From: http://blog.mwpreston.net/2015/11/09/veeam-v9-what-we-know-so-far/
Unlimited Scale-out Backup Repository
This is perhaps one the biggest features included within v9 – all to often we see environments over provision the storage for their backup repositories – you never know when we might get a large delta or incremental and the last thing we want to have to do is go through the process of running out of space and having to provision more. In the end we are left with a ton of unused and wasted capacity, and when we need more instead of utilizing what we have we simply buy more – not efficient in terms of capacity and budget management. This is a problem that Veeam is looking to solve in v9 with their Unlimited Scale-out Backup Repository functionality. In a nutshell the scale-out backup repo will take all of those individual backup repositories you have now and group them into a single entity or pool of storage. From there, we can simply select this global pool of storage as our target rather than an individual repository. Veeam can then chose the best location to place your backup files within the pool depending on the functionalities and user-defined roles each member of the pool is assigned. In an essence it’s a software defined storage play, only targeted at backup repositories – gone are the days of worrying about which repository to assign to which job – everybody in the pool!
More Snapshot/Repository integration.
Backup and restore from storage snapshots is no doubt a more efficient way to process your backups. Just as Veeam has added support for HP 3PAR/StorVirtual and NetApp, we are now seeing EMC Dell thrown into that mix. As of v9 we will now be able to leverage storage snapshots on EMC VNX/VNXe arrays to process our backup and restores directly from Veeam Backup and Replication – minimizing impact on our production storage and allowing us to keep more restore points, processing them faster and truly providing us with the ability to have < 15 minutes RTPO.
On the repository end of things we’ve seen the integration provided for DataDomain and Exagrid – as of v9 we can throw HP StoreOnce Catalyst into that mix. Having a tighter integration between Veeam and the StoreOnce deduplication appliance provides a number of enhancements in terms of performance to your backups and restores. First off you will see efficiencies in copying data over slower links due to the source side deduplication that StoreOnce provides. StoreOnce can also create synthetic full backups by performing only meta data operations, eliminating the need to actual perform a copy of the data during the synthetic creation, which in turns provides efficiency to a very high i/o intensive operation. And of course, creating repositories for Veeam backups on the StoreOnce Catalyst can be done directly from within Veeam Backup & Replication, without the need to jump into separate management tools or UIs.
Cloud connect replication
Last year Veeam announced the Cloud Connect program which essentially allows partners to become somewhat of a service provider for their customers looking to ship their Veeam backups offsite. Well, it’s 2015 now and we now can see that the same type of cloud connect technology now is available for replication. Shipping backups offsite was a great feature, but honestly, being able to provide customers with a simple way to replicate their VMs offsite is ground breaking. Disaster Recovery is a process and technology that is simply out of reach for a lot of business – there isn’t the budget set aside for a secondary site, let alone extra hardware sitting at that site essentially doing nothing. Now customers are able to simply leverage a Veeam Cloud/Service Provider and replicate their VMs on a subscription based process to their data center.
DirectNFS
When VMware introduced the VMware API’s for Data Protection (VADP) it was ground breaking in what it provided vendors such as Veeam the ability to do in terms of backup VADP is the grounds to how Veeam accesses data in their Direct SAN transport mode, allowing data to be simply transferred directly from the SAN to the Veeam Backup and Replication console. That said VADP is only supported on block transports, limiting Direct SAN to just iSCSI and Fibre Channel. In true Veeam fashion when they see an opportunity to innovate and develop functionality where it may be lacking they do so. As of v9 we will now be able to leverage Direct SAN mode on our NFS arrays using a technology called DirectNFS. DirectNFS will allow the VBR console server to directly mount to our NFS exports, allowing Veeam to process the data directly from the SAN, leaving the ESXi hosts to do what they do best – run production!
On-Demand Sandbox for Storage Snapshots
The opportunities that vPower and Virtual Labs have brought to organizations has been endless. Having the ability to spin up exact duplicates of our production environments, running them directly from our deduplicated backup files has solved many issues around patch testing, application upgrades, etc. That said up until now we could only use backup files as the grounds for getting access to these VMs – starting with v9 we can now leverage storage snapshots on supported arrays (HP, EMC, NetApp) to create completely isolated copies of the data that resides on them. This is huge for those organizations that leverage Virtual Labs frequently to perform testing of code or training. Instead of waiting for backups to occur we could technically have a completely isolated testing sandbox spun up using Storage Snapshots in essentially, minutes. A very awesome feature in my opinion.
