1 2 3 4 Previous Next

Geek Speak

1,240 posts

Hi there! I’m michael stump, a technology consultant with a keen focus on virtualization and a strong background in systems and application monitoring. I hope to spark some discussion this month on these topics and more.


Last month, I published a post on my personal blog about the importance of end-to-end monitoring. To summarize, monitoring all of the individual pieces of a virtualization infrastructure is important, but it does not give you all of the information you need to identify and correct performance and capacity problems. Just because each individual resource is performing well doesn’t mean that the solution as a whole is functioning properly.


This is where end-to-end monitoring comes in. You’re likely familiar with all of the technical benefits of e2e monitoring. But let’s talk about the operational benefits of this type of monitoring: reducing finger-pointing.


In the old days of technology, the battle lines between server and network engineers were well-understood and never crossed. But with virtualization, it’s no longer clear where the network engineer’s job ends and the virtualization engineer’s job begins. And the storage engineer’s work is now directly involved in both network and compute. When a VM starts to exhibit trouble, the finger-pointing begins.


“I checked the SAN, it’s fine.”

“I checked the network, it’s fine.”

“I checked vSphere, it’s fine.”


Does this sound familiar? Do you run into this type of fingerpointing at work? If so, share a story with us. How did you handle the situation? Does end-to-end monitoring help this problem?

Whether it’s Hyper-V® or VMware® or any other virtual environment, growth is inevitable for virtual machines (VM) and workload in any data center setup. IT teams always want to know how many VMs can be created on a physical host, and how much more VM workload can my host resources support? Especially for Hyper-V environment, Microsoft® has augmented and expanded the limits of VM capacity with Hyper-V 2012.

 

According to this post on Perti, these are the capacity and scalability limits of Hyper-V VMs in windows Server 2012 – which is a drastic improvement on Windows Server 2008 & 2008 R2.

  • Virtual processors per VM: 64
  • Logical processors in hardware: 320
  • Physical memory per host: 4 TB
  • Memory per VM: 1 TB
  • Nodes in a cluster: 64
  • VMs in a cluster: 8000
  • Active VMs: 1,024

So, what happens when all these limits are reached? You just need to add more VMs. And that’s not an easy job for the IT admin. You have to figure out the budget, host resource procurement, and carry out the actual VM creation and assignment. But this is NOT the smart and cost-effective way to scale your VM environment.

 

Capacity planning is the process of monitoring VM and host resource utilization, while being able to predict when the VMs will run out of resources and how much more workload can be added to them. The benefit is that you will be able to optimize your Hyper-V environment, chart usage trends, reallocate some unused resources to critical VMs, identify and control VM sprawl, and right-size the entire VM environment, without just making a case for resource procurement.

 

The proactive capacity planning approach would be to identify capacity bottlenecks so that you’re in a position to make an informed decision about VM expansion.

 

Top Reasons for Capacity Bottlenecks

  • Uncontrolled VM sprawl
  • Enabling HA without accounting for failover
  • Increase in VM reservation
  • Resource pool config changes
  • Natural resource utilization growth
  • Workload changes

 

Capacity Management: “What If” Analysis

The next step is to perform “What If” analysis to determine how much more load existing VMs will sustain with, and how many more VMs can be created for a specified workload. Third-party virtualization management tools, such as SolarWinds Virtualization Manager provide dedicated capacity management functionality that allows you to perform VM capacity estimations and understand possible expansion.

VMan 1.png   VMan 2.png

   

Key Questions to be Answered While Performing Capacity Planning

  • How can I detect capacity bottlenecks?
  • How can I predict capacity bottlenecks before they happen?
  • How may VMs can I fit within my current footprint?
  • What if I add more resources (VMs, hosts, storage, network, etc.) to my environment?
  • Which cluster is the best place for my new VM?
  • When will I run out of capacity?
  • How much resource is my average SQL Server®, Exchange, etc. VM using?
  • How much more resources do I need to buy and when?
  • How can I right-size my VMs to optimize existing capacity?

 

The below capacity planning dashboard in Virtualization Manager tracks and trends CPU, storage IOPS, memory, network throughput and disk space and provides you details into how many more large, medium and small VMs you can add to your Hyper-V and other clusters.

 

Benefits of Capacity Planning

  • Monitor Hyper-V capacity operations and resource utilization, and forecast resource depletion
  • Optimize IT resources with business requirements and make informed purchase decisions on host resource procurement, VM creation, and overall budget planning
  • Gain insight into VM placement between or within Hyper-V clusters to deploy VMs across clusters efficiently
  • Pinpoint zombie or rogue virtual machines and over or under-allocated VMs to right-size your Hyper-V environment
  • Determine when and where Hyper-V bottlenecks will occur and identify the solutions

 

Read this TechNet post to learn more about Microsoft Windows Server 2012 Hyper-V Scalability limits.

 

Watch this short video to learn more about capacity planning and management - explained by Eric Siebert (vExpert)

 

 

Its another year and another 5 stars for SolarWinds Log and Event Manager in SC Magazine’s SIEM Group test!  The reviewers tested every aspect of our SIEM - with a dual focus on log and event management as well as strong attention to usability, scalability, reporting, third party support, and ease of implementation.

