM can be also redeployed back to the state, where, and when the “Store” process was last performed. [Continued in upcoming posts]
This lab demonstrates the ability to easily deploy and manage a VM in Windows Azure. Here, this VM happens to be a SQL Server 2012 which makes it more interesting by walking through the process to configure and remotely maintain a SQL Server 2012 instance running in a Windows Azure VM. This is however not intended to be a SQL lab and SQL Server experience is helpful but not required for completing the following tasks:
Placing a SQL database in the cloud and maintaining it remotely is a straightforward concept. Similar to connecting to an on-premise SQL database, a database client configures a connection string and connects to a target database which in this case is a SQL Server 2012 instance running in a Windows Azure VM in the cloud. Regardless where a SQL instance runs much of the sys admin routine is much the same by configuring firewall rules, setting authentication methods, creating SQL users, etc. The following depicts the conceptual model.
A step-by-step, screen-by-screen lab guide as shown detailing the process and steps to deploy, configure, and test database connectivity is available for download.
Here I am making this lab guide available as a download in pdf. This is a lab that I believe will accelerate many of us to better understand cloud computing and Windows Azure. Either you are a system admin or a DBA, go through this lab will connect many dots for you. If nothing else, use this lab as a self-study material for Windows Server 2012 and SQL Server 2012 and update your skill set.
At the same time, I also want to ask all to help sharing this resource broadly across the IT community. So other fellow IT pros can also benefit from it. Click the button to post a short tweet about this document, and you'll automatically receive a direct link to download this lab guide immediately afterwards. I hope you will find the document helpful. If you prefer not to share it with a tweet, email me from this post and I will understand and direct you to download the document.
To do this lab, you will need to have a Windows Azure subscription for deploying VMs. If not already, this is a good opportunity to start and learn Windows Azure. You can sign up and use Windows Azure 90-day free trial at http://aka.ms/90 to do the lab. A screencast as a supplement to the lab guide is available at http://aka.ms/AzureVMSQL.
What exactly is a private cloud? In this episode of Virtually Speaking, Sr. IT Pro Evangelist Yung Chou spends some time explaining the components that make up a private cloud, various virtualization solutions as well as how virtualization itself is merely a key enabler of IT as a Service.
Windows Azure is a cloud OS. It is an infrastructure with computing, networking, and storage capacities; a global service publishing and distribution vehicle; and a security and system management framework capable of bridging and extending on-premise resources with those deployed in the cloud. With IaaS combined with the many features Windows Azure offers, the opportunities for enterprise IT as well as small and medium businesses are real and exciting to employ cloud as a delivery platform for LOB services including media and phone apps. Windows Azure combined with Windows Server 2012 and System Center 2012 SP1 provide many options for IT to transition and transform existing establishments into a cloud-friendly, cloud-ready, and cloud-enabled environment. Deploying resources, migrating workloads, and expanding Active Directory to cloud have never been easier with so much predictability and quick ROI, and without compromising quality and security. While for developers, those applications deployed to Windows Azure PaaS environment will be by default delivered with SaaS globally. Windows Azure is a cloud OS, changes how IT does business, and opens many new possibilities to shorten go-to-market. The following schematic depicts Windows Azure features highlighting technical capabilities, target scenarios, and business objectives.
WEB SITES is to rapidly deploy highly scalable web sites on Windows Azure. It allows using languages and open source applications of a site administrator’s choice and deploying content with FTP, Git, and TFS. Integrations with Windows Azure services include SQL Database, Caching, Content Delivery Network (CDN) and Storage. This is an optimal solution for a web presence to start small and scale as traffic grows with scalability, high availability, and built-in monitoring of performance and usage data. This is also a perfect turnkey for running ephemeral, i.e. short-live and transitory sites, for contests, promotions, campaign, prototype, proof of concept, and so on.
