Microsoft
There are 46 entries for the tag Microsoft
Five years ago the OpenAjax Alliance was founded with the intention of providing interoperability between what was quickly becoming a morass of AJAX-based libraries and APIs. Where is it today, and why has it failed to achieve more prominence? I stumbled recently over a nearly five year old article I wrote in 2006 for Network Computing on the OpenAjax initiative. Remember, AJAX and Web 2.0 were just coming of age then, and mentions of Web 2.0 or AJAX were much like that of “cloud” today. You couldn’t turn around without hearing someone promoting their solution by associating with...
Without the proper feedback an automated data center can experience vertigo, leaving end-users dizzy and frustrated.
As organizations continue to virtualize and automate the data center in their quest to liberate themselves and their users from the physical bonds that have kept them tied to the data center floor they are necessarily moving “up the stack” and running into a profoundly important question: how do I enable IT as a Service?
Virtualizing compute, network, and storage resources is just the first step. Once those are virtualized, they must be managed. Once they’re managed, the next layer of the stack needs...
Improving the availability, performance, and security of Microsoft Lync Server 2010 with F5 BIG-IP
The word “consolidation” generally brings to mind these days a reduction in physical equipment, whether that physical equipment be servers or infrastructure. But consolidation can – and does – also refer to the bringing together of similar technologies in software to provide a unified system that better supports integration across similar functions.
It is the latter definition that has become common of late in the communications space, with providers and ISVs alike consolidating and unifying the communication and collaboration experience not only across functions but...
“When crypto breaks, it usually breaks badly.” – Dennis Fisher, ThreatPost One of the most frustrating occurrences in information security is to discover that the security systems and technology being leveraged to protect applications and data is flawed: that it, itself, is vulnerable to attack and exploitation. This is particularly true in the cryptography realm, because as Dennis Fisher pointed out, when “crypto breaks, it usually breaks badly.” The “padding oracle” exploit is not, as the name implies, an attack on Oracle products. It is unfortunate for Oracle (as it has been for...
Google’s latest offering is a hint of things to come and indicates a recognition of devops as a real discipline Interestingly enough devops is comprised of two disciplines: development and operations. The former traditionally solve problems and address challenges through development, through coding, through a programmatic solution. The latter, operations, is often more administrative focused and its solutions to the same issues and challenges will also be programmatic, just on a different level – that of scripting. There is no right or wrong answer to this one; in fact the concept of devops is about...
I’m sure you’ve noticed that there have been quite a few posts on the topic of automation, orchestration, and infrastructure 2.0. Aside from the fact that an integrated, collaborative infrastructure is necessary to achieve many of the operational efficiencies associated with cloud computing and highly virtualized data centers, it’s also a fascinating topic from the perspective of understanding how network and infrastructure providers are dealing with some of the same issues that enterprise software has long had to face while navigating the enterprise application integration (EAI) landscape. One of the ways in which vendors like...
Ask and ye shall receive – F5 joins Microsoft’s Dynamic Data Center Alliance to bring network automation to a Systems Center Operations Manager near you
You may recall that last year Microsoft hopped into Infrastructure 2.0 with its Dynamic Datacenter Toolkit (DDTK) with the intention of providing a framework through which data center infrastructure could be easily automated and processes orchestrated as a means to leverage auto-scaling and faster, easier provisioning of virtualized (and non-virtualized in some cases) resources. You may also recall a recent F5 Friday post on F5’s Management pack capabilities regarding monitoring and automatic provisioning based...
Salesforce and Google have teamed up with VMware to promote cloud portability but like beauty that portability is only skin deep. VMware has been moving of late to form strategic partnerships that enable greater portability of applications across cloud computing providers. The latest is an announcement that Google and VMware have joined forces to allow Java application “portability” with Google’s App Engine. It is important to note that the portability resulting from this latest partnership and VMware’s previous strategic alliance formed with Salesforce.com will be the ability to deploy Java-based applications within Google and Force.com’s...
