Tag Archives: will

For Sale – Ubiquiti TOUGHSwitch PoE Switch – £30

I assume this comes with its PSU??

If so will take for £30 inc delivery

Go to Original Article
Author:

Coronavirus pandemic ups the IT contract negotiation game

The coronavirus pandemic will have short-, medium- and long-term implications for how IT buyers negotiate contracts and their overall relationships with vendors, according to several experts.

Many companies will add and already have added SaaS tools to support remote workers. Others will cut back on IT projects and investments through layoffs. And most, if not all, may seek financial relief through IT contract negotiations.

“What we’re seeing with a lot of clients right now is that there’s a lot of uncertainty,” said John Belden, project execution advisory services practice leader at UpperEdge, an IT strategy consulting firm in Boston. “Companies should put together a plan for what they’re doing with long-term [IT assets and projects]. You basically should talk [with critical vendors] about what it means to be a partner in this time of peril.”

IT vendors and customers commonly reference words like “partner ” and “partnership” in good times, particularly when the technology in question supports major IT infrastructure components such as ERP systems.

The concept will now be put to a critical test amid coronavirus-related economic distress, especially when once-acceptable, agreed-upon contract terms prove untenable in the current environment. What’s a CRM customer to do when it has 10,000 subscription licenses on the books, but suddenly must lay off several thousand sales reps and contact center workers?

Indeed, SaaS subscriptions seem like a potential source for angst as the economic impact from coronavirus deepens.

The coronavirus epidemic will force IT buyers to not only reconsider their 2020 spending priorities, but also contract negotiations and overall relationships with vendors.
The coronavirus epidemic will force IT buyers to not only reconsider their 2020 spending priorities, but also contract negotiations and overall relationships with vendors.

Customers with foresight will have built-in “flex down” clauses in their deals, which allow for reductions in paid licenses based on shifts in a business’s actual demand, said R “Ray” Wang, CEO and founder of Constellation Research. But many customers didn’t do that during IT contract negotiations in recent years, as they quickly moved to adopt cloud-based software and agreed to stricter terms in exchange for better pricing and other considerations, he added.

Every customer with a looming contract renewal should ensure that flex-down language is part of the deal, according to Wang. That’s not to say vendors won’t attempt to broker workable arrangements with customers now — and the smart ones will, according to Wang, who has helped hundreds of clients with IT contract negotiations.

“It’s all about loyalty,” he said. “You want to be able to show you’ve been able to work with your customers in good times and bad times.”

A growing number of vendors have made public shows of good faith amid the coronavirus pandemic. For example, many software companies with tools for online communication, collaboration and file-sharing are offering free access to services for a limited time.

But skeptical observers will question how much that largesse also serves as a lead-generation tool for vendors keen to land new customers when the free trials are over. And with so much money at stake, the legal concept and contract term known as force majeure will likely come up in discussions between vendors and customers in all industries, as noted in a recent blog post from the large U.S. law firm Akerman.

However, “determining whether a force majeure clause can be invoked is a fact-intensive inquiry, as it depends on the specific language of a contract,” Akerman lawyers Lawrence Rochefort and Meghan Boland wrote. It could make things quite difficult if epidemics and pandemics aren’t specifically listed as force majeure events.

A vendor could also cite force majeure as a defense against contract fulfillment. “If a vendor is committed to do certain things for you, but they can’t travel to your site, you can’t sue them for that,” said Duncan Jones, an analyst at Forrester who advises sourcing and vendor management professionals. “It’s just too bad.

I am more a believer in the soft contract. It’s a business relationship between you and the supplier that is at a higher level than the hard contract and the legalese.
Duncan JonesAnalyst, Forrester

“I am more a believer in the soft contract,” Jones added. “It’s a business relationship between you and the supplier that is at a higher level than the hard contract and the legalese. … It’s much better to say this is something that no one’s foreseen, and how are we going to react to that.”

Many vendors should be sympathetic and willing to work with customers in that regard, Jones added. “If they don’t, then now you know what you’re dealing with and you can start your exit strategy.”

Prior to a divorce from a vendor, however, customers can take other steps. “You get the best service if you’re a good customer,” Jones said. “Sometimes the problem is that the salesperson is in the way.” Now may be the time to call in chits that get you access to executives higher up the vendor’s organizational chain, according to Jones: “Get beyond the salesperson and make the case.”

Coronavirus costs for IT measured in more than dollars

Many major IT projects will hit the pause button, but there’s both a wise and risky way to go about that, said UpperEdge’s Belden. “A [customer] has a choice,” he said. “They could stop these [projects] and all those vendors go away.”

But that could be a mistake in a longer-term context, he added. For one, much of the hands-on knowledge that consultants had built up regarding a customer’s project could be lost. A better alternative is to negotiate with the consultancy to find cost savings and “share in the pain,” Belden said.

There are several possibilities here. One could be to negotiate lower hourly rates — perhaps at the consultant’s base cost — and continue work. Another option is an alternative approach to project delivery. “You can tell the vendor, ‘We’re going to keep the project on a percolate, with not all of the same services you were delivering, but once this [crisis] is over, we can accelerate further,'” Belden said.