VIRTUAL MACHINES is Windows Azure’s IaaS solution. This much needed and long waited capability enables enterprise IT to provision infrastructure and deploy VMs on demand. An administrator can now easily deploy and configure Windows Server and Linux VMs in minutes in cloud. Migrate workloads without having to change existing code and modify network configuration, while able to securely connect those VMs to on-premises corporate networks.
MOBILE SERVICES offers a secure turnkey backend-as-a-service solution readily available for mobile applications. This offer accelerates mobile application development by incorporating structured storage, user authentication, and push notifications, and shortens the process dramatically. The ROI of this offering for mobile application development and deployment is almost immediate.
MEDIA SERVICES has everything for delivering content to a variety of devices, from Xbox, Windows phone, Windows 8, to MacOS, iOS and Android while ingesting, encoding, converting, and protecting content with both on-demand and live streaming capabilities. As media increasingly becomes part of a delivery in both business and social settings, Windows Azure Media Services arrive with tremendous business opportunities and growth.
CLOUD SERVICES, a PaaS offering, provides an on-demand runtime environment. Published API enables developers to build or extend enterprise applications onto Windows Azure with high availability and elastic scale. This is a PaaS environment to deploy applications delivered as SaaS solutions to customers anywhere around the world.
BIG DATA is becoming a pressing issue and on-going challenge for enterprise IT as data continue to explode. We are now confronted with ever-increasing and unplanned bursting of data in the order of magnitude on a daily basis. IT needs to process more data today than those of yesterday’s, yester-week’s, and yester-month’s introduced by growing mobile devices and increasing dynamic traffic trigger by social networks. The new normal of enterprise IT is to have not only the capacity to store and process, but the ability to analyze and derive information, and deliver business values from a massive sample space with numerous data points which continue increasing. Facing this reality, Windows Azure features a 100% Apache Hadoop compatible, enterprise-ready HDInsight service and supports a variety of structured and unstructured data storage options, along with tools to help analyze and extract BI from data of any size. Enterprise IT may not overcome the challenges of big data overnight, the arrival of Windows Azure nonetheless offers a strategic platform to move forward with a convergent solution.
Event subscription is one of the most exciting features in Windows Server 2008 and it is very easy to set up. In the Subscription folder of Event Viewer, with a few mouse clicks and no coding, one can easily configure an event subscription to subscribe targeted events from remote computers. Should an automated process be needed upon the arrival of a subscribed event at a collecting computer, we can attach a Windows task to that particular event such that follow-up actions like emailing alerts or starting a workflow in SharePoint can be triggered automatically. This screencast also discussed the advanced settings including the service account employment and event delivery optimizations of an event subscription configuration. The screen flow is available for reference here. For better viewing, use full screen mode to view the following screencast.
This is the last article of my 3-part blog post series for facilitating experienced Windows system administrators to get productive on Windows Server 2012 with a keyboard and a mouse as the input device. Part 1 and Part 2 are focusing on basic user operations with the new Metro UI. To conclude the series, here are two important facts that one should know when running Windows Server 2012.
Again, I want to underscore that Windows Server 2012 is designed with cloud computing in mind, and together with System Center 2012 as the foundation of Microsoft private cloud solutions. For those who are working for becoming a Microsoft private cloud expert, it is imperative to master Windows Server 2012 and System Center 2012 to develop technical depth in implementing and operating of a private cloud.
11. Wireless Support
The same with Windows Server 2008, a default installation of Windows Server 2012 does not add the wireless feature. In addition to network connectivity, wireless should also be considered as a security setting in corporate security policies applicable to a production server. To acquire wireless capability, go through Add Roles and Features wizard in Server Manager to add the feature as shown below.
A best practice to manage this setting is according to your corporate security policy with a GPO, such that wireless capability of a server is defined, predictable, and consistent in a target environment.
Worth mentioning here is that, Windows Server 2012 supports wireless in Hyper-V, while Windows Server 2008 does not. The following depicts that Hyper-V Virtual Switch Manager now recognizes both the physical and the wireless network connectivity in a typical OS instance with an onboard wire and a wireless connections.
