Community

Citrix is Slow? How to Uncover the Real Cause and Prove It’s Not Citrix

Theresa Miller - 10 hours 43 min ago

As a Citrix administrator you are supporting architecture that can be complex, distributed and includes many interdependencies between the Citrix tiers and the supporting infrastructure. It is also extremely likely that you are supporting an environment with many different versions of the Citrix software.  Citrix is typically a performance-sensitive application. A problem anywhere in the Citrix […]

The post Citrix is Slow? How to Uncover the Real Cause and Prove It’s Not Citrix appeared first on 24x7ITConnection.

UK Citrix User Group Summer 2018 meeting – London

Citrix UK User Group - Sun, 04/22/2018 - 15:19

Our 25th XL event will take place in London on 12th June 2018 Venue Blue Fin Building (10th floor) 110 Southwark Street SE1 0SU London   Summer is around the corner ! We love the views from our spacious terrace …

Read more »

The post UK Citrix User Group Summer 2018 meeting – London appeared first on UK Citrix User Group.

Microsoft outage makes Cloud grey

Theresa Miller - Tue, 04/17/2018 - 05:30

Earlier this month, some Microsoft Cloud services had an unexpected outage. It didn’t affect all regions globally and wasn’t a direct services failure, but an issue with the authentication platform Azure Active Directory. The bad parts I noticed the issue when my phone popped up an error about being unable to sign-in to my Office […]

The post Microsoft outage makes Cloud grey appeared first on 24x7ITConnection.

Steps to Protect Virtual Machines Against Ransomware With Backups

Theresa Miller - Tue, 04/10/2018 - 05:30

Ransomware is no joke. Even those organizations who think their environments are up to date with patches and procedures have found themselves in a precarious position over the last few years. The simplest way to protect virtual machines against ransomware is to back them up. This is something that every organization is doing, or at […]

The post Steps to Protect Virtual Machines Against Ransomware With Backups appeared first on 24x7ITConnection.

Do you know what Office 365 features and updates are coming to your Office 365 Tenant?

Theresa Miller - Wed, 04/04/2018 - 02:21

Do you know what Office 365 features and updates are coming to your Office 365 Tenant?  If you answered “no” to this question then I would encourage you to keep reading.  Recently I had the opportunity to learn a little bit more about how Microsoft is communicating their changes about what is going on in […]

The post Do you know what Office 365 features and updates are coming to your Office 365 Tenant? appeared first on 24x7ITConnection.

Windows Insider MVPs Supercharge Product Influence

Theresa Miller - Tue, 03/20/2018 - 05:30

Windows Insider MVPs supercharge product influence This year, the Microsoft Most Valuable Professional award program celebrates its 25 year anniversary. During that time it has seen a number of restructures, keeping the program relevant to the technology trends and product changes especially in the Cloud era. With a focus on IT professionals and software developers, […]

The post Windows Insider MVPs Supercharge Product Influence appeared first on 24x7ITConnection.

Is Blockchain the Right Technology for My Application?

Helge Klein - Mon, 03/19/2018 - 14:23

This is an attempt at guidelines to help in technology decisions about when and where to use blockchain technology.

Blockchain in a Nutshell

A blockchain is a distributed list more than one entity can add new elements to. Each list element cryptographically validates its predecessor. Combined with the fact that adding new elements is computationally expensive, this protects the list’s integrity.

chain chain chain by lisa cee under CC

Pros and Cons of the Blockchain Architecture

Let’s start with what blockchain is good at:

  • Due to the distributed nature, there is no dependency on any individual entity for the management of the data
  • Tampering with the data is uneconomical because of the huge resources that would be required

And here are the caveats:

  • Maintaining the list is highly inefficient due to the tamper-proof architecture
  • The throughput in transactions per second is very low compared to a database
  • Storage requirements can be high because verification of the list’s integrity requires access to all blocks
When to Use Blockchain Technology

From the above, we can deduce where blockchain is a good technology choice.

Trust and Accountability

Legal contracts allow for pretty efficient management of accountability and – indirectly – trust. Making a system’s technology tamper-proof is not necessary when the risks of tampering are too high for the parties involved.

Takeaway: blockchain technology only makes sense where traditional legal instruments are insufficient or not applicable.

