George Chetcuti, Author at TechGenix

Is Windows Azure feasible?

George Chetcuti Blog / By George Chetcuti / April 1, 2011

The answer to this question is not easy and I reckon that no one should try to answer it for you without having full knowhow and understanding of your present IT infrastructure! Your organization needs to research the Cloud Infrastructure and related costs and finally compare the results against the on-premise setup. The research should include hands-on experience and test runs of some of the organizations’ critical services with adequate sample data. To help you with the feasibility study Microsoft has made available an online Total Cost of Ownership (TCO) calculator:
“Use the Windows Azure platform TCO calculator, and in 10 minutes or less, you’ll see how Windows Azure compares to on-premises solutions, quantify migration costs, and get a pricing overview.”
This is a recommended starting point, why? Since, getting migration and operational costs at an early stage can help senior management to decide whether moving or not to the Cloud (in this specific case to Azure). This would save the IT team from conducting further research and training on the specific solution if the decision by senior management is a no-go! They can skip to next solution or provider. So, I suggest do the costs homework first!
The costs calculator will help you determine the right Windows Azure Platform and provide a pricing overview, help you quantify the migration costs to the Cloud infrastructure and application delivery costs.
The cost analysis are based on the company’s industry, location, services/applications required and specs, user requirements, user and application growth and foreseeable intermittent spikes, etc. As you can see, the tool gathers quite a number of elements in order to compute an accurate estimate. The Windows Azure platform TCO calculator can be found here.

Perceived Security

George Chetcuti WS Blog / By George Chetcuti / March 24, 2011

The perceived security of some major entities may fail if tested, quite recently NASA's security was challenged and found to lack some bolts! On February 23, a 26 year old Texas developer was charged of hacking into NASA's networks. The federal court is charging him of wire fraud and computer hacking! He is accepting all charges. Apparently this was not the only cybercrime this individual was up to. In fact, he is also charged of manipulating Digital River's SWReg systems as to credit his account to an approximate amount of $275,000 over a period of one year. SWReg pays independent software developer royalties to their submitted code.
The NASA incident occurred once where he managed to get access to two servers at the flight center in Greenbelt, Maryland. The hacked servers gathered data sent from satellites so that the scientific community could retrieve oceanographic data against a paid membership. The cybercriminal did not gain any financial income from this attack but has caused NASA approximately $43, 000 to fix the damage and caused a long down time for the 3,300 paid members of NASA. Such a criminal faces a potential maximum penalty of 20 years in prison on the wire fraud and 10 year on the computer hacking charge!
According to official reports there was an increase of 23% of cybercrime in 2009 than the previous year where the estimated dollar loss from such activity reached about $569 million. Mainly, there are two lessons to be learned here, first is that cybercrime activity will continue to increase and will get more effective, and secondly we are seeing more big

Network Monitor OneClick

George Chetcuti Blog / By George Chetcuti / March 23, 2011

OneClick version of Network Monitor is a quick solution that allows you to capture network traffic from a Windows computer without the need of installing the complete Network Monitor package. Still, you need Network Monitor installed on a separate computer in order to able to analyze the saved data. This tool is useful for customer support scenarios.
The two One Click Packages available are the Autorun package and the ExtractOnly package. Autorun: Running this utility will install Network Monitor 3.1 (NM3.1) on your machine (if you do not already have a previous version of NM3) and begin capturing. The capture will terminate after 2 hours, or if you press the 'x' key on your keyboard. If you did not have NM3 on your machine previously, NM3.1 will subsequently be uninstalled.
– Save the Autorun.exe file to your machine, right click on the exe and select "Run as administrator".
ExtractOnly: Use the ExtractOnly package if you want to save the OneClick utility to a portable device, e.g., a USB key and later run the tool on a different machine. The extract only package will extract all the necessary files needed to run One Click to a user-specified destination folder. If you place the files on the root of a flash drive, One Click will run automatically when you insert the drive. You can also run One Click by double clicking the file "OneClick.cmd" in the destination folder.
– For ExtractOnly.exe, right click on the file OneClick.cmd which is extracted to your destination folder, and select "Run as administrator".

Note, if you get an "Access Denied" error when running the utility then you need to run One Click as an administrator. In addition, you can run OneClick if NM3 is already installed or you are a member of the Netmon Uses group.

Privacy by Design – Part 5

George Chetcuti WS Blog / By George Chetcuti / March 22, 2011

For practices requiring choice, companies should offer the choice at a time and in context in which the consumer is making a decision about his or her data
As we have seen in Part 4 of Privacy by Design, the lengthy privacy choices can be omitted for commonly accepted practices but what is the recommended approach for those that fall outside this boundary. The choice has to be meaningful through clear and concise questions, and at a time and in a context in which the consumer is making a decision about his or her data. For example, in online activity the disclosure and control mechanism should appear clearly on the page on which the consumer type in his or her personal information whereas in offline, the disclosure and consumer control should take place at the point of sale such as, having the cashier ask the customer whether he/she would like to receive marketing offers from other companies. A typical situation is with social media services. If consumer information will be conveyed to third-party application developer, the notice-and-choice mechanism should appear at the time the consumer is deciding whether to use the application and in any event, before the application obtains his/her information. In the event where information sharing occurs automatically through a default setting, the consumer must be informed in plain English when he/she becomes a member of the service.
The commission believes that businesses that take a simplified approach to providing choices will not only help consumers make decisions during particular transactions but also will facilitate consum

Using NMCap to capture network data

George Chetcuti Blog / By George Chetcuti / March 21, 2011

The Network Monitor tool is not included with Windows default installations hence, you need to download it from Microsoft Download Center and run the installer on a target machine. The tool installs a network driver with each network adapter in order to be able to collect data. Using the equivalent command line tool NMCap requires you change directory to c:\Program Files\Microsoft Network Monitor 3\ which is the default installation folder. Then from the command prompt type:
Nmcap /? – to get a full list of options, for example:
Nmcap /network * /capture /file filename.cap – captures all traffic on all network interfaces and saves it to a file named filename.cap
Press Ctrl+C to stop the capturing process. You can then analyze the data captured using the Network Monitor tool by clicking the Open Capture button form the tool's main page.
Analyzing network data is best done expanding the frame details pane of the captured data as shown below:

Both the GUI Network Monitor and the command line NMCap require the Network Monitor driver to be installed hence, I suggest installing the complete tool prior to its usage. If your environment does not allow you to install the complete package, then another version exists which allows you to quickly capture traffic on a computer. Network Monitor OneClick which available from here, removes itself automatically once the capture is complete! Use the ExtractOnly package if you want to save the OneClick utility to a portable device, e.g., a USB key and later run the tool on a different machine.

Windows Performance Monitor

George Chetcuti Blog / By George Chetcuti / March 17, 2011

Performance Monitor is a great tool for identifying performance bottlenecks! You can identify the source of performance problems that make your system performs slow or sometimes completely unusable. Performance Monitor is best suited when you are collecting performance statistics over a period of time such as, when users on regular basis report system degradation at specific times. You can set a number of performance counters (system components to monitor) related to your specific problem as to allow Performance Monitor to collect and save these data. To use Performance Monitor go to Server manager, expand Diagnostics\Performance\Monitoring Tools and click Performance Monitor. By default the graph is empty that is, no counters are selected to run. You can add counters to the real-time graph by clicking the green plus button on the toolbar. In addition, you can display data from other computers on the network. When monitoring a large number of resources, the real-time graph may become cluttered even though each counter appears in different color, however, selecting on counter from the list below the chart and pressing Ctrl+H would show the selected counter in bold and black. Other options are available from the top menu such as, change graph type and freeze display.

Although, I recommend that you play around with Performance Monitor to get acquainted with the tool, I would like to mention a couple of useful features. For instance, to save performance data you need to right click the node Performance Monitor on the left hand side and select New\Data Collector Set and follow the Create new data Collector Set wizard. Right clicking the graph and selecting Properties will load the properties page where you can set most of the appearance options. However, an important option is found in the Source tab. When you have set Performance Monitor to save data to a file then the Source tab is the place to go to open that file as your data source. One last note which I find very

Trial run Windows Azure

George Chetcuti WS Blog / By George Chetcuti / March 16, 2011

Are you an MSDN subscriber? I can imagine that most of you somehow are connected to MSDN and enjoy the benefits it offers, however, Microsoft are now offering free compute hours on their Windows Azure infrastructure if you are an MSDN Premium or Ultimate subscriber. Check with your manager or superiors your subscription level and take advantage of this offer as to dirty yours hands with this Cloud technology!
"Windows Azure is an internet-scale cloud computing and services platform hosted in Microsoft data centers, which provides an operating system and a set of developer services which can be used individually or together. It gives developers the choice to build web applications; applications running on connected devices, PCs, or servers; or hybrid solutions offering the best of both worlds. New or enhanced applications can be built using existing skills with the Visual Studio development environment and the .NET Framework. With its standards-based and interoperable approach, the services platform supports multiple internet protocols, including HTTP, REST, SOAP, and plain XML."
The special offer consists of approximately $1800 worth of services annually. You will benefit from a 750 hours per month of free compute hours running an extra small scale instance, 10GB of free storage space and 1 million free transactions per month. This offer is adequate to run a small web application for free! In fact, this offer is very similar to Amazon's AWS Free Usage Tier. Competition is good, isn't?
Existing MSDN users can activate the trial run from their MSDN account while non-MSDN users can try a limited amount of the infrastructure through an introductory promotional offer. For more info about MSDN Windows Azure benefits go here.