There’s a growing focus on PaaS (Platform as a Service), particularly as Microsoft has been rolling out Azure and VMware continues to push forward with its SpringSource acquisition. Amazon, though generally labeled as IaaS (Infrastructure as a Service) is also a “player” with its SimpleDB and SQS (Simple Queue Service) and more recently, its SNS (Simple Notification Service). But there’s also Force.com, the SaaS (Software as a Service) giant Salesforce.com’s incarnation of a “platform” as well as Google’s App Engine. As is the case with “cloud” in general, the definition of PaaS is varied and depends entirely on to whom...
In the networking side of the world, vendors often seek to differentiate their solutions not just based on features and functionality, but on form-factor, as well. Using a descriptor to impart an understanding of the deployment form-factor of a particular solution has always been quite common: appliance, hardware, platform, etc… Sometimes these terms come from analysts, other times they come from vendors themselves. Regardless of where they originate, they quickly propagate and unfortunately often do so without the benefit of a clear definition. A reader recently asked a question that reminded me that we’ve done just that...
Microsoft Dynamic Infrastructure Toolkit for Systems Center (DIT-SC) is hopping forward, literally, into the network. With or without established standards, this dog is going to hunt. It takes time to develop standards, something we often overlook. When the foundational standards upon which the Internet were being developed there were (almost) no users, no broadband, and no real urgency to get something available. The adoption of disruptive, highly volatile technologies such as virtualization and cloud computing result in an environment in which today’s standards groups are not afforded the luxury of time. Organizations want, nay they need, standards...
Surprised? I was, but I shouldn’t have been. While working on other topics I ran across an interesting slide in a presentation given by Microsoft at TechEd Europe 2009 on virtualization and Exchange. Specifically the presenter called out the average 12% overhead incurred from the hypervisor on systems in internal testing. Intuitively it seems obvious that a hypervisor will incur overhead; it is, after all, an application that is executing and thus requires CPU, I/O, and RAM to perform its tasks. That led to me to wonder if there was more data on the overhead from other...
Which of course are like Ogres. They’re big, chaotic, and have lots of layers of virtualization. In discussions involving cloud it is often the case that someone will remind you that “virtualization” is not required to build a cloud. But that’s only partially true, as some layers of virtualization are, in fact, required to build out a cloud computing environment. It’s only “operating system” virtualization that is not required. Problem is unlike the term “cloud”, “virtualization” has come to be associated with a single, specific kind of virtualization; specifically, it’s almost exclusively used to refer...
Microsoft has made some fairly substantial changes to the core architecture of Exchange 2010. Given that messaging can only be described as business critical today, it’s no surprise that many new aspects of Exchange 2010 and in particular its new architecture are designed to improve availability and management of its messaging systems. Exchange 2010 includes many changes to its core architecture. In Exchange 2010, new features such as incremental deployment, mailbox database copies, and database availability groups work with other features such as shadow redundancy and transport dumpster to provide a new, unified...
Cloud computing management functionality and standards are right now laser-focused on virtual machines, and most APIs include the ability to stop,start,launch,etc…at that level of the infrastructure. This is because the application is still insulated by its virtualized environment. The “depth” of management and standards efforts today stops at the hard shell of the virtualization layer and leaves the soft, chewy application center alone. This means nothing is really all that different for developers. But it could, and some might argue should, be different. The development of a web-application for a cloud computing environment today is really...
You can address the problem of converting smart quotes – and any other content - in your application if you control the code. What if you’re using third-party software for which you do not have the code? Or what if it is your code but the “defect” is so low on the priority list that you won’t get to it until the year 2020?
Dealing with Microsoft smart quotes is a fact of life for developers. Almost every developer out there has a server-side script/function they use to strip them out of user-generated content and replace them with web-friendly HTML...
“Where are you storing your data these days,” he asked casually after trying to come up with a better opening line but failing. “Ah, dahhling,” she drawled while gesturing in no particular direction with an almost deprecating wave of her hand. “The Cloud, where else?” Thanks to the nearly constant misapplication of the phrase “The Cloud” and the lack of agreement on a clear definition from technical quarters I must announce that “The Cloud” is no longer a synonym for “Cloud Computing”. It can’t be. Do not be misled into trying, it will only cause you...