Dependencies on Elements Outside the Blockchain

If you cannot move the entire data set including all dependencies to the blockchain, the mechanisms that protect the blockchain’s integrity are wasted. People will simply cheat elsewhere in the process.

Takeaway: a blockchain must be self-sufficient and not rely on external data.

Processing Speed and Efficiency

Blockchain technology incurs a high computational overhead. Compared to databases, blockchains are inefficient and slow.

Takeaway: blockchains are not replacements for databases.

Summary

Putting the hype aside, there seem to be very few use cases where blockchains would genuinely be the best technology choice. Bitcoin seems like a good fit but is hampered by the low slow transaction speed and huge (energy) inefficiencies.

The post Is Blockchain the Right Technology for My Application? appeared first on Helge Klein.

Download, Install, Import Visual C++ Redistributables with VcRedist

Aaron Parker's stealthpuppy - Fri, 03/16/2018 - 10:10

Last year I wrote a PowerShell script that can download, install or import the Visual C++ Redistributables into MDT or ConfigMgr. Long-term maintenance of the full feature set in a single script is a little unwieldy so I’ve re-written the script and created a PowerShell module – VcRedist.

Refactoring the script into a module has been a great little project for creating my first PowerShell function and publishing it to the PowerShell Gallery.

Why VcRedist?

At this point, I’m sure you’re saying to yourself – “Aaron, haven’t you just created Chocolatey?”. In a way yes, this module does exactly what you can do with Chocolatey – install the Visual C++ Redistributables directly to the local machine. Although you can download and install all of the supported (and unsupported) Redistributables, the primary aim of the module is to provide a fast way to download and import the Redistributables into the Microsoft Deployment Toolkit or System Center Configuration Manager for operating system deployments.

Module

The VcRedist module is published to the PowerShell Gallery, which means that it’s simple to install the module and starting importing with a few lines of PowerShell. For example, here’s how you could install the module, download all of the supported Redistributables and import them into an MDT deployment share:

Install-Module -Name VcRedist Import-Module VcRedist $VcList = Get-VcList | Get-VcRedist -Path "C:\Temp\VcRedist" Import-VcMdtApp -VcList $VcList -Path "C:\Temp\VcRedist" -MdtPath "\\server\share\Reference"

This results in each of the Visual C++ Redistributables imported as a separate application with all necessary properties including Version, silent command line, Uninstall Key and 32-bit or 64-bot operating system support.

Visual C++ Redistributables imported into an MDT share with VcRedist

The same approach can be used to import the Redistributables into a ConfigMgr site:

Install-Module VcRedist Import-Module VcRedist $VcList = Get-VcList | Get-VcRedist -Path "C:\Temp\VcRedist" Import-VcCmApp -VcList $VcList -Path "C:\Temp\VcRedist" -CMPath "\\server\share\VcRedist" -SMSSiteCode LAB

Just like MDT, each Redistributable is imported into ConfigMgr; however, Import-VcCmApp copies the Redistributables to a share for distribution and creates and application with a single deployment for each one.

Visual C++ Redistributables imported into ConfigMgr with VcRedist

Of course, the module can download and install the Redistributables to the local machine:

Install-Module VcRedist Import-Module VcRedist $VcList = Get-VcList | Get-VcRedist -Path "C:\Temp\VcRedist" $VcList | Install-VcList -Path C:\Temp\VcRedist

By default, this installs all of the supported Redistributables:

Visual C++ Redistributables installed locally with VcRedist

Note that the 2015 and 2017 Redistributables are the same version, so the end result will include only the 2017 versions.

Functions

This module includes the following functions:

Get-VcList

This function reads the Visual C++ Redistributables listed in an internal manifest or an external XML file into an array that can be passed to other VcRedist functions. Running Get-VcList will return the supported list of Visual C++ Redistributables. The function can read an external XML file that defines a custom list of Visual C++ Redistributables.

Export-VcXml

Run Export-VcXml to export the internal Visual C++ Redistributables manifest to an external XML file. Use -Path to define the path to the external XML file that the manifest will be saved to. By default Export-VcXml will export only the supported Visual C++ Redistributables.