And with the employment of a wireless connection in Virtual Switch Manager, Windows Server 2012 automatically creates logical bridging devices and displayed them in Network and Sharing Center as the screen capture shown below.
12. Error Message - “Not accessible – Verify earlier versions of Windows run the Management WTR package”
When adding an earlier version of Windows server to manage in Server Manager of Windows Server 2012, the operation may fail with the error message as shown below. This is due to an inconsistency of the management framework among versions of Windows servers.
To resolve the issue, run as administrator on a target Windows server to:
There is some reference of similar Server Manager remote management issues. Additionally, James Bannan also has a blog post summarizing this scenario well. Notice once the above three items are implemented, a server will become online, while not with performance counters started. On the Server Manager UI, right-click the target server to start performance counters and the server becomes online and manageable, as shown below:
[To Part 1, 2]
Originally I configured my laptop as a dual-boot with Vista SP1 and Windows Server 2008 and total two partitions on the hard drive. So this is a configuring BitLocker with existing operating system scenario. The following are the high level steps which I did to put BitLocker on the machine. A follow-up screencast of this post is coming soon.
When it’s all said and done, the included screen captures are what I see from either operating system. Notice when booting into Vista SP1, due to the encryption, I don’t see the drive information of the partition hosting Windows Server 2008. Similarly when booting into Widows Server 2008, the Vista Sp1 partition becomes not accessible. I also have a 2nd hard disk mapped to the “data” drive which also becomes BitLocker aware.
Make no mistake about it. Keep the BitLocker recovery password safe and readily available. And very importantly, one should consider based on the dual-boot usage scenario, which partition BitLocker will be configured with first. There may be times we may also inadvertently change the hardware configuration without realizing it, and the system will come up with a black and white screen asking for the recovery password which is a set of 8 6-digit numbers. What has been happening to me is when booting from the partition that was not the first of the two to configure with BitLocker, apparently the on-board Trust Platform Module (TPM) thinks it's a change of system configuration and requests the recovery password. In my case, Windows Server 2008 was configured with BitLocker first and Vista (Enterprise SP1) later. So booting with Windows Server 2008 is business as usual, while whenever booting with Vista, TPM will intercept the process and request the recovery password for this drive.
System and drive information, and BitLocker configuration and Disk Management
Dual Boot with BitLocker – Windows Server 2008
Amid the many benefits of having the NIST SP 800-145 as a tool to facilitate the understanding, the classification and some definitions of the four deployment models are redundant and inconsistent. Particularly, the definition of “community cloud” is a redundant of that of a private cloud, the deployment models are defined with 2 set of criteria, and “hybrid cloud” is a confusing, ambiguous, and extraneous term.
SP 800-145 is the de facto standard in IT industry of describing what cloud computing is with five essential characteristics, three delivery methods, and four deployment models. The five essential characteristics well specify the qualifications and expected behaviors of an object qualified with the term, cloud. The three delivery methods signify the essence of cloud computing centered on the concept of a “service.” Both the characteristics and the delivery methods in SP 800-145 form a solid foundation and present a conceptual model envisioning what cloud computing is and about. SP 800-145 gets inconvenient where the four deployment models including public, community, private, and hybrid clouds are defined, as shown below.
Reviewing the definitions of the first three deployment models, there is a common theme. Among public, community, and private clouds, the classification is based on the intended audiences whom a cloud with its resources is dedicated to. Namely, a public cloud is intended to be consumed by the general public and a private cloud is dedicated to a single organization, i.e. for a targeted group of users. SP 800-145 classifies a private cloud and a public cloud with consistent criteria.
It is important to recognize that building a cloud with owned hardware does not default it as a private cloud of the owner’s, while a cloud with accessibility via Internet or operated by an internet service provider does not automatically make it a public cloud either. Again, the intended audiences determine it is a private or public cloud. Although many seem to default a private cloud as an on-premise deployment to owned hardware, this is nonetheless not a requirement of a private cloud.