Spectacular “cloud” failures over the past few weeks have raised the hue and cry for portability and interoperability across clouds for data.The problem is that the cry is based on the false assumption that a “cloud service” is the same as an “application service.” Apparently Microsoft felt Google and Amazon were getting too much attention with their recent outages and decided to join the game. The absolute loss of data for thousands lots and lots of T-Mobile Sidekick users is regrettable and yes someone needs to address such issues but that someone is not a standards group or...
First, everyone needs to calm down. Twitter.com itself was not breached. According to Evan Williams as quoted in a TechCrunch article, the attack did not breach Twitter.com or its administrative functions, nor were user accounts affected in any way. So everyone can just stop with the “Twitter needs to revamp its security!” and “Twitter isn’t secure” headlines and articles because it’s not only blatantly wrong, it’s diverting attention that should be devoted to the real problem: e-mail and account self-service. THE E-MAIL FACTOR What was compromised remains somewhat of a mystery. Following through the...
The consensus seems to be, at least from the myriad surveys, studies, and research, that cloud as a model is the right answer, it’s just the location that’s problematic for most organizations. Organizations aren’t ignoring reality; they know there are real benefits associated with cloud computing. But they aren’t yet – and may never be – willing to give up control. And there are good reasons to maintain that control, from security to accountability to agility. But the “people” still want the benefits of cloud, so the question is: how do we put...
ArsTechnica has an interesting little article on what Windows Azure is and is not. During the course of discussion with Steven Martin, Microsoft's senior director of Developer Platform Product Management, a fascinating – or disturbing in my opinion – statement was made: There is a distinction between the hosting world and the cloud world that Martin wanted to underline. Whereas hosting means simply the purchase of space under certain conditions (as opposed to buying the actual hardware), the cloud completely hides all issues of clustering and/or load balancing, and it offers an entirely virtualized...
Cloud computing and virtualization promises to revolutionize the architectural principles of the data center. Shared resources enable efficiency, but ultimately the dynamism required to achieve such gains in efficiency will cause chaos in a variety of other functions throughout IT. The CIO is in for a rocky road unless a broader set of IT management vendors pave the way for a smooth ride. The (In)accuracy of Forecasting in a Dynamic Environment Organizations rely on the ability to forecast project costs and anticipated ROI in order to prioritize and set budgets for coming years. Many IT project management...
The webification of applications over the years has led to the belief that client-server as an architecture is dying. But very few beliefs about architecture have been further from the truth. The belief that client-server was dying - or at least falling out of favor - was primarily due to fact that early browser technology was used only as a presentation mechanism. The browser did not execute application logic, did not participate in application logic, and acted more or less like a television: smart enough to know how to display data but not smart enough to do anything...
It has been suggested more than once, by folks normally considered rational, that in a cloud computing implementation everything - and I mean everything - should be virtualized. Even the infrastructure. The hype surrounding virtualization has spread not just to applications and their virtual image deployment as a means to achieve dynamic horizontal scale but also to infrastructure, to routers and switches and security devices. Indeed, there are a good number of infrastructure vendors currently offering and others feverishly working on virtual appliance versions of hardware devices for deployment in cloud and virtual computing environments. Part...
Over the holidays I did, as most folks I suspect, things I enjoy doing. For me, one of those things was playing around with Adobe's Flex using Flex Builder 3. Yes, I am that much of a geek. I was a bit concerned it would take some time to figure it all out, but after quickly realizing that MXML, Adobe's interface markup language, was close enough to XAML, Microsoft's interface markup language, it was pretty much smooth going. ActionScript is close enough to JavaScript and C and most other languages I'm familiar with so that...
As an application delivery solution provider focused on securing, accelerating, and optimizing web applications, we pay a lot of attention to web application development trends. Languages, environments, and technologies are all of significant interest because in many cases the decisions regarding development affect the security and performance of applications deployed in production. AJAX-based applications, for example, can have a significant impact on performance of the application and on the network (and vice-versa), so we pay attention to its adoption and use and are always looking for new ways to secure and accelerate applications using the technology. ...
Wesley: Now, there may be problems once our app is in the cloud.
Inigo: I'll say. How do I find the data? Once I do, how do I integrate it with the other apps? Once I integrate it, how do I replicate it?