The cost of delivering services within the project should drop a meaningful amount as well. Consultants could be forced to work remotely, which reduces travel costs. The lack of travel can lead to greater productivity on the part of consultants as well, since they’ll have more time. It’s likely that a general drop of 10% to 15% of project costs will occur due to these factors, Belden said.

Coronavirus’s aftereffects on IT strategy

The pandemic has had a drastic impact on how companies operate, as employees are compelled to work from home with the help of online collaboration and workflow tools. This has been a radical shift for companies with a previously conservative or skeptical view of telecommuting. If broadly successful, this could prompt many enterprises to ramp up their digital transformation efforts and alter any future IT contract negotiation.

“All of us can’t sit here and say this was a one-off event,” Belden said. “This will happen again, and how are we going to prepare? People now recognize companies have to operate differently and be open to change.”

That change may include shifts in IT procurement habits toward a best-of-breed approach as customers recover from the coronvirus’s impact and look to spread out risk, according to Jeff Lazarto, commercial advisory practice leader at UpperEdge. “If a customer really values that balance of powers, they might have SAP for finance and Workday for HCM, knowing that Workday has finance that isn’t as mature right now but will get there.”

Go to Original Article
Author:

ConnectWise threat intelligence sharing platform changes hands

Nonprofit IT trade organization CompTIA said it will assume management and operations of the Technology Solution Provider Information Sharing and Analysis Organization established by ConnectWise in August 2019.

Consultant and long-time CompTIA member MJ Shoer will remain as the TSP-ISAO’s executive director under the new arrangement. The TSP-ISAO retains its primary mission of fostering real-time threat intelligence sharing among channel partners, CompTIA said.

MJ ShoerMJ Shoer

Nancy Hammervik, CompTIA’s executive vice president of industry relations, discussed CompTIA’s TSP-ISAO leadership role with Shoer during the CompTIA Communities and Councils Forum event this week. CompTIA conducted the event virtually after cancelling its Chicago in-person event due to the coronavirus pandemic.

Shoer said CompTIA is uniquely positioned to enhance the TSP-ISAO. “If you look at all the educational opportunities and resources that CompTIA brings to the table … those are going to be integral to this in terms of helping to further educate the world of TSPs … about the cyber threats and how to respond,” he said.

He added that CompTIA’s involvement in government policy work will contribute to the success of the threat intelligence sharing platform, as “the government is going to be key.” ISAOs were chartered by the Department of Homeland Security as a result of an executive order by former president Barack Obama in 2015.

Hammervik and Shoer also underscored that CompTIA’s commitment to vendor neutrality will help the TSP-ISAO bring together competitive companies in pursuit of a collective benefit. “We all face these threats. We have all seen some of the reports about MSPs being used as threat vectors against their clients. If we don’t … stop that, it can harm the industry from the largest member to the smallest,” Shoer said.

About 650 organizations have joined the TSP-ISAO, according to Hammervik. Membership in the organization in 2020 is free for TSP companies.

Shoer said his goal for the TSP-ISAO is to develop a collaborative platform that can share qualified, real-time and actionable threat intelligence with TSPs so they can secure their own and customers’ businesses. He said ultimately, the organization would like to automate elements of the threat intelligence sharing, but it may be a long-term goal as AI and other technologies mature.

Wipro launches Microsoft technology unit

Wipro Ltd., a consulting and business process services company based in Bangalore, India, launched a business unit dedicated to Microsoft technology.

Wipro said its Microsoft Business Unit will focus on developing offerings that use Microsoft’s enterprise cloud services. Those Wipro offerings will include:

  • Cloud Studio, which provides migration services for workloads on such platforms as Azure and Dynamics 365.
  • Live Workspace, which uses Microsoft’s Modern Workplace, Azure’s Language Understanding Intelligent Service, Microsoft 365 and Microsoft’s Power Platform.
  • Data Discovery Platform, which incorporates Wipro’s Holmes AI system and Azure.

Wipro’s move follows HCL Technologies’ launch in January 2020 of its Microsoft Business Unit and Tata Consultancy Services’ rollout in November 2019 of a Microsoft Business Unit focusing on Azure’s cloud and edge capabilities. Other large IT service providers with Microsoft business units include Accenture/Avenade and Infosys.

