Blade Watch

A quick reminder about security patching your estate whether it’s updating your laptops or desktops with Windows Update or deploying patches to your server estate, ensuring everything is patched to the latest revisions protects your estate and will be the first thing that a vendor or service provider will ask when logging a call.

The details are below:

http://www.microsoft.com/technet/security/bulletin/ms10-mar.mspx

Bulletin ID	Bulletin Title and Executive Summary	Maximum Severity Rating and Vulnerability Impact	Restart Requirement	Affected Software
MS10-016	Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561) This security update addresses a privately reported vulnerability in Windows Movie Maker and Microsoft Producer 2003. Windows Live Movie Maker, which is available for Windows Vista and Windows 7, is not affected by this vulnerability. The vulnerability could allow remote code execution if an attacker sent a specially crafted Movie Maker or Microsoft Producer project file and convinced the user to open the specially crafted file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	Important Remote Code Execution	May require restart	Microsoft Windows, Microsoft Office
MS10-017	Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150) This security update resolves seven privately reported vulnerabilities in Microsoft Office Excel. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.	Important Remote Code Execution	May require restart

Microsoft Office

One of the conversations I have been having with colleagues and CIOs is a question that’s been on my mind for some time. What I am about to say is in no way negative and is not to be taken as criticism of the way ahead. There are exciting times ahead for the end user community, for vendors and investors alike. The question is as follows.

As we virtualize and commoditize the infrastructure, the individual components become less significant in a way, whether it’s a server from vendor1 or vendor 11, does the actual underlying tin matter?

1. Absolutely – I have a specific price point that I seek to achieve, that can only be done through our purchasing agreement with vendor8, or absolutely because we want the management software, the extra bits which you just don’t get from any other vendor (real or perceived).
2. No – it will be replaced every few years and besides my servers, my applications are abstracted from it, I want the cheapest hardware financially and operationally.

The problem is that we’re for the time being going forward. (The time being between now and when the data center is virtualized and floats around the enterprise, the cloud or whatever device can power and host it at the lowest cost, a Mac Mini perhaps).  Between now and the future then, data center 3.0 I’ll call it, how do we differentiate ourselves? How do we isolate our servers, our software from the competition?

• Price – but dear me, many a business has gone down that route and volume is key at this point else margins eat your profits – and what about concepts like support costs and service delivery?
• Functionality – great, but dear me reader, functionality is expensive and requires real investment and do our beloved users want to pay for said functionality, everyone says yes until the invoice arrives for approval and sign off
• Apple-ness – by this I mean belief in the product, belief in the service that only Apple seem to be able to achieve in the notebook/pc world – you mean you haven’t got one of these, oh well, maybe next year

I wonder then, going forward as the industry changes, both inside IT and outside the IT industry where the lines are drawn and where go, going forward, is branding enough? Is price or feature competition effective enough as a vehicle to protect revenues. Is Apple’s benefit that regardless of the perceived limitations not that the fans just sit and go wow, look at the design and buy it anyway? How do we then do this in the IT industry? Where commoditization, where hierarchical structures are changing, it used to be that server guy Mike made the recommendations on servers, but Fred who runs trading now wants to know what can be done about this data center space problem, IT is crossing the boundaries that we spent years creating, how then do we change the marketing, the lines of communication and support frameworks to meet this new target audience?

How do we sell servers or software, or a concept to a business unit, a CEO or CFO when concepts of MegaHertz, memory support, or number of PCI slots don’t quite raise the excitement that Mike has when the nice account manager says take a look at this, 5 pci slots and a redundant power supply!

We could go down the services route, indeed, fantastic, would you like  a 2u server or a virtualization product as part of a service? No capex, I repeat No capex, but as the world gets smaller, that poses the old problem, fine I’d love to have my virtual desktops powered by your service, but just one thing, I’ll have it hosted in India, at India prices, not at your UK prices, no they’re too much, and can I have that free mouse mat. I like mouse mats.

We need change, we need progress and development, a move to a scenario where the IT and business merge to create a unified platform for revenue generation, I just wonder if combined the two business units, are ready for this new world as are the vendors. Does this mean a rebrand of IT, a convergence where we offer a range of solutions mixing software and hardware with services and service delivery an overall solution comprising of everything you need, and does that mean the user gets closer or further away from the vendor? We’ll have to see,

http://gestaltit.com/all/tech/networking/stephen/innocence-fairness-technology-benchmarks/

HP recently commissioned Tolly Group to benchmark their BladeSystem c7000 against the Cisco UCS 5100. The short report focuses on two results, and reads like so many competitive benchmarks in the IT industry:

Check out this analysis of the BladeSystem C7000 and Cisco UCS 5100. It’s a report comparing network  benchmarks on the two platforms. These kind of benchmarks can be useful, but as with anything the performance you achieve from your infrastructure is dependent on many aspects of the infrastructure, the network, the operating system configuration, layered components and hardware configuration, not to mention the configuration of your application, there is nothing to comparing the technology in your environment. Benchmarks, testing will always have relevance and always be useful, but as with anything is to be taken at face value and understood that how the infrastructure performs for you is going to depend on your IT, your infrastructure and your business. Little things like system firmware, operating system hot fixes, network configuration and the application or middleware being optimized for the platform all affect such tests, and ultimately any  decisions tend to be influenced more by purchasing agreements, discounts and that old thing of comfort zones, buying a platform that we are comfortable with. We’ll see, it’s worth a read, do check out the report and the analysis on the blog.

