I will try to be more short than yesterday or this blog will seem a boring book instead a blog :-) I hope to achieve it...
We have started the day with a session named Managing Microsoft Data Centers - Operational Excellence provided by John Dwyer, Area Data Center Manager International. He has introduced the point of view of Microsoft about how to build, deploy and operate a Data Center focusing on the reduction of costs and energy. He has provided some metrics and examples from Microsoft and the Top Ten Best Practices in their Data Centers:
-
Optimize the design to assess multiple factors.
-
Optimize provisioning for maximum efficiency
and productivity. -
Monitor and control data center performance in real time.
-
Make data center operational excellence part of organizational culture.
-
Measure power usage effectiveness (PUE).
-
Use temperature control and airflow distribution.
-
Eliminate the mixing of hot and cold air.
-
Use effective air-side or water-side economizers.
-
Engineer the data center for cost and energy efficiency.
-
Share and learn from industry partners.
(No, I didn't copy all of them during the session, I just got a photo of the slide with my phone...)
You can get more info about Microsoft Data Centers on this white paper.
For the second session we have decided to go to the auditorium to see in action one of the best Microsoft's gurus on security: Steve Riley. His presentation had a title very interesting: 21st Century Networking - Throw away your medieval gateways.
It is very difficult to try to explain a Steve Riley presentation or try to extract a list of topics, tips or something similar, as a good guru he likes to talk about conceptual and visionary ideas about the future of the business. In this case his presentation could be resumed on the following: throw away your firewalls and base all your networking security on the ISA servers installed in your infrastructure and Vista features installed on your client machines (IPv6, IPSEC, DNS SSL, etc., etc.).
This idea can result absurd but if you take into account that the future of the industry will be the cloud computing, this point of view get more sense.
In the image, Riley using his tabled PC to explain the communication between a Vista client and an enterprise network without firewalls.
PowerShell V2 - the next stage in the IT revolution session. It was very impressed to see the new version of PowerShell, specially if you just scripting using WMI or VBScript like me. The presenter shown some examples using VBScript and PowerShell and the difference is incredible, more than 20 lines of code on the first one and just ONE line with PowerShell. The version 2 will be included in Windows 7 and in the server core of Windows Server 2008 R2. The most relevant features could be:
-
Power GUI (special attention to the GridView tool)
-
Production Scripting (accept transactions as SQL, special attention to modules, native code and debugger too)
-
Universal Automation Environment (support a wide range of OS, authentication methods and programmatic languages)
Next session: Migrating and managing IIS Web Farms. This session explained how to automate the code migration and manage the changes on the web farms using the new features included in IIS 7.0 (supported by Windows Server 2008).
To use these new features we have to build an environment with the following components: on front of our production environment (behind the firewall between our network and the Internet) we have the Application Request Routing (ARR) servers, they run as a Load Balancer accepting the requests from customers and redirecting them to the production farm, then our production farm that includes the web-farm, SQL servers and a new server named UNC that manage the configuration changes on the web servers. Staging farm would have the same configuration and it would be separated by the production one by a firewall.
Developer creates the code package and uploaded it to a server named MS Deploy that replicates and synchronizes the package in all staging web servers, when the code has been tested on staging it is replicated by MS Deploy to production farm. UNC server is in charge to replicate the configuration between all servers in a same environment. Any changes on the IIS configuration in one of the web servers is replicated by UNC to the rest of the farm. The shared configuration is stored in a file named ApplicationHost.config in UNC server.
So we have three new important concepts:
-
UNC - Put the same configuration on various servers, keep config in sync, stage and rollback server changes
-
MS Deploy - Simplify the packaging and deployment using IIS Manager and Visual Studio 10
-
ARR - Server farm that receive the client request and redirect them to web servers. You can put a hardware LB before them if you want
We have finished the day attending to other session conducted by other of the best Microsoft gurus in Security: Jesper M. Johansson. The session title was very original: Naked Dancing Pigs and Werner Heisenberg: How Security Changes Everything.
Like with Steve Riley, it is very difficult to get a list of concepts or tips when you attend a session of Jesper Johansson, his session has been focused on the main target of malware and security attacks: the final user.
So the only way to increase the security on the net would be doing the following:
-
Enable people to make intelligent security decisions
-
Work through people, not around them
-
For every design decision analyze whether
-
This helps customers protect themselves
-
Hinders customers from protecting themselves
-
Has no impact on customer protection
-
I have tried to be short but... it is impossible with all the interesting sessions that we have attended today.
Regarding to Steve Riley and Jesper Johansson I have enjoyed their sessions so much that I have bought the book that they are wrote together in the book seller stand: Protect Your Windows Network - from perimeter to data
No hay comentarios:
Publicar un comentario