Other news

  • 2nd Watch, a professional services and managed cloud company based in Seattle, unveiled a managed DevOps service, which the company said lets clients take advantage of DevOps culture without having to deploy the model on their own. The 2nd Watch Managed DevOps offering includes an assessment and strategy phase, DevOps training, tool implementation based on the GitLab platform, and ongoing management. 2nd Watch is partnering with GitLab to provide the managed DevOps service.
  • MSPs can now bundle Kaseya Compliance Manager with a cyber insurance policy from Cysurance. The combination stems from a partnership between Kaseya and Cysurance, a cyber insurance agency. Cysurance’s cyber policy is underwritten by Chubb.
  • Onepath, a managed technology services provider based in Atlanta, rolled out Onepath Analytics, a cloud-based business intelligence offering for finance professionals in the SMB market. The analytics offering includes plug-and-play extract, transform and load, data visualization and financial business metrics such as EBITDA, profit margin and revenue as a percentage of sales, according to the company. Other metrics maybe included, the company said, if the necessary data is accessible.
  • Avaya and master agent Telarus have teamed up to provide Avaya Cloud Office by Ring Central. Telarus will offer the unified communications as a service product to its network of 4,000 technology brokers, Avaya said.
  • Adaptive Networks, a provider of SD-WAN as a service, said it has partnered with master agent Telecom Consulting Group.
  • Spinnaker Support, an enterprise software support services provider, introduced Salesforce application management and consulting services. The company also provides Oracle and SAP application support services.
  • Avanan, a New York company that provides a security offering for cloud-based email and collaboration suites, has hired Mike Lyons as global MSP/MSSP sales director.
  • Managed security service provider High Wire Networks named Dave Barton as its CTO. Barton will oversee and technology solutions and channel sales engineering for the company’s Overwatch Managed Security Platform, which is sold through channel partners, the company said.

Market Share is a news roundup published every Friday.

Go to Original Article
Author:

Maze ransomware gang pledges to stop attacking hospitals

The notorious Maze ransomware gang announced Wednesday that it will not attack any healthcare organizations during the COVID-19 pandemic.

The pandemic has put a strain hospitals and public health agencies in recent weeks as governments across the globe struggle to contain the spread of COVID-19, also known as the new coronavirus. Some security vendors have expressed concern that coronavirus-related threats could soon include ransomware attacks, which would have a crippling effect on healthcare and government organizations working on treatment and containment of the virus.

But at least one cybercrime outfit is pledging to refrain from such attacks, at least on healthcare organizations. The Maze ransomware gang, which last year began “shaming” victims by exfiltrating and publishing organizations’ sensitive data, promised to ” stop all activity versus all kinds of medical organizations until the stabilization of the situation with virus,” according to an announcement on its website.

BleepingComputer, which first reported the announcement, also contacted other ransomware operators about stopping attacks on healthcare and medical organizations during the pandemic. The DoppelPaymer gang also pledged to stop such attacks, though other ransomware groups such as Ryuk and Sodinokibi/REvil did not respond to Bleeping Computer’s queries.

The Maze gang’s pledge, however, says nothing about attacks on city, state or local governments or public health agencies. The Maze gang also said it will “help commercial organizations as much as possible” during the pandemic by offering “exclusive discounts” on ransoms to both current and future ransomware victims; the cybercriminals said they will provide decryptors and deleted any data published on its website.

A screenshot of the Maze ransomware gang's announcement that it will not attack healthcare organizations during the coronavirus pandemic.
A screenshot of the Maze ransomware gang’s announcement that it will not attack healthcare organizations during the coronavirus pandemic.

Despite the promises of the DoppelPaymer and Maze ransomware gangs, it’s unclear how much control they have over what organizations are attacked. Many outfits use a ransomware-as-a-service model where they develop the malicious code and then sell it to other cybercriminals, which are often called affiliates.

These affiliates then conduct the actual intrusions, data exfiltration and ransomware deployment and pay the authors. Many ransomware incidents are initiated through phishing emails and brute-force attacks on remote desktop protocol instances; threat researchers have said it’s likely that ransomware actors aren’t specifically targeting organizations by name or industry and are merely capitalizing on the most vulnerable networks.

Go to Original Article
Author:

Android 11 features zero in on security, privacy

New Android 11 features will likely not represent a major shift for the enterprise, but industry observers believe they will help IT professionals better manage mobile devices.

Google released the first developer preview of the updated OS last month, with a final release expected in the third quarter of 2020. Among the changes are a few items — including improved biometric support and limited-time permissions for applications — that experts said would affect businesses.

Eric Klein, an independent analyst, said the improvements reflect Google’s larger efforts to appeal to enterprise customers.

Eric KleinEric Klein

“The way in which they’re approaching their overall strategy as an organization — from Chrome to the cloud and G Suite [productivity applications] — they’re continuing to refine their assets for business use,” he said.

A focus on privacy and security

Android 11, per the preview, includes changes intended to bolster privacy and security. One feature offers users greater control over what applications can do; it lets users — or IT administrators — give apps one-time-only permissions to access such things as location data or a phone’s camera and microphone.

According to Google, this builds on an Android 10 feature, in which users could permit an application to access such data and features, but only while the app was in use.

Andrew HewittAndrew Hewitt

Forrester analyst Andrew Hewitt said the granular data control offered by this feature is in line with modern enterprise security.

“[It] is more philosophically aligned [than before] with a zero-trust strategy — where a user only has access to what they need, and nothing more,” he said.

Klein said the feature will work as part of an overall device management strategy to help prevent bad actors from taking user data.

“There are many ways enterprises are protecting themselves that are well-known, basic security hygiene: restricting application usage, blacklisting apps — things of that nature,” he said, adding that controlling app permissions is a further step along that journey.

Android 11 will also reportedly include greater biometric support, notably by making it easier to integrate biometric authentication into apps and allowing developers to determine which biometric inputs — like fingerprints, iris scans and face scans — they consider strong or weak.

Hewitt said such a feature will interest IT professionals as they look to eliminate passwords — a frequent pain point in ensuring enterprise security.

“While passwordless authentication still remains immature in adoption, it’s certainly on the minds of many mobility management professionals,” he said.

Other effects on the enterprise

While security improvements are an integral part of Android 11, they are not the only ones set to have an impact on companies.

Holger MuellerHolger Mueller

Holger Mueller, vice president and principal analyst at Constellation Research, said he saw changes like improved 5G support — including a feature that determines whether a device is on a metered or unmetered network and adjusts data traffic accordingly — as new and necessary steps for Android.

The implementation of new messaging and chat “bubbles” — notifications that float on top of other applications and thus enable text conversations while multi-tasking — was taken as a heartening sign for productivity.

“[It’s] good to see Google not giving up on messaging,” he said. “The new messaging will likely improve [the] everyday user experience on Android.”

Hewitt said that with Android 11, Google has implemented new processes and options to ensure OS updates do not break app compatibility. Google announced methods, for example, to help developers test for compatibility by turning changes on or off — making it easier to determine which new OS behavior might pose problems.

“[Compatibility] has been a perennial issue in enterprise mobility,” Hewitt said.

Competing with iOS

Klein said the improvements in Android 11 — especially those related to privacy and security — reflect Google’s desire to compete for the enterprise. He noted Android’s reputation for security has long lagged behind that of iOS.

“There’s a perception that it’s just not secure — that hasn’t gone away yet,” he said. “Many [administrators] will say, ‘I’m not trusting an Android device. I’m not trusting my employees with Android devices.’ That perception is still there, and it’s something Google has to overcome. I think they are overcoming it.”

Google, Klein said, has historically faced criticism for the cadence of its security patches and its reliance on partners to push out those patches. The company has been working to improve that process, he said.

“In order to [compete] effectively — to ensure that peace of mind IT requires for mass rollouts — they’re going to have to … show they’re serious about security and privacy,” he said.

Go to Original Article
Author:

International Women’s Day 2020: Creating opportunity for all – Microsoft Partner Network

Sunday, March 8th will mark a day that’s close to my heart, International Women’s Day.

The day shines a light on the progress we’ve made in recognizing the potential of a diverse and inclusive economy and the power that comes from developing strong, female role models. Yet while we can reflect on that progress, we must also acknowledge the work that still must be done. It is critical for me that we address the challenges that still exist for women in today’s business landscape—there are many women around the world who are locked out of opportunities many take for granted, for a variety of reasons.

I’m proud of the work we’ve done at Microsoft so far to increase access and opportunities for women through our workplace culture, policies and technologies. I believe we have a responsibility to highlight other organizations that have also prioritized diversity and inclusion and encourage others to do the same.

Building opportunity and access for all through technology

Technology helps organizations empower their employees, optimize their operations, connect with their customers and transform their products. It’s also a key factor in building an inclusive economy; an economy that harnesses the power of diversity to create opportunities and positive business outcomes for all. At Microsoft, we understand that a diverse work force inspires diverse solutions, which ultimately helps drive innovations that benefit everyone.

That’s why I am excited to share that Microsoft is supporting the United Nation’s Sustainable Development Goals through our #BuildFor2030 campaign. Through October, we will be highlighting Microsoft partners with solutions that align to the UN’s goals. And in celebration of Women’s History Month and International Women’s Day on March 8th, we will be focusing on solutions by women-led organizations within our Microsoft partner community. I encourage you to read more about these incredible innovations here.

These solutions showcase the entrepreneurial spirit of women in technology—a community that is grossly underrepresented in the marketplace today. Recent studies suggest, if women and men participated equally as entrepreneurs, global GDP could rise by approximately 3% to 6%, boosting the global economy by as much as $5 trillion. If we work together, we can start that shift, and create more opportunities for everyone.


Did you know?

According to the McKinsey Global Institute:

  • Companies in the top quartile for gender diversity are 21 percent more profitable than companies in the bottom quartile
  • Companies in the top quartile for ethnic and cultural diversity are 33 percent more likely to outperform companies in the bottom quartile
  • Closing the gender gap in the workforce could add $28 trillion to the global GDP
  • Closing the gender gap in the workforce could add $28 trillion to the global GDP

Women in Cloud

In January, Microsoft hosted the Women in Cloud Summit in Redmond, and I had the privilege of discussing how we can all work to create more opportunities for women in technology. Women in Cloud is a community-led organization that brings together female entrepreneurs, global leaders, corporations, and policy makers to support economic development for women in tech. They have vowed to help create $1 billion in economic access and opportunity by 2030.

As an executive sponsor of this initiative, I have sat down with many female business owners and have heard their struggles, triumphs and breakthroughs. Everyone I’ve met has emphasized the importance of access to technology, customers, partners, and investments. My team and I are focused on creating access for their growth through co-marketing and co-selling opportunities as we strive to create an inclusive marketplace for all partners to deploy cloud solutions and services.

Building for the future

While we are focused on creating equal access and opportunity for women business owners today, we must also prepare the next generation of entrepreneurs and female tech leaders. To participate in the global economy and businesses of the future, understanding and innovating with technology will be a core skill of any job. Young women need to embrace technology and develop skills and passions that will be key success factors in a world where technology is part of every business in every industry.

I’d like to invite all Microsoft partners to join other impact-oriented technology solution leaders in the #BuildFor2030 campaign to highlight their innovative solutions. And in honor of International Women’s Day, I encourage you to take action and drive momentum towards creating a gender-equal society by supporting this campaign.

Go to Original Article
Author: Steve Clarke

The Complete Guide to Scale-Out File Server for Hyper-V

This article will help you understand how to plan, configure and optimize your SOFS infrastructure, primarily focused on Hyper-V scenarios.

Over the past decade, it seems that an increasing number of components are recommended when building a highly-available Hyper-V infrastructure. I remember my first day as a program manager at Microsoft when I was tasked with building my first Windows Server 2008 Failover Cluster. All I had to do was connect the hardware, configure shared storage, and pass Cluster Validation, which was fairly straightforward.

Failover Cluster with Traditional Cluster Disks

Figure 1 – A Failover Cluster with Traditional Cluster Disks

Nowadays, the recommend cluster configuration for Hyper-V virtual machines (VMs) requires adding additional management layers such as Cluster Shared Volumes (CSV), disks which must also cluster a file server to host the file path to access it, known as a Scale-Out File Server (SOFS). While the SOFS provides the fairly basic functionality of keeping a file share online, understanding this configuration can be challenging for experienced Windows Server administrators. To see the complete stack which Microsoft recommends, scroll down to see the figures throughout this article. This may appear daunting, but do not worry, we’ll explain what all of these building blocks are for.

While there are management tools like System Center Virtual Machine Manager (SCVMM) that can automate the entire infrastructure deployment, most organizations need to configure these components independently. There is limited content online explaining how Scale-Out File Server clusters work and best practices for optimizing them. Let’s get into it!

Scale-Out File Server (SOFS) Capabilities & Limitations

A SOFS cluster should only be used for specific scenarios. The following list of features have been tested and are either supported, supported but not recommended, or not supported with the SOFS.

Supported SOFS scenarios

  • File Server
    • Deduplication – VDI Only
    • DFS Namespace (DFSN) – Folder Target Server Only
    • File System
    • SMB
      • Multichannel
      • Direct
      • Continuous Availability
      • Transparent Failover
  • Other Roles
    • Hyper-V
    • IIS Web Server
    • Remote Desktop (RDS) – User Profile Disks Only
    • SQL Server
  • System Center Virtual Machine Manager (VMM)

Supported, but not recommended SOFS scenarios

  • File Server
    • Folder Redirection
    • Home Directories
    • Offline Files
    • Roaming User Profiles

Unsupported SOFS scenarios

  • File Server
    • BranchCache
    • Deduplication – General Purpose
    • DFS Namespace (DFSN) – Root Server
    • DFS Replication (DFSR)
    • Dynamic Access Control (DAC)
    • File Server Resource Manager (FSRM)
    • File Classification Infrastructure (FCI)
    • Network File System (NFS)
    • Work Folders

Scale-Out File Server (SOFS) Benefits

Fundamentally, a Scale-Out File Server is a Failover Cluster running the File Server role. It keeps the file share path (\ClusterStorageVolume1) continually available so that it can always be accessed. This is critical because Hyper-V VMs us this file path to access their virtual hard disks (VHDs) via the SMB3 protocol. If this file path is unavailable, then the VMs cannot access their VHD and cannot operate.

Additionally, it also provides the following benefits:

  • Deploy Multiple VMs on a Single Disk – SOFS allows multiple VMs running on different nodes to use the same CSV disk to access their VHDs.
  • Active / Active File Connections – All cluster nodes will host the SMB namespace so that a VM can connect or quickly reconnect to any active server and have access to its CSV disk.
  • Automatic Load Balancing of SOFS Clients – Since multiple VMs may be using the same CSV disk, the cluster will automatically distribute the connections. Clients are able to connect to the disk through any cluster node, so they are sent to the server with fewest file share connections. By distributing the clients across different nodes, the network traffic and its processing overhead are spread out across the hardware which should maximize its performance and reduce bottlenecks.
  • Increased Storage Traffic Bandwidth – Using SOFS, the VMs will be spread across multiple nodes. This also means that the disk traffic will be distributed across multiple connections which maximizes the storage traffic throughput.
  • Anti-Affinity – If you are hosting similar roles on a cluster, such as two active/active file shares for a SOFS, these should be distributed across different hosts. Using the cluster’s anti-affinity property, these two roles will always try to run on different hosts eliminating a single point of failure.
  • CSV Cache – SOFS files which are frequently accessed will be copied locally on each cluster node in a cache. This is helpful if the same type of VM file is read many times, such as in VDI scenarios.
  • CSV CHKDSK – CSV disks have been optimized to skipping the offline phase, which means that they will come online faster after a crash. Faster recovery time is important for high-availability since it minimizes downtime.

Scale-Out File Server (SOFS) Cluster Architecture

This section will explain the design fundaments of Scale-Out File Servers for Hyper-V. The SOFS can run on the same cluster as the Hyper-V VMs it is supporting, or on an independent cluster. If you are running everything on a single cluster, the SOFS must be deployed as a File Server role directly on the cluster; it cannot run inside a clustered VM since that VM won’t start without access to the File Server. This would cause a problem since neither the VM nor the virtualized File Server could start-up since they have a dependency on each other.

Hyper-V Storage and Failover Clustering

When Hyper-V was first introduced with Windows Server 2008 Failover Clustering, it had several limitations that have since been addressed. The main challenge was that each VM required its own cluster disk, which made the management of cluster storage complicated. Large clusters could require dozens or hundreds of disks, one for each virtual machine. This was sometimes not even possible due to limitations created by hardware vendors which required a unique drive letter for each disk. Technically you could run multiple VMs on the same cluster disk, each with their own virtual hard disks (VHDs). However, this configuration was not recommended, because if one VM crashed and had to failover to a different node, it would force all the VMs using that disk to shut down and failover to other nodes. This causes unplanned downtime, and as virtualization becomes more popular, a cluster-aware file system was created known as Cluster Shared Volumes (CSV). See Figure 1 (above) for the basic architecture of a cluster using traditional cluster disks.

Cluster Shared Volume (CSV) Disks and Failover Clustering

CSV Disks were introduced in Windows Server 2008 R2 as a distributed file system that is optimized for Hyper-V VMs. The disk must be visible by all cluster nodes, use NTFS or ReFS, and can be created from pools of disks using Storage Spaces.

The CSV disk is designed to host VHDs from multiple VMs from different nodes and run them simultaneously. The VMs can distribute themselves across the cluster nodes, balancing the hardware resources which they are consuming. A cluster can host multiple CSV disks and their VMs can freely move around the cluster, without any planned downtime. The CSV disk traffic communicates over standard networks using SMB, so traffic can be routed across different cluster communication paths for additional resiliency, without being restricted to use a SAN.

A Cluster Shared Volumes disk functions similar to a file share hosting the VHD file since it provides storage and controls access. Virtual machines can access their VHDs like clients would access a file hosted in a file share using a path like \ClusterStorageVolume1. This file path is identical on every cluster node, so as a VM moves between servers it will always be able to access its disk using the same file path. Figure 2 shows a Failover Cluster storing its VHDs on a CSV disk. Note that multiple VHDs for different VMs on different nodes can reside on the same disk which they access through the SMB Share.

A Failover Cluster with a Cluster Shared Volumes (CSV) Disk

Figure 2 – A Failover Cluster with a Cluster Shared Volumes (CSV) Disk

Scale-Out File Server (SOFS) and Failover Clustering

The SMB file share used for the CSV disk must be hosted by a Windows Server File Server. However, the file share should also be highly-available so that it does not become a single point of failure. A clustered File Server can be deployed as a SOFS through Failover Cluster Manager as described at the end of this article.

The SOFS will publish the VHD’s file share location (known as the “CSV Namespace”) on every node. This active/active configuration allows clients to be able to access their storage through multiple pathways. This provides additional resiliency and availability because if one node crashes, the VM will temporarily pause its transactions until it can quickly reconnect to the disk via another active node, but it remains online.

Since the SOFS runs on a standard Windows Server Failover Cluster, it must follow the hardware guidance provided by Microsoft. One of the fundamental rules of failover clustering is that all the hardware and software should be identical. This allows a VM or file server to be able to operate the same way on any cluster node, as all the setting, file paths, and registry settings will be the same. Make sure you run the Cluster Validation tests and follow Altaro’s Cluster Validation troubleshooting guidance if you see any warnings or errors.

The following figure shows a SOFS deployed in the same cluster. The clustered SMB shares create a highly-available CSV namespace allowing VMs to access their disk through multiple file paths.

A Failover Cluster using Clustered SMB File Shares for CSV Disk Access

Figure 3 – A Failover Cluster using Clustered SMB File Shares for CSV Disk Access

Storage Spaces Direct (S2D) with SOFS

Storage Spaces Direct (S2D) lets organizations deploy small failover clusters with no shared storage. S2D will generally use commodity servers with direct-attached storage (DAS) to create clusters that use mirroring to replicate their data between local disks to keep their states consistent. These S2D clusters can be deployed as Hyper-V hosts, storage hosts or in a converged configuration running both roles. The storage uses Scale-Out File Servers to host the shares for the VHD files.

In Figure 4, a SOFS cluster is shown which uses storage spaces direct, rather than shared storage, to host the CSV volumes and VHD files. Each CSV volume and its respective VHDs are mirrored between each of the local storage arrays.

 A Failover Cluster with Storage Spaces Direct (S2D)

Figure 4 – A Failover Cluster with Storage Spaces Direct (S2D)

Infrastructure Scale-Out File Server (SOFS)

Windows Server 2019 introduced a new Scale-Out File Server role called the Infrastructure File Server. This functions as the traditional SOFS, but it is specifically designed to only support Hyper-V virtual infrastructure with no other types of roles. There can also be only one Infrastructure SOFS per cluster.

The Infrastructure SOFS can be created manually via PowerShell or automatically when it is deployed by Windows Azure Stack or System Center Virtual Machine Manager (SCVMM). This role will automatically create a CSV namespace share using the syntax \InfraSOFSNameVolume1. Additionally, it will enable the Continuous Availability (CA) setting for the SMB shares, also known as SMB Transparent Failover.

Infrastructure File Server Role on a Windows Server 2019 Failover Cluster

Figure 5 – Infrastructure File Server Role on a Windows Server 2019 Failover Cluster

Cluster Sets

Windows Server 2019 Failover Clustering introduced the management concept of cluster sets. A cluster set is a collection of failover cluster which can be managed as a single logical entity. It allows VMs to seamlessly move between clusters which then lets organizations create a highly-available infrastructure with almost limitless capacity. To simplify the management of the cluster sets, a single namespace can be used to access the cluster. This namespace can run on a SOFS for continual availability and clients will automatically get redirected to the appropriate location within the cluster set.

The following figure shows two Failover Clusters within a cluster set, both of which are using a SOFS. Additionally, a third independent SOFS is deployed to provide highly-available access to the cluster set itself.

A Scale-Out File Server with Cluster Sets

Figure 6 – A Scale-Out File Server with Cluster Sets

Guest Clustering with SOFS

Acquiring dedicated physical hardware is not required for the SOFS as this can be fully-virtualized. When a cluster runs inside of VMs instead of physical hardware, this is known as guest clustering. However, you should not run a SOFS within a VM which it is providing the namespace for, as it can get into a situation where it cannot start the VM since it cannot access the VM’s own VHD.

Microsoft Azure with SOFS

Microsoft Azure allows you to deploy virtualized guest clusters in the public cloud. You will need at least 2 storage accounts, each with a matching number and size of disks. It is recommended to use at least DS-series VMs with premium storage. Since this cluster is already running in Azure, it can also use a cloud witness for is quorum disk.

You can even download an Azure VM template which comes as a pre-configure two-node Windows Server 2016 Storage Spaces Direct (S2D) Scale-Out File Server (SOFS) cluster.

System Center Virtual Machine Manager (VMM) with SOFS

Since the Scale-Out File Server has become an important role in virtualized infrastructures, System Center Virtual Machine Manager (VMM) has tightly integrated it into their fabric management capabilities.

Deployment

VMM makes it fairly easy to deploy SOFS throughout your infrastructure on bare-metal or Hyper-V hosts. You can add existing file servers under management or deploy each SOFS throughout your fabric. For more information visit:

When VMM is used to create a cluster set, an Infrastructure SOFS is automatically created on the Management Server (if it does not already exist). This file share will host the single shared namespace used by the cluster set.

Configuration

Many of the foundational components of a Scale-Out File Server can be deployed and managed by VMM. This includes the ability to use physical disks to create storage pools that can host SOFS file shares. The SOFS file shares themselves can also be created through VMM. If you are also using Storage Spaces Direct (S2D) then you will need to create a disk witness which will use the SOFS to host the file share. Quality of Service (QoS) can also be adjusted to control network traffic speed to resources or VHDs running on the SOFS shares.

Management Cluster

In large virtualized environments, it is recommended to have a dedicated management cluster for System Center VMM. The virtualization management console, database, and services are highly-available so that they can continually monitor the environment. The management cluster can use unified storage namespace runs on a Scale-Out File Server, granting additional resiliency to accessing the storage and its clients.

Library Share

VMM uses a library to store files which may be deployed multiple times, such as VHDs or image files. The library uses an SMB file share as a common namespace to access those resources, which can be made highly-available using a SOFS. The data in the library itself cannot be stored on a SOFS, but rather on a traditional clustered file server.

Update Management

Cluster patch management is one of the most tedious tasks which administrators face as it is repetitive and time-consuming. VMM has automated this process through serially updating one node at a time while keeping the other workloads online. SOFS clusters can be automatically patched using VMM.

Rolling Upgrade

Rolling upgrades refers to the process where infrastructure servers are gradually updated to the latest version of Windows Server. Most of the infrastructure servers managed by VMM can be included in the rolling upgrade cycle which functions like the Update Management feature. Different nodes in the SOFS cluster are sequentially placed into maintenance mode (so the workloads are drained), updated, patched, tested and reconnected to the cluster. Workloads will gradually migrate to the newly installed nodes while the older nodes wait to be updated. Gradually all the SOFS cluster nodes are updated to the latest version of Windows Server.

Internet Information Services (IIS) Web Server with SOFS

Everything in this article so far has referenced SOFS in the context of being used for Hyper-V VMs. SOFS is gradually being adopted by other infrastructure services to provide high-availability to their critical components which use SMB file shares.

The Internet Information Services (IIS) Web Server is used for hosting websites. To distribute the network traffic, usually, multiple IIS Servers are deployed. If they have any shared configuration information or data, this can be stored in the Scale-Out File Server.

Remote Desktop Services (RDS) with SOFS

The Remote Desktop Services (RDS) role has a popular feature known as user profile disks (UPDs) which allows users to have a dedicated data disk stored on a file server. The file share path can be placed on a SOFS to make access to that share highly-available.

SQL Server with SOFS

Certain SQL Server roles have been able to use SOFS to make their SMB connections highly-available. Starting with SQL Server 2012, the SMB file server storage option is offered for SQL Server, databases (including Master, MSDB, Model and TempDB) and the database engine. The SQL Server itself can be standalone or deployed as a failover cluster installation (FCI).

Deploying a SOFS Cluster & Next Steps

Now that you understand the planning considerations, you are ready to deploy the SOFS. From Failover Cluster Manager, you will launch the High Availability Wizard and select the File Server role. Next, you will select the File Server Type. Traditional clustered file servers will use the File Server for general use. For SOFS, select Scale-Out File Server for application data.

The interface is shown in the following figure and described as, “Use this option to provide storage for server applications or virtual machines that leave files open for extended periods of time. Scale-Out File Server client connections are distributed across nodes in the cluster for better throughput. This option supports the SMB protocol. It does not support the NFS protocol, Data Deduplication, DSF Replication, or File Server Resource Manager.”

Installing a Scale-Out File Server (SOFS)

Figure 7 – Installing a Scale-Out File Server (SOFS)

Now you should have a fundamental understanding of the use and deployment options for the SOFS. For additional information about deploying a Scale-Out File Server (SOFS), please visit https://docs.microsoft.com/en-us/windows-server/failover-clustering/sofs-overview. If there’s anything you want to ask about SOFS, let me know in the comments below and I’ll get back to you!

Go to Original Article
Author: Symon Perriman

Windows Server 2008 end of life means it’s time to move

Windows Server 2008 end of life is here, so will you go to the cloud, use containers or carry on with on-premises Windows Server?

Windows Server 2008 and Server 2008 R2 left support recently, giving administrators one last batch of security updates on January Patch Tuesday. Organizations that have not migrated to a supported platform will not get further security fixes for Server 2008/2008 R2 machines unless they have enrolled in the Extended Security Updates program or moved those workloads into the Microsoft cloud for three additional years of security updates. Organizations that choose to continue without support will roll the dice with machines that now present a liability.

In many instances, a switch to a newer version of Windows Server is not an option. For example, many hospitals run equipment that relies on applications that do not function on a 64-bit operating system, which rules out every currently supported Windows Server OS. In these cases, IT must keep those workloads running but keep them as secure as possible using various methods, such as isolating the machine with a segregated virtual LAN or even pulling the plug by air-gapping those systems.

What works best for your organization is based on many factors, such as cost and the IT department’s level of expertise and comfort level with newer technologies.

For some, a cloudy forecast

The decision to stay with the same version of Server 2008/2008 R2 comes with a price. To enroll in the Extended Security Updates program requires Software Assurance and the cost for the updates annually is about 75% of what a Windows Server license costs.

This expense will motivate some organizations to explore ways to reduce those costs and one alternative is to push those Server 2008/2008 R2 workloads into the Azure cloud. This migration will require some adjustment as the capital expense of an on-premises system migrates to the operational expense used with the cloud consumption model.

Mentioning the cloud word doesn’t fill IT with as much apprehension as it once did, but the move might require some technological gymnastics to get some workloads working when one component, such as the database, needs to stay on premises while the application runs in the cloud.

Some other considerations include increasing the available bandwidth to accommodate the need for lower latency when working with cloud workloads and learning how to patch and do other administrative tasks when the system is in Azure.

Application virtualization is another option

While traditional virtualization is the norm for most Windows shops, there’s a relatively new form of virtualization that is another migration option. Putting a Windows Server 2008/2008 R2 workload into a Docker container might not seem as far-fetched as it did when this technology was in its infancy.

Containers versus VMs
Because each virtual machine uses a guest operating system, VMs use more disk space than a container that shares an underlying operating system.

Microsoft added support for Windows containers on Windows Server 2016 and 2019, as well as the Semi-Annual Channel releases. The migration process puts the legacy application into a container, which then runs on top of a supported Windows Server OS.

Administrators will need to get up to speed with the differences between the two forms of virtualization, and the advantages and disadvantages of migrating a server workload to a containerized application. For example, all the containerized applications run on top of a shared kernel, which might not work in environments with a requirement for kernel isolation for sensitive workloads.

Storage Migration Service eases file server upgrades

Microsoft released Windows Server 2019 with a host of new features, including the Storage Migration Service, which attempts to reduce the friction associated with moving file servers to a newer Windows Server operating system.

One standby for many organizations is the on-premises file server that holds documents, images and other data that employees rely on to do their jobs. The Windows Server 2008 end of life put many in IT in the difficult position of upgrading file servers on this legacy server OS. It’s not as simple as copying all the files over to the new server because there are numerous dependencies associated with stored data that must get carried over and, at the same time, avoid disrupting the business during the migration process.

The Storage Migration Service runs from within Microsoft’s relatively new administrative tool called the Windows Admin Center. The feature is not limited to just shifting to a supported on-premises Windows Server version but will coordinate the move to an Azure File Sync server or a VM that runs in Azure.

Go to Original Article
Author: