So any one with two hours or more to spend on teaching their computer new tricks, need not look any further than their new Windows 7 installation.

I wrote this entire post using Microsoft speech recognition that is included with their latest OS.  What to me

took me 10 minutes to complete using speech recognition would have taken the 20 microseconds to type.  So there is a small learning curve for the computer, but reasonable considering what is happening.  It is incredible! 

You too can speak to your computer just like Star Trek if you have lots of free time.  Believe me technology has come a long way from the days of Windows 3.  1.  It used to have a long way to go but if this is proof is starting to be realistic.

Do yourself a favor And spend 2 hours in the next few days or weeks and set up speech recognition on your computer by going to the following tutorial

click start menu, type “start speech recognition” and press enter.  And follow the wizard.

OK for you should give it 3 hours and it takes a longer than 10 minutes to complete your first post, but the thrill of it recognizing your voice so incredibly well it is worth it.  Thank you Microsoft for showing us why touchscreen technology is only a single part of the  future!!

One of the most prominent issues facing many medium to larger IT organizations is the subject of monitoring.  Monitoring has been around a long time, and has come in many forms.  Even to this day many datacenters have a schedule when someone physically walks up and down the rows to look for any blinking red lights.  Monitoring has developed a long way from manually looking for blinking lights, but the wisdom behind the diligence of that scheduled walk haven’t followed technologies progress.

Years ago the idea of using simple pings took hold and network monitoring was born.  Since that time innumerable applications have been written to address the issue of monitoring.  It is only within the last few years that I have had an opportunity to find out how essential it is to be in control of how you monitor your infrastructure.  Since I’ve been a Microsoft Administrator for so long, it made sense to use a Microsoft product to monitor my systems.  About a year ago I setup and installed Microsoft Systems Center Operations Manager 2007, and since then my appreciation of monitoring has been tempered.  And my expectations of a what to look for in a monitoring system have been raised incredibly high.

It is essential to have trust in your systems of course, trust that you have designed, managed and maintained your systems well enough that you can sleep at night.  With demands for 24×7 uptime on practically every aspect of an IT ecosystem, it is essential that you know when a system is behaving aberrantly.  Is it too much to ask that when you go to bed at night, you will be awaken by a phone call only in a real emergency?

And how do you decide what is an emergency?  And therefore how do you decide what you need to monitor?  My current preoccupation with monitoring systems comes from several miscalculated attempts by well-meaning staff.  “Build it and they will come” is not a best practice to monitoring IT systems.   It is misguided at best to buy an over-priced and over-complicated solution and then identify what you need to monitor by finding out what that shiny-new monitoring system doesn’t address.  But without experiencing first-hand what a system can or can’t deliver, how can you ever decide what data you’re missing? If your parents purchased you a bike as a small child, did they spend a thousand dollars on a 26-speed Tour De France worthy bike?  Most likely you received the Toys R’Us special with training wheels.

Do you need a ping test?  Then dozens of free tools can solve your needs.  What if you needs are more complicated?  What if you have no way of knowing what your needs will be a week from now, two months, or two years later? 

A real-life scenario could be encountered such as this:

It’s 2 am.  Something happened that you won’t find out about until the morning when your users are calling.  You rush into work only to find your VP and other angry management figures waving hands in the air.  “E-mail is down!  No one can work like this!  Fix it or I will fix you!”

What happened here?  What happens next?  For several minutes or maybe several hours, someone has to dig through event logs, hardware logs, perform tests, sweat, Google a dozen things, browse TechNet, and possibly even call product support.  All of this can happen just to find out what the problem was, and in no way necessarily fixes the issue.  Once identified the issue can hopefully be solved very quickly.  If it is a catastrophic failure it could be days or weeks before a resolution is found. Once the issue is resolved many companies now ask for an RCA, either formally or informally.  An RCA for those who don’t know is a “root-cause analysis.”  It is a blanket term to cover the what, the where, and the why of a major problem.  They usually involve angry management and very timid-looking IT professionals.  People get fired soon after RCAs, and then RCAs become another acronym: RGE.  An RCA can lead to a “Resume Generating Event.”

Enter a reasonably robust and functional monitoring system.

It’s 2 am.  Something has happened and it was logged on a system.  The vigilant monitoring system detects the log entry, matches a rule in its database, and issues an alert.  You are woken up by a text message and the sound of ultimate doom coming from your phone.  You have 4 hours to research and fix this issue before the CEO wakes up and grabs his BlackBerry to check his email.

We have bridged the gap of not knowing a problem exists for hours, and we have achieved the true goal of a monitoring system, early warning.  If you think of your monitoring system as a plane’s radar, the whole point is to detect threats before something becomes a critical event.

Since the days of the ping tests, monitoring systems have evolved into much more complicated, and much more intelligent applications.  Now monitoring systems can warehouse events to provide long term statistics on the health and performance of systems.  This warehouse can generate reports and be useful for applying strategy to your IT systems.  You can move from a reactionary IT environment, to a smart ecosystem, predicting when and where expanding systems will be necessary before the end-users and management ever notice.

In addition to long term trending and reporting, some systems can be reclassified as management systems, and not monitoring systems.  The software I am using Operations Manager 2007 or OpsMgr as I call it, not only monitors logs, web pages, and services, but it is designed to perform the first few steps in troubleshooting issues.  If a service stops unexpectedly during the night, OpsMgr will detect the failure, and issue a command to the server to restart.  It performs administrative recovery tasks so I may not have to.

The best example of this, and one reason my monitoring expectations are so high, is how OpsMgr has saved me from the humiliating experience of telling the CIO why something broke.  I wrote an post several months ago about a Blackberry error where users were unable to send or do lookups from their handhelds.  This error generated an event 20482 in the application log.  Due to the site architecture of the Active Directory forest this BES was in, this event would happen whenever the Exchange specific domain controllers were knocked offline.  The BES wouldn’t be able to perform global catalog lookups, and would result in the error.  Since this usually happened at 6am (patch window for DCs) I didn’t want to be up every time this happened.  So OpsMgr now stops and restarts the critical Blackberry Services whenever that 20482 event occurs.  Problem solved by a monitoring system.

With that direct experience in my past, I task any IT group looking for a monitoring solution to dig a little deeper.  If the point of a monitoring system is to make your life less stressful, how can it also make your life easier?

As part of the FCC’s move towards broadband access for the entire country, they have provided a free tool that will allow you to get data on your current internet speeds.  Tools like this are nothing new to the internet as a whole, but this is the first time a government entity has gone out of its way to spread the news that you are paying for something you are not receiving. 

My current ISP is selling me a package of 5mbps download speeds for a nice sum of only $17 per month.  It is only $17 per month for the first year, and once that year is up the cost will triple to approximately $55.  With the dramatic increase in price from year one to year two, I will not see any improvement in my service.  This is due to the current design model of broadband service in general, as the more customers in your area, the slower your connections speeds will be.   There is a wealth of information regarding the design principles of this, but a great summary can be found at

http://computer.howstuffworks.com/cable-modem10.htm

Pros and Cons to Cable Modems

If you are one of the first users to connect to the Internet through a particular cable channel, then you may have nearly the entire bandwidth of the channel available for your use. As new users, especially heavy-access users, are connected to the channel, you will have to share that bandwidth, and may see your performance degrade as a result. It is possible that, in times of heavy usage with many connected users, performance will be far below the theoretical maximums. The good news is that this particular performance issue can be resolved by the cable company adding a new channel and splitting the base of users.

Now that only directly applies to cable modems, but every broadband technology has its drawbacks.  If the FCC has its way, in 10 years that will be a thing of the past.  The FCC will be promoting its plan of getting 100mbps internet connections to every American within the next decade.  Although this is great news, it doesn’t help anyone that is currently overpaying for slow broadband connections.  Waiting for the FCC to fix this isn’t a timely solution, so the first step in addressing your slow connections is to talk to your ISP.  It is likely they will remind you that your 5mbps plan is a theoretical maximum, and it is expected you will never see those speeds.  Be prepared for disappointment or at least an hour of your time spent on the phone or online chat with an ISP rep.  By providing this single bandwidth test, the FCC has created a speed test that will be considered the standard benchmark for consumers that want to complain about their speed.  As I mentioned there are many free test available online, but as word spread, the FCC’s speed test will absolutely catch on as the de-facto standard.  What interest does the government have in providing inaccurate results?  It could be argued that  the FCC’s results will only help to promote its own agenda.  What the FCC is trying to do is in the best interest of the American people, by pushing the ISP’s and to deliver on its service and not hide behind ‘theoretical maximums’.   I would suggest that you run the FCC speed test from every new location you happen to be at.  Spread the word about it to all your friends and colleagues.  Help promote the test as the standard by which consumers can demand the service we are actually paying for.

 

Try it out here :

http://www.broadband.gov/

“How Tomorrow’s Technologies will impact your life”

these are the words in bold on the back cover. Since this was written in 2001, and published in 2002, I will have to be forgiving to the authors in advance for notgetting everything correct. I am excited toread what interesting ideas have NOT come to fruition yet. As I believe most dreams futurists,IT leaders, digital nomads, cyberpunks, and other techies have willcome true, and it is only a matter of time.

I was about to submit a request for a feature in the webmail software I use when I got lost in link-land.  I stumbled upon the “Executive Blog” for VMware.

http://blogs.vmware.com/console/2010/01/vmware-to-acquire-zimbra.html

It turns out that today my webmail suite was purchased by VMware.  In the blog VMware’s CTO explains how the acquisition of an open-source email is directly in line with their vision of advancing cloud-computing and simplifying IT for everyone.  I couldn’t agree more on this cause, as everyday computing has become too complex and for everyday users to make sense of.  There are far too many applications written for systems today for any one user or administrator to wrap their heads around.  While all of these great new applications are innovative in many ways, the issue of information overload continues to grow in direct proportion to the number of new applications.

There is no longer any time for a system administrator to become intimate with a piece of software.  Particularly if that system admin is required to use an additional dozen applications to help maintain that single piece of software.  The best example of this is Exchange.  All email systems are generally the same, I just happen to have the most experience with Exchange.  Not only do I have to understand all the inner workings of Exchange, it is generally a requisite of an email admin’s job to know the client software.  So now I need to understand Outlook, Thunderbird, and Entourage.  And of course Outlook Web Access.  And don’t forget the different versions.  Some places still have Outlook 2000 and XP clients. 

So I have the server software and half a dozen client applications to understand.  There is also the need to maintain consistent and reliable backups.  So that is at the minimum another application.  In an enterprise environment third-party software is likely used since Windows Backup isn’t the greatest solution available.   Regardless of the backup solution, knowledge of an additional application is necessary. 

And since I’m using email administration as my example, I can’t forget to mention spam.  Spam and junkmail are accounting for up to 90.4% of the traffic running around the internet!  (see previous post Permanent Link to Junkmail has to be stopped).  With this much junkmail you MUST have some sort of antivirus and spam filtering software on your servers.  Another application is added.  Sometimes spam and junk filtering isn’t enough, you have server-level A/V on your systems that needs to be managed, and you might have a firewall to contend with, SPF filters, reverse dns records, disclaimer products, mobile devices, Blackberry Servers, archiving, e-discovery, and the list goes on.  Not only do you have all this software that goes into making a reliable, functional, distinctive, and hopefully seamless solution for your customers, but you also have all that support software you have to call up when something goes wrong.

Coming back around to the original topic of cloud and whether it is a bad thing, I heard the argument recently that cloud will destroy the competitive nature of software, and stifle innovation.  The argument supporting this follows the logic that once everyone agrees on a particular platform such as linux, and agrees that all code from here until the end of time will run on linux, that innovation and creativity will lapse as a side-effect.  The direction the argument was making is that cloud computing will not come to fruition, and once companies realize this they will stop pursuing cloud, and refocus on what makes their software solutions different. 

My argument doesn’t take an entirely contradictory stance to this idea.  I do believe that if a common platform is ever agreed upon, that innovation in that platform will slow down.  This will mainly be due to any innovations made to the core platform will likely be excluded from the majority of systems.  Because any innovation outside of the core platform will not be beneficial to every single system the innovation is therefore superfluous to the core.  There would be likely few if any dramatic recreations or modifications of that single core platform.