 

The verdict? “This is a solid product, worthy of consideration.”


SolarWinds has put together another outstanding product. The SolarWinds Log & Event Manager (LEM) offers a quality set of log management, event correlation, search and reporting facilities. This gives organizations the ability to collect large volumes of data from virtually any device on a network in real time and then correlate the data into actionable information. The company does this by paying attention to the need for real-time incident response and effective forensics, as well as security and IT troubleshooting issues. Another winning set of features are the quality regulatory compliance management and ready-made reporting functions.”

 

With the increase of attacks on compliant companies, the previously separate focuses of security and compliance are converging.  At the same time, attack methods are growing more sophisticated and harder to detect.  At SolarWinds, we are dedicated to providing the situational awareness and visibility previously only available to large enterprises to companies of every size.  We are pleased that SC Magazine saw the results of our efforts.

 

Their one weakness we can easily address: “Consider a Ticket Management System for smaller companies”.  We offer Alert Central as a free ticket management system that easily integrates with LEM.  For those that need more robust reporting and tracking, we also offer Web Help Desk as a low cost alternative.

 

To read the review, visit http://www.scmagazine.com/solarwinds-log--event-manager-v57/review/4153/

When Windows 8 launched, I wrote this scathing review, "Microsoft, have you lost your mind again?"  It was a bloodbath for Microsoft that day. Two years later, I just finished installing/tweaking Windows 8.1 here at the office. (It wasn't my choice.)

 

Windows 8 vs. 8.1

You can read my full review of Windows 8 at the link provided above, and I stand by it. Now let's examine the tweaks Microsoft has made to v8.1:

  • Lo and behold, the Start button/menu is back! (Sorta). Back to the way things were. An improvement, I guess.
    start.png
  • Aero glass effect, which I liked, needed to be installed using a third-party app. Still got it though.
  • Another "improvement:" I can now launch into desktop mode on boot (something previous versions did naturally) bypassing those ugly and useless tiles.
  • Icon spacing. This tweak was available in Windows 7 and earlier through the UI. In 8.1 I had to implement a registry hack, as evidenced by my MRU list in the Start menu above.
  • I'm experiencing a lag when typing versus what I see on the screen from time to time. Annoying but this does not happen too often, although it is happening as I write this.
  • OS seems a little sluggish. Time, and benchmarks, will tell.
  • Compatibility: Surprisingly, everything seems to work fine. Good job!
  • I've also learned that you can mount and unmount ISOs through the OS. No third party app needed. Sweet.
  • The shell graphics are more appealing and informative as well, but I think this may take away from performance. I still need to tinker more just to make sure.

 

Overall, I cannot complain about Windows 8.1. Let's slow down though. I won't praise it either. I still prefer Windows 7 any day of the week and twice on Sunday. (Funny, it's like the VPs over at Microsoft actually read part one of this article and listened! Go figure.) There is still work to be done though. The "working" part of the OS needs to be refined more to perform more like Windows 7 IMHO. At least this is a step in the right direction.

 

Office 2013

Office 2013 was also part of my transition. Just want to say a few words while I'm here:

  • The display is very flat. No appearance of texture. See the pics below for comparison:
    What my Outlook used to look like - Outlook 2007 (Note: This is a random pic from Google.)
    old.png
    My current version of Outlook 2013 - Flat, no 3-D texture or feel. Looks like paper.
    inbox.png
  • Another observation was that they changed the way VBA understands VB. In other words, I had to re-write some of my code and register some older ActiveX controls to get my apps and macros working again. Took some time but I got it done.

Again, nothing terribly bad here, but I think we could all do without those ribbons. The real estate they chew up is just too valuable.

 

The Verdict.

Overall, not bad, but don't rush to upgrade just yet.

 

My Motto

"If you're happy with your OS, you can keep your OS. If you like your version of Office, you can keep your version of Office, period. End of story." (Wait. Why are you kicking me off of my current OS and Office versions and forcing me to "upgrade"? I was happy and liked what I had. You said over and over that I can keep what I liked! Is this better for me, or better for you?) Hmmm...see what I did there?

TiffanyNels

Do you want to Continue?

Posted by TiffanyNels Apr 1, 2014

The battle is on, Round 1 is complete and the community has spoken. 

 

  • Halo falls to Call of Duty
  • Ms PacMan, too much like PacMan.  Donkey Kong prevails!
  • Time invested in WoW creates a higher level of commitment than Baldur's Gate
  • The all-out melee of Smash Bros may just have beat Punch Out by virtue of the plethora of favorite characters NOT represented in the bracket
  • Golden Eye 007? Huh?

 

All of this means that we are down to 16 gaming heavy-weights. And, now the match ups get a little more complicated. Given the fact that MOST of these games have very little in common. How will you judge Madden NFL versus Galaga? Half Life versus Mario Cart? Can Mortal Combat stand against the game that spurned a movie about the competition for a HIGH SCORE?

 

Head here to view all of the match ups and cast your vote to see who will move one to the for the honor of representing each of the four bracket divisions.

