Wednesday, July 30, 2014

What is SCCM?

SCCM  provides:
 An installation mechanism for all types of software
- Applications
- Operating System deployments
- OS and Application Updates (patching)
 Software distribution – gets the software to where the computers are
 Portals to allow users to initiate software installation
 Malware mitigation (endpoint protection)
 Asset data collection (inventory) – hardware and software details in depth, including software usage (metering)
 Software asset analysis – including some license management
 Configuration policy verification and enforcement – settings management, including power settings, firewall policies, and roaming user configuration
 Wake-on-LAN – the ability to powers up computers when needed
 Network Access Protection
 Remote control
This is a lot for any system, and all of these are done on a wide diversity of devices on almost any scale in often complex environments. Given all that, it shouldn’t surprise anyone that there are opportunities for improvement. That’s why Microsoft frequently provides new releases and encourages a strong partner ecosystem.Specific ConfigMgr features that are sometimes challenging and often cause concern within organizations:
1. Content Distribution
- Competition with other uses for Wide Area Network (WAN) links can cause conflicts with other business priorities. Traditional approaches of restricting SCCM traffic to avoid that problem can cause deployments to take too long
- Organizations with many locations, as in dozens to thousands, find that the standard Distribution Point model introduces single points of failure, can be difficult to keep running reliably, as well as being costly to deploy
2. Software Asset Management
- ConfigMgr does an excellent job of collecting a wide variety of asset data but its features for turning data into practical information and actions are limited
3. Self-Service Application Portal
- SCCM 2012 embraces a user-centric model but its end-user portal provides only basic features and often does not meet the expectations of today’s sophisticated users and administrators
4. PC Power Management
- SCCM enables the deployment of power management
policies and the collecting of state data but it does little more to maximize power savings
5. Wake-on-LAN
- Waking sleeping computers is a powerful mechanism to expedite computer management and improve end-user productivity, but ConfigMgr wake-on-LAN often does not work well in production environments
6. Operating System Deployment
- Operating System Deployment (OSD) takes many steps and requires a wide variety of resources, making it especially
complex. This is especially true in some scenarios such as organizations with numerous remote locations or where it can be difficult to justify deploying costly server infrastructure

Saturday, July 26, 2014

x86 Server Virtualization Infrastructure

At least 70% of x86 server workloads are virtualized, the market is mature and competitive, and enterprises have viable choices.

Citrix is focusing its energies on making XenServer an attractive hypervisor for two markets: cloud infrastructure (optimizing integration with its own CloudPlatform offering); and desktop virtualization (supporting its market-leading XenDesktop and XenApp offerings, particularly in the area of graphics processing unit [GPU] virtualization)

Oracle VM is Oracle's implementation of the Xen hypervisor, which leverages intellectual property tied to Oracle Linux and was also put together based on intellectual property acquired from Sun Microsystems and Virtual Iron, which also had Xen-based offerings. Oracle has further integrated these technologies into a more coherent and packaged solution with the Oracle VM 3.2 release in 2013 (and an update release is imminent).

Oracle VM is managed by Enterprise Manager 12c, Oracle's system management product. Enterprise Manager can monitor and manage the entire stack — from applications to infrastructure — allowing application and platform administrators to get contextual insight into their virtualization environment. Enterprise Manager 12c also acts as the service delivery platform for cloud services, such as IaaS, leveraging the infrastructure and virtualization resources provided by Oracle's VM product portfolio. 

This portfolio includes Oracle VM (an x86 architecture product, based on Xen); Oracle VM Server for SPARC (based on Sun Logical Domain [LDOM] technology); Oracle Solaris Zones (Oracle has changed the Solaris Containers' product name to Oracle Solaris Zones); Oracle Linux Containers; and potential software appliances using Oracle VM, storage and other related virtualized infrastructures.

Oracle still favors Oracle VM for software licensing and pricing — for example, with processor pinning (allowing the specification of a limited number of processors being used by a VM, which can reduce software costs when live migration is not required). This approach and flexibility do not extend to the Hyper-V certification.

Parallels now offers a virtualization suite consisting of three virtualization packages: Parallels Containers (for Windows and Linux); Parallels Cloud Server (which includes Parallels Containers, Parallels Hypervisor and Parallels Cloud Storage); and Parallels Automation for Cloud Infrastructure (including Parallels Cloud Server and service provider tools).