If you remember this somewhat altered scene from the Princess Bride, you also remember that no one had any answers for Inigo. That's apropos of this discussion, because no one has any good answers for this version of Inigo either. And no, a holocaust cloak is not going to save the day this...
It is often the case that application server clustering and load-balancing are mistakenly believed to be the same thing. They are not. While server clustering does provide rudimentary load-balancing functionality, it does a better job of providing basic fail-over and availability assurance than it does load-balancing. In fact, load balancing has effectively been overtaken by application delivery, which builds on load balancing but is much, much more than that today. Clustering essentially turns one instance of an application server into a controlling node, a proxy of sorts, through which requests are funneled and then distributed amongst several...
How the cloud acts and is used is more important than where it physically resides Cloud computing and SOA suffer from the same lack of prescriptive architectures. They are defined by how they act rather than what they are, or from what they are composed. They are, in a way, existential technology that cannot be confined to a simple architectural diagram but require instead a set of properties or ways of acting in order to be recognized. To over simplify and paraphrase Jean-Paul Sartre's concepts of existentialism, we define ourselves (mankind) through our actions. To apply this to...
Managing a heterogeneous infrastructure is difficult enough, but managing a dynamic, ever changing heterogeneous infrastructure that must be stable enough to deliver dynamic applications makes the former look like a walk in the park. Part of the problem is certainly the inability to manage heterogeneous network infrastructure devices from a single management system. SNMP (Simple Network Management Protocol), the only truly interoperable network management standard used by infrastructure vendors for over a decade, is not robust enough to deal with the management nightmare rapidly emerging for cloud computing vendors. It's called "Simple" for a reason, after all. And...
One password to fool them all One password to find them One password to steal them all and in the ether become them [with many apologies to J.R.R. Tolkien] For years we've had it beat into...
Not every infrastructure vendor needs new capabilities to support cloud computing and infrastructure 2.0. Greg Ness of Infoblox has an excellent article on "The Next Tech Boom: Infrastructure 2.0" that is showing up everywhere. That's because it raises some interesting questions and points out some real problems that will be need to be addressed as we move further into cloud computing and virtualized environments. What is really interesting, however, is the fact that some infrastructure vendors are already there and have been for quite some time. One thing Greg mentions that's not quite accurate (at least...
Silverlight, if you recall, appears to be Microsoft's answer to Adobe's AIR platform. Microsoft released Silverlight 2.0 today, as expected. Part of the big exciting news is that you can now code up Silverlight applications in Eclipse. Yeah, not kidding. I know, you just hit weather.com too and checked to see what the temperature was. But seriously, Microsoft is fully supportive of the Eclipse environment for Silverlight despite its own support with its own free tool, Visual Web Developer Express. I haven't checked out the Eclipse version yet, so I'll be interested to see it and hear how...
I spent a big chunk of time a few nights ago discussing neural networks with my oldest son over IM. It's been a long time since I've had reason to dig into anything really related to AI (artificial intelligence) and at first I was thinking how cool it would be to be back in college just exploring topics like that. Then, because I was trying to balance a conversation with my oldest while juggling my (fussy) youngest on my lap, I thought no, no it wouldn't. Artificial neural networks (ANN) are good for teaching a system how to...
Darren Jefford has an excellent (and detailed with code examples) post Related Posts regarding what could easily be categorized as cloudbursting with BizTalk workflows. In a nutshell, Microsoft allows hosting of BizTalk activities in the cloud at BizTalk labs. Developers then integrate those...
Desktop virtualization. Virtual desktops. Application streaming. Whatever you want to call it makes no nevermind to me because the problem driving the entire concept is gone. Eradicated. Made irrelevant by the cloud. Made irrelevant by cloudware, SaaS (Software as a Service), and the ubiquitous browser. I cannot count the number of times I've heard complaints about some form of desktop virtualization/application streaming in the past. It's slow. The server died in the middle of my exam. It's slow. There are no more licenses left. It's slow today (why do you add "today", it's slow every day!). Sensing a...