 

We are getting close to the end, don't miss your chance to chime in and push your favorites to victory.

 

And, while we are at it, let us know who you think will reign supreme...

 

Round 2 VOTING is HERE.  And remember, you have to be logged in to comment and vote. This round ends tomorrow (April 2) at MIDNIGHT.

 

Oh, and by the way, I was informed that I unfairly worded the Zork question which was confirmed by zachmuchler's IMDB post. While that game is not specifically Zork, it was based on Zork (rights can be hard to secure, you know).  For that reason, we will award an extra 50 points to the following thwack members:  crippsb, zachmulcher and bradkay.  Congrats, and use those points wisely.

 

If you are just joining us, you can catch up here (Let's LEVEL UP!) and here (The Cheat).

When storage costs keep getting higher for an organization, there isn’t much a storage admin could do to manage data storage across various storage devices and media. There has to be some prioritization of data stored and it should be decided where to storage what data. If it’s critical data requiring frequent access, then it’d need a high performance and expensive storage array, while data of low importance and backup might be stored in slower and cheaper disks. This process of moving storage between different storage types is known as storage tiering.

 

Examples of Storage Tiering

Tier 1

Mission-critical & recently accessed files

Stored on expensive and high-quality media such as double-parity RAIDs

Tier 2

Seldom-used, classified files, backup

Stored on less expensive media in conventional SAN

Tier 3

Event-driven, rarely used, unclassified files

Stored on recordable compact discs or tapes

 

These are just some examples to understand the concept. Actual storage tiers may vary and depend on your organizational storage access, requirement and hardware availability.

 

Automated Storage Tiering

To overcome the manual efforts involved in moving storage across different tiers, storage vendors came up with the concept of automated storage tiering – which is a storage software management feature that dynamically moves information between different disk types and RAID levels to meet space, performance and cost requirements. [1]

  

Storage admins can decide to dynamically move storage blocks or LUNs across different storage types for different reasons.

  • Progression is where highs accessed data and critical files are moved from cheaper and low performance storage media to high performance SAS or SSDs.
  • Demotion is where infrequently used data can be automatically moved to slower, less-expensive SATA storage.

 

The movement of LUNs across storage tiers is managed by auto-tiering algorithms programmed in the storage management software. Some software use heat-map approaches to determine storage access and usage over a particular time period to dynamically move storage from one tier to another. There are many leading vendors in the market that support this functionality. Some of those are:

  • Dell® Compellent – Data Progression
  • EMC® – Fully Automated Storage Tiering (FAST)
  • HP® 3PAR – Adaptive Optimization
  • IBM® – Easy Tier
  • Hitachi® – Data Systems Dynamic Tiering

 

Some vendors claim that it is possible to perform real-time automated-tiering on storage blocks in small sizes – ranging in KBs to a few MBs.

 

Third-party storage management software will also help provide information on disk storage for LUNs based on storage tier, tiering policy applied and whether auto-tiering is enabled or not. You can check out SolarWinds Storage Manager ver 5.7 which will extend support for EMC FAST VP implementation on VMAX/Symmetrix and VNX arrays. Learn more about Beta trial of Storage Manager ver 5.7 >>

Bronx

VBA - A quick lesson

Posted by Bronx Mar 27, 2014

Okay, so by now you should know that I like tinkering...and showing you how I do it. See the following for two examples:

Today's lesson will be in VBA for Outlook. The challenge? Schedule a meeting/appointment on a public calendar for all to see while simultaneously sending a specific person a one day reminder to take care of the newly scheduled event. Simply put, control and manipulate both public and private calendars.

Time for the pictures! Here's what I came up with using the Outlook VBE, referencing the Calendar control:

art.png

Simple right? Fill in the fields, pick a day, then Submit. Here's the result of hitting that li'l Submit button:

My personal calendar gets a 24 hour reminder scheduled at the right time.
r2-private.pngr3-private.pngr1.png

Public calendar also gets updated so others can schedule around what is going on.

bcpub.png

Before I show you the code

If you do not know what VBA is or how to access it in Outlook, go figure that out first. The form (Article Scheduler) at the top of this page lives here in the Outlook VBE:

f1.png

You'll need to create the form with the control names I have in the code below. Also, to run this from your Outlook toolbar, create a new Module (I have two above). In the new module, enter these three lines of code:


Sub RunScheduler()

    Scheduler.Show

End Sub

 

Once complete, you can drag the macro button to your toolbar.

tps.png

This is not a tutorial. Rather, it is an example you can tailor to your own needs by examining the code and changing what you want to get the desired effect. A litlle VBA research on your part may be in order.

 

The Code (Put this in the code section for the Scheduler form):

 

    Dim ola As Outlook.AddressList

    Dim ole As Outlook.AddressEntry

    Dim WriteDate As Object 'Date

    Dim EmailAddy As String

 

    Private Sub Calendar1_Click()

        txtMsg.Text = ""

    End Sub

 

    Private Sub CheckBox1_Click()

        CheckBox1.Value = Not CheckBox1.Value

    End Sub

 

    Private Sub ComboBox1_Change()

        txtMsg.Text = ""

    End Sub

 

    Private Sub CommandButton1_Click()

        Dim myItem As Object

        Dim myRequiredAttendee, myOptionalAttendee, myResourceAttendee As Outlook.Recipient

 

        If ComboBox1.Text = "" Then MsgBox("Really? Step 1 is entering an author's name.")