Get-VcRedist

To download the Visual C++ Redistributables to a local folder, use Get-VcRedist. This will read the array of Visual C++ Redistributables returned from Get-VcList and download each one to a local folder specified in -Path. Visual C++ Redistributables can be filtered for release and processor architecture.

Install-VcRedist

To install the Visual C++ Redistributables on the local machine, use Install-VcRedist. This function again accepts the array of Visual C++ Redistributables passed from Get-VcList and installs the Visual C++ Redistributables downloaded to a local path with Get-VcRedist. Visual C++ Redistributables can be filtered for release and processor architecture.

Import-VcMdtApp

To install the Visual C++ Redistributables as a part of a reference image or for use with a deployment solution based on the Microsoft Deployment Toolkit, Import-VcMdtApp will import each of the Visual C++ Redistributables as a separate application that includes silent command lines, platform support and the UninstallKey for detecting whether the Visual C++ Redistributable is already installed. Visual C++ Redistributables can be filtered for release and processor architecture.

Each Redistributables will be imported into the deployment share with application properties for a successful deployment.

Import-VcCMApp

To install the Visual C++ Redistributables with System Center Configuration Manager, Import-VcCmApp will import each of the Visual C++ Redistributables as a separate application that includes the application and a single deployment type. Visual C++ Redistributables can be filtered for release and processor architecture.

Tested On

Tested on Windows 10 and Windows Server 2016 with PowerShell 5.1. Install-VcRedist and Import-VcMdtApp require Windows and the MDT Workbench. Get-VcList, Export-VcXml and Get-VcRedist do work on PowerShell Core; however, most testing is completed on Windows PowerShell.

To Do

Right now, I have a few tasks for updating the module, including:

  • Additional testing / Pester tests
  • Add -Bundle to Import-VcMdtApp to create an Application Bundle and simplify installing the Redistributables
  • Documentation updates

For full details and further updates, keep an eye on the repository and test out the module via the PowerShell Gallery.

Image credit:

Alexey Ruban

This article by Aaron Parker, Download, Install, Import Visual C++ Redistributables with VcRedist appeared first on Aaron Parker.

Categories: Community, Virtualisation

Using the VMware Horizon API from c#

Andrew Morgan - from the trenches - Tue, 03/13/2018 - 12:43

So here’s an ask I’ve had for well over a year, which i duly neglected until the mind of the brilliant Sean Massey decided to send me a PM on the vExpert EUC slack channel.

VMware Horizon’s API has been published for well over a year at this point over on code.vmware.com but there’s two challenges with this API in my humble opinion:

A: it’s WAAAAY too developer orientated for a regular PowerShell consumer*

B: while it’s a fully fledged API it seems a bit shortsighted to only document how to use it from Powershell given that the full API is documented.

* oh don’t have such a high opinion of yourself, everyone complained, i have the emails to prove it!

I had attempted this a few times before, but my usual source of help, Remko was too busy to help me or I duly hit a problem and inevitably toddled off to do something else. Not this time! and with no Remko help! *pats self on the back*

Any-who, here’s the deal. Up to now, despite writing community tools for years, i had never actually figured out Github, so i decided now was the time.

Over on my new and shiny GitHub repo, you’ll find a sample project on how to utilize the Powercli libraries directly in c# for access to Horizon.

If you’re old-school and find this whole GitHub thing a bit much, I’ve included the source c# project here for download too!

Here’s a screenshot of the actual example utility for, y’know, pictures!

 

Categories: Community, Virtualisation

The Continued Evolution of VMware Cloud

Theresa Miller - Tue, 03/13/2018 - 05:30

Since the word cloud first appeared in terminological lingo, VMware has often been used in the same sentence. In recent years, the concept of cloud has evolvoed, and so has the VMware’s strategy and products as a whole. Recently, VMware announced even more products, features, and enhancements to continue the VMware cloud evolution. VMware Cloud […]

The post The Continued Evolution of VMware Cloud appeared first on 24x7ITConnection.

Viewing VMware Unified Access Gateway statistics with REST

Andrew Morgan - from the trenches - Fri, 03/09/2018 - 12:38

<Tap Tap> Is this thing still on? Good!

The VMware Unified Access Gateway really is a wonderful device. With a quick deployment of an OVF you’re up and running with free remote access to your VMware Horizon environment. The device is so simple in fact, that it’s often a case of set and forget, it does the hard work freeing you up to do more important things.

