Ian Hameroff : IPv6

Tech·Ed 2007 - Day 3: My First Session (Recap)

ianhamer — Wed, 06 Jun 2007 22:37:48 GMT

Technically it is day 4 for me, but I had a little trouble posting yesterday evening since just about all the bandwidth in my hotel was consumed. I ran the handy Speakeasy Speed Test a bunch of times and it was barely making it over 300 Kbps on the download side.

Wow!

It's slightly ironic since I presented on the topic of "Deploying High Performance and Scalable Networking with Windows Server 2008" earlier in the day. BTW, thanks to everyone who attended (nearly 460 people) and for the great evaluation feedback. Before I get to the feedback, here are a few tidbits on what I presented:

I started off with a little quiz for the audience. I flashed on the screen a photo that my wife recently took of a sandwich board sign that sits in front of the local downtown Ramada hotel in Seattle. See if you can workout what's the weird bit about this sign, I'll give you 30 seconds:

Well?

Nice job!

As you can see Max's restaurant may boast both the best breakfast in Seattle and that it is available all day long, but only between the hours of their operation (which happens to be 7a until 130p).

After that little bit of fun, I dove into my session which discussed our new TCP/IP stack in Windows Server 2008 (and Windows Vista), with a specific focus on the features that help improve performance and scalability. This included:

TCP Receive Windows Auto-Scaling
Compound TCP (CTCP)
Wireless improvements
Hardware offload and acceleration
Policy-based Quality of Service (QoS)
IPv6 (yup)

We had a good bunch of questions both during and after the session. And, if you didn't attend TechEd 2007, I'm happy to send you copy of the deck.

I did run a little over time, but the majority of the attendees were good sports and stayed as I rapidly finished up that last few slides.

Here are some the comments from attendees (thanks!):

"Excellent Presentation: I really benifited [sic] technically by attending this session! Great information, I can tell that the presenter put alot [sic] of time into preparing this session!"

"Ian ROCKED! It is difficult to get people excited about a network stack but he did it. I was hoping for more demos but the data/tests he discussed did include real-world info and that was good."

"Ian's session was enjoyable. He made it interesting and kept the presentation going at a fast pace. He had a way of taking highly technical designs and statistics and simplifying them so we could understand the benefits. He went over by 10 minutes and almost everyone stayed in the room waiting for him to finish. Thanks Ian."

"A lot of information to go over in a short amount of time."

There was also some good constructive feedback on the need for some more demos, a different description for the session, and improving the room layout. Thanks for that feedback! It really helps me do a better job with my future presentations (which one of mine is about to start!).

Windows Server 2008 Network Security Webcast

ianhamer — Sat, 26 May 2007 01:07:37 GMT

The next few days in the US is Memorial Day weekend, also known as the unofficial start to summer. The means there will be plenty of barbeques, parties, and a Monday off.

Well, if you find yourself without something to done during this extended weekend, why not checkout this 90 minute TechNet webcast Amith Krishnan (NAP product manager) and I recorded back on May 17th:

TechNet Webcast: Windows Server 2008: Advancing Network Security (Level 300)

Here's the abstract of what was covered:

Among the long list of enhancements and innovations coming in Windows Server 2008 are a number of networking advancements and policy-driven network security features. In this webcast, we discuss the next generation of networking features in Windows Server 2008 and the network security solution scenarios these features enable. We examine the new Windows Firewall with Advanced Security, Server and Domain Isolation, and Network Access Protection (NAP). Discover how you can use these new networking innovations to provide your users with a more secure, reliable, and cost-effective connection experience.

We answered a bunch of questions on the call, but happy to answer any more you might have after watching the replay.

Enjoy, and have a great extended weekend!

-- hama

Joint IPv6 White Paper Scales to 256-Bit Length Addresses

ianhamer — Tue, 01 May 2007 07:46:06 GMT

Okay, that was a little bit sensational, if not an outright fib.

What's no joke is a newly published joint white paper Juniper Networks and Microsoft have co-developed to talk about deploying end-to-end IPv6 scenarios.

Heck, we felt that whole end-to-end bit was such a good thing we named the white paper after it (which you can find here):

Enabling the Next Generation of Networking with End-to-End IPv6

In addition to us lackeys from the product groups, we had folks from the US Federal/public sector teams at both Juniper and Microsoft collaborate on this paper to ensure it spoke to the requirements that you folks in the federal agencies and related industries are facing as you seek to deploy IPv6.