There has been much fervor around the outages of cloud computing providers of late, which seems to be leading to an increased and perhaps unwarranted emphasis on SLAs the likes of which we haven't seen since...well, the last time the IT saw outsourced anything reach the hype-level of cloud computing. Consider this snippet of goodness for a moment, and pay careful attention to the last paragraph. From Five Key Challenges of Enterprise Cloud Computing I won’t beat the dead “Gmail down, EC2 down, etc down” horse here. But the truth of the...
For those of you unfamiliar with the idiom, it should be taken to mean "benefiting one at the expense of another." In this case, Paul is the end-user and Peter is the server administrator. Or better yet, Paul is the browser and Peter is the server. All web browsers, including IE (Internet Explorer), impose a per-server connection limit was imposed to reduce overload on servers. This was introduced back when the web was exploding and browsers opened up connections willy-nilly and made server operators cry. Often. The limitation imposed by IE (two connections per host) was harsher...
My brother sent over a question to Don and I on a coding problem he's having. Yes, most of my family members are geeks, thank you. You can probably blame that on my COBOL-coding mother. In any case, his signature always contains this lovely quote from Brian Kernighan: Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. That got me thinking about network topology and...
As I was reading the Internet this morning I happened across an article with "Tips for Optimizing Your WAN (Wide Area Network)" and I thought, "Huh. That's pretty ... generic." While the article uses SAP applications as an example, it speaks in terms of generalities. Selective ACKs, quality of service, data reduction techniques, and HTTP compression. That's when I said, "Whoop de doo." Really, these techniques have nothing to do with SAP and applications and everything to do with packets. Every WAN and acceleration solution can do this stuff. I'm not really picking...
Apache is a great web server if for no other reason than it offers more flexibility through modules than just about any other web server. You can plug-in all sorts of modules to enhance the functionality of Apache.
But as I often say, just because you can doesn't mean you should.
One of the modules you can install is mod_security. If you aren't familiar with mod_security, essentially it's a "roll your own" web application firewall plug-in for the Apache web server.
Some of the security functions you can implement via mod_security are:
Simple filtering
...
Of all the reasons you need an application delivery controller capable of bi-directional inspection of application data this is one of the best. I was trying to check out the results of a poll on PollDaddy.com and ended up with this beautiful Microsoft .NET error page, filled with so much valuable information that potential attackers must even now be laughing in that "evil genius" laugh you so often hear in retro-cartoons. This error page tells me so many things about the application, it's environment, and its associated infrastructure that it should be a crime to let this information...
I ran across an interesting site containing an algorithm that predicts your sex based on browser history. This algorithm uses demographics from popular sites, determines which popular sites you have visited by digging through your browser history, and then predicts what gender you are based on your browsing habits. This algorithm sounds a lot like an adaptation of the Turing Test. But instead of predicting which of two participants in the test is human, this one predicts what gender they are. The Turing Test has long been the standard for judging the intelligence of a computer system, even...
No one questions the need to secure applications today, we just argue over how we should do it. Let's take a break for a minute from that debate to ensure that we don't get so focused on layer 7 (application) that we forget about the rest of the stack and the importance of securing it as well. Just as a chain is only as strong as its weakest link, an application is only as secured as its most vulnerable layer in the stack. If your application is well secured, but the network layer (IP) is wide...
I've been cruising around trying to understand Microsoft's Silverlight platform, after a post on Slashdot regarding ARAX (Asynchronous Ruby and XML) and the possibility (or is it probability) that developers will be able to natively use Ruby on the desktop rather than translating their Ruby code into JavaScript. After ending up at the developer documentation I finally "get" it. From "Getting Started with Silverlight" XAML is a declarative markup language that you can use to define the UI elements for your Silverlight-based application. When you create a new Visual Studio project, a Page.xaml file is created...
At Web 2.0 Expo Microsoft essentially stole the show with the introduction of its Live Mesh platform. Live Mesh is, essentially, an integration hub that incorporates and manages Internet connected devices that today are unrelated and managed individually using open standards. Microsoft might not like the term "integration hub", but that's basically what it is. Yes, on the surface it's a platform that enables inter-device communication and seamless access to a variety of services, but under the hood it's got to be doing some pretty complex integration work. While Microsoft plans on using open standards, that doesn't mean...