The Parallels Containers product allows applications to run in lightweight, separate containers, offering processor affinity and memory protection and isolation. Compared with hypervisor-based solutions, the Parallels Containers offering enables much-higher server densities and can reduce OS software and administration costs. The Parallels Containers product also offers portability and live workload migration. The whole architecture of containers enables a workload and container to spin up faster with less performance overhead than VM solutions.

Parallels Cloud Server also includes Parallels Server Bare Metal, enabling service providers to offer traditional VMs on the same physical node as containers. Parallels Cloud Server combines Parallels Containers and Parallels Hypervisor with Parallels Cloud Storage to enable a complete high-availability solution on commodity hardware by creating a cloud storage pool from existing server hard drives.

vSphere 5.5 in September 2013, including scalability improvements (for example, broader reach for the vCenter Server Appliance), an expanded vSphere Web Client for management, Virtual SAN, server-side caching (vFlash), 62TB Virtual Machine Disks (VMDKs). Furthermore, the vCenter Site Recovery Manager (SRM) now works with Storage DRS and Storage vMotion.


Thursday, July 24, 2014

Storage Concepts

Ø  Storage Tier
0 - Special Functionality
1 - Enterprise (15,000 rpm)
2 - Modular (10,000 rpm)
3 - General Purpose (7,200 rpm SATA)
Connectivity Tier :
A - Fibre Attached
B - iSCSI Attached (not yet available)
C - NAS (not yet available)


Ø  A SAN uses the SCSI(Small Computer Storage Interconnect) and FC (Fibre Channel) protocols to move data over a network and store it directly to disk drives in block format

Ø  Benefits of a SAN:
·         Removes the distance limits of SCSI-connected disks
·         Greater performance
·         Increased disk utilization
·         Higher availability to storage by use of multiple access paths
·         New disaster-recovery capabilities
·         Online recovery:
·         Reduction of servers
·         Increased input/output (I/O) performance and bulk data movement
·         Nondisruptive scalability
·         Storage on demand

What Makes a SAN ?

Ø  The parts: All the hardware you use to create a SAN; the switches, cables, disk arrays, and so forth
·         HBA , GBIC, Fiber-optic cables,
·         Hubs, Switches, Gateway, Router.
·         Storage arrays, Modular arrays, Monolithic arrays

Ø  The protocols: The languages that the parts use to talk to each other
·         Fibre Channel protocol, SCSI protocol

Ø  Modular arrays
·         Modular arrays come with shelves that hold the disk drives. Each shelf can hold between 10 to 16 drives Modular arrays usually fit into industry-standard 19" racks
·         Modular arrays almost always use two controllers with separate cache memory in each controller,and then mirror the cache between the controllers to prevent data loss. Mostmodern modular arrays have between 16 and 32GB of cache memory
Ø  Monolithic arrays
·         Monolithic arrays have many controllers, and those controllers can share direct access to a global memory cache (up to hundreds of gigabytes) of fast memory. This method of sharing access to a large global or monolithic cache is why these arrays are also called monolithic.


Ø  Gigabit Interface Converter (GBIC)
·         The GBIC is formally known as a transceiver;it can be a transmitter and a receiver.it has a laser inside that converts billions of digital bits into light pulses to be transmitted over optical fiber.In older HBAs, the transmission device was called a Gigabit Link Module (GLM) .two kinds of GBICs, defined by the wavelength of light that the laser inside generates: short-wave (500 m) and long-wave (10 km).


Ø  Cables
·         9μm, 50μm, and 62.5μm.
·         When 9μm cables are used to transmit data over long distances, they’re called dark fiber cables. That’s because you cannot see the laser light being transmitted with the naked eye, and if you ever did look into one of these cables, it would fry your eyeballs. Single-mode optical signals can travel much farther than multimode signals.
·         Cable connectors come in two different types. An SC connector (SC stands for Subscriber connector) is the standard optical connector for 1Gbit Fibre Channel. An LC connector (LC stands for Lucent connector) is standard for 2Gbit and 4Gbit Fibre Channel cable.

Ø  N_Ports (node ports), L_Ports (loop ports), G_Ports (global ports), F_Port (fabric port), FL_Port (fabric-to-loop port), E_Port (switch-to-switch expansion port) or a T_Port ( Trunk port), NL_port (node-to-loop port),

Ø  The disks inside a disk array are first arranged into RAID sets and then sliced up into partitions. The partitions are then assigned a LUN, and the LUN is assigned to a server in the SAN.