        If CheckBox1.Value = True Then

            Dim objOutlook As Outlook.Application

            Dim objOutlookMsg As Outlook.MailItem

            Dim objOutlookRecip As Outlook.Recipient

            Dim objOutlookAttach As Outlook.Attachment

 

            EmailAddy = ComboBox1.Value

            WriteDate = Calendar1.Value & " 8:00 AM"

 

            myItem = Application.CreateItem(olAppointmentItem)

            With myItem

                ' Add the To recipient(s) to the message.

                myRequiredAttendee = .Recipients.Add(EmailAddy)

                myRequiredAttendee.Type = olTo

                ' Resolve each Recipient's name.

 

                For Each myRequiredAttendee In .Recipients

                    myRequiredAttendee.Resolve()

                Next

 

            End With

 

            myItem.MeetingStatus = olMeeting

            myItem.Subject = "Write an article for tomorrow, due at 8am."

 

            If txtTitle.Text <> "" Then

                myItem.Body = txtTitle.Text & " for " & txtForum.Text & "."

            Else

                myItem.Body = "Write an article for tomorrow, due at 8am."

            End If

 

            myItem.Location = "Your Desk."

            myItem.Start = WriteDate

            myItem.Duration = 90

            myItem.ReminderMinutesBeforeStart = 1440

            myItem.ReminderSet = True

 

            myRequiredAttendee = myItem.Recipients.Add(EmailAddy)

            myRequiredAttendee.Type = olRequired

            myItem.Send()

            ComboBox1.Value = ""

            txtMsg.Text = "Reminder sent to " & EmailAddy & "."

 

            Dim myNameSpace As Outlook.NameSpace

            Dim myFolder As Outlook.folder

            Dim myNewFolder As Outlook.AppointmentItem

 

            myNameSpace = Application.GetNamespace("MAPI")

            myFolder = myNameSpace.Folders.Item(3)

            SubFolder = myFolder.Folders("All Public Folders").Folders("Your Public Sub Calendar").Items.Add(olAppointmentItem)

 

            With SubFolder

                .Subject = EmailAddy

                .Start = WriteDate

                .Save()

            End With

 

        End If

 

    End Sub

 

    Private Sub UserForm_Initialize()

        Calendar1.Value = Now

 

        ola = Application.Session.AddressLists("Global Address List")

        For Each ole In ola.AddressEntries

            ComboBox1.AddItem(ole)

        Next

        ola = Nothing

        ole = Nothing

 

    End Sub


Welcome to the SolarWinds Blog Series, ‘Basics of Routing Protocols’. This is the last of a four part series where you can learn the fundamentals of routing protocols, types, and their everyday applications in network troubleshooting.

In the previous blog, we discussed Open Shortest Path First (OSPF), OSPF message types, and the protocol’s advantages and disadvantages. In this blog, we’ll shed some light on another popular routing protocol: EIGRP (Enhanced Interior Gateway Routing Protocol).

 

What is EIGRP (Enhanced Interior Gateway Routing Protocol)?

EIGRP, a distance vector routing protocol, exchanges routing table information with neighboring routers in an autonomous system. Unlike RIP, EIGRP shares routing table information that is not available in the neighboring routers, thereby reducing unwanted traffic transmitted through routers. EIGRP is an enhanced version of IGRP and uses Diffusing Update Algorithm (DUAL), which reduces time taken for network convergence and improves operational efficiency. EIGRP was a proprietary protocol from Cisco®, which was later made an Open Standard in 2013.

 

EIGRP Packet Types

Different message types in EIGRP include:

  • Hello Packet – The first message type sent when EIGRP process is initiated on the router. Hello packet identifies neighbors and forms adjacencies while being multicast every 5 seconds by default (60 seconds on low bandwidth network).
  • Update Packet – Contains route information that is only forwarded when there is a change. They are only sent to the routes that have partial updates. If there’s a new neighbor discovered, the packet is sent to the router as a unicast.
  • Acknowledgement – This is unicast as a response to Update packet by acknowledging when they receive an update.
  • Query – This packet is sent to query routes from neighbors. When a router loses a route while sending the multicast, Query packet is sent to all neighboring routers to find alternate paths for the router.
  • Reply – These are unicast by routers that know alternate routes for the neighboring routers queried on a network.


EIGRP – Pros and Cons

Speedy network convergence, low CPU utilization, and ease of configuration are some of the advantages of EIGRP. The EIGRP routers store everything as routing table information so they can quickly adapt to alternate routes. The variable length subnet mask reduces time to network convergence and increases scalability. EIGRP also includes MD5 route authentication. Compared to RIP and OSPF, EIGRP has more adaptability and versatility in complex networks. EIGRP combines many features of both link-state and distance-vector. Since EIGRP is mostly deployed in large networks, routers tend to delay sending information during allotted time, which can cause neighboring routers to query the information again, thus increasing traffic.