Further “public” here does not suggest that it is free or accessible anonymously. It simply means the cloud is dedicated for the general public to consume, while there can be business or administrative restrictions imposed. Microsoft Office 365 available based on a subscription and Hotmail requiring a Live ID to sign are vivid examples of public cloud offerings with restrictions.
Inconvenience #1: The classification of “community cloud” is extraneous.
A community cloud according to 800-145 is a cloud for a specific community of consumers from organizations. As far as a member of the associated community is concerned, a community cloud is indeed a private cloud for that particular community. The number of the organizations and the administrative boundaries encompassing a community are irrelevant since from a private cloud’s view point, an authorized user is an authorized user regardless which organization one belongs to. A cloud for a community of users from either various departments, business units within a company or business partners from companies in many parts of the world is essentially a private cloud dedicated for that community.
Inconvenience #2: Using two sets of criteria to define cloud deployment models roots inconsistency and ambiguity.
As defined in SP 800-145, a hybrid cloud is a composition of infrastructures, yet at the same time a private cloud and a public cloud are defined according to their intended audiences. The change of criteria in classifying a hybrid cloud roots inconsistency and ambiguity in the deployment models presented in SP 800-145. Forming a concept with two sets of criteria is simply a confusing way to describe an already very confusing subject like cloud computing.
Inconvenience #3: "Hybrid cloud" is an ambiguous, confusing, and frequently misused term.
A hybrid cloud is a composition of two or more distinct cloud infrastructures (private, community, or public) as stated in SP 800-145. That is to say that a hybrid cloud can be a composition of private/private, private/community, private/public, etc. From a consumer’s point of view, they are in essence a private cloud, a private cloud, and a public or private cloud respectively. Regardless how a hybrid cloud is constructed, if it is intended for public consumption it is a public cloud, and if for a particular group of people it is then a private cloud according to SP 800-145. Essentially the composition of clouds is still a cloud and it is an either public or private cloud, and cannot be both at the same time.
For many enterprises IT professionals, a hybrid cloud means an on-premise private cloud connected with some off-premise resources. Notice these off-premise resources are not necessary in reality a cloud. In such case, it is simply a private cloud with some extended boundaries. A cloud is a set of capabilities and must be referenced in the context of the delivered application. Just placing a VM in the cloud or referencing a database placed in the cloud does not make the VM or the database itself a public cloud application.
The key is that a hybrid cloud is a derived concept of clouds. Namely, a hybrid can be integrations, modifications, extensions, or a combination of all of cloud infrastructures. A hybrid is nevertheless not a new concept or a different deployment model and should not be classified as a unique deployment model in addition to the two essential ones, i.e. the public and private cloud models. A cloud is either public or private and there isn’t a third kind of cloud deployment model based on the intended users.
“Hybrid cloud” is perhaps a great catchy marketing term. For many, a hybrid seems to suggest it is advanced, leading edge, and magical, and therefore better and preferred. The truth is "hybrid cloud" is an ambiguous, confusing, and frequently misused term. It confuses people, interjects noises into a conversation, and only to further confirm the state of confusion and inability to clearly understand what cloud computing is.
Keith Mayer and I had a chance to work on this project with our very best online content producer, Chris Caldwell. And what a productive experience and a fun time we have had. Keith’s extensive knowledge on many aspects of constructing a private cloud brought so much substance into every episode we recorded for this series. And I had the opportunities to offer my views on so many subjects discussed in the series.
Of these thirteen episodes, one will find out that each is an independent learning module with specific objectives, steps, and operations to carry out tasks, while the entire series collectively presents the methodology, processes, and milestones to conceptualize, design, and implement a private cloud.
Your call to action is to download Windows Server 2012 (http://aka.ms/8) and System Center 2012 SP1 (http://aka.ms/2012), review this TechNet radio series, and follow through the entire methodology (http://aka.ms/privatecloud) to learn and build your private cloud.