Ø  The WWN of the storage array is known as the World Wide Node Name or WWNN. The resulting WWN of the port on the storage array is known as the World Wide Port Name or WWPN.

Ø  no more than seven servers allocated per storage port (again, this is for each Gbps of bandwidth,but this is still a pretty good rule of thumb for even faster SAN components).Using this configuration allows those seven servers to share the connection and therefore the bandwidth of the storage port. This is commonly called the fan-in ratio of the storage port.

Ø  Having too many servers per port also means each port has only so many I/O operations it can support at one time (the maximum queue depth of the port). Most current storage arrays support at least 256 queues per port (some support 512). So if you want each server to be able to queue up 32 I/O operations at one time (which is a good best practice), limit the number of servers to eight per port (256/32 = 8). Most HBA vendors configure the default queue depth for their HBA drivers at 32 anyway, so this is a good default fan-in ratio for server-to-storage port.

Ø  An Infiniband adapter is called an HCA, or Host Channel Adapter; an iSCSI network card is called a TOE adapter, or TCP/IP Offload Engine adapter.

Ø  Multipathing Solutions:
·         Hewlett- Packard AutoPath, SecurePath
·         Microsoft MPIO
·         Hitachi Dynamic Link Manager
·         EMC PowerPath
·         IBM RDAC, MultiPath Driver
·         Sun MPXIO
·         VERITAS Dynamic Multipathing(DMP)


Ø  Zoning is also important because it can be used to keep storage of various servers separate from each other, keep SAN traffic localized within each zone, and separate different vendor storage arrays in the same fabric.zoning can be used as a method of making the SAN more secure.
Soft zoning: Zones are identified by World Wide Name

Hard zoning: Zones are identified by physical switch port

HDD Types

SCSI
Ø  Small Computer System Interface, or SCSI (pronounced scuzzy[1]), is a set of standards for physically connecting and transferring data between computers and peripheral devices. The SCSI standards define commands, protocols, and electrical and optical interfaces. SCSI is most commonly used for hard disks and tape drives, but it can connect a wide range of other devices, including scanners and CD drives. The SCSI standard defines command sets for specific peripheral device types; the presence of "unknown" as one of these types means that in theory it can be used as an interface to almost any device, but the standard is highly pragmatic and addressed toward commercial requirements.
Ø  SCSI is an intelligent, peripheral, buffered, peer to peer interface. It hides the complexity of physical format. Every device attaches to the SCSI bus in a similar manner. Up to 8 or 16 devices can be attached to a single bus. There can be any number of hosts and peripheral devices but there should be at least one host. SCSI uses hand shake signals between devices, SCSI-1, SCSI-2 have the option of parity error checking. Starting with SCSI-U160 (part of SCSI-3) all commands and data are error checked by a CRC32 checksum. The SCSI protocol defines communication from host to host, host to a peripheral device, peripheral device to a peripheral device. However most peripheral devices are exclusively SCSI targets, incapable of acting as SCSI initiators—unable to initiate SCSI transactions themselves. Therefore peripheral-to-peripheral communications are uncommon, but possible in most SCSI applications. The Symbios Logic 53C810 chip is an example of a PCI host interface that can act as a SCSI target.


SAS
Ø  Serial Attached SCSI (SAS) is a computer bus used to move data to and from computer storage devices such as hard drives and tape drives. SAS depends on a point-to-point serial protocol that replaces the parallel SCSI bus technology that first appeared in the mid 1980s in data centers and workstations, and it uses the standard SCSI command set. SAS offers backwards-compatibility with second-generation SATA drives. SATA 3 Gbit/s drives may be connected to SAS backplanes, but SAS drives may not be connected to SATA backplanes.

SATA

Ø  Serial ATA (SATA or Serial Advanced Technology Attachment) is a computer bus interface for connecting host bus adapters to mass storage devices such as hard disk drives and optical drives. Serial ATA was designed to replace the older ATA (AT Attachment) standard (also known as EIDE). It is able to use the same low level commands, but serial ATA host-adapters and devices communicate via a high-speed serial cable over two pairs of conductors. In contrast, the parallel ATA (the redesignation for the legacy ATA specifications) used 16 data conductors each operating at a much lower speed.
Ø  SATA offers several advantages over the older parallel ATA (PATA) interface: reduced cable-bulk and cost (reduced from 80 wires to seven), faster and more efficient data transfer, and hot swapping.
Ø  The SATA host adapter is integrated into almost all modern consumer laptop computers and desktop motherboards. As of 2009, SATA has replaced parallel ATA in most shipping consumer PCs. PATA remains in industrial and embedded applications dependent on CompactFlash storage although the new CFast storage standard will be based on SATA.[2][3]