Hey, how are those deployments going, by the way?

Here's a sampling of the white paper brought to you by way of the infamous executive summary:

As connectivity converges and develops ubiquity many devices are added to the Internet. This trend has created projections of address shortages. Internet Protocol version 6 (IPv6) has promised a solution to this issue. In this paper, Microsoft and Juniper combine their leading networking knowledge to show customers how to adopt IPv6 technology. The paper first looks at the changing expectations of IPv6 with the growth of IPv6-enabled applications like Microsoft Windows Meeting Space in Windows Vista. Next the paper discusses the relationship of each component in an IPv6 implementation. The paper closes with some suggestions on functionality, equipment and deployment scenarios that highlight key aspects of a robust end-to-end IPv6 transition.

As the summary mentions, the white paper covers off a bunch of flexible deployment strategies that leverage transitional technologies baked into Windows Vista and Windows Server "Longhorn" to full blown dual-stacking Juniper gear working in concert with the native IPv6 support in the aforementioned Windows releases (like the graphic below illustrates).

STOP THE PRESSES! DID YOU ACTUALLY THINK YOU'D GET AWAY WITHOUT GETTING AN IPsec PITCH? SUCKER!

I'll admit the above was a bit silly, if not juvenile, but this is the little fun I get to have blogging offline while drinking horrific coffee cruising at 35,000 ft en route to Los Angeles to support the big joint Forefront/System Center launch on Wednesday.

Well, back to the IPsec pitch. As you all know, my day job is minding the Internet protocols suite in Windows Server. Since there are way too many to count on the knurled fingers of the guy siting next to me (yeah, this dude was chewing and picking at his nails for a good 30 minutes until we took off and the engine noise lulled him to sleep), we primarily focus on a few key ones that enable our major networking scenarios (like Server and Domain Isolation and NAP which uses IPsec).

I happen to think IPv6 migration is a pretty significant scenario that can also benefit from the cost-effective end-point authentication features of IPsec (as it was originally intended and realized with IPv6). I also happen to know that IPsec can potentially introduce a full list of interoperability challenges that you may not wish to tackle. We're trying to work out how to strike the right balance between true end-to-end host authentication (not just at the network on ramps) while still preserving the network management and optimization features you've deployed are will consider deploying (say, WAN optimization).

Well, it's important to look to the larger challenges (and risks) you are looking to address and we could certainly use your feedback to make sure we drive the right set of features into the platform and through our partner eco-system. I'm not going to reiterate the IPsec makes IPv6 better pitch, since I already blogged on this many times. Instead, I ask you to share your thoughts about how you think IPsec can help make your future IPv6 work more secure and scalable.

Well, time to close up since we're about to land at LAX. Hope to see you at the launch event on Wednesday!

WinServer "Longhorn" B3: This time it's "Ready, Set, (Download), and Evaluate!"

ianhamer — Thu, 26 Apr 2007 04:01:00 GMT

That's right Windows Server "Longhorn" fans, Beta 3 is ready for your evaluation!

Simply visit http://www.microsoft.com/getbeta3, and you're halfway there to trying out the first major public preview of our next generation of Windows Server.

As our press release touts:

"[With] Beta 3, customers will see new features and enhancements that include stronger security, better performance, new server roles and features, and additional server management and remote administration tools."

What that translates to is, well, a lot of new features and functionality that are ready for "tire kicking."

Heck, we even provided a little cheat sheet to help you zero in on some of the key new features:

New and improved features in Beta 3 include the following:

Windows PowerShell is now included in the product.

Active Directory Federation Services improvements allow customers to implement new policies and make it easier to set up a relationship between trusted partners.

The Server Core installation option now comes with additional roles and enhanced functionality, such as print services and Active Directory Lightweight Directory Services.

The Server Manager console includes additional remote administration tools to provide a more integrated management environment.

Windows Firewall with Advanced Security, now on by default, provides a persistent and more secure environment beginning at installation.

NAP is integrated with Microsoft Update and Windows Update to enable administrators to decide which updates are critical and set policies accordingly. It also has a new administrative interface for simplified setup, scalability and better performance.

Hey, there are two key features of mine on that list! NAP and the Windows Firewall with Advanced Security.

Now, there's been enough written about that NAP thingy, so I'll concentrate on the Windows Firewall instead. You didn't misread the bullet above -- we have switched it on by default to help further the defense-in-depth security controls for Windows Server as well as help reduce attack surface area right out of the gate.

We started down this road with the "Post -Setup Security Update" feature in Windows Server 2003 Service Pack 1 that switched on the newly added Windows Firewall right after install so you could safely venture on to the Internet to retrieve latest updates without increasing the risk of an unpatched vuln being exploited over the network. As you might recall, this feature was described as follows:

"Windows Firewall provides network protection after install while users update their system with the latest patches using the new Post-Setup Security Updates feature.

[Post-Setup Security Updates was] designed to protect the server from the risk of infection between the time the server is first started and the application of the most recent security updates are applied from Windows Update. If Windows Firewall is enabled and the administrator did not explicitly enable Windows Firewall using an unattended-setup script or Group Policy, Post-Setup Security Updates opens the first time an administrator logs on."

The team has been working diligently to test all the major Windows Server scenarios/workloads/roles/etc under this new "on by default" model to ensure we were able to map out the key IP service ports and related communication parameters. We've also done some neat stuff with Server Manager feature (cool stuff!) to help apply the appropriate firewall policies per the role(s)/workload(s) you enable.

I strongly encourage you to check this feature out, and learn about how this default to on works with the applications you run on top of Windows Server!

Well, my battery is just about to die (I'm at SFO getting ready to head back to SEA from the Gartner Symposium/ITxpo event here this week -- more on that later), so I better stop here so I can get this thing posted!

WinServer Longhorn and WinVista: Like to Two Peas in a Pod...er...On a Network

ianhamer — Wed, 07 Mar 2007 03:16:35 GMT

Your humble blogger returns after surviving a cross-country trip to ol' New York on "vacation". Vacation is in quotes because, well, I need one now that I'm back.

On to business!

While I was out, J. Nicholas Hoover of InformationWeek published a "Top Seven" (Letterman fans unite) on Windows Vista features that need a little help from Windows Server "Longhorn" to light up:

Seven Windows Vista Features That Depend On Longhorn Server

This is pretty cool because it highlights things like:

Network Access Protection:
"Microsoft's access control method--network access protection--is built into Vista and Longhorn. NAP lets administrators define policies that, for example, require that anyone who wants to connect to a network run Vista with the latest patches plus valid anti-spyware and anti-spam applications, or be denied access."
Policy-based Quality of Service:
"Microsoft mostly left quality of service--controlling bandwidth priority for certain apps and users--to networking vendors. Now it's making that better with Vista and Longhorn via an upgraded network protocol stack."
IPv6:
"IPv6 is an Internet Protocol upgrade that promises to dramatically increase the number of viable addresses, and it's native in Vista and Longhorn."

The article (in the short space of 985 words) does generalize a bit. Like the comment that NAP for XP doesn't necessarily "interoperate with some popular enforcement mechanisms and won't work without Longhorn." So, it's important to check out the links I provided above for some additional, deeper details on these technologies and features.

Going back to my example, NAP "technically" only requires a single WinServer "Longhorn" server running the Network Policy Server (NPS) role. You'd likely have a few more of these around for fault tolerance and to scale out across large networks. Secondly, we're doing a lot to ensure the XP NAP add-on client will provide a good deal of parity to the built-in client for Windows Vista.

One other reference that is worth a deeper review is related to the work we've done with Policy-based Quality of Service (QoS). Hoover generalizes about how "Longhorn will assign priority and bandwidth limits to applications on a network" and that it only works "if there's a Vista client on the other end."

Well, that's mostly true.

Here's the scoop. Yes, we now have mechanisms within Windows Vista and Windows Server "Longhorn" to provide centralized management of QoS policies. We call that bit Policy-based QoS. As the link above details, this provides a means to "stamp" outgoing packets with a DiffServ (DSCP) value (one of them Internet standards) so your routing fabric knows how to manage the priority of this traffic using it's existing QoS queues. For this "stamping" to occur, the host needs to be either a Windows Vista client or a Windows Server "Longhorn" server (no current plans for down-level support). If the host on the other end is not one of these (or even Windows) this will have no impact on the QoS policy. The routers just need to support DSCP (which is quite common since this was outlined in RFC 2474 in 1998).

As for the bandwidth throttling, this do not require a specific host or router/switch on the other end either. The client (or server) will simply slow the pace based on the policy created (see below for an example) for the application or network address/port/service you define.

There are a bunch of other things we do to improve network performance and scalability that improve even further when you have Windows Vista on the client and Windows Server "Longhorn" on the back end. Check out the webcast I did back in October 2006 that covers off these "better together" networking scenarios.

Overall, it is super cool to have these numerous networking features highlighted in this top seven list. Thanks Nick! I just wanted to make sure you had all the details at your disposal.

Better Together Networking Scenarios w/ Vista and Longhorn Server

ianhamer — Tue, 17 Oct 2006 00:27:18 GMT

Last week I delivered two webcasts for the Windows Vista TAP program members on a number of "better together" networking scenarios when you have Windows Vista on the client and Windows Server "Longhorn" on the back end.

Here's a link to one of the webcasts we recorded:
Better Together: Windows Vista and Windows Server "Longhorn" Networking Innovations

Even though 60 minutes isn't enough time to go into the gory technical details, I do cover off scenarios around security (including NAP), performance (like our new TCP Receive Window auto-tuning features) and scalability (from hardware offload, to QoS, to IPv6).

Nothing But Net(working)! -- Looking for Input for an Upcoming TechNet Webcast

ianhamer — Thu, 29 Jun 2006 19:07:00 GMT

One week from today (Thursday, July 6th) I'll be delivering a 90 minute TechNet webcast on the new and improved platform networking features and functionality of Windows Server "Longhorn":

TechNet Webcast:Next-Generation Networking with Windows Server "Longhorn" (200 Level)

The live session starts at 1:00p (Pacific Time) and will cover a ton of material including:

NetIO - New TCP/IP Stack
Security enhancements including IPsec advancements
Performance innovations like the auto-tuning stack
Scalability and what's next for Scalable Networking technologies like TCP Chimney Offload and Receive-side Scaling
IPv6
...more!

If there is a topic you're interested in and you'd like to see it covered, please let me know. I still have plenty of time to make additions and tweaks to the slideware and I want to make sure the webcast touches on what is most important and of value to you.

Let me know what you think!

It's All About the Networkin' - InfoWorld Review Bullish on Longhorn Server Networking

ianhamer — Tue, 27 Jun 2006 21:38:00 GMT

Oliver Rist of InfoWorld is not one to beat around the bush when it comes to technical reviews. He is a straight shooter and this is clear in Rist's recent article on Windows Server "Longhorn":

Longhorn: More than just hype

Now, I am very proud of all the great work that is going into our new client and server releases of Windows. Nonetheless, you can certainly see that the work we've done around platform networking and related networking solutions (like NAP) is making a huge impact to the overall Windows experience.

Here are some great quotes from Oliver's review:

About the New TCP/IP Stack (internally nicknamed "NetIO")
But wait, there’s more! Microsoft also has completely redesigned its TCP/IP stack, now including integrated support for TCP/IPv6 and a rich layer of support APIs for more intelligent network packet management.

Excitement around the new Policy-based QoS feature
Digging a little deeper into application management, Longhorn is the first Windows operating system to offer what amounts to Layer 7 QoS (quality of service) capabilities. This feature is still in its early stages, but Microsoft has taken the right tack, making sure that Longhorn’s QoS profiles can filter down through third-party network infrastructure. Don’t think application protection; think hi-def voice and video protection, because that’s where this feature is really heading.

Highlights on Network Access Protection
Microsoft’s NAP (Network Access Protection) feature is also working in Beta 2. Essentially, the GPM Server communicates with Longhorn’s DHCP server. Whenever a new client logs on, GP dictates that a slew of information is conveyed from client to server concerning a number of system states about the client machines. These are compared with policies set in the GP. If the client comes up wanting, it’s quarantined. Only when the client’s various system states (anti-virus levels, system patches, etc.) have come into compliance, does Longhorn allow appropriate network access.

Now, the NAP bits mentioned above are just the tip of the iceberg. In fact, NAP is not just about DHCP, it's also about 802.1X, IPsec, and remote access a la VPN.

My favorite flavor of NAP is the IPsec-based version, mainly for its lower impact deployment (no special switches needed) and for the way it can layer on top of an existing Server and Domain Isolation deployment.

Visit the NAP TechNet site to learn more about these various deployment options and the long list of partners already supporting it.

There's a lot more to the new Windows Server "Longhorn" platform networking innovations and enhancements than mentioned by Oliver. Stay tuned for more and we get closer to the launch and we publish more details on our TechNet site!

IPv6: The Future is Here Now - ISATAP and Manageable Migration

ianhamer — Fri, 23 Jun 2006 00:14:00 GMT

Thinking about IPv6? Good!

Are you worried that it is going to take you a long time to get all your gear, systems, applications, etc. upgraded to actually do IPv6?

Well, I've got some good news for you: It's not going to be as hard as you think. To help you get started with planning, testing and (yes!) deploying IPv6 today, we've posted a pair of documents to the Microsoft IPv6 TechNet site that introduces ISATAP - one of a number of IPv4/IPv6 transition technologies.

ISATAP, short for Intra-Site Automatic Tunnel Addressing Protocol (now you see why we just call it ISATAP), enables you to easily deploy unicast IPv6 connectivity over an existing IPv4 network, in a very manageable way. It was jointly defined by Cisco and Microsoft in RFC 4214 and our two companies have co-authored a short whitepaper that offers an introduction to ISATAP and how you can leverage it in your 'v6 endeavors:

Manageable Tranistion to IPv6 Using ISATAP

Once you've read the executive overview, take a look at another new document that covers deployment:

Intra-site Automatic Tunnel Addressing Protocol Deployment Guide

Together, these guides offer you insights on what you can do today (with XP and 2003) and how you can get the ball rolling for Windows Vista and Windows Server "Longhorn".

Also, don't forget about my previous post (don't you love the shameless plug for my own stuff?) that talks about how you can use IPsec today on IPv4 networks to enable a more secure transition to IPv6:

This not is not your father's IPsec

And this article I wrote for the US IPv6 Summit:

IPsec: Securing Your Network Today to Prepare for Tomorrow

As always, let us know if this is what you'd like to see from us!

TechNet's Networking and Access Technologies Site Gets a Facelift

ianhamer — Sat, 03 Jun 2006 03:12:00 GMT

One of the great things about TechNet...and there's a lot of great things about TechNet...is the fact it is a living website with new information, guidance, tips, etc. posted as soon as it's ready.

Well, this time I'm happy to share with you that we have launched a new and improved "Networking and Access Technologies" landing page with an easy to remember URL:

http://www.microsoft.com/networking

This is literally a "one stop shop" for all things Windows networking related. With links to tons of IT Pro-focused information and guidance on the whole gambit of Networking and Access solutions and technologies.

The long list of topic areas includes:

Give it test drive today and let us know what you think.

Remember, we're always adding new information and content, so it's worth adding it to your favorites...even if we have a really simply URL to remember!

So, IPv6, Yeah Great, but is it Secure?

ianhamer — Fri, 14 Apr 2006 04:37:00 GMT

Yesterday evening, just as I was leaving the office, one of my colleagues in WinServer shot me an email about an interesting blog posting by one of our security MVPs on the subject of IPv6 and network security:

The (today) need for IPv6 by Alessandro Perilli

First off, I'm psyched that more and more folks are writing about IPv6. Even though it appears far off for many, non-US federal agencies, IPv6 will help usher in the next "connected" evolution, and move us even closer to realizing the vision of a secure, seamless access experience.

As Alessandro helps illustrate in his post; with any new and emerging IT technology, we always need to evaluate its potential impact to our current security posture, define a risk management strategy and implement the appropriate security controls to enforce this strategy.

IPv6 is no exception to this best practice. Even if the "underground" appears to already be publishing attack tools and few "IPv6 ready" options appear to exist in the security controls space. I firmly believe that's about change, and the next releases of Windows (Windows Vista and Windows Server "Longhorn") will be at the center of it.

As I've blogged before (see my IPv6 archive and a post to the Windows Server Division blog) the support for IPv6 in the next wave of Windows is extensive and complete. All platform components, in both client and server, will be IPv6 ready and willing! This includes the newly updated Windows Firewall, which is now integrated with IPsec.

This is possible, in part, thanks to two major Windows innovations:

The new "Next Generation TCP/IP" stack, featuring is dual IP layer architecture, and
The Windows Filtering Platform or WFP on which the Windows Firewall is built on...just like 3rd host security tools can!

The net/net: security features like IPsec and Firewalling will provide the same experience on IPv6 as they will on IPv4. With a solid, IPv6 ready enterprise platform (Windows Vista and Windows Server "Longhorn") shipping in the near future, third parties will have a base to build IPv6 ready and able security controls.

Now, here's my shameless plug: check out this article I wrote about planning a more secure transition to IPv6 using technologies (like IPsec) that are available today on Windows and will benefit IPv4 too:

IPsec: Securing Your Network Today to Prepare for Tomorrow

There are a lot of things that "go boo at night" on the Internet, and IPv6 will not necessarily make that any better or worse. Instead, applying the experiences and network security best practices compiled over the last few decades will enable you to embrace the benefits of IPv6 while mitigating the risks that could be targeted at your networks, data and users.

Time to go home, before someone sends me something else to blog about <grin>.

Developing a 6th Sense: More Info on IPv6 in Windows Vista and Windows Server "Longhorn"

ianhamer — Fri, 07 Apr 2006 03:21:00 GMT

One of my colleagues -- Joseph Davies -- just had an article published in the April edition of 6Sense, the US IPv6 Summit's monthly newsletter.

In it, Joseph outlines lots of great info about our IPv6 investments in Windows Vista (and Windows Server "Longhorn"):

IPv6 Improvements in Windows Vista

Here's what Alex Lightman, the newsletter's publisher, said about the article:

Mr. Davies explains how IPv6 support in Vista differs from that of XP and Server 2003, and how users will initiate v6 applications such as peer-to-peer networking and IPsec when Vista becomes widely available next year.

Oh yeah, have I mentioned I've been self-hosting Windows Vista in IPv6-only mode for over a month now? I do about half my days work on this PC (including writing this blog entry) and it's pretty darn cool!

Welcome to my little piece of the Internet homestead...

ianhamer — Wed, 18 Jan 2006 08:15:00 GMT

It seems like everyone has a blog, so I figured it was worth throwing my hat into the ring and make my musings available for public consumption.

As you've likely gathered, I am a Microsoft FTE. I'm a product manager in the recently formed Enterprise Access and Security Products group within the Windows Server Division. My specific area of responsibility is Windows core networking. This includes the TCP/IP stack and related features/capabilities (e.g. IPsec, Server and Domain Isolation, IPv6, Scalable Networking and QoS). I also get to dabble in things like Network Access Protection and the Windows Firewall.

My background spans both development and marketing across networking and security. I joined Microsoft back in March 2004 as part of the Security Business and Technology Unit (now called the Security Technology Unit). After an 18 month stint as an executive communications manager for Mike Nash and Rich Kaplan, I rejoined the ranks of product management this past July, by joining Windows Server Product Management Group.

Before that, I worked for Computer Associates (now "simply" known as CA) in eTrust Security unit. I was the product and business manager for eTrust Antivirus, an evangelist/strategist and, most recently, the Director of CA's Security Response. I have to admit, it's refreshing to not be on call 24 hours a day, 365 days as a member of the anti-malware world. And, before all that, I was a developer on CA's Unicenter platform. Sadly, I was such a "great" developer, they moved me into marketing :)

Although I'm fairly new to the art of blogging, I tend to post to the Windows Server Division's blog on various networking topics. Here's a sampling of a few recent ones:

Even though I have spent the last 5 years or so in marketing, I still consider myself a serious technologist. Fortunately, my friends and family keep me busy with supporting their home networks and I get to play with a lot of real cool stuff at work.

I've also managed to become quite the mobile phone junkie since coming to MS. Since moving out to Seattle, I've gone through 5 phones...three of which have been Windows Mobile devices. When I was at the US IPv6 Summit in December, we learned that my latest Windows Mobile 5.0 phone (the imate K-JAM) can obtain an IPv6 address. I can't wait until this v6 stuff becomes more widely adopted.

Well, it's certainly an interesting time in the world of Windows networking as we ramp-up to launch Windows Vista. We've completely redesigned the TCP/IP (the most significant update since the Windows 95 time) and its impact on the way enterprises and consumers interconnect is going to be hugely positive. I suggest taking a look at a recent "The Cable Guy" article that offers insights on what's changed and how we expect it will improve your net experience.

See you around the blogosphere...

Ian