ROBO Enhancements
Those customers who currently use Veeam and have multiple locations we will be happy to hear about some of the enhancements that v9 has centering around Remote/Branch Offices. A typical configuration in deploying Veeam is to have a centralized console controlling the backups at all of our remote locations. In v8, even if you had a remote proxy and repository located at the remote office, all the guest interaction traffic was forced to traverse your WAN as it was communicated directly from the centralized console. In v9 things have changed – a new Guest Interaction Proxy can be deployed which will handle then handle this type of traffic. When placed at the remote location, only simple commands will be sent across the WAN from the centralized console to the new GIP, which will in turn facilitate the backup of the remote VMs, thus saving on bandwidth and providing more room for, oh, I don’t know, this little thing called production.
When it comes to recovery things have also drastically changed. In v8 when we performed a file-level recovery the data actually had to traverse our WAN twice – once when the centralized backup console pulled the data, then again as it pushed it back out to it’s remote target – not ideal by any means. Within v9 we can now designate and remote Windows server as a mount server for that remote location – when a File-level recovery is initiated the Mount Server can now handle the processing of the files rather than the backup console, saving again on bandwidth and time.
Standalone Console
“Veeam Backup & Replication console is already running” <- Any true Veeam end-user is sure to have seen this message at one time or another, forcing us to either find and kill the process or yell at someone to log off. As of v9 the Veeam Backup & Replication console has now been broken out from the Veeam Backup & Replication server, meaning we can install a client on our laptops in order to access Veeam. This is not a technical change in nature, but honestly this is one of my favorite v9 features. I have a lot of VBR consoles and am just sick of having all those RDP sessions open – this alone is enough to force me to upgrade to VBR v9 .
Per-VM backup files
The way Veeam is storing our backup files is coming with another option in version 9. Instead of having one large backup file that contains multiple VMs we can now enable what is called a “Per-VM backup file chain” option. What this does store each VMs restore points within the job in their own dedicated backup file. Some advantages to this? Think about writing multiple streams inside of parallel processing mode into our repositories – this technically should increase the performance of our backup jobs. Certainly this sounds like an option you may only want to use if your repository provides deduplication as you would lose the deduplication provided job-wide by Veeam if you have enabled this.
New and improved Explorers
The Veeam Explorers are awesome, allowing us to restore individual application objects from our backup files depending on what application is inside it. Well, with v9 we have one new explorer as well as some great improvements to the existing ones.
- Veeam Explorer for Oracle – new in v9 is the explorer functionality for Oracle. Transaction-level recovery and transaction log backup and replay are just a couple of the innovative features that we can no perform on our Oracle databases.
- Veeam Explorer for MS Exchange – We can now get a detailed export report which will outline exactly what has been exported from our Exchange servers – great for auditing and reporting purposes for sure! Another small but great feature – Veeam will no provide us with an estimation in terms of export size for the data contained in our search queries. At least we will have some idea as to how long it might take.
- Veeam Explorer for Active Directory – Aside from Users and Groups and the normal objects in AD we might want to restore we can now process GPO’s and AD-Integrated DNS Records). Oh, and if you know what you are doing Veeam v9 can also restore configuration partition objects (I’ll stay away from this one)
- Veeam Explorer for MS SQL – One big item that has been missing from the SQL explorer has been table-level recovery – in v9 this is now possible. Also in v9 is the ability to process even more SQL objects such as Stored Procedures, functions and views as well as utilize a remote SQL server as a staging server for the restore.
- Veeam Explorer for SharePoint – As much as I hate it SharePoint is still widely used, therefore we are still seeing development within Veeam on their explorer. In v9 we can process and restore full sites as well as site-collections. Also, list and item-level permissions are now possible to restore as well.