A request came in from a customer last year to be able to view more about what this little magic appliance is doing, how healthy it is and how many  users it is currently servicing.

For VMware vRealize Operations for Horizon customers, this data is all available directly in the VROPS portal, but what if you don’t have VMware vRealize Operations for Horizon? or want to query this in an automated fashion?

Well the good news is, the clever engineers behind this project not only allowed RESTful configuration of the product, they also allowed restful retrieval of the information too!

if  you browse to https://<your device IP or name>:9443/rest/v1/monitor/stats you’ll get all the info you could want as below: (after you authenticate, of course).

In the XML REST response you get above, you’ll get the information about the device health and also the services (horizon, authentication, etc.).

So that’s great, but wouldn’t it be nice if we could get that information from PowerShell too?

I’ve thrown together a Powershell module here you can use or hack apart for your own purposes to allow you to query your own Unified Access Gateway appliances.

Simply import the module:

from here you can see the exported cmdlets:

and here are the two exports below:

Get-VMwareUAGHorizonStats:

Get-VMwareUAGHealth:

 

So that’s it! A big thank you to my colleague Mark Benson for the endless, cheerful help. Despite how much of a pest i can be!

Categories: Community, Virtualisation

A Bad Reputation – what are you willing to risk for brand awareness?

Theresa Miller - Thu, 03/08/2018 - 16:35

Do you have a bad reputation? We need to talk about bad reputations and the winner-take-all philosophy in tech. Our companies compete for the same deals, and sometimes they go hard. But, how far is too far when you’re trying to win big deals? Would we know it when we see it? Scandal is what […]

The post A Bad Reputation – what are you willing to risk for brand awareness? appeared first on 24x7ITConnection.

What you NEED to know about Office 365 Email and SPF Records

Theresa Miller - Tue, 02/27/2018 - 06:30

When dealing with Office 365 Email configuration you will find that Microsoft requires that your organization setup an SPF (Sender Policy Framework) record to go along with your Exchange Online tenant.  This is a DNS text record that allows Microsoft’s messaging servers can send email for your domain.  Let’s cover what you need to know […]

The post What you NEED to know about Office 365 Email and SPF Records appeared first on 24x7ITConnection.

What to expect from Tech Field Day 16

Theresa Miller - Tue, 02/20/2018 - 06:30

I was excited to receive an invitation to a Tech Field Day event in Austin, Texas. It’s a long way from my home in Brisbane, Australia, but so worth the trip. Here’s what to expect and how to watch. Tech Field Day 101 Started by Stephen Foskett, Tech Field Day is a completely unique concept. […]

The post What to expect from Tech Field Day 16 appeared first on 24x7ITConnection.

Red Hat and CoreOS Add to the Container Stack

Theresa Miller - Tue, 02/13/2018 - 06:30

Fans of the open source ecosystem will undoubtedly recognize the names Red Hat and CoreOS. Red Hat has has long been the leader of open source in the enterprise with a huge following of many community projects including Fedora, Ansible, Ceph, and many others. CoreOS has just been added to the list of acquisitions with […]

The post Red Hat and CoreOS Add to the Container Stack appeared first on 24x7ITConnection.

Improving Ivanti Application Control Message Boxes

Aaron Parker's stealthpuppy - Sun, 02/11/2018 - 23:59

Ivanti Application Control (previously AppSense Application Manager) is an application whitelisting and privilege management solution; however, I think you’re likely aware of that since you’re reading this article. Application Control has a number of customisable message boxes that are displayed to the end-user for Windows application whitelisting or privilege elevation scenarios. In this article, I’ll discuss improving the end-user experience with some visual flair and text.

Default Message Boxes

Let’s take a look at a typical message box. Below is the default Access Denied message displayed to users on Windows 10 when attempting to start an application that hasn’t been white-listed.

Ivanti Application Control default access denied message box

With apologies to Guy Leech (the original developer of AppSense Application Manager), this message box doesn’t fit with Microsoft’s recommended Windows 7 or Windows 10 desktop UI guidelines nor display anything useful to the end user that is useful or actionable. Side note – on Windows 10, I’d love to see this particular message as a notification instead because there’s no immediate action the user can take.