Privacy by Design – Part 4

George Chetcuti WS Blog / By George Chetcuti / March 15, 2011

Companies should simplify consumer choice
The Commission's draft proposes a more simplified approach to offering and communicating privacy choices. We all know that none or few go through the lengthy and sometimes indecipherable privacy policy statements before buying a product or service. What we tend to forget is that our choice of buying or not the product or service must also depend on such policies. There may be one clause or notice that would influence our purchasing decision! The draft states that businesses need to provide consumers with meaningful choices while they can omit choices pertaining to commonly understood and accepted data practices.
Companies do not need to provide choice before collecting and using consumers' data for commonly accepted practices, such as, product fulfillment
The draft identifies five common accepted practices where companies should not be required to seek consent once the consumer elects to use the product or service in question:
Product and service fulfillment- where consumer's private data is collected during the ordering process such as, shipping and credit card details.
Internal operations – where consumers are asked to fill in customer satisfaction surveys from existing customers or the collection of websites visits and click through rates to improve site navigation.
Fraud prevention – where fraud detection services are used to monitor against fraud such as, checking drivers' licenses when consumers pay by check.
Legal compliance and public purpose – where businesses report a consumer's delinquent account to a credit bureau.
Fir

Windows Reliability Monitor

George Chetcuti Blog / By George Chetcuti / March 14, 2011

I rarely come across systems administrators that use Windows reliability monitor when troubleshooting server or client platforms! I guess we either completely forget about this tool or the issue at hand is so critical that the tool is unavailable or even inadequate. However, I do recommend administrators to become acquainted with Reliability Monitor and leverage the power of its graphical reporting mechanism. It is ideal when diagnosing intermittent and long-term problems. In a nut shell, the tool tracks the computer stability by keeping track of installations and failures that occur on the machine and rate this activity with a stability index. A stable system is rated with an index towards the value of 10 (optimal stability) while a system with more installations and failures may have its stability index dropping towards a minimum value of 0.
For example, supposedly your system is encountering an intermittent problem and you have no any clue if one of the couple of utilities installed recently is causing the intermittent fault. With Reliability Monitor you can quickly browse both failures and application installations over time and correlate the failures with an application installation! To open Reliability Monitor in Windows 2008 servers, open Server Manager, expand Diagnostics\Performance nodes and click on Monitoring Tools. From the right hand side click More Actions and select View system reliability…

The top portion of the chart of Reliability Monitor shows data for each day or week as set in the View by: option. The rows below the chart show icons for successful and unsuccessful software installations, application failures, hardware failures, windows failures and other problems. To view more details you can select one day from the chart and view the report below the chart.
Reliability Monitor data is collected by the Reliability Analysis Component (RAC) which runs once an hour as a hidden scheduled task. You can view this task by browsing to Configuration

Privacy by Design – Part 3

George Chetcuti WS Blog / By George Chetcuti / March 10, 2011

Companies should implement and maintain data management procedures
FTC suggests that the procedures a company puts in place to safeguard consumers privacy are to be practiced throughout the life cycle of the product or service they sell. The draft mentions training employees on consumer privacy policies and promote the awareness of privacy best practices within the company. Risk assessment programs help organizations to assess the privacy impact of specific practices, products and services while it ensures that they are following effective procedures to mitigate any risks. The size and scope of the programs should be appropriate to the amount of data, sensitivity of data and related risks, therefore, different organizations put in different levels of resources when implementing privacy programs. Some requirements are already defined in government and privacy acts (US).
The draft illustrates this principle with an example. The recent worldwide disclosure of US government information and other sensitive personal data were leaked through the P2P (peer-to-peer) file-sharing networks. This information became available because businesses allowed employees to download and use P2P at the workplace. No security controls were in place and no awareness programs were done. When businesses incorporate privacy and data security policies in their business processes they are mitigating these risks. Typically, after applying security policies, P2P software would be often disallowed or allowed to run a separate machine where no personal or sensitive data is stored. A similar policy would app