Veeam v9 New Features
From: http://blog.mwpreston.net/2015/11/09/veeam-v9-what-we-know-so-far/
Unlimited Scale-out Backup Repository
This is perhaps one the biggest features included within v9 – all to often we see environments over provision the storage for their backup repositories – you never know when we might get a large delta or incremental and the last thing we want to have to do is go through the process of running out of space and having to provision more. In the end we are left with a ton of unused and wasted capacity, and when we need more instead of utilizing what we have we simply buy more – not efficient in terms of capacity and budget management. This is a problem that Veeam is looking to solve in v9 with their Unlimited Scale-out Backup Repository functionality. In a nutshell the scale-out backup repo will take all of those individual backup repositories you have now and group them into a single entity or pool of storage. From there, we can simply select this global pool of storage as our target rather than an individual repository. Veeam can then chose the best location to place your backup files within the pool depending on the functionalities and user-defined roles each member of the pool is assigned. In an essence it’s a software defined storage play, only targeted at backup repositories – gone are the days of worrying about which repository to assign to which job – everybody in the pool!
More Snapshot/Repository integration.
Backup and restore from storage snapshots is no doubt a more efficient way to process your backups. Just as Veeam has added support for HP 3PAR/StorVirtual and NetApp, we are now seeing EMC Dell thrown into that mix. As of v9 we will now be able to leverage storage snapshots on EMC VNX/VNXe arrays to process our backup and restores directly from Veeam Backup and Replication – minimizing impact on our production storage and allowing us to keep more restore points, processing them faster and truly providing us with the ability to have < 15 minutes RTPO.
On the repository end of things we’ve seen the integration provided for DataDomain and Exagrid – as of v9 we can throw HP StoreOnce Catalyst into that mix. Having a tighter integration between Veeam and the StoreOnce deduplication appliance provides a number of enhancements in terms of performance to your backups and restores. First off you will see efficiencies in copying data over slower links due to the source side deduplication that StoreOnce provides. StoreOnce can also create synthetic full backups by performing only meta data operations, eliminating the need to actual perform a copy of the data during the synthetic creation, which in turns provides efficiency to a very high i/o intensive operation. And of course, creating repositories for Veeam backups on the StoreOnce Catalyst can be done directly from within Veeam Backup & Replication, without the need to jump into separate management tools or UIs.
Cloud connect replication
Last year Veeam announced the Cloud Connect program which essentially allows partners to become somewhat of a service provider for their customers looking to ship their Veeam backups offsite. Well, it’s 2015 now and we now can see that the same type of cloud connect technology now is available for replication. Shipping backups offsite was a great feature, but honestly, being able to provide customers with a simple way to replicate their VMs offsite is ground breaking. Disaster Recovery is a process and technology that is simply out of reach for a lot of business – there isn’t the budget set aside for a secondary site, let alone extra hardware sitting at that site essentially doing nothing. Now customers are able to simply leverage a Veeam Cloud/Service Provider and replicate their VMs on a subscription based process to their data center.
DirectNFS
When VMware introduced the VMware API’s for Data Protection (VADP) it was ground breaking in what it provided vendors such as Veeam the ability to do in terms of backup VADP is the grounds to how Veeam accesses data in their Direct SAN transport mode, allowing data to be simply transferred directly from the SAN to the Veeam Backup and Replication console. That said VADP is only supported on block transports, limiting Direct SAN to just iSCSI and Fibre Channel. In true Veeam fashion when they see an opportunity to innovate and develop functionality where it may be lacking they do so. As of v9 we will now be able to leverage Direct SAN mode on our NFS arrays using a technology called DirectNFS. DirectNFS will allow the VBR console server to directly mount to our NFS exports, allowing Veeam to process the data directly from the SAN, leaving the ESXi hosts to do what they do best – run production!
On-Demand Sandbox for Storage Snapshots
The opportunities that vPower and Virtual Labs have brought to organizations has been endless. Having the ability to spin up exact duplicates of our production environments, running them directly from our deduplicated backup files has solved many issues around patch testing, application upgrades, etc. That said up until now we could only use backup files as the grounds for getting access to these VMs – starting with v9 we can now leverage storage snapshots on supported arrays (HP, EMC, NetApp) to create completely isolated copies of the data that resides on them. This is huge for those organizations that leverage Virtual Labs frequently to perform testing of code or training. Instead of waiting for backups to occur we could technically have a completely isolated testing sandbox spun up using Storage Snapshots in essentially, minutes. A very awesome feature in my opinion.