Monitor Routers Using EIGRP in Your Network

Advanced network monitoring tools have the ability to monitor network route information and provide real-time views on issues that might affect the network. Using monitoring tools in small networks, you can view router topology, routing tables, and changes in default routes. You can also check out overview blogs on RIP and OSPF routing protocols.

John Herbert.jpg

 

We’re getting close to the end of the month, so that must mean it’s time for another installment of our ever-popular IT Blogger Spotlight series.

 

I recently caught up with John Herbert of LameJournal fame, who was kind enough to answer a few questions. In addition to following John’s exploits on LameJournal, you can keep up with him on Twitter, where he’s affectionately known as @mrtugs.

 

SWI: Tell me about LameJournal and how you got started with it.

 

JH: A while back I purchased LameJournal.com with the intent of grabbing the freely available LiveJournal source code and running a spoof site, as if the site itself weren’t sufficiently self-derivative. I sat on the domain for at least five years and failed to do anything with it, mainly because it sounded like an awful lot of work just for a joke.

 

Then in April 2011, I went to a flash photography seminar and was so buzzed about the event I felt that I just had to share my enthusiasm, so I dusted off the domain, installed Wordpress and created my first post beyond the default “Hello World.”

 

That post was looking a bit lonely on its own, and somebody had been asking me to explain Cisco's Virtual Port Channel technology to them, so I put out a post on VPC the next day. Like somebody with a new toy, I then started taking things that were on my mind and turning them into posts, because hey, somebody might be interested, right? Cisco Live, Visio, TRILL, some training I went on, and so forth. While the blog subtitle is “Networking, Photography and Technology,” it became evident very quickly that the content was going to be primarily about networking, with an occasional glance at photography and other technology.

 

SWI: And as they say, the rest is history, right?

 

JH: Yep. Really, it’s ended up being an outlet for anything I think is interesting. One of the things I found hardest when I started blogging was to get over the feeling that the information I wanted to share might not be noteworthy, or is already covered elsewhere. My attitude now—and the one I share with others to encourage them to blog, too—is to say, “OK, was this new or interesting to me? Then blog about it.” After all, if it’s new to me, then it’ll be new to somebody else out there, too, which means I should write the post!

 

With that said, I still get the most pleasure from writing about something that will help other people in some way, especially if I can fill a gap in the information already out there and provide a unique resource. I don’t actively look for those topics, but they’re great when they crop up. Beyond that, I usually writing about real situations—either current or past—that were interesting or challenging so that (a) I have a record of it, and (b) it might save somebody else some trouble later.

 

SWI: I like the way you think! Do you find you get more interst in certain topics than others?

 

JH: Experience has shown there’s not really a good predictor as to whether a particular post will generate interest, but I find there are two general types of posts that have done better. The first are posts describing problems I’ve had and, if possible, how I fixed them. They’re successful because when somebody else experiences the same issue, they search the Web and my post shows up in the results. Even if there’s a frustrating lack of solution, I personally find great solace in knowing that I’m not the only idiot with a particular problem. For example, I’ve written posts about Cisco AnyConnect ActiveX, Office 2013 and iTunes Match that were very popular over time; they seem to have lasting appeal. The other category of posts that do better are those covering new technologies, where information out there is a bit patchy. Examples include TRILL and Cisco's VPC, and more recently discussions about software defined networking. Posts that are topical may be successful short term, but they tend to have less long term interest, which makes sense when you think about it.

 

SWI: Definitely. So, what do you do professionally?

 

JH: I’m a consultant for a professional services company. So, to put it simply, I move packets for other people. Consulting is interesting in part because I get to see so many different networks, teams and company structures, rules, procedures and architectures. I like the insight this gives me, and I find it fascinating to see what each client determines is most important for their network.

 

SWI: Very interesting. How did you get into IT in the first place?

 

JH: I kind of fell into it, really. I've always enjoyed working with computers and was programming SAS (database/statistics software) when a friend suggested I should join the company he worked for and do networking. I really didn't get what it was that he did, despite him trying to explain it, but the pay sounded good so I made the leap and haven't looked back.

 

SWI: What are some of your favorite tools as an IT pro?

 

JH: From the SolarWinds portfolio, Engineer's Toolset has been on my work laptop builds almost continually since the year 2000. Fun fact, I actually joined International Network Services in 1999, and that’s where Don Yonce (one of SolarWinds’ co-founders) was also working. So, I have always felt like I have a special relationship with the SolarWinds products. So, I also typically have SolarWinds free tools installed on my own machines (the Advanced Subnet Calculator is a very old friend of mine!). I’m currently using a MacBook right now, so I’m feeling a little lonely, but since my other favorite networking tool is Perl, I’m all set for that at least. The ability to program in one scripting language or another is a huge benefit to any network engineer in my opinion, and was so even before SDN reared its head.


SWI: And what are you up to these days when you’re not working or blogging?

 

JH: I have a wife and three school-aged children, a home network to perfect and meals to cook. So, beyond working and blogging I mainly eat and sleep. Occasionally, I play some piano, which I find very cathartic, and I’m also on the board of directors for my home owners’ association, which eats up some more time. As my blog title suggests I also enjoy photography, and I really should get out and do more of it.

 

SWI: Well, I hope you’re able to. Switching directions a bit, what are some of the most significant trends you’re seeing in the IT industry right now and what do you this is to come?

 

JH: In the networking world, the buzzword-du-jour is SDN. One way or another, there’s a huge paradigm shift occurring where pretty much every vendor is opening up access to their devices via some form of API, and there’s a growing new market for controllers and orchestrators that will utilize those APIs to automate tasks. Those tasks can be anything from configuring a switch port or VLAN as part of a service chain to instantiate a new service to programming microflows on a switch. I said “devices,” but lest it sound like this just means hardware—the network “underlay”—SDN also extends to the software side of things too, both in terms of encapsulations like VXLAN, an overlay, and features like network function virtualization, which also offers some exciting possibilities.

 

My one fear is that SDN encompasses so much, it’s in danger of becoming another meaningless marketing term like “cloud,” and I'm waiting to see the first “SDN Compliant” sticker on a box. That aside, the innovation in the SDN space, both proprietary and open source, is redefining the way networks can be built and operated, and it’s a very exciting time to be in this industry. The downside is that there’s so much going on, there aren’t enough hours in the day to keep up with all the blog posts that could be written!

 

SWI: Well, that’s all of my questions. Is there anything else you’d like to add?

 

JH: If I may, I’d like to give a shout out and a thank you to all the networking and technology bloggers out there. In many IT and networking teams, there’s that one person who hoards information and believes they’re creating job security by being the only one to understand something, and thus they resist sharing that knowledge with others. Blogging is the polar opposite of that; bloggers take the opportunity to share information that may improve somebody else’s ability to do their job, help them avoid a problem before it happens or just make you smile because somebody else is experiencing the same challenges as you. I stand in awe at the quantity and quality of posts that some people manage to create. I use an RSS reader so that I can follow a large number of those blogs in a manageable way, and I strongly recommend RSS.

 

I would also encourage anyone who reads this to consider whether or not they have something they could share with others via a blog. I look at it this way, if I learned something new today, maybe I could help somebody else learn that thing tomorrow. And to paraphrase "Wayne’s World," I only hope you don’t think it sucks!

As much as we try to understand the importance of password security – whether it’s for a computer login, email account, network device, Wi-Fi or domain access – we don’t seem to meticulously implement it every time we set up or change a password. Password security is a popular topic for IT pros and end-users alike, which has remained a hot “good to know” topic, and not always an “I’ll do it right away” thing.

 

There’s yet another example of a password leakage debacle which reinstates our necessity to enforce stricter password security measures. During the pre-game coverage for NFL Super Bowl XLVIII, the stadium’s internal Wi-Fi login credentials were displayed on a big screen in their network control center which was revealed in a televised broadcast of video footage which showed the big screen and the password – unencrypted, in full visibility! It could, of course, be called an oversight; but when it comes to protecting IT assets and securing data, this is lack of due diligence on the part of the stadium’s IT security team. And they did not review the footage well enough before the telecast and tried to nip it in the bud.

 

Talking about password sharing, let’s discuss some best practices to ensure one, you build a strong password which is hard to guess, and two some things to remember about leaving your passwords accessible to the others.

 

Best Practices to Protect & Strengthen Your Passwords

Password Sharing Doesn’t Make You Noble or Kind: Never share your passwords with anyone unless you are absolutely certain there won’t be regrettable ramifications. You never know whether their system is compromised, whether they leave it written in the open, or they are a gullible social engineering target. Even if you have to share it for some reason, better change it immediately after their use with your login access is fulfilled.

  

Make Them Long, Make Them Strong: Longer passwords are difficult to guess especially if they are alphanumeric, includes special characters, and has a mixture of lowercase and uppercase characters.

  • Have at least 8 characters to make you password. The longer, the stronger.
  • Make passwords more complex and difficult to guess.
  • You can even use password generating software available online to spin up a strong string for your password
  • Do not give your biographical details such as name, date of birth, city in your password as they can also be easily guessed.
  • Try to ensure your passwords don’t contain any common words from the dictionary.

  

Strict No-No for Common/Same Passwords: A hacker has many devious ways such as brute force attacks to get into your system. Having common and same passwords for different sites and purposes is only going to make his life easier.

 

Not All Computers Are Your Friends: Keystroke logging (aka keyboard capturing) has become a common malware that finds entry into unprotected systems quite easily. You may never know it, but your key stokes could be captured as you type out your passwords. There are various types of keystroke capturing software that could swipe your passwords: hypervisor-based malware, API-based, kernel-based, form grabbing-based, memory injection-based and packet analyzers. Always remember to log out of your personal accounts when you are using someone else’s system.

 

Beware of the Eye of Sauran: We watchful of your immediate vicinity when you enter your password to a secure system related financial and other personally-identifiable information.