Download WMV Download | WMA | MP3
If you attended one of our Live Private Cloud TechNet events delivered recently in the major metros along the US east coast, hopefully we’ve inspired you to build out your own private cloud test environment with downloadable evaluation products. This is the 2nd episode of our post-event conference call as a follow-up to further discuss building private cloud with Windows Server 2008 R2 SP1 and System Center 2012. For those who are interested, there are also additional information, free ebooks, and posters available to better understand some of the enabling technologies of cloud computing.
This is a follow-up posting of Windows 7 BranchCache™ Explained.
BranchCache, an exciting feature introduced in Windows 7 and Windows Server 2008 R2, enables content from file and Web servers on a wide area network (WAN) to be cached on computers at a local branch office. Once BranchCache is configured, a copy of data accessed from intranet Web and file servers is cached locally within the branch office. Cached content can either be distributed across peer client computers (Distributed Cache mode) or centrally hosted on a server (Hosted Cache mode). When another client on the same network requests the file, the client downloads it from the local cache without downloading the same content across the WAN. BranchCache is to improve application response time and reduce WAN traffic.
Specifically BranchCache, as shown below, has two operating modes: Hosted Cache mode and Distributed Cache mode. Hosted Cache mode specifies a local server for caching content downloaded form a content server over the WAN. Caching occurs at the very first request from a user in a branch office. A user from the same branch office subsequently requests for the same content will establish a connection with and retrieve the cached content from the local Hosted Cache server. Host Cache mode is recommended for a branch with more than 50 clients and does require some form of infrastructure for caching and accessing the content in a local server.
Distributed Cache mode, on the other hand, is for a small branch without a local file server that can be used as a hosted cache server. This configuration caches content downloaded from a content server over the WAN at a user’s computer. Caching occurs at the very first request from a user in a branch office. A user from the same branch office subsequently requests for the same content will locate the cached content by broadcasting, and then retrieve the content from that user’s computer in the local area network. Peer-to-peer sharing is the basic idea. There is no central repository in the branch. There are no requirements for servers or services in the branch office beyond client computers running Windows 7.
Hosted Cache mode is different from the Distributed Cache Mode process since:
This screencast walked through the steps to configure and demonstrate BranchCache Hosted Cache mode with a simulated WAN environment. All virtual machines used in the screencast were running in one hard disk of a laptop with 8 GB of RAM running Windows Server 2008 R2 with Hyper-V enabled.
For those who would like to try and get familiar with Windows 7 and Windows Server 2008 R2, follow the following links to download, install, and test it out. Here I also include the download information of Forefront and System Center which are essential for securing and managing enterprise infrastructure.
(This is a cross-posting from Windows Server Expert Blogs)
Join Blain, Dan, John, and Yung, your TechNet IT Evangelists as we hit the road again this fall to bring you the highlights of Microsoft’s great virtualization solutions. We’ll go from the desktop to the enterprise, starting with VHD native boot – a new feature for Windows® 7 and Windows Server® 2008 R2. Next, we’ll move into Windows XP mode, Windows Server 2008 R2 Hyper-V™, and finish with System Center Virtual Machine Manager (SCVMM).
Reservations are required and space is limited, so register today to save your seat.
For more information or to register, visit: www.technetevents.com OR CALL 1-877-MSEVENT
VHD Native Boot We’ll kick off the afternoon by exploring VHD Native Boot, which is a new feature for Windows 7 and Windows Server 2008 R2. VHD Native Boot can be used as the running operating system on designated hardware – without a parent operating system, virtual machine, or hypervisor. This is one of the best virtualization features to date for technology professionals of every kind – from enterprise to small and medium-size business pros and consultants.
Windows XP Mode With Windows XP Mode, it’s easy to install and run multiple Windows XP productivity applications directly from your Windows 7-based PC. Do you have application compatibility issues? Windows XP Mode can ease those compatibility headaches, because it gives you the best of both worlds. You can easily run older Windows XP business software – including web applications that require an old version of Internet Explorer® – while taking advantage of the many benefits of your Windows 7 desktop. This is a can’t-miss session for IT pros who juggle both new and established software and web applications.