Here’s another message box – this one is shown for privilege escalation. Similar in a sense to a UAC dialogue box, but this forces the user to complete the action for elevating an application with a reason for taking that action that can be audited.

Ivanti Application Control default self-elevation message box

There are several scenarios where Application Control may display a message to the end user:

  • Access Denied – execution of an application is denied
  • Application Limits Exceeded – the end-user is prevented from running multiple instances of an application
  • Self-Elevation – an end-user can elevate an application via Application Control instead of being granted administrative rights
  • System Controls – the user can be prevented from uninstalling an application, clearing specific event logs or stopping services
  • Time Limits – time limits can be put on application execution
  • Self-Authorization – end-user can be given the ability to whitelist an application themselves
  • Network Connections – controls can be placed on network destinations, paths or ports

So, potentially a reasonable level of interaction with the end-user and thus Application Control can have some impact on the perception of a user’s everyday experience. Fortunately, each of these message boxes is almost fully customisable – Ivanti provides the administrator with the ability to control both the appearance and text in the message to something that may suit a specific requirement or the environment into which it is deployed.

Creating Better Message Boxes

Dialog boxes suck (or at least a good chunk of them do). To understand why here’s an excellent article I recommend reading – The Magic of Flow and Why Dialogs Frustrate People. The dialogs interrupt user workflow and it’s safe to assume a user is typically seeing multiple messages in a single session (not just our Application Control messages).

Application Control supports customising the messages as well as the UI with HTML and CSS. With customisable notifications, the Application Control administrator effectively becomes a UX designer; therefore to provide users with the best experience possible and balance security needs of the organisation, we should consider carefully that experience both visually and narratively in the text displayed to the user.

When customising these I recommend paying careful attention to the language and tone of the text. Empowering a user to take the right, or no, action without generating unnecessary service desk calls is important. Here are my 3 recommendations for customising these messages boxes for an environment:

  • Ensure the message boxes fit with Microsoft UX guidelines for Windows – apart from not visually assaulting the senses, fitting in with the standard Windows visual style will provide users with a sense that these messages are a part of the normal Windows desktop workflow
  • Don’t overwhelm the user with explanatory text that they aren’t going to read anyway – avoid dialogue box fatigue. If you can, provide a link to more information, so that the user can choose to read up on why the system has been implemented
  • Don’t assume the user is doing the wrong thing. Taking a default hostile stance via the language or wording used in the messages won’t foster a sense of trust. Yes, insider threats are often the main cause of security breaches, but IT can do its part in building team trust

I believe these to be reasonable principles to consider, but of course, some environments may have specific requirements.

Microsoft has published user interface guidelines for Windows for many years, with what I would call “mixed results” from the developer community. While good design isn’t easy, Microsoft has guidelines on FontsStyle and Tone, and User Interface Principles that are applicable to the Application Control administrator.

Looking for Inspiration

Microsoft has specific message boxes in User Account Control that I’ve used as the basis for improving the messages boxes from Application Control; both visually and in the language/text. Here’s a typical UAC message box on Windows 10 – it provides some immediate visual feedback with colour and simple language for the user to act upon:

Windows User Account Control message box

UAC (and SmartScreen) displays various message boxes depending on the action taken that have different colours to better provide the user with an immediate visual feedback. 

From top to bottom: blocked app, app with unknown publisher, app with a known/trusted publisher

Sticking with an established visual style, we can use these colours in our Application Control message boxes. I haven’t found documentation on the colours from Microsoft, so the hex values below might not be 100% accurate.

Blue (#85b8e8 ) background is from the message box used to identify Windows components or software that is signed and trusted Yellow (#f8d470) background is from the message box that identifies components or applications that are untrusted or not signed Red (#8e000b) background denotes an application that has been blocked by Windows SmartScreen I’ve used a softer red (#bf3235) background from the Ivanti Application Control console instead of UAC

In addition to the visual style, we can use these as examples of the language to use in our customised Application Control message boxes. 

Updating Ivanti Application Control Message Boxes

These message boxes are customisable via HTML and CSS, so we have the ability to exert a certain level of control on the look and feel. To enable the full level of customisation, you’ll need to be running Application Control 10.1 FR3, as the limit on the number of characters in some of the messages has been removed.

Here are the default Message Settings properties:

Ivanti Application Control message settings

Under that advanced button, is the CSS used to customise the visuals. So the first thing we’re going to do is customise that CSS to align the visuals with Windows 10. I am maintaining an updated CSS file to completely replace the default CSS on GitHub, which means that anyone can fork the file, improve it and contribute.

There are a few things that the CSS does and provides customisation for:

  1. Changes the default font to Segoe UI, the default Windows font (instead of Microsoft San Serif). The font used in the user input box in self-elevation message boxes is changed to Consolas instead of Courier New
  2. Hides the red and white X graphic. By default, this image is shown on all message boxes and doesn’t actually fit in with the intention of all messages boxes
  3. Enables a header in the 3 colours shown above
  4. Gives buttons a Windows 10 look
  5. Prevents scrollbars from showing inside the message boxes – because the messages can only be set to a fixed height and width, some scrolling occurs even in the default messages shown in the images at the beginning of this article

At the moment, this CSS isn’t perfect and requires updates to fix the cutting off text on the right-hand side of the dialog box, but I think it’s a huge improvement over what’s provided by default. 

Access Denied

Let’s look again at the default Access Denied message box. This doesn’t fit into the Windows UI, doesn’t necessarily tell the user what’s occurred or tell them whether any further action is required.

Ivanti Application Control default access denied dialog box

With our new CSS in place, we can modify the HTML behind this message to reflect what’s going on, as well as provide the user with a link to a page with more information. Note that because my CSS isn’t currently perfect, I’m cheating a bit by putting a carriage return after “Running this app might put” so that the text isn’t cut off on the right-hand side of the message box.

<div class="header red">An app has been prevented from running to protect this PC.</div> <div class="description">An unrecognised or unauthorised app was prevented from starting. Running this app might put your PC at risk. Blocked app: %ExecutableName% Location: %DirectoryName% Description: %AC_FileDescription% Publisher: %AC_CompanyName% Please view the <a href="https://servicedesk.stealthpuppy.com">Information Security Corner</a> for details on why this app was blocked. To install an app, you may need to raise a service request. </div>

Because we have a fixed height and width for the box, I’ve set the height to 690 pixels and the width to 440. Our new Access Denied message box now looks like this:

Ivanti Application Control access denied message box with improved styling

In this example, we are now providing the user with some immediate visual feedback, some reason as to why the application was blocked, some details on what was blocked and finally a link to more information (i.e. the action that the user can take). An external page can provide the user with a framework for understanding what’s going on and whether they should pick up the phone for the service desk (or not), with better detail and interaction than a message box could provide.

Self-Elevation

Now let’s do the same with the Self-Elevation action. Here’s the HTML:

<div class="header yellow">Do you want to allow this app to make changes to your device?</div> <div class="description">App name: %ExecutableName% <br/>This action will run this app with elevated privileges. Please provide the reason for taking this action. This information will be logged and audited. Improper use of elevated applications are in violation of the <a href="https://servicedesk.stealthpuppy.com">Acceptable Use Policy</a>.</div>

I’ve set the height to 770 pixels and the width to 460. Here’s the result:

Ivanti Application Control self-elevation message box with improved styling

In this example, we aren’t bombarding the end-user with text nor assuming what they’re doing is a hostile action. If you’re an IT Pro or a developer, there’s a good chance you’ll need to elevate an application several times during a single session, so this could be something you see multiple times a day.

System Controls

For a simple example, let’s update the System Controls message.

<div class="header blue">Uninstall of %ApplicationName% is not permitted.</div> <div class="description">Removal of this application has been denied to protect the integrity of this PC.</div>

Which then looks like this:

Ivanti Application Control system controls message box with improved styling

Here we’ve used blue to differentiate this from the previous two messages.

Be aware of High DPI Displays

Note that today Application Control doesn’t support high DPI displays or scaling above 100% very well. Because those dialog boxes are a fixed size and the contents don’t scale, you get something like this:

Ivanti Application Control Access Denied Dialog at 200% scaling

Ivanti is, of course, aware of the issue and I assume there’ll be a fix in a future update. Until then, at least on Windows 10, you can override the high DPI scaling behaviour. The Application Control Agent folder has a number of executables that run each of the messages. For example, to fix the scaling on the Access Denied message box set compatibility of AMMessage.exe that the high DPI scaling behaviour is set to System (Enhanced).