ROBO Enhancements
Those customers who currently use Veeam and have multiple locations we will be happy to hear about some of the enhancements that v9 has centering around Remote/Branch Offices. A typical configuration in deploying Veeam is to have a centralized console controlling the backups at all of our remote locations. In v8, even if you had a remote proxy and repository located at the remote office, all the guest interaction traffic was forced to traverse your WAN as it was communicated directly from the centralized console. In v9 things have changed – a new Guest Interaction Proxy can be deployed which will handle then handle this type of traffic. When placed at the remote location, only simple commands will be sent across the WAN from the centralized console to the new GIP, which will in turn facilitate the backup of the remote VMs, thus saving on bandwidth and providing more room for, oh, I don’t know, this little thing called production.
When it comes to recovery things have also drastically changed. In v8 when we performed a file-level recovery the data actually had to traverse our WAN twice – once when the centralized backup console pulled the data, then again as it pushed it back out to it’s remote target – not ideal by any means. Within v9 we can now designate and remote Windows server as a mount server for that remote location – when a File-level recovery is initiated the Mount Server can now handle the processing of the files rather than the backup console, saving again on bandwidth and time.
Standalone Console
“Veeam Backup & Replication console is already running” <- Any true Veeam end-user is sure to have seen this message at one time or another, forcing us to either find and kill the process or yell at someone to log off. As of v9 the Veeam Backup & Replication console has now been broken out from the Veeam Backup & Replication server, meaning we can install a client on our laptops in order to access Veeam. This is not a technical change in nature, but honestly this is one of my favorite v9 features. I have a lot of VBR consoles and am just sick of having all those RDP sessions open – this alone is enough to force me to upgrade to VBR v9 .
Per-VM backup files
The way Veeam is storing our backup files is coming with another option in version 9. Instead of having one large backup file that contains multiple VMs we can now enable what is called a “Per-VM backup file chain” option. What this does store each VMs restore points within the job in their own dedicated backup file. Some advantages to this? Think about writing multiple streams inside of parallel processing mode into our repositories – this technically should increase the performance of our backup jobs. Certainly this sounds like an option you may only want to use if your repository provides deduplication as you would lose the deduplication provided job-wide by Veeam if you have enabled this.
New and improved Explorers
The Veeam Explorers are awesome, allowing us to restore individual application objects from our backup files depending on what application is inside it. Well, with v9 we have one new explorer as well as some great improvements to the existing ones.
Another layer of protection: Cryptolocker and other malware
Preventative Workstation protection:
This virus launches from a specific location on the workstation, thus it’s recommended to add a group policy setting to block it from Windows Vista/7/8 and from XP.
Use software restriction policies as follows:
Windows 7:
You can use Software Restriction Policies to block executables from running when they are located in the %AppData% folder, or any other folder. File paths of the infection are: C:\Users\User\AppData\Roaming\{213D7F33-4942-1C20-3D56=8-1A0B31CDFFF3}.exe (Vista/7/8)
Office 2013 Activation error of death solved!
O365 Office 2013 Activation error code 0x8004FC12
This is something that has been annoying me for a while. It only happens on my home computer and will not go away. I’ve tried reinstalling setting up new profiles, un-associating my personal O365 account, repairing Office. I even gave up and started using Office 2010.
The problem doesn’t occur on any of my other Windows 10 machines, yet a search on the Internet shows I’m not alone. All the forums show frustrated people trying everything, only to end up being told to reinstall a clean copy of Windows 10 (uhh…no).
Luckily, on a tangent day, I decided to check up on the error messages. To my surprise, I found a promising Microsoft article:
Are you ready for Windows 10?
Recently we started disabling the Windows 10 pop-ups for our MSP clients. We just feel that Windows 10 isn’t ready for the corporate environment. There are a few troubling things about it.
Home users appear to be enjoying Windows 10, but they aren’t worried about making money based on their computer working. Check back soon for more to come on this topic!
Where To Start With Infrastructure Monitoring
Recently I spent time revisiting our monitoring system. It needed a little bit of TLC and some of the staff wasn’t clear on exactly how it works and does its magic. As a follow-up, I thought it might be useful to write a little about monitoring. I mean, so what’s the point anyway?