iSCSI

Ø  In computing, iSCSI (pronounced /aɪˈskʌzi/ "eye-scuzzy"), is an abbreviation of Internet Small Computer System Interface, an Internet Protocol (IP)-based storage networking standard for linking data storage facilities. By carrying SCSI commands over IP networks, iSCSI is used to facilitate data transfers over intranets and to manage storage over long distances. iSCSI can be used to transmit data over local area networks (LANs), wide area networks (WANs), or the Internet and can enable location-independent data storage and retrieval. The protocol allows clients (called initiators) to send SCSI commands (CDBs) to SCSI storage devices (targets) on remote servers. It is a popular Storage Area Network (SAN) protocol, allowing organizations to consolidate storage into data center storage arrays while providing hosts (such as database and web servers) with the illusion of locally-attached disks. Unlike traditional Fibre Channel, which requires special-purpose cabling, iSCSI can be run over long distances using existing network infrastructure.

Saturday, July 19, 2014

Intel VT

Ø  Intel Virtualization Technology (VT). Formerly known as Vanderpool, this technology enables a CPU to act as if it were several CPUs working in parallel, in order to enable several operating systems to run at the same time in the same machine.


Ø  You may confuse virtualization with multitasking or even with Hyper-Threading. On multitasking, there is a single operating system and several programs running in parallel.  On virtualization, you can have several operating systems running in parallel, each one with several programs running. Each operating system runs on a “virtual CPU” or “virtual machine”. And Hyper-Threading simulates two CPUs where there is just one physical CPU for balancing performance using SMP (Symmetric Multi Processing), and these two CPUs cannot be used separately.

Ø  Of course if a CPU has both Hyper-Threading and Virtualization Technology each virtual CPU will appear to the operating system as if two CPUs are available on the system for symmetric multiprocessing.

Ø  If you pay close attention, Virtualization Technology uses the same idea of Virtual 8086 (V86) mode, which is available since 386’s. With V86 mode you can create several virtual 8086 machines to run DOS-based programs in parallel. With VT you can create several “complete” virtual machines to run full operating systems in parallel.

Ø  CPUs with Virtualization Technology have some new instructions to control virtualization. With them, controlling software (called VMM, Virtual Machine Monitor) can be simpler, thus improving performance compared to software-only solutions.

Ø  How It Works

Ø  Processors with Virtualization Technology have an extra instruction set called Virtual Machine Extensions or VMX. VMX brings 10 new virtualization-specific instructions to the CPU: VMPTRLD, VMPTRST, VMCLEAR, VMREAD, VMWRITE, VMCALL, VMLAUCH, VMRESUME, VMXOFF and VMXON.

Ø  There are two modes to run under virtualization: root operation and non-root operation. Usually only the virtualization controlling software, called Virtual Machine Monitor (VMM), runs under root operation, while operating systems running on top of the virtual machines run under non-root operation. Software running on top of virtual machines is also called “guest software”.


Ø  To enter virtualization mode, the software should execute the VMXON instruction and then call the VMM software. Then VMM software can enter each virtual machine using the VMLAUNCH instruction, and exit it by using the VMRESUME. If VMM wants to shutdown and exit virtualization mode, it executes the VMXOFF instruction.

Amazon Web Services

Ø  Amazon Machine Images (AMIs) contain pre-configured software such as an operating system, application server, and applications. You use these templates to launch your server instances,

Ø  Amazon Elastic Compute Cloud (Amazon EC2) is an Amazon Web Service (AWS) you can use to access servers, software, and storage resources across the Internet in a self-service manner.

Ø  A security group defines firewall rules for your instances. These rules specify which incoming network traffic is delivered to your instance.

Ø  An Amazon EBS volume serves as network-attached storage for your instance.

Ø  Terminating an instance effectively deletes it.This differs from stopping the instance; you are still charged for a stopped instance, and you can restart a stopped instance.

Ø  Amazon EBS volumes can persist even after your instance goes away. If you created and attached an EBS volume in the previous step, it was detached when you terminated the instance.