Setting Application Control High DPI Scaling Compatibility

Once set, the message box will be set to its correct size and scaled up on high DPI displays, thus the box may look fuzzy depending on resolution and scaling. To avoid setting this on each executable individually on each end-point, use Group Policy or the Application Compatibility Toolkit to set these properties.

Conclusion

In this article, I’ve discussed how to improve the Ivanti Application Control message boxes for both visuals and text. With some effort, we’ve updated the style to better fit in with Windows 10, but these look right at home on Windows 7 as well. Additionally, the text has been improved to provide users with (hopefully) just the right amount of explanation, enabling them to take effective action if needed.

The custom CSS streamlines the visuals and better aligns the message boxes with UI guidelines from Microsoft. While I’ve made the CSS available on GitHub, it could do with some improvement. Opening this up to the community will enable feedback and updates.

This article by Aaron Parker, Improving Ivanti Application Control Message Boxes appeared first on Aaron Parker.

Categories: Community, Virtualisation

Severless for the traditional infrastructure admin

Theresa Miller - Wed, 02/07/2018 - 06:05

Serverless is the new buzzword everyone loves to hate. Is it a real thing? Is it a poorly named marketing buzzword? Is it something I need to learn about? What everyone thinks it is When I asked people on Twitter for a definition of serverless, I got some interesting answers.   Event-driven functional architectures — […]

The post Severless for the traditional infrastructure admin appeared first on 24x7ITConnection.

Predictions for the Data Center in 2030

Theresa Miller - Tue, 01/30/2018 - 06:05

How will we manage the data center in 2030? The history of tech tells us that a lot can happen in 12 years. For example, lets look at what has happened in the past 12 years beginning in 20016. Technology has changed significantly with advances that have included the iPhone, Facebook, Twitter, Flash storage drives, […]

The post Predictions for the Data Center in 2030 appeared first on 24x7ITConnection.

Building a Fast and Silent Workstation PC

Helge Klein - Tue, 01/16/2018 - 14:15

This article describes how to build a fast workstation PC that is almost completely silent (actually the fastest possible in terms of single-thread performance). It is based on a PC build published by German c’t magazine.

Why Single-Thread Performance is (Nearly) the Only Thing That Matters

There are many ways to evaluate CPU performance, but it basically boils down to a simple question: am I interested in single-thread or multi-thread performance?

The latter obviously yields a higher number and many benchmarks focus on the aggregate performance of all the cores in the CPU combined. But in a single-user machine multi-thread performance only rarely matters. The vast majority of software uses but a single thread (aka CPU core) for any significant calculations. That means in practice: if you want things to be done quickly, you need a CPU that has a high single-thread performance.

Multi-thread performance, while probably overrated, is not unimportant. There are quite a few applications out there that do use multiple threads at least part of the time to speed things up.

With the above in mind, we can define our ideal CPU: highest possible single-thread performance with good multi-thread performance. As it turns out, that CPU is currently Intel’s i7-8700K. No other x86 CPU matches its single-core speed, and with six cores total it is a more than decent multi-core contender, too.

Component Selection

Once I knew I wanted the i7-8700K I went to look for ways to run it at next to zero decibels. This is where c’t magazine comes in, probably the world’s only truly fantastic computer magazine left. c’t regularly publishes PC builds that focus on low noise emissions and energy efficiency. One of the best aspects of their builds is that they ignore unnecessarily complex techniques like water cooling or insulation, opting for noise reduction at the source instead. They basically put the fans in the right place of the chassis and test the hell out of the components to make sure none of them emit any unwanted noise.

Based on their suggestions I assembled the following components for my workstation PC build:

CPU:
Intel i7-8700K
Mainboard:
MSI Z370 Gaming Pro Carbon
RAM:
4 x Crucial DDR4 16 GB PC4-19200 non-ECC (64 GB in total)
SSD 1:
Samsung SSD 960 Pro M.2
SSD 2:
Samsung SSD 850 Pro (data disk from my previous machine)
CPU cooler:
Thermalright Macho Rev.B
Power supply:
be quiet! Pure Power 10 400 Watt
Case:
be quiet! Pure Base 600
GPU:
MSI GeForce GTX 1060 Gaming X 6G 6GB

A “gaming” mainboard would not have been my natural choice. Neither do I really need a dedicated GPU. Unfortunately, none of the currently available mainboards for Intel’s 8th generation (Coffee Lake) CPUs are equipped with two DisplayPorts. As we will see below, this choice of mainboard and GPU negatively affects power consumption.

Assembling the Components

The actual build is pretty straightforward. However, you should move the front fan (which is basically useless where it is located) to the back of the case’s top, so that the heat is blown out to the top as well as to the back (by the second preinstalled fan). The case’s top plastic cover can easily be shortened with a saw so that it does not cover the new top-blowing fan.

Here is a view from an intermediate stage before the mainboard was put in the case:

BIOS Settings

First of all, update the BIOS to the latest version, then load the defaults. With that in place, configure the following settings:

  • Settings > Advanced > Windows OS Configuration > Windows 8.1/10 WHQL Support: enabled
  • Overclocking > CPU Features > Intel C-State: enabled
  • Overclocking > CPU Features > Package C-State Limit: C8
  • Overclocking > CPU Features > C1E Support: enabled
  • Hardware Monitor -> CPU 1: 40°/15%, 60°/30%, 70°/60%, 85°/100%
  • Hardware Monitor -> System 1: 30°/4.08V, 60°/5.04V, 70°/7.08V, 85°/12V
  • Hardware Monitor -> System 4: 30°/4.08V, 60°/5.04V, 70°/7.08V, 85°/12V
Power Consumption

A modern PC’s power consumption is highly volatile, changing many times per second depending on the workload. The most important value, however, is idle power consumption, because no matter how furiously you work, your machine will be idling a large part of the time.

There have been great improvements in idle power consumption in the past years. As an example, c’t published a build for an 11 Watt PC in December 2016. This i7-8700K build, unfortunately, is not as efficient. The best I observed is a little more than 36 Watts. The typical idle power consumption is around 40 Watts.

I blame Intel’s Z370 chipset, the only chipset currently available for Intel’s 8th generation (Coffee Lake) CPUs. According to other people’s measurements, the GPU consumes a bit less than 10 Watts when idle. Interestingly, it does not matter whether you connect one or two (4K) displays to the GPU. There is not even a significant change in power consumption if you connect a single display to the mainboard’s Intel graphics instead.

One caveat to be aware of: in sleep mode, the system consumes 12.6 Watts, which is about 12 Watts more than it should. This is the case even with the ErP Ready BIOS setting enabled, which is supposed to make the system conform to the EU’s environmental regulations. I worked around this inefficiency by configuring Windows to hibernate when the power button is pressed instead of sleeping. During hibernation the system only consumes 0.2 Watts.

Noise Emissions / Silence

I do not have the equipment to measure noise emissions, but I can say that the machine is nearly completely silent. Only when there is no ambient noise at all can a very unobtrusive mid-frequency ventilator humming be heard. This does not even change during prolonged periods of high load.

CPU Performance

There are many different ways to measure CPU performance. I find Cinebench to be a useful indicator. It has both single-core and multi-core benchmarks. The single-core result of 203 is even slightly higher than expected. The multi-core result of 1414 is only surpassed by some of AMD’s Ryzen CPUs and by Intel’s expensive i9 processors. Cinebench results were measured before any Meltdown/Spectre patches were applied, by the way.

The post Building a Fast and Silent Workstation PC appeared first on Helge Klein.

The Office 365 roadmap for 2018

Theresa Miller - Tue, 01/16/2018 - 06:30

Disclaimer: While the author is a Microsoft MVP in the Office Servers & Services category, this article is provided based on information publicly available at https://products.office.com/en-US/business/office-365-roadmap?filters=#abc No spoilers here, sorry! The official Microsoft roadmaps are moving targets. They give us some indication of what to expect in the Microsoft products and when to expect them, […]

The post The Office 365 roadmap for 2018 appeared first on 24x7ITConnection.

Pages

Subscribe to Spellings.net aggregator - Community