Where my argument differs is that the core platform itself, and IT as most people have come to think about it will stop existing as we know it today.  I don’t believe that large companies, corporations or institutions will ever outsource their IT infrastructure completely.  Regardless of the price savings of software as a service, large entities will always want in-house and custom tailored solutions that can provide a competitive edge against their rivals.  Where cloud computing and software as a service are really unstoppable is the consumer market.  No regular consumer wants to worry about upgrading their motherboard every time a new OS comes out.  With as many stories floating around about everyone not having enough time, people will start to realize that having to manage their own computers is a daunting chore.  And that chore is going to continue to get worse and worse for the end consumer.  As the OS field gets more and more fragmented between Linux, Mac, Windows, and Google, fewer and fewer people will be able to call in their friends in IT to help with a problem.  This will lead to a revolt on the current business model by word of mouth spreading between non technical people as to what is easiest.  I don’t think it will take more than 5 to 10 years before consumers have figured out that their time is being robbed by having to know what the heck a driver is.  Why should a standard user ever have to know what a driver is!  Why should they?  So they can update it themselves?

Let me put it to you this way:  How many people know how to change the oil in their car?  A few.. maybe even half of the people who own cars.  But how many people actually change their own oil?  I imagine the number is far less than half.  People can pay an insignificant fee every 6 months and have someone else do all the work.  There is an argument that you could save a few dollars by doing it yourself.  But I believe that having someone else do the work, and particularly having a “professional” do the work for you, frees you from something that would have spent your free time, and caused you to have to learn something completely outside your passions and professional career.  Unless you work on cars either for a hobby or for a living, I doubt you change your own oil with much frequency.

It is that realization that consumers and end-users do not need to know what is under the hood of their computer, which makes me believe that cloud is coming and it is a force to be reckoned with.  It will not hit large corporations.  It will not hit institutions that have dedicated staff who make the IT decisions and strategies for them.  It will hit consumers and small businesses.  People that are spending more and more of their time doing less and less of what they need to be doing so they can live their lives and make a paycheck.  Cloud is coming with a vengeance if you are not looking out.

I envy the future of the IT consumer.  IT will become a household utility no different than gas or electricity.  Just like the TV it will be synonymous with the American household, and no one will have any need or idea how to fix it themselves.  But unlike the TV there will be no need to call the “computer repair man” because the cloud company that leased the unit, provided the internet connection, and supports the device, has already received a notification that there is a problem, and there is already a technician on the way.

I say pay the professionals to deliver a service!  Let them deal with knowing and understanding what applications there are.

There is a scenario with a GPO that allows traffic on lets say port UDP 8081.  You computer has the GPO applied and has been restared.  Inside the GUI you would see the GPO defined port exception listed.  And if your GPO settings allow you to add an additional local exceptions, you could add an additional local exception for UDP 8081.  Perhaps deviating from the GPO by only the scope.  The port exception will show up in the GUI in bold and all seems well.  But then you restart you computer and the newly added local exception disappears from the GUI.  When you try to re-add the exception you receive the error

“The Port ‘EXCEPTION NAME (43)’ cannot be added.  An entry for the same port ‘EXCEPTION NAME (PROTOCOL PORT)’ already exists.”

No it doesn’t… it’s not in the GUI!  As it turns out the rule does still exist.  As you add host-based port exceptions that operate on the same port as the GPO, you will need to look elsewhere for your disappearing rules.

You can try in the registry:

check the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\
(continued)Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

Or you can try the command-line interface for the firewall:

1. open a command prompt and run command “netsh”
2. type “firewall” to switch to the firewall interface
3. type “show portopening”
4. if your port exceptions are already defined  you will seem them here.

If you like you can delete them here using the command:

type “delete portopening NAME_OF_EXCEPTION” example “delete portopening TCP 9898″ and then recreate your port opening in the GUI.

Even if you do recreate your rule in the GUI it will disappear from there the next time you restart.  Become familiar with the CLI if you plan on using Windows Firewall with GPO’s and local port exceptions.

This flaw does give me a bit of pause to consider the security ramifications of this. If I were aware of this flaw it would be very easy to hide a firewall rule from the average user under the above circumstances. It’s a good thing that most people who are part of a domain using GPO’s do not use Windows Firewall as the sole mechanism blocking malicious traffic. This also shows that Linux admins are right when they talk about needing to know the CLI for your OS.

The Author was mentioned in a different book “The Future Files” that I read a few months ago.