Ø  Amazon Virtual Private Cloud (Amazon VPC). Amazon VPC is a web service that enables you to create a virtual network topology—including subnets and route tables—for your Amazon Web Services (AWS) resources.VPC to leverage advanced networking features such as private subnets, outbound security group filtering, network ACLs, Dedicated Instances, and VPN connections.

Ø  Connectivity from lab/development VPCs to Expedia's network is setup using secure IPSec VPN tunnels, as is production connectivity from all Amazon regions except US East.  Production connectivity between Amazon's US East region and Expedia's data centers in Phoenix and Chandler is via AWS Direct Connect.  Direct Connect uses dedicated 10Gb circuits between Expedia's data centers and the AWS US East region, decreasing Expedia's bandwidth costs and making for more consistent network performance.All inbound communications from AWS are subject to firewall restrictions; communications are denied by default.

Ø  EC2 Linux instances can use LDAPS to authenticate users and groups against Expedia's Active Directory domains, relieving the need to manage separate user accounts or LDAP directories.  Development EC2 instances will authenticate using SEA domain users and groups while production EC2 instances will authenticate using EXPESO domain users and groups.

Ø  The AWS Management Console Gateway (http://awsportal) enables the use of SEA domain accounts and groups for federated authentication and authorization to the AWS console, removing the need to manage users and groups in Amazon Identity and Access Management (IAM).  This portal can be used with all accounts, not just those with VPCs connected to Expedia's network.

Ø  Name resolution services are available for EC2 instances in AWS.  These DNS servers host secondary (read-only) copies of Expedia DNS zones.

Ø  Elastic IP addresses are static IP addresses designed for dynamic cloud computing. Additionally, Elastic IP addresses are associated with your account, not specific instances. Any Elastic IP addresses that you associate with your account remain associated with your account until you explicitly release them. Unlike traditional static IP addresses, however, Elastic IP addresses allow you to mask instance or Availability Zone failures by rapidly remapping your public IP addresses to any instance in your account.



Profile, Environment and Performance Management

AppSense Environment Manager enables you to control and manage all levels of user access to the desktop and server environment of your organization by providing easy to configure GUI-driven logon processes, comprehensive application lockdown capabilities and self healing for enforcing your policies.

The AppSense Environment Manager system consists of the AppSense Environment Manager console and the Environment Manager Agent. The console is an administrative tool to create and manage configurations. The Agent resides on the controlled computers and receives configurations from the AppSense deployment system to manage the machine and user environment. Environment Manager can operate either in Standalone or Full Deployment modes. In Standalone Mode, the console saves its settings directly to the local system. In Full Deployment mode, multiple configurations can be deployed to the controlled computers in a variety of formats depending on your system requirements. This guide describes the use of AppSense Environment Manager in Standalone Mode.

AppSense Performance Manager provides workload management of network bandwidth, CPU and memory resources. Performance Manager also provides automated application memory optimization, which significantly reduces page file usage, leading to significant increases in system capacity.

There are 4 key components to an AppSense Application Manager solution –
Agent that sits on every virtual desktop.
Profile server(s) that these agents communicate with (runs on Windows Server)
Microsoft SQL Server which the profile servers use to host all volatile / configuration data (runs on Windows Server).
Management Centre (an optional service that supports agent deployment and configuration management). This service component is not currently in scope, but if it does get adopted in the future it also need to run on a Windows server with access to a back end supporting SQL Server database.
It is proposed to leverage the same SQL Server database deployed in support of the Broker (Desktop Delivery Controller) and Virtualisation Management (Virtual Centre) services above.
It is proposed to run instances of the profile server on every shared Desktop Delivery Controller/Virtual Centre/Environment Manager server as detailed above.

Azure Active Directory vs. On-Premises Active Directory

Ø  Active Directory capabilities that are part of Windows Server actually include several different roles,
o   Active Directory Certificate Services (AD CS),
o   Active Directory Lightweight Directory Services (AD LDS),
o   Active Directory Federation Services (AD FS),
o   and Active Directory Rights Management Services (AD RMS)
When you think about Active Directory you're talking about a true directory service that has a hierarchical structure (based on X.500) that uses DNS as its locator mechanism and can be interacted with via LDAP. In addition, Active Directory primarily uses Kerberos for authentication. Active Directory enables organizational units (OUs) and Group Policy Objects (GPOs) in addition to actually joining machines to the domain, and trusts are created between domains.
Azure AD, while having some aspects of a directory service, is really an identity solution and allows users and groups to be created but in a flat structure without OUs or GPOs. You can't join a machine to Azure AD.
Azure AD is focused around identity throughout the Internet, where the types of communication are typically limited to HTTP (port 80) and HTTPS (port 443) and are used by all types of devices—not just corporate assets.