Monitoring has evolved over the years. Especially with cloud computing and more resilient infrastructures. The tools have also progressed and I think it’s pretty clear that anyone deploying a serious monitoring system has long since abandoned the old-days of MRTG (http://oss.oetiker.ch/mrtg/), and mon (https://mon.wiki.kernel.org/index.php/Main_Page). Even the infamous and all power Nagios is falling by the wayside. Finally, on the other end of the spectrum is software like SMARTS (http://www.emc.com/it-management/smarts/index.htm) formerly System Management Arts.
A good monitoring tool starts with:
That’s really the nuts and bolts of it. After that, things get much more in-depth. For example, how the data is collected and what escalation rules can be applied when sending notifications, etc. In addition, what about correlating the data and setting dependencies? The feature list goes on and on.
Once the data is collected and made useful (graphs, excel, whatever) it opens up the doors to things outside of monitoring such as planning, troubleshooting, faster SLAs, etc.
So if you’re planning on doing a Performance Monitoring Project, think about what you want and a little bit about how you might get there. What makes a tool do performance and monitoring in one package? Explore what others have and how they have leveraged it to improve their SLAs, planning, troubleshooting etc. Finally, it would also be worth considering what software has been used in conjunction with Monitoring Software to leverage it even further.
I noticed our system works well and is now a mature deployment. Our challenges now revolve around making sure people really know how to leverage the data and continuously document and improve the system.
Remote Desktop Services
With businesses attaining more WAN bandwidth and businesses trust with hosted services increasing, Microsoft is investing heavily in Remote Desktop Services. Renamed from Terminal Services to Remote Desktop Services, it encompasses multiple ways to deliver application access from any location. Below, you will find information on some of the features and requirements in an RDS deployment.
MS RDS Blog
WAN Optimization
RDP Client / Server features cross reference
Why RDS?
Functions
On the surface, RDS can be broken down into 2 Functions: Session Hosts and Virtual Desktop Infrastructure (VDI). When breaking down the session hosts function further, we can include features such as RemoteApps and Remote Session Host (Terminal Services). Similarly, VDI provides us with Personal Virtual Desktops and Pooled Virtual Desktops.
Virtual Desktop Infrastructure
Personal Desktops
This is geared for full desktop replacement deployments. The user will treat this is as their own personal computer in a VM.
Pooled Desktops
Pooled desktops are similar to deploying VMs in an academic environment. This usually means the VMs are preinstalled with generic applications and users have full administrative access to install their custom applications. Of course, after they log off, the VM is reverted to it’s original state for the next user. An example usage would be to provide a pool of 10 Windows XP VMs for users to use intermittently due to legacy software incompatibilities.
Remote Session Host (aka Terminal Services)
Web Access – Single sign-on web portal showing RemoteApps
RemoteApp – A more seamless integration between remote applications and local desktop
Capacity Planning
Servers
It’s better to purchase 2 Server than it is to purchase 1 loaded with more memory. The reason is you can load balance between 2 RDS servers and the cost of smaller memory modules is a lot less than of larger ones. Scaling OUT instead of UP is more cost effective, increases Disk IO paths, and creates redundancy.
Processor
Unfortunately, adding processors isn’t a 1:1 improvement. Usually, going from 1 to 2 processors will achieve a 1.8:1 gain, while going from 2 to 4 processors will achieve a 1.65:1 improvement.
If you have each user session taking up 10% of CPU, then the server’s CPU can handle up to 10 users at full load. If you added more CPUs to get a total of 4 CPUs, it would be 10*1.8 (1 => 2 cpu)*1.65 (2 => 4 cpu) = 30 users total. As you can see, it’s not 40 users.
Memory
Usually, allocate about 500MB per session for a 64-bit OS. Of course, the best thing to do is to find the working set of a user’s session.
Hardware Integration
Enlightenments
This feature in Windows Server 2008, Vista+ coordinates actions with the hypervisor to make sure that they’re interacting with the hardware as efficiently as possible. The kernel basically only asks for instructions to be carried out within the confines of it’s child partition instead of all the partitions. It reduces wasted CPU usage.
VM integration components
These components accelerate VM access to devices. Without it, the VM will configure hardware device drivers with the emulated devices that the hypervisor presents to it.