It was great visiting Texas, I confess that I hadn’t been there before and it re-affirmed my love of the US on many levels. I enjoyed meeting fellow bloggers who were writing about storage, servers virtualization amongst other things, to see what they were interested in and talking about. The days over at HP’s site in Texas were useful and gave me some interesting topics to write up and hopefully they should follow in the next few days. In the meantime, normal service resumes and might I just thank HP for their hospitality, for the invitation and the chance to meet fellow bloggers, experiencing Texas and their facility in the process. Do check out some further analysis and pictures here.

Day 2 was great, it had some great topics, discussion and a chance to be shown around their factory, to see a blade being built, very, very cool.  The day started with an overview of desktop virtualization, something we have covered many a time at Bladewatch. We saw a demonstration of the work is doing in this area, including in their lab, and some interesting conversations about desktop virtualization admittedly I commented on this quite a bit. There is still a degree of perception for and against, to some up, against it is the cost, is the fact that our desktop infrastructure might actually work ok. The benefits though, of abstracting the user from their individual desktop, of breaking down the end user requirements to the core applications and services that they actually need, rather than providing a one size fits all approach, combined with the savings and distractions around the desktop support, not always about direct or indirect cost, but more to a disposable reliable desktop solution that meets user requirements. Is it a desktop I actually need or just the ability to check the online phonebook, check my email and book meeting rooms, is it therefore a pc I need, or a thin client with a web browser and everything stored online.

We then got a tour of the HP Factory Express and HP POD facilities. I’ve published pictures, apologies they were all taken with my iPhone, but nonetheless you’ll get the idea. On the POD it was great to see the two demo units that they had and discuss the opportunities and uses for the different form factor (sizes) of POD, there is the smaller more portable and the standard larger one, both could have specific benefits dependent on their size and scale. I remain a fan of the POD concept and remember writing about it being a perfect solution for those data center virtualization projects, deliver one, virtualize on to it, then once you’ve decommissioned and removed the legacy estate, P2V migrate back into your existing data center – virtualization in a can if you like.

Back to the HP Factory Express center which was great, walking around seeing how the servers were built to customers specifications, then tested, verified and packaged ready for shipment was very cool. Check out the pictures on flickr.

My first day was spent at the HP Campus speaking with the team and learning about a number of things including Data Center trends for 2010, HP servers being used in the production in the film Avatar, and an interesting presentation from Nth Generation Computing. Following that was a presentation about HP Virtual Connect, something that I have been interested in amongst other things.  The BladeSystem sessions in the lab was very cool, we went over the different HP blade offerings and there was a demonstration of HP’s Insight software, in particular their Dynamic Power Control. Dynamic Power Control is part of their Systems Management technologies which allows you to adjust the power utilization of the server by adjusting the clock speed of the processor, so for example in the event of a power or air conditioning failure, you could select to reduce the power consumption of the non production or non client facing systems to reduce your power load and therefore cooling requirements. System administrators can create groups of servers by platform, location or specific values and then apply rules to those groups, furthering the ability to manage remote sites or plan for specific events, like a data center power down.

Over lunch I had a conversation with some of the guys from HP about their support, about making things easier, it was great to hear their feedback. We then had a walk through discussion about BladeSystems Matrix which is an innovative solution for improving deployment times something many a CIO speaks about, and then the competitive discussion, discussing the features of each of the blade vendors and how HP is different, or what their competitive advantage is, it’s an interesting topic – though I have always wondered about comparing features, it can do one of two things, turn off your audience, or preach to the converted, but then that could be me being emotional. It was interesting nonetheless and reminded me about the different features and concepts around blade technology.

I’ve published more photos on flickr.

Had an interesting day so far at HP’s facility in Houston, Texas, will be posting some content later today including some pictures of their blades. It was great meeting some of the HP team and asking them a few questions and comments.

My photos are here – all taken on my iPhone.

These suggestions can apply if the drive is reporting failure whilst the server is online (a flashing orange light on the disk) or if you get that POST message drive array or disk failure message.

• Try reseating the disk – this can force a rebuild if the disk has errored incorrectly
• Check the disk and controller firmware, sometimes this can cause an issue
• Power cycle the server for 30 seconds or so and see if this clears everything

One of our DL360G4's with a failed disk

Check out these posts for a few more ideas/analysis:

http://www.bladewatch.com/2010/02/10/flashing-orange-disk

http://www.bladewatch.com/2009/04/21/is-my-diskarray-rebuilding-on-dl380/

So I am officially in Texas at the moment, and in fact am blogging having just completed my visit to H-E-B to get some mineral water. I’ll be doing some research and blogging over the next few days so if there’s anything I should be aware off, do get in touch, I’m on my iPhone so drop me a mail and I’ll give you a call.

I was excited to see BLADE Network Technologies offering their DC powered switches, this is set to bring increased energy savings over comparable switches, granted DC switches, DC powered blades or technologies might not be something you look at implementing overnight and might not be for everyone, but for those green field sites, for those customers that are looking to realize energy efficiencies by combining fresh air cooling technologies, data center tiering and DC Power, it could be of real interest.