Windows Server 2008 R2 Hyper-V It’s time to focus on enterprise with an overview of Windows Server 2008 R2 Hyper-V. In this session, we’ll look at how to create virtual machines in Hyper-V and demonstrate how the snapshot feature can easily revert the virtual machine to a previous state. You’ll come away from this session with a sold understanding of all the capabilities and new features in Windows Server 2008 R2 Hyper-V.
System Center Virtual Machine Manager Finally, no virtualization discussion is complete without a conversation about management. When it comes to managing virtual infrastructures, System Center Virtual Machine Manager 2008 (SCVMM) is the best of the best. This member of the System Center family of system management products provides a straightforward, cost-effective solution for unified management of physical and virtual machines.
Reston, VA >> November 30, 2009 1:00pm - 5:00pm
Alpharetta, GA >> December 1, 2009 1:00pm - 5:00pm
Rochester, NY >> December 2, 2009 1:00pm - 5:00pm
Charlotte, NC >> December 3, 2009 1:00pm - 5:00pm
Bridgewater, NJ >> December 7, 2009 1:00pm - 5:00pm
Waltham, MA >> December 9, 2009 1:00pm - 5:00pm
Malvern, PA >> December 11, 2009 1:00pm - 5:00pm
Orlando, FL >> December 14, 2009 8:30am - 12:00pm
Brought to you by your US East Microsoft IT Pro Evangelist: Blain, Dan, John, and Yung!
Come spend an afternoon with us as we highlight some of the great virtualization solutions Microsoft offers. We’ll go from the desktop to the enterprise starting with VHD native boot, a new feature for Windows 7 and Windows Server 2008 R2 followed by discussions of
It will be fast and it will be furious. 4 Evangelists, 8 City, and one focus: getting you fully charged with virtualization. Act quick and act now to register at the following links:
A cloud OS, Windows Azure is. OS here is a collective term to signify the abilities to identify and manage computation, networking, and storage resources in data center and form a multi-tenant environment to host application instances relying on these resources. These concepts have been much discussed.
"Web Site" is a new feature (and in preview as of July 23, 2012) of the upcoming Windows Azure. Now it is amazingly simple to establish web presence for either production use, or research and development to quickly launch, scale, and take down an ephemeral site, for example, with very little effort and low cost. A user will be able to quickly create a web site with Windows Azure Database (previously known as SQL Azure) or MySQL, from a gallery with open source applications in multiple frameworks (ASP.NET, PHP, Node.js). Additionally, various development and deployment tools including Visual Studio, Git, FTP, and WebMatrix are all supported. There is also built-in monitoring of performance and usage data.
IT pros must not overlook this feature and assume all web sites on all platforms are created equal. Windows Azure is a cloud platform and the Web Site feature comes with all the essential characteristics of a cloud application. High availability, load balancing, fault and update domains, scalability, and elasticity are either automatically available at web site creation time or configurable with deployment settings in Windows Azure. The deployment of an industrial-strength business-ready web site with global reach and the predictability of go-to-market with extremely low TCO are now simply within a matter of minutes at an IT operations level. And both are strategic IT capabilities for a business or an organization of any size. Developing, establishing, and maintaining a cloud application is no longer a developer’s specialty and becoming part of IT pros’ routines.
Get a free trial Windows Azure account and install WebMatrix to start experimenting and expanding your IT capabilities. The following samples some of the user experience. There are also a Windows Azure Pricing Calculator to help realizing the cost model and free Microsoft Patterns and Practices ebooks offering general guidance on architecting and developing cloud applications.
Below shows, in Windows Azure management portal, a wizard guiding the user to start and create a web site integrated with database or from a gallery with just a few clicks.
There are blogs, CMS, and ecommerce open source apps included in the gallery.
WebMatrix, a free web tool from Microsoft, delivers a rich and consistent Windows user experience in developing and deploying a web site by offering templates and popular open source applications.