Authentication is performed through a number of protocols such as SAML, WS-Federation, and OAuth. It's possible to query Azure AD but instead of using LDAP you use a REST API called AD Graph API. These all work over HTTP and HTTPS.

Monday, July 7, 2014

Citrix Receiver 4.x

Citrix Receiver 4.1 facts
- Has the ability to create start menu shortcuts using publish settings
- Has the ability to create a folder in the start menu and in there all apps
- Has the ability to create apps in add/remove programs
- The self-service plug-in can be pre-configured through command line or GPO
- The self-service plug-in can use single sign-on (SSON), admin rights required
- Applications can be auto applied and soon also as mandatory apps
Requires Citrix StoreFront to work properly
- Works internal and external when StoreFront is configured with a Gateway
- Uses SSO internal but show two way authentication from external if configured
- Through beacons differentiates between internal- and external network
- Can be auto provisioned with a provision file

What needs to be better with Receiver?

  • The whole single sign-on is quite complex to configure and needs to be easier
  • Citrix needs to think more of customer using Receiver on unmanaged devices. Self-service is for the cloud and there I cannot set group polices on the device.
  • The previous is also true for other settings. In early days you could change centrally the ica template and things worked at the client even unmanaged. Now client seamless flags can only be set by gpo
  • The self-service plug-in needs to be constantly quick. If a user double clicks the Receiver icon then the Window must come right away and not minutes later.
  • The start menu integration update is quite slow if it works at all. For an update re-install Receiver!?
  • The Receiver settings are quite hidden and a pain to open. Sometimes I think they recompile Receiver each time I want to go into settings, especially if you have more plug-ins loaded
  • Mandatory apps, notification messages, auto launch I mean, hello this is a very old story!
  • Company branding? Why not uploading customizations with the provision file? All Receiver look the same as my company, not as Citrix!
  • GPO is the way Citrix goes? Then why isn't there a real gpo to allow client mappings instead of registry hacks? This is causing a lot of issues with users.   
  • Install, upgrade and especially uninstall must work easily and not by a bunch of manual tasks and afterwards the Citrix Cleanup Utility
  • Citrix should make sure Receiver works with other components like VDA. Cross testing? Does that anyone at Citrix?

Nutanix

Ø  The Nutanix Virtual Computing Platform is a converged infrastructure solution that consolidates the compute (server) tier and the storage tier into a single, integrated appliance. The Nutanix Virtual Computing Platform integrates high-performance server resources with enterprise-class storage in a cost-effective 2U appliance. It eliminates the need for network-based storage architecture, such as a storage area network (SAN) or network-attached storage (NAS).

Ø  Each Nutanix node runs an industry-standard hypervisor and a Nutanix controller VM, which handles all I/O operations for the local hypervisor. Storage resources are exposed to the hypervisor through traditional interfaces, and are pooled and made available to all VMs. The Nutanix Distributed Filesystem (NDFS) is at the core of the Nutanix Virtual Computing Platform. It manages all metadata and data, as well as enables all core features. NDFS is the software-driven architecture that connects storage, compute resources, controller VM, and the hypervisor.

Ø  Nutanix sells server nodes with local storage built-in, but their magic is in the software that combines all the storage of all the nodes into a single giant storage pool, with any data from any node available from any server. They have a master-less architecture with no concurrency locking, and they can support advanced VMware features like vMotion.

Ø  All of the nodes are completely seamless. The fact there are four per 2U appliance is just a form factor. Each node runs VMware ESXi and acts as your VM host, and then a controller VM running on each node acts as the iSCSI interface to the storage and basically turns the whole thing into a distributed SAN. There's a 10gig Ethernet connection for the storage traffic which is separate from the regular network traffic. The controller VM decides where in the system to place the data. There's always one copy local plus another copy somewhere else in the cluster. Nutanix calls this "Cluster RAID," and it's fully compatible with VMware HA and vMotion. There's a distributed cache using the Fusion-io with SSD, as well as a persistent SATA tier.

Ø  Then the distributed MapReduce system does all the maintenance for them. Everything is completely transparent, and the whole system is lock-free and everything can be concurrent. There's no single master and no shared cache. They have true scale-out with their storage metadata (which lives on every node), and the system continues to scale as you add more nodes.



Microsoft Technology Associate

Ø  Microsoft has devised a Microsoft Technology Associate (MTA) program for those that are new to IT, seeking to enhance skills in a different area of expertise, or looking to change careers. MTA is a starting point and gives the achiever a certification paper to show a fundamental understanding of technologies in specific areas. Tracks are like 101-type courses, giving the essential, entry-level knowledge to shift into an explicit area.

Ø  Passing just one exam is all it takes to receive an MTA, and the full spectrum of MCSE and MCSD tracks are available to get started. Those include:

o   Desktop Support
o   Desktop and Device Cloud, Mgmt, Data and Applications Mgmt, Network or Server Administration
o   Data Platform, Business Intelligence
o   Web Application Development
o   Windows Store Apps using HTML5
o   Windows Store Apps using C#
o   Application Lifecycle Management
o   Gaming Development



Mobility Information

Ø  VMware plans to use AirWatch to build a workspace aggregator, complementing its desktop virtualization and SaaS application management technologies.
Ø  Good is best known for its containerized PIM functionality through the Good for the Enterprise (GFE) product.
Ø  Good's Secure PIM (i.e., email, calendar, contacts) is the most mature in terms of features among the EMM vendors offering proprietary PIM clients.
Ø  MaaS360 provides good laptop management functionality, based on its long-standing client management product and MDM, which provides basic MDM policy management for Windows 8.1 devices and, to a lesser extent, Mac OS X.
Ø  Converged endpoint management = unified device management = Unified Endpoint Management
Ø  LD Mobility Manager is one of the few products in the market to offer integrated EMM and service desk.
Ø  MobileIron is the only vendor in the EMM market that demonstrates real-time remote-view capabilities on iOS.
Ø  SAP Mobile Secure is a suite of products that includes Afaria (MDM), SAP Mobile App Protection by Mocana (for mobile application management) and SAP Mobile Documents (for mobile content management).
Ø  Mobile Secure is a good fit for companies that own SAP products and value the extension of those products within a single vendor's offering, although the product does not require an existing SAP back end.
Ø  Sophos is a good fit for organizations looking for integrated EPP and EMM from the same console. It is also the only vendor to feature a form of digital rights management (DRM) as a core component to its mobile content management application.
Ø  Tangoe's self-service procurement, asset management and activation capabilities are among the best in class

Ø  Enterprise mobility is evolving from a special-purpose IT discipline into a general-purpose IT practice.

Citrix product names and functionality

A Handy Guide for people looking to soup up there Knowledge of Citrix products.