SLAT
AMD-V Rapid Virtualization Indexing (RVI) and Intel VT Extended Page Tables (EPT)
Although running RDS in a VM isn’t a problem, it does take up additional CPU cycles to maintain a “shadow” page table. When this is updated in the VM, the Hypervisor has to update it’s “shadow” page table also. This can take away precious CPU cycles that will slow down your server. This is where SLAT-enabled processors mitigate this issue. It maintains the address mappings in hardware, not software. Just as hardware raid is file management using hardware, SLAT provides memory address management using hardware. In the end, both memory usage and processor overhead will decrease. This enables you to host more VM sessions by a factor of 1.6-2.5 times. It’s highly recommended to have this for memory intensive workloads like RDS, SQL, IIS, Exchange, etc.
Improved Application Compatibility
High-Fidelity User Experience
Exploring Malware Types
Malware is the term given to a set of software with one specific function: Malicious activity. Most users know of this danger as a “Computer Virus”, but the term virus these days has a very specific meaning. When we break down the dozens of terms given to Malware, we can build an understanding of the level of infection we face during the removal process.
Here are a few of the major types of Malware users should be aware of:
Trojan
Virus
Worm
Rootkit
Spyware
Ransomware
Adware
Bot
Zero Day Attack
With an understanding of the different types of Malware, we can hope to prevent further infection and reinfection, as well as build a background to understand the newest threats.
Server Rack Configuration
Proper server rack configuration is key for every business as it provides the technological backbone. There are many options for racks, rack components, and the way they are configured. In this blog post, I will discuss the various options and best practices.
Server rack options? There are a few options to choose from such as a 2 post rack, 4 post rack and rack enclosures. 2 post server racks are ideal for light equipment (E.g. patch panels, switches and firewalls.) They may also be used for heavier equipment when optional accessories are added such as Trays or conversion kits. Keep in mind, most of those 2 post rack systems can only support up to 1000lbs. 2 post racks are also cheaper than 4 post rack systems. 4 post racks cost more money but can support more equipment. The average 4 post rack system can support up to 3000lbs. You have the option of getting bare bone server rack which comes with no options and built in cable management or a 4 post rack enclosure which generally comes with features such as secure access and built in cable management. 2 post and 4 post racks also come in a variety of sizes such as 6U and up to 55U. Most common rack size used in most small/medium sized business are 42U (6 ½ ft.) and 3.5 ft. deep (4 post.)
What kind of rack should my business use? This all depends on several items; Business size / amount of equipment; Future expansion – you always want to plan for future growth; Available real estate – Server room size may not allow for certain racks; Environment – Do you have a secure server room? Does you need rack enclosure with a lock because your business does not have a server room? Remember, unauthorized access can cause damage to any business; Money – yes, in the end it comes down to how much money you may have available. So why, why all this need for server racks? Two simple reasons, organization and equipment security.
What is a U? A U is a rack unit – A rack mounted size described as a number in U. Most server racks have 1U markings along the posts to make mounting hardware easier/efficient.
How should the server rack be installed.. You should always examine the environment where the server rack will be placed. Find the cold/hot spots in the room and place the front of the rack facing the cold area to provide maximum cooling for your hardware. Ensure you also have enough space around the rack to conduct any service and don’t forget about doors/access panels that swing open. All server racks should be secured in some way. For 2 post rack systems, they should be bolted to the ground with a top ladder support heading out to the rear wall. 4 post rack systems can also be bolted to the ground but also come with screw out feet. Lastly, remember to ground your rack to an electrical panel or busbar. This task should be handled by an electrician.
How should I install my rack mounted hardware? This task can sometimes be confusing as there can be many devices to mount. Easiest solution is planning! Inventory your equipment and determine the space needed. I also recommend using Visio’s rack diagram as you can get a virtual view of your rack. Before you begin mounting big devices such as servers, you’ll want to mount any cable management options and power distribution units. When the time comes to mounting main devices, I follow one rule, heaviest items on the bottom. No one wants to pick up 50lbs UPS and mount it to the top or even the middle. Example of mounted devices from the bottom up: UPS, Servers, Video/input, switches, patch panels.