 

As Much As You Do, Your Passwords Too Need Change: It’s always best to change your password every once in a while, and not use an expired password for at least a year. Whether your system prompts you to or not, do make it a point to periodically change your password.

 

Don’t Make it to The Hackers’ Hall of Fame

Splashdata, a password management company, has released a list of "25 worst passwords of the year" for 2013 which was compiled using data that hackers have posted online (believed to be stolen passwords).

 

1)  123456

6)  123456789

11)  123123

16)  1234

21) password1

2)  password

7)  111111

12)  admin

17)  monkey

22)  princess

3)  12345678

8)  1234567

13)  1234567890

18)  shadow

23)  azerty

4)  qwerty

9)  iloveyou

14)  letmein

19)  sunshine

24)  trustno1

5)  abc123

10)  adobe123

15)  photoshop

20)  12345

25)  000000

 

Top 10 Password Preferences: The Weak & Common Themes

Google has released a list of password selection themes that were most popular based on a study consisting of 2,000 people to understand the procedures used to create passwords. Here are 10 most common and easy-to-break-in ones.

 

1) Pet’s name

6) Place of birth

2) Significant dates (like a wedding anniversary)

7) Favorite holiday

3) Date of birth of close relation

8) Something related to favorite football team

4) Child’s name

9) Current partner’s name

5) Other family member’s name

10) The word "password"

  

Yes, I agree periodic password change is a grind. To top that, you have to remember what you used earlier to not repeat it again. But it’s all worth the effort to manage and secure passwords, than to face the consequences of account breach, data theft and all the other fallouts. And, do ensure to protect your password and save it from those prying hacker eyes!

dlink7

Supporting the Vendor

Posted by dlink7 Mar 24, 2014

Over the last three weeks my posts have focused around end users and remote support tools. This time I want to focus on vendors. In theory you should love your vendors that you work with, there are an extension of your IT team.  I know there are the new vendors trying to get new business and most people try to avoid them like the plague but there is an expectation to every rule. Most vendors have a genuine interest or at least in my mind of benefit of seeing their customer succeed.

 

One thing that can make or break a vendor relationship is remote support. Some vendors have remote support enabled on their systems so they can go directly to the box in question. I am a big fan of this but the paranoid folks are worried that security may be at risk and usually don’t allow it.  I know for Nutanix gear you can set a timer on how long you want the remote tunnel to last. It’s a good option if you’re worried about a vendor using his equipment as jump box.  I think if you’re dealing with a global company this option is great to help remove some of the language barriers that may exist with follow the sun support.

 

If you don’t have the option above the next step is the dreaded Webex/GoToMeeting.  For whatever reason in a time of crisis you can be rest assured you will be downloading the newest client and maybe even playing with a java update. Usually ok but doing console work is usually problematic for the person trying to give support.  My big beef is that it gets people use to accepting remote connections. Humans are easily fooled, self included so if possible I think it best to control access on your own terms. If at all possible if you can extend your current remote tools to share your screen with the vendor I think that is ideal.

 

What do you do for your vendors so they can support your gear on site? Give them a virtual desktop and only give access to their system? VPN with full access? Let them use their own tools?

 

Curious to hear peoples thoughts and if people think of this a security threat.

This is my last post as an ambassador. I've had a ton of fun and appreciate everyone’s feedback and opinion. Now let’s talk about some network diagrams!

No network should be without a good visual representation of the overall design and layout. When push comes to shove any documentation is better than no documentation. For me an awesome network topology is worthy of printing it out on a plotter and handing it on my cube walls. But what techniques can you use to build great visual representations of your network that are both clean and provide adequate details?

Here are several of the techniques I use:

  1. Basic shapes for equipment. To me stencils can get messy where a plan square is simple to organize the layout of connections. I avoid rack view stencils and real images unless Im doing an elevation diagram.
  2. Separate the network into multiple pages. I usually build a separate layer two and layer three diagrams and I will also usually keep network and servers/services in different workbooks all together. Depending on the complexity I will also separate WAN, VPN services etc into their own page. This keeps each page clean and simple.

          If you get annoyed with jumping back and forth between diagrams or tabs then you can use layers. To me this adds more complex and doesn’t always work well. That could just be me though.

  1. Organize the layout in a way that can quickly represent the flow of traffic but always try to avoid crossing connections. For physical cabling and connections I like to keep lines running horizontal and vertical and never run at an angle. Angled and curved lines for me represent logical connections.

 

So, what are the techniques you have used?

What has worked for you in the past and what do you try to avoid?

‘Tis the season of madness – March Madness! It goes without saying that all of us (the basketball fans of course) are wired into the games, watching matches, following scores, rambling on at length, blogging, Twittering and whatnot. That’s totally alright. Every fan would love to get caught up with the heat and show some NCAA love. But what happens when your employees and network users start streaming the games online in the office consuming corporate bandwidth? And this is when madness becomes insanity for the network admins.

 

  • More user complaints about network not being available or being awfully slow
  • Latency and network traffic delay
  • Adverse impact on network traffic quality levels
  • You just don’t have any clue whether to just disable the Internet for all users (height of frustration), or just buy more bandwidth (height of desperation)

 

Bottom line: Mission-critical network users and apps affected due to increased network bandwidth utilization by online streamers and video watchers.