Citrix XenDesktop 7 = the product which combines VDI (XenDesktop) and server based computing (XenApp) in a single SKU with various editions. The name XenApp was basically killed by Citrix in last release.  
Citrix XenDesktop = the VDI solution of Citrix. Since XenDesktop 7.5 a separate product for delivering virtual desktops. Citrix un-killed XenApp because the naming XenDesktop for two solutions was very confusing for customers.
Citrix XenApp = the new name for formerly known as WinFrame, MetaFrame and Presentation Server. Does application virtualization (Server Based Computing). The name was killed by Citrix since XenDesktop 7 and XenApp features were added to XenDesktop suite 7.0 However now again available as XenApp 7.5.
Citrix XenApp AppCenter = management console to centrally manage XenApp center using a single console.
Citrix Provisioning Services (PVS) = a solution to stream an operating system to a server over the network. The advantage is to be able to use a single image for multiple servers. Originally developed by Ardence.
Citrix Receiver = agent software required to handle published applications or desktops running on Citrix XenApp. Used to be named ICA client in the past.
Citrix Independent Computing Architecture (ICA)  = protocol developed by Citrix to transfers display information, mouse, keyboard and device info over the network between server and client.  
Citrix High Definition eXperience (HDX) = a set of technologies to improve the user experience on XenApp and XenDesktop
Citrix FrameHawk = a technology (not a product) to improve user experience when using WiFi. It will be embedded in HDX in use by XenApp and XenDesktop. More here.
Program Neighborhood Agent or PNagent = old name for Citrix Applications. It was a client used to launch XenApp applications from a launchpad. Did not offer  integration with Windows start menu.
XenApp Plugin = agent installed on client OS which adds published applications to the start menu for seamless integration with local installed applications.
Citrix Web Interface = a web portal which is able to publish applications and desktops to users connecting from the Internet. Announced end of life and does not support recent Citrix software. StoreFront is successor.
Citrix XenMobile Device Manager = software installed on Windows Server to perform mobile device management. Software was acquired from Zenprise. Is used in a MDM scenario where device is owned by organization, Provides full control over device. Apps are pushed to device.
Citrix XenMobile App Controller = an appliance based on Linux running as a virtual machine. It is responsible for application aggregation to mobile devices. It is able to publish mobile apps, SaaS apps, web URLs and XenApp or RDS published desktops and applications.  Requires Citrix NetScaler.
Citrix Secure Gateway = free software solution which offers ICA-proxy connections over SSL. Required to offers applications and desktops to internet users, in combination with Netscaler, Access Gateway and StoreFront/Webinterface. Secure Gateway 3.3 is supported up to 2016(XenApp 6.5)
Citrix NetScaler = application delivery controller. Has many functions like ssl vpn, load balancing, application performance enhancement, application security. Available as hardware and software appliance. Available in three editions.
Citrix NetScaler Gateway, formerly Citrix Access Gateway (CAG) Enterprise Edition.
Citrix StoreFront =  Portal for publishing XenDesktop and XenApp desktops and applications. Successor of Citrix Web Interface which will be end of life 2015.
Citrix Independent Management Architecture (IMA) = Citrix ‘housekeeping’ architecture. IMA is not a product but a protocol and a database which is used to communicate information about licenses, policies, sessions and server loads between servers in a Citrix farm. 
Citrix FlexCast Management Architecture (FMA) =  replacement of IMA. Introduced in XenDesktop 7. XenApp 7.5 will now use FMA instead of IMA. FMA is an architecture to deliver virtual desktops, apps and hosted shared desktops. More info here and here 
Citrix Desktop Studio =  Microsoft Management Console 3.0 (MMC) based management console used to configure and manage XenDesktop 5 sites
Citrix Studio =  Microsoft Management Console 3.0 (MMC) based management console used to configure and manage XenDesktop 7 and 7.5 sites
Citrix Worx Home. An app which is installed on mobile devices. Worx Home connects to XenMobile Device Manager and XenMobile App Controller
Citrix Worx Store = not a product but the name of the apps catalogue available once Worx Home has been installed on a mobile device. Available apps and applications are published by AppController.
Citrix WorxMail = secure mail client for iOS and Android. Uses micro-VPN to communicate with mailserver. Does encryption. IT department can control data (like wipe it when device is stolen)
Citrix WorxWeb = secure webbrowser for iOS and Android.
Citrix ShareFile = Dropbox for the enterprise. IT is able to provide access to files to mobile devices while keeping control.
Citrix CloudGateway = not a product but a bundle of products.
  • Citrix CloudGateway Express includes StoreFront Services and Access Gateway
  • Citrix CloudGateway Enterprise  includes StoreFront Services, Access Gateway  and  AppController

XenDesktop 7 App edition = the replacement of XenApp 6.5. Server Based Computing. Able to offer desktops and published applications
Citrix AppDNA = analyzes the dependencies of Windows and web applications. Usefull for migration for one Windows Server or Desktop platform to another. Also make clear dependencies on other applications. It reports if an application will run on another platform.
Citrix Profile Management = tool for management of Windows profiles. Available for customers having SA on XenApp or XenDesktop.
Citrix XenDesktop Director = troubleshooting webbased tool for XenDesktop 7 and higher targeted at helpdesks. EdgeSight is part of the solution. More info here
Citrix CloudBridge = WAN optimizer.
Citrix CloudPlatForm = an opensource cloud management platform. Able to manage different hypervisors.
Citrix EdgeSight = Performance analyzer. Included in some editions of XenApp and XenDesktop. Can for example be used to determine cause of slow login times.
Citrix XenServer = the hypervisor of Citrix for Intel and AMD platforms.
Citrix XenClient = a type 1 client hypervisor. Typically installed on desktops and laptops. Images can centrally be managed.
Citrix VDI-in-a-Box =  software appliance deployed as a VM supporting XenServer, Hyper-V and VMware ESXi. Allows for simplified deployment of VDI without the need for shared storage.
Citrix GoToMeeting = service which enables webinars, online meetings with ability to share desktop, presentations, have chats etc.
Citrix Application Streaming = end of life product. Did application streaming like Microsoft App-V.
Citrix Resource Manager = end of life. Part of Presentation server. Resource Manager collects, displays and stores data about system performance, applications or process use.