What management options can I get with a server rack? Some basic options include server rails, which allow you to pull out servers without having to completely remove them. Server rack trays/shelves can also be used for none rack mount compatible devices such as server towers. A must have in all server racks are cable management ducts. These can be installed on the side of racks or in between switches and patch panels. They provide a clean look and make management easier. 2 post server racks can also be fitted with 2 post rack adapters that allow full rack mount spec or 4 post systems to be mounted.
That’s all I have for now, hope this has helped those reading.
DNSChanger Malware on Monday, July 9th, 2012
If you’ve browsed Facebook or Google lately, you may have come across a few articles with the warning that “millions of Americans will lose their internet connections” on Monday, July 9th. Some articles claim this so-called ‘DNSChanger’ malware is set to go off like a timed bomb; others claim the FBI is forcefully causing the shutdown. Regardless of the reason, there has been much concern about a possible internet outage this Monday, and whether or not it affects you both at work and at home. All of us here at NetCal would like to save you the headache, and break down the facts from the fiction.
Q: Is this issue real?
A: Yes, but the facts are greatly distorted.
The ‘DNSChanger’ malware is not lying dormant on your computer until Monday, and the FBI is not cutting off your internet access forcefully. The malware was real however, and may have infected your computer 4-5 years ago.
Computers use something called a DNS (Domain Name System) in order to translate ‘internet names’ into ‘internet numbers’. When websites like ‘www.google.com’ are typed into your browser, a request goes to a server which translates the name into the proper IP address (74.125.224.65). Your computer is normally setup to acquire the DNS server automatically from your ISP (Internet Service Provider), or from a DNS server set up in your business.
The ‘DNSChanger’ malware, widely released in 2007, changed the settings on the computers it infected and redirected the DNS address to private servers run by scam artists and identity thieves. Instead of www.google.com translating to 74.125.224.65, it would translate to their private IP addresses instead!
The scam was so widespread (half a million computers infected in the US), the FBI was forced to get involved to shut the criminals down. The criminals were caught, their equipment confiscated, and computers were rid of the infection in record time. There was just one catch: Getting rid of the DNSChanger infection did not change the computer’s DNS settings back to normal!
The FBI decided to setup real DNS servers using the IP Addresses that the criminals used. In the end, even if you were infected by the malware, your internet access was no longer compromised. Fast forward 5 years later to 2012, and the FBI are now retiring these servers. As a result, the previously infected computers will be without DNS services.
Q: How can I find out if I was infected?
A: You can visit ‘dcwg.org’ and have your computer tested online.
Click on “Detect” towards the top and see if you are using the FBI’s DNS servers.
Q: How severe is this infection? Can it be fixed?
A: It is very quick to fix, and does not permanently harm any systems.
For more information please visit the following:
http://www.slashgear.com/dnschanger-malware-for-dummies-sophos-video-explains-it-all-06237487/
Exchange 2007-2010: Brief Overview of Changes
Exchange 2007
– Routing groups are tied with Active Directory sites and services
– Replication is done using Active Directory replicattion
– Bridgehead server role was eliminated and replaced with the Hub Transport seerver
– Outlook Web Access (OWA) was dramatically improved to similar to 32-bit version of Outlook
– Direct file access (Access shares on servers through OWA)
– OWA provides access to mailbox rules, out-of-office rules, provisioning of Mobile devices, access to digital rights managed content
– LCR – two databases replicated on separate drives on the same server
– CCR – users mailbox replication across servers and sites (fail-over and fail-back capabilities)
Exchange 2007 SP1
– Public folders available in OWA
– Standby Continuous Replication (SCR) allowed for offsite, over-the-wan replication of databases with 20 minute replication delays.
– Geo-cluster is possible for remote CCR
Exchange 2010
– Server Licensing
– Standard supports 5 database stores
– Enterprise supports up to 150 stores
– User Licensing (non-relating/exclusive to server licensing)
– Enterprise license provides unified messaging, per-user journaling for compliance support, and use of Exchange Server hosted services for message filtering
– No more Recovery Storage Groups (RSG)
– No more STM databases
– OWA enhanced features available to other browsers
– Database Availability Group (DAG, Basically CCR, No more LCR, CCR, SCR)
– Remote execution of EMS commands