 

So, what is left for the helpless network admin to do? Cry for help, or implement proper bandwidth monitoring utilities to track when, where and by whom bandwidth is being consumed for non-official purposes?

 

Instead of pulling the plug on the Internet, or shelling your IT budget to buy more bandwidth, you should be able to optimize network bandwidth usage by pinpointing incidents of bandwidth spikes and administering necessary measures to prevent network policy offenders from hogging your precious bandwidth for online video streaming – during March Madness or whenever.

 

We still have a couple of weeks to go with the games, and March Madness is truly a great time for all of us fans. But that doesn’t mean network teams should be battling for bandwidth and risking network performance issues. Proactively monitor bandwidth utilization and traffic quality levels, and slam-dunk those bandwidth bottlenecks!

 

Check out this cool infographic from our creative team about bandwidth risk assessment during March Madness!

NTA - March Madness.jpg

UPDATED WITH BRACKET LINK BELOW:


We just couldn’t help ourselves. Reaction has been so good and we are just a weekend away from this year’s SolarWinds Bracket Battle 2: Gamer Edition… Before we “Falcon Punch!” this competition into high gear, let’s just review the gameplay today!

 

We’ve put our quarter down to get dibs on next, and we have enough batteries to keep these controllers running for months.  We’ve blown on our cartridges and bumped up our bandwidth…  We are ready to go.

 

We have selected 33 video games from across platforms and genres to battle it out head to head for supremacy. Each pairing has been debated and set -- over Mountain Dew and Cheetos -- and is based on some shared theme or principle (and, it is not always the most obvious basis of comparison).

 

MATCH UP ANALYSIS

  • For each combatant, we offer links to the best Wikipedia reference page by clicking on the NAME link in bracket
  • A breakdown of each match-up is available by clicking on the VOTE link.
  • Anyone can view the bracket and the match-up descriptions, but to comment and VOTE you must be a thwack member (and logged IN).

 

VOTING

  • Again, you have to be logged in to vote and debate…
  • You may only vote ONCE for each match up
  • Once you vote on a match, click the link to return to the bracket and vote on the next match up in the series.
  • Each vote gets you 50 thwack points!  So, over the course of the entire battle you have the opportunity to rack up 1550 points. Not too shabby…

 

CAMPAIGNING

  • Please feel free to campaign for your favorites and debate the merits of our match ups to your hearts content in the comments section and via twitter/Facebook/Google + etc. etc. etc.
  • We even have hashtags… #swibacketbattle and #levelup… to make it a little bit easier.
  • There will be a PDF version of the bracket available to facilitate debate with your office mates or WoW Raid.
  • And, if you want to post pics of your bracket predictions, we would love to see them on our Facebook page!

 

SCHEDULE

 

  • Bracket Release and Prequel Battle OPENS March 24 at MIDNIGHT
  • 8-bit Battles OPEN March 26
  • 16-bit Battles OPEN March 31
  • 32-bit Battles OPEN April 3
  • 64-bit Battles OPEN April 7
  • Game Over Battle opens April 10
  • Champion of the Arcade will be announced on April 14

 

If you have other questions… feel free to drop them below and we will get right back with you!

 

Otherwise, keep your eyes on this space.  And, here is the link to the Bracket!  FINALLY...

 

Ready Player One!

TiffanyNels

Let’s LEVEL UP Folks!

Posted by TiffanyNels Mar 20, 2014

UPDATE: The Gameplay Rules Post is now UP!

UPDATE v2: Here is the BRACKET!  Go vote!

 

The time has come for SolarWinds’ second annual, old-fashioned (hypothetical) grudge match.  Last year, Spock triumphed over a handpicked stable of Sci-Fi icons. This year, we’re ready to flaunt our gaming knowledge!

 

Welcome one and all to the…

 

SolarWinds Bracket Battle 2 – Gamer Edition!

On March 24th, here at thwack.com, we are once again going to let our community decide who shall stand victorious and whose plug should be pulled and relegated to the stack of cartridges in the closet. The bracket-based, “March Mayhem”-style competition will feature 33 video game titans from various platforms (PC, arcade, consoles of all sorts) and genres (fantasy, first-person shooter, MMOG… the list goes on) battling it out for the last level. Like games are matched against each other in the first round, but then mayhem will ensue as we vote to determine each round’s winner and allow the bracket to develop over the two weeks. No joystick is required to guide your favorites to escape the ultimate “game over.” So, gamers… start mobilizing troops and conjuring up Intimidating Shouts to ensure that the game that engulfs your nights and weekends is crowned champion.

 

Do NOT miss the chance to decide …

 

Do you want Tommy Vercetti by your side?

Can the Umbrella Corporation survive in Rapture?

Which Princess is worth saving?

 

The official bracket and rules of engagement will be released on March 24, 2014 including the “play-in” match up.

 

Trust us, you do not want to Leeroy Jenkins this… March 24 release date people, get in line now and start sharing the news with #swibracketbattle #levelup .

Filter Blog

By date:
By tag: