71

25274

86727

06>

JUN

E•

$5.9

5Tour de SQL Stage 3: Performance Tuning 47

J U N E 2 0 0 6 W W W . R E D M O N D M A G . C O M

STORMWARNINGHard Lessons from Hurricane Katrina 30

Social Re-Engineering: Hack-Proofing Your People 53

Turbo-Charge Terminal Server 62 • Preparing for Microsoft’s Product Blitz 11

+

0606red_cover.v4 5/16/06 9:45 AM Page 1

FINALLY PATCH SYSTEMSAGAINST THE MELISSA VIRUS

VERIFY ALL LAST MONTH’SBACKUP TAPES GO OUT FOR LUNCH

SEE THAT FAMILY YOU KEEP HEARING SO MUCH ABOUT

We don’t just create great software, we create time.

And visit ScriptLogic in Boston at this year’s Tech Ed – Booth #317!

Project2 5/5/06 5:33 PM Page 1

With ScriptLogic, you canspend more time where you’re needed, whether that’saddressing strategic issues or looking for your homeaddress. Our Windowsmanagement solutions helpbusinesses of all sizes improveproductivity, become moresecure, and maintain regula-tory compliance.

ScriptLogic solutions helpyou save time managing:

• Desktops

• Active Directory

• Servers

• Application Deployment

• Vulnerability Protection

Spend quality time with us at Tech Ed 2006! See howScriptLogic solutions save time.

Not going to Tech Ed? Download a freetrial of any of ouraward-winning

solutions. Get a FREE GASCARD so you can quit takingthe bus to work.

With the time we give you, the possibilities are limitless.

TALK TO US NOW AT

I.800.424.94II

www.scriptlogic.com/createtime©2006 ScriptLogic Corporation. All rights reserved. ScriptLogic and the ScriptLogic logo are registered trademarks

of ScriptLogic Corporation in the United States and/or other countries. The names of actual companies and products

mentioned herein may be the trademarks of their respective owners. Gas card offer valid while supplies last.

FREEGAS

Project2 5/5/06 5:34 PM Page 2

WBSNS_RedmondSprdFNL.indd 2 5/9/2006 5:04:04 PM

Multiple Tools. One Solution.Safeguard Your Network with the Integrated Web Security Solution.

WBSNS_RedmondSprdFNL.indd 1 5/9/2006 5:03:42 PM

Project2 5/16/06 9:38 AM Page 1

WBSNS_RedmondSprdFNL.indd 1 5/9/2006 5:03:42 PM

Simplicity, Security, Savings... that’s what

the Integrated Web Security (IWS) Solution provides

organizations seeking a cost-effective, high security

appliance solution. The IWS solution is a multi-layered

security platform that delivers:

© 2006, Websense, Inc. All rights reserved. Websense and Websense Enterprise are registered trademarks of Websense, Inc. in the United States and certain international markets. Websense has numerous

other unregistered trademarks in the United States and internationally. Network Engines, the Network Engines logo, NS Series, NEWS, NICE, and ENGAGE are trademarks of Network Engines, Inc. Microsoft

is a registered trademark of Microsoft Corporation in the United States and/or other countries. All other trademarks are the property of their respective owners.

Whether you’ve got 50 users or

5,000, the Integrated Web Security

solution delivers an easily

manageable, comprehensive

security appliance. If you’re

looking for layered security to

secure both your users and assets

from bots, spyware, hackers and

other web-based threats, look

no further. By combining web

security with high-performance

networking, you get the benefi t

of multiple tools in one solution.

Get Proactive – Safeguard your

network with the Integrated Web

Security Solution.

• High Performance Proxy and Web Caching

Deliver forward and reverse proxy capabilities, including granular control over cache

content, pre-authentication, and access control tied to Active Directory©

• Proactive Threat Mitigation

Safeguard systems by stopping threats from ever reaching the desktop/laptop,

including bots, spyware, malware, phishing, and keyloggers

• Real-time Security Protection

Block threats within minutes of the discovery of a new high-risk threat with no

administrative intervention required

• Comprehensive Out-of-the-box Protocol Management

Gain control of over 80 protocols at the network level, including instant messaging,

peer-to-peer, email, and file transfer

• Centralized Management

Manage all components of the Integrated Web Security solution from a single,

secure remote-manageable interface

• Ease Of Deployment, Low Cost of Ownership

Install wizard, configuration management tools, and automated updates reduce ownership

costs and simplify maintenance

Get the Integrated Web Security Solution and Get Protected!

Visit www.IntegratedWebSecurity.com to learn more.

Microsoft Tech Ed

Attendees:

Visit booths 236 and

545 to learn more

about the Integrated

Web Security Solution.

WBSNS_RedmondSprdFNL.indd 2 5/9/2006 5:04:04 PM

Project2 5/16/06 9:39 AM Page 2

Other attachment filters don’t filter

attachments: They filter extensions.

Anyone can change extensions. And the bad

guys don’t need an FAQ to show them how. It’s

an easy trick—at least it was. Until now. Meet Sunbelt Messaging

Ninja—the new all-in-one, best-of-breed, third-generation

messaging security solution: Ninja is a plug-in framework that

integrates best-of-breed

antivirus, antispam,

and SMART* attach-

ment-filtering modules

on your Exchange

server. Full control:

The policy-based plug-

in architecture allows you powerful, granular control. You can finally

rule with an iron fist. SMART attachment filtering: Ninja features

the first flexible policy-based attachment filter that isn’t fooled by exten-

sions. It looks inside files to determine their true identity. Your policies

decide what

happens to all

attachments

based on cri-

teria such as inbound and outbound

email direction and internal or external

recipients. Dual-engine antivirus:

Ninja combines the power of two high-quality

AV engines: Authentium and BitDefender. Dual-engine antispam:

Ninja’s spam filtering decimates junk mail with both Cloudmark (which

includes antiphishing) and Sunbelt’s own heuristics-based iHateSpam

engines. And, of course, it also supports RBLs and SPF.

FREE attachment filter: For a limited time you can have Ninja’s

attachment filter for FREE. It’s full-featured. Not crippleware. All you

have to do is download it at www.sunbelt-software.com/ninjared.

Sunbelt Software Tel: 1-888-NTUTILS (688-8457) or 1-727-562-0101 Fax: 1-727-562-5199 www.sunbelt-software.com sales@sunbelt-software.com

*Suspicious Mail Attachment Removal Technology™© 2006 Sunbelt Software. All rights reserved. Sunbelt Messaging Ninja, SMART and Suspicious Mail Attachment Removal Technology are trademarks of Sunbelt Software. All trademarks used are owned by their respective companies.

Sunbelt Messaging Ninja:Kill viruses, spam, and bad attachments

You do it all the time.Do you think

the bad guys won’t?

FREE SMART ™Attachment Filter

TM

Project8 5/15/06 4:11 PM Page 1

REDMOND REPORT

11 Squall LineMicrosoft produced a cloudburstof product releases in 2006. Now asecond shower is approaching.What’s the forecast?

12 Executive Shake ’n BakeThe departures of stalwarts likeSun’s Scott McNealy andMicrosoft’s Jim Allchin portendrisky times.

Users Speak out on IE 7Long-awaited browser gets mixed reviews.

COLUMNS

6 Barney’s Rubble: Doug BarneyThe Barney Browser

21 Mr. Roboto: Don JonesHoarding Logs

61 Never Again: Chris Grant &Adrian DickreiterI’ve Put My Finger on the Problem ...

62 Windows Insider: Greg ShieldsSpeed up Terminal Server

66 Security Advisor:Joern WetternShare and Share Alike

72 Foley on Microsoft:Mary Jo FoleyOffice Dinosaurs Unite

ALSO IN THIS ISSUE

4 Redmond Magazine Online

8 Letters@Redmondmag.com

71 Ad and Editorial Indexes

14 Plug Those Portable HolesDeviceWall helps you controlthose portable storage devices onyour network.

22 Reader ReviewSBS 2003: Room forImprovementSmall Business Server 2003 is sta-ble and easy to maintain, butreaders say it could use a fewmore tools and options.

26 Redmond RoundupExchange Server 2003—Read All About ItSee how these Exchangebooksstack upand decidewhich onesyou shouldadd to yourlibrary.

RedmondTHE INDEPENDENT VOICE OF THE MICROSOFT IT COMMUNITY

J U N E 2 0 0 6 W W W. R E D M O N D M A G . C O M

Winner for BestComputer/Software

Magazine 2005

PHOTO BY GRAHAM WATSON

FEATURES

47 Tour de SQL Part III:Performance TuningSQL Server 2005 gives you newtools to help your database per-formance stay ahead of the pack.

53 Reach out and Hack SomeoneProvide your users with theright common knowledge sothey can practice common sense.

PHOTO BY MICHAEL DESMOND

Storm Warning How Jefferson Parish planned for and respondedto the worst disaster in U.S. history, and the lessons IT professionals can learn from it.

Page 30

COVER STORY

Page 47

Page 53

0606red_TOC_1.v5 5/16/06 10:58 AM Page 3

4 | June 2006 | Redmond | redmondmag.com |

J U N E 2 0 0 6

REDMOND MEDIA GROUP SITES: Redmondmag.com • RCPmag.com • ENTmag.comMCPmag.com • CertCities.com • TCPmag.com • TechMentorEvents.com

Resources Enter FindIT Code>> Daily News News>> E-Mail Newsletters Newsletters >> Free PDFs and Webcasts TechLibrary>> Subscribe/Renew Subscribe>> Your Turn Editor Queries YourTurn

REDMONDMAG.COM RESOURCES

Questions with ...Michael

Desmond

Michael Desmond,

author of the cover story,

“Storm Warning,” on p.

30 (extended version

available in PDF format

FindIT code: Storm),

recently answered our

questions about researching this story:

What surprised you most?

The generosity of the people. Many

of these folks were still displaced …

yet they were incredibly generous

with their time and insights.

Why did you find this story so

compelling that you chose to write

an extended version of it?

Everywhere I turned, there was

another story, another challenge,

another innovative solution.

What’s the one thing you want

readers to take away from this story?

Human innovation matters more than

any technical tool. The technology

failed utterly during Katrina. It took

skilled, brave and smart people to

pull things back from the brink.

Redmondmag.comServer Consolidation Tops for Virtualization

When it comes to virtualization, it’s often hard to know exactly where

to start. However, server consolidation is often a top choice for good

reason, says Al Gillen, research director for operating systems at analyst

frim IDC. “What [customers] find is that when they go into a production

project, they find they can get more [virtual] servers on a smaller number

of boxes,” he explains.

And the free apps from vendors like Microsoft and VMware don’t hurt. “[Cus-

tomers] can get a sense of what the value proposition would be [and] as far

as try-before-you-buy, you couldn’t wish for a better scenario,” he continues.

But is it right for you? Find out more about what the experts say is in store for

virtualization in the enterprise the ENTmag.com special report “Virtualization

Quick Hits.” FindIT code: ENTVirHits

ENTmag.com Special Report

The ‘Dogfood Company’

Microsoft has been known as a company that’s keen to

eat from its own bowl. It’s no surprise, then, that while

development of Windows Vista is rumored to be rolling into

summer of 2007, its internal IT group already knows how

WinVista might perform in the real world. “Right now, for

instance, we have 15,000 machines running Windows Vista,” says Ron Markezich,

Microsoft’s CTO. “And we’re already running the next version of Exchange.”

Markezich’s group will deploy its software internally at alpha and, at the lat-

est, at beta. “It usually starts with the group who developed the product,” he

says, “who’ll be the first to go live with it.”

Read our extensive Q&A with Ron Markezich online. FindIT code: MCPMarkez

MCPmag.com

44 Percent: Readers whosay customers win with adelayed Windows Vista.

Based on an informal poll of 112respondents, conducted May 2006

on MCPmag.com.

FACTOID

Ron Markezich,Microsoft’s CTO

PH

OTO

BY

IRA

WY

MA

N

0606red_OnlineTOC_4.v5 5/16/06 11:27 AM Page 4

WE FIND THEM

BEFORE THEY FIND YOU.

© 2006 Websense, Inc. All rights reserved.

Web Security

Web Filtering

Endpoint Security

Websense® Security Labs

You can’t afford to sit around and wait for the next attack, and neither can

we. Websense® Security Labs™ scans over 450 million websites a week,

discovering spyware, viruses and other web-based threats before they get

to you. Get proactive. www.websense.com/security

TM

Project2 3/31/06 12:09 PM Page 1

The BarneyBrowser

THE INDEPENDENT VOICE OF THE MICROSOFT IT COMMUNITYRedmond

Editor in Chief Doug Barneydbarney@redmondmag.com

Editor Keith Wardkward@redmondmag.com

Executive Editor, Reviews Lafe Lowllow@redmondmag.com

Editor at Large Michael Desmondmdesmond@redmondmag.com

Managing Editor Wendy Goncharwgonchar@redmondmag.com

Editor, Redmondmag.com Becky Nagelbnagel@redmondmag.com

Associate Editor, Web Dan Hongdhong@redmondmag.com

Contributing Editors Mary Jo FoleyDon JonesGreg ShieldsJoern Wettern

Art Director Brad Zerbelbzerbel@redmondmag.com

Senior Graphic Designer Alan Taoatao@redmondmag.com

The opinions expressed within the articles and other contents herein do not necessarily express those of the publisher.

Postmaster: Send address changes toRedmond, P.O. Box 2063, Skokie, IL 60076-9699

REDMONDMAG.COMJUNE 2006 ■ VOL. 12 ■ NO. 6

Barney’sRubbleDoug Barney

I can’t think of a single thing that IEdoes that Netscape Navigator didn’t dojust as well 10 years ago. Firefox is abetter browser only because it isn’t sofull of holes. Don’t even get me startedon IE 6, which never met a spywareprogram it didn’t love (and immediatelyinvite in).

There are two basic ways to move forward with the state of the browser:Embrace new technologies that fallunder Web 2.0 and build new funda-mental interactive features. Microsoft’snext big browser idea seems focused onplugging gaps, tightening controls andcopying Firefox’s tabbed browsing—notexactly major innovations.

Google shouldn’t just push any oldopen source solution. Open sourcedilutes ideas so much that innovation islost. Show me one killer idea that camefrom open source.

That’s why Google needs to build itsown browser. It could build a killerbrowser using what it already owns. Ihereby give up all monetary rights andall I ask is a “Thank you.” Google, youhave my full permission to build theBarney Browser.

Many great inventions come from frus-tration (twist-off beer caps). The BarneyBrowser flows out of my frustrationwith searching. Sure, I can find all kindsof wacky things and do research soquickly I sound reasonably intelligent ina matter of minutes (you can all stopsnickering now).

Once the search is done, though, whatdo you do? Browse through a bunch ofbookmarks? Searching is a process whereyou learn, but the process of learning islost in a confusing collection of favorites.

The Google Barney Browser inte-grates searching with a file system so theintelligence that comes from searchescan be organized, used, shared and builtupon. Perhaps these strings of pages canbe cached so if the site goes down, theinformation isn’t lost.

Google, as if reading my mind, took ababy step toward the Barney Browserright as this column was going to press.The company has a mini on-screennotebook to save search results andsend them to friends and co-workers.And the company is working on waysfor you to label Web sites so yourfriends can easily find them. Nice workGoogle, but it’s still no Barney Browser!What do you think? Write me at dbarney@redmondmag.com.—

love browsing. Browsing helps me do research, send e-mails and it’s fun. I’m far less impressed with browsersoftware, though. Just as I have used Word for 15 years

without seeing any improvement (in fact, Word has steadilygone backwards), so, too, is the case with browsers.

I

PHOTO ILLUSTRATION BY ALAN TAO6 | June 2006 | Redmond | redmondmag.com |

President & CEO Neal Vitalenvitale@1105media.com

CFO Richard Vitalervitale@1105media.com

Executive Vice President Michael J. Valentimvalenti@1105media.com

Director of IT Jerry Frazierjfrazier@1105media.com

Director, Circulation and Abraham LangerData Services alanger@1105media.com

Director of Web Operations Marlin Mowattmmowatt@1105media.com

Director, Print Production Mary Ann Panicciampaniccia@1105media.com

Controller Janice Ryanjryan@1105media.com

Director of Finance Paul Weinbergerpweinberger@1105media.com

Chairman of the Board JeffreyS. Kleinjklein@1105media.com

Group Publisher Henry Allainhallain@1105media.com

Editorial Director Doug Barneydbarney@1105media.com

Group Associate Publisher Matt N. Morollommorollo@1105media.com

Director of Marketing Michele Imgrundmimgrund@1105media.com

Senior Web Developer Rita Zurcherrzurcher@1105media.com

Marketing Programs Associate Videssa Djucichvdjucich@1105media.com

Editor, ENTmag.com Scott Bekkersbekker@entmag.com

Editor, MCPmag.com Michael Domingomdomingo@mcpmag.com

Editor, RCPmag.com Becky NagelCertCities.com bnagel@1105media.com

0606red_Rubble6.v9 5/16/06 5:44 PM Page 6

Introducing a version of the future

that’s compatible with the present.

Visit us at Tech•Ed Booth #608

* Direct Push Technology available with Microsoft Exchange 2003 with SP2. †Wireless service plan required. Wireless coverage may not be available in all areas and is subject to interruption. Email and web require wireless data services and ISP, additional charges apply. Screen image simulated. ©2006 Palm, Inc. All rights reserved. Palm and Treo are among the trademarks or registered trademarks owned by or licensed to Palm, Inc. Other brands are trademarks of their respective owners.

It’s easy to add a mobile email solution when it works

directly with your current email solution. The Palm®

TreoTM

700w smartphone, with Direct Push Technology*

and Microsoft®

Exchange, delivers Outlook®

Mobile

wireless synchronization for email†, calendar,

contacts, and tasks. Plus, it’s easy to manage,

deploy and secure. With integration this simple,

the future is looking bright. Find out more at

www.palm.com/business.

Project3 5/3/06 12:23 PM Page 1

Worth the HeadacheI agree in full with Mary Jo’s column[“Windows Vista Testing: The Schoolof Hard Knocks,” April 2006], to me it’sworth the headaches of dealing withconstantly changing terms, as well asthe plethora of other issues we’ve beenhaving (bad keys, inability to activateproduct, etc.).

I enjoy testing, and I’ve enjoyed it fora few years now. I think that the COSD[Microsoft’s Core Operating SystemsDivision] has been doing their job, and

if it weren’t for the changes that theymade, this test would’ve been horrid.

There are some things I miss about theold build process, and having only sevenlabs. First and foremost, I miss the fre-quent builds we had during the Whistlertest. Second, I miss having the hunk ofextra features, albeit they weren’t all thatstable, but they were still fun to test anddiscover. It’s gotten to the point nowwhere almost everything that was Long-horn has been removed, even Aurora hasbeen dumbed down to something noteven worth mentioning. On the flipside,the new build process ensures us only sta-ble components and features will make itinto each daily build. So no more pre-Vista sidebar issues (4053 anyone?). It’s apretty even battle in my humble opinion.

For us testers and consumers, I feelthat the old build/testing process wasmuch better, however, I feel that theyare saving tremendous amounts ofmoney with the refined processes.

Chris SaboColumbus, Ohio

Password Perfection I just finished reading Roger Grimes’latest article, “9 Perfect PasswordPointers,” in the April 2006 issue ofRedmond magazine. I have to say that

this is a must-read for Windows adminseverywhere. Passwords are always oneof the weakest links of any securityinfrastructure and it gets straight to thepoint with these nine simple tips onstrengthening password security, whichshould be implemented on any Win-dows system. Applying tip No. 4 (ToDecrease Complexity, Increase Length)alone would increase the security onany system tremendously. Great article.

Kelly BurtonPortsmouth, Va.

Mixed EmotionsGreat read! I’ve been reading the maga-zine since it was called Microsoft CertifiedProfessional, which, by the way, I likedbetter. I have some issues with the way

the content is going. It seems to me thatit’s steering more toward “Carpet Row.”

My main concern is the ScriptLogicadvertisement that’s always on the frontcover. It’s interesting to me that they keepcoming up with “new” ideas that alreadyexist in Active Directory. For example: Ifyou deleted an OU. Any “good” adminwould laugh at this. I guess paper MCSEsare here to stay!

Even though I’m complaining, I stillwait at the mailbox for my latest copyto arrive each month.

Stephen AndersonDOD, USMC, ISMO

Breakfast of ChampionsHere’s a one-sentence description ofLive: Live is Google for Windows Vista.When Vista becomes the standard in twoyears time, Live will eat Google forbreakfast. Live will have a native VistaXAML look and super-rich functionalitywhile Google will stick to Firefox com-patibility and go down the toilet. Youcan’t have a Web technology without aclient device, which today is comprehen-sively owned by Microsoft. Google reliestoo much on HTML and JavaScript butall AJAX attempts to make it a feasible UIare failing miserably. This will be exposedwhen Vista and XAML come out.

Brad FreemanUnited Kingdom

At the Cutting EdgeJust read the “Extreme Computing” article [April 2006]. Wow. Iwould love to read more about this sort of thing. Building a net-work and getting it running in an office … yawn. Yea, OK, it has tobe done, but working at the limits? Well that is great. That’s wherethe cutting edge is. It might not be the very latest kit but it’s thebest use of equipment. Really enjoyed the piece—thanks.

Paul DarcyHull, U.K.

Letters@Redmondmag.com

8 | June 2006 | Redmond | redmondmag.com |

I have to say that [‘9 Perfect Password Pointers’] is a must-read for Windows admins everywhere.

0606red_Letters_8.v4 5/16/06 9:53 AM Page 8

ADVERTISEMENT

As an IT Professional, you know the

importance of maintaining system

performance and reliability. If the

desktops or servers crash, slow down

or freeze, who gets called? That’s

right…you or your IT staff. This

“break-fix” cycle leaves you little

time to be proactive. And yet, many of

these issues stem from a single,

hidden source.

Reliability issues commonlytraced to disk fragmentation.

The most common problems

caused by file fragmentation are:

• Crashes and system

hangs/freezes

• Slow boot times and boot failures

• Slow back up times and

aborted backup

• File corruption and data loss

• Errors in programs

• RAM use and cache issues

• Hard drive failures

Having files stored contiguously on

the hard drive is a key factor in

keeping a system stable and perform-

ing at peak efficiency. The moment a

file is broken into pieces and scattered

across a drive, it opens the door to a

host of reliability issues. Even a small

amount of fragmentation in your most

used files can lead to crashes, con-

flicts and errors.

(GET THE PROOF HERE:www.diskeeper.com/paper)

The weak linkin today’s computers

The disk drive is by far the slowest

of the three main components of your

computer: CPU, memory and disk.

The fastest CPU in the world won't

improve your system's performance if

the drive is fragmented, because data

from the disk simply can't be accessed

quick enough.

Is Daily DefragmentationNeeded in today’s environment?

More than ever! Large disks, multi-

media files, applications, operating

systems, system updates, virus signa-

tures – all dramatically increase the

rate of fragmentation. If fragmenta-

tion is not addressed daily, system

performance will suffer. Frag-menta-

tion increases the time to access files

for all common system activities such

as opening and closing Word docu-

ments, searching for emails, opening

web pages and performing virus

scans. To keep performance at peak,

defragmentation must be done daily.

Advanced, automateddefragmentation

Manually defragmenting every

system every day is simply not

possible in even small

networks let alone

enterprise sites. IT

Managers use

Diskeeper’s “Set It and

Forget It”® operation

for automatic network-

wide defragmentation.

Customers agree

Diskeeper maintains

the performance and

reliability of their

desktops and servers,

even reducing mainte-

nance and increasing

hardware life.

“We run [Diskeeper] on our

client PC’s as well as our

servers…with Diskeeper

running daily, we can keep

file performance at

peak efficiency.”

Tom Hill, CDR Global, Inc.

Every system on your network

needs Diskeeper, the Number One

Automatic Defragmenter™ with over

18 million licenses sold!

Maximum System PerformanceGetting To The Bottom Of Common Reliability Problems

Special Offer

Try Diskeeper 10 FREE for 45 days!

Download: www.diskeeper.com/dkred(Note: Special 45-day trialware is

only available at the above link)

Volume licensing and Government / Educationdiscounts are available from your favoritereseller or call 800-829-6468 code 4357

Top 5 reasons customers use Diskeeper

Performance and Reliability

83%

“Set It and Forget It” operation

83%

Much superior to built-in defragmenter

44%

Longer systems life with less maintenance

44%

Fast back-ups and antivirus and/or spyware scans

35%

From Diskeeper Customer Survey – Read the fullsurvey at: www.diskeeper.com/survey

®

The Number One Automatic Defragmenter

©2006 Diskeeper Corporation. All Rights Reserved. Diskeeper, The Number One Automatic Defragmenter, “Set It and Forget It” andthe Diskeeper Corporation logo are registered trademarks or trademarks of Diskeeper Corporation in the United States and/or othercountries. Diskeeper Corporation • 7590 N. Glenoaks Blvd. Burbank, CA 91504 • 800-829-6468 • www.diskeeper.com

Project3 3/27/06 3:27 PM Page 1

While many companies talk about backing up user data, at Acronis we believe that it

is the recovery of data that is most important. That is why we spend so much time in

development working on how to recover data faster.

Features:

• SnapRestore™ allows users to work while the system recovers in the background

• Universal Restore allows a system to be recovered to dissimilar hardware

• Full, Incremental, Differential, and file level backup

We understand it’s not how fast you backup, but

how fast you recover and become productive

that matters.

“Acroinis’ True Image solution offers an unparalleled disk imaging and disaster recovery solution that few competing vendors can match.”

CRN Magazine April 2006

...leads to the Acronis booth at TechEd 2006

THE ROAD TO RECOVERY...

Download a Free evaluation at: www.acronis.com/fastevalSee us at Booth #937

RedMondMag_Acronis.indd 1 4/12/06 11:15:37 AM

Project3 4/12/06 11:48 AM Page 1

| redmondmag.com | Redmond | June 2006 | 11

BY MICHAEL DESMOND

After a flurry of releases aroundSQL Server 2005, BizTalk Server2006, and Visual Studio 2005,

Microsoft has taken a breather. Theproduct drought will end in a big waycome 2007, when a trifecta of flagshipreleases rolls out of Redmond.

Starting in January (and perhaps evenearlier), customers can expect to greetOffice 2007, the long-awaitedExchange Server 2007, and, of course,Windows Vista. For enterprise man-agers looking to upgrade two or moreof these products, it could be a busymigration season. The good news:companies should be able to deploybased on need, rather than the require-ments of the software.

“As far as I can tell there are nodependencies among these products,nothing that requires Vista or any-thing,” says David Mitchell Smith, vicepresident and Gartner fellow. “Theyare really independent decisions.”

Vista: Slippery When WetWhat looked like a cloudburst of newproducts, however, could stretch into aprolonged shower. According to a recentGartner research note, analysts at theindustry research firm predict that Win-dows Vista will likely slip again, mostlikely into the second quarter of 2007.

“Microsoft’s track record is clear; itconsistently misses target dates formajor operating system releases,” thereport states. “We don’t expect broad

availability of Win-dows Vista until atleast 2Q07, which isnine to 12 monthsafter Beta 2.”

Microsoft, for its part, is sticking withits story. “We respectfully disagree withGartner’s views around timing of thefinal delivery of Windows Vista,” says aspokesperson for the company. “Weremain on track to deliver WindowsVista Beta 2 in the second quarter andto deliver the final product to volumelicense customers in November 2006and to other businesses and consumersin January 2007.”

Gartner singles out the expandingscope of the late-beta review, whichinvolves about two million users. “Theseusers bring a much-greater variety ofusage models than earlier beta releases,with a much-larger variety of software,”the report says.

There’s another reason that Vistacould well slip into the spring of 2007,says Smith. “The damage has alreadybeen done when you miss the holidayseason. The next real milestone is theend of the fiscal year for them, whichis June, and the back-to-school PCbuying season.”

Raindrops Keep FallingEven if Vista slips, the first half of 2007 should be a busy time forMicrosoft product managers. Enter-prise IT managers will also be payingclose attention.

“Sometimes enterprises choose to dothese things together, for cost savings,”says Smith, who notes that his group is“not predicting slips or any other prob-lems” with Office or Exchange. “Wehaven’t seen any reason to want tomake any statements about those yet.”

So what will arrive when? According toMicrosoft, Q1 of 2007 will see thearrivals of Exchange, as well as consumerversions of Vista and Office. For volumebusiness customers, Office is slated toarrive in October 2006, with Vista justbehind it in November. One interestingwrinkle is Office 2007, which on theconsumer side has been aligned with thelaunch of Vista for the consumer market.

“We have, however, decided to coor-dinate with Windows Vista to hit retailstore shelves and the OEM channel inJanuary 2007,” says a spokesperson forthe Microsoft Office System group.

Could it be that Microsoft is more con-fident of its new Vista schedule thanGartner expects? Or is it simply a matterof the Office team getting final wordbefore decoupling its software fromVista? One thing is clear: IT managersneed to keep a sharp eye out for breaksin the clouds.

Michael Desmond (mdesmond@redmondmag.com) is Redmond’s editor at large.

RedmondReportJune 2006

Squall LineMicrosoft produced a cloudburstof product releases in 2006. Nowa second shower is approaching.What’s the forecast?

0606red_RedReport11-12.v6 5/16/06 10:06 AM Page 11

RedmondReport

12 | June 2006 | Redmond | redmondmag.com |

Since April, Redmond readers havebeen working with the Beta 2 ofInternet Explorer 7. The reviews

have been mixed.“I would like to have the ability to

customize the layout or, better yet,have an option to switch to ‘classic lay-out,’” writes Brian Koomen, an MCSEwith CEM Corp. in North Carolina.“On the positive side, being able to

open new IE sessions (as a new tab) inthe same instance of IE is a plus. Mytask bar is less cluttered these days.”

But Koomen complains that IE7killed hyperlinks in Lotus Notes 7.0,and he tires of “constantly beingharassed” with security warnings.

Martin Duggan, group IT assistantfor Robertson Inc., is more direct. “Itried IE7 for the first time earlier this

week and in all honesty ... this thing isawful! It’s a big, lumbering mess. It isslow, unresponsive and the interface ismore confusing than even I expected,”he writes.

One thing Redmond readers aren’tcomplaining about is the default searchengine in the IE7 toolbar. Writes Den-nis Barr, manager of information tech-nology for the Larkin Group: “I’mcurrently in the beta program for IE7,and it’s ridiculously easy to change thedefault search engine. And isn’t it inter-esting that Google is the default searchengine for Firefox.” — M.D.

When highly regarded OfficeSystems Group leader SteveSinofsky moved over to the

Windows team, it did a lot more than fillthe space soon to be vacated by JimAllchin. Industry watchers like RobEnderle, principal of The EnderleGroup, expect Sinofsky to bring a moremeasured, conservative and reliabledelivery style to Microsoft’s flagship OS.

Microsoft isn’t the only company mak-ing changes. At rival Sun MicrosystemsInc., Scott McNealy has stepped aside asCEO in favor of Jonathan Schwartz, ayoung and capable manager who hasserved as Sun’s president and COO since2004. Schwartz faces a stiff challenge ashe tries to recapture past glory.

In fact, the management shakeups atSun and Microsoft represent two sidesof the same coin, says Enderle. “WithSun, [its] problem is that the market hasmoved to someplace where [it isn’t].Microsoft, on the other hand, has justhad a general problem executing.”

At Microsoft, repeated delays of Vistahave been singled out as an example ofexecutive leadership out of touch withcustomers and rank-and-file Microsoftiesalike. The company finds itself playingsecond banana in key markets like Inter-

net search, personal media products, andeven office software file formats. In May,the International Standards Organization(ISO) approved the Open DocumentFormat (ODF) as a binding standard, ablow to Microsoft’s competing XML-based Office schema.

Enderle says Microsoft has a uniqueproblem. “The difficulty for Microsoft isthat [it’s] almost in too good of shape. Youfocus so much on what you’re going tolose that you can’t move,” he says.

During a briefing of Microsoft’s Q3financials, analyst Mark Stahlman with

Caris & Company said Microsoft willspend freely in 2007 to break throughthe malaise. “It’s pretty clear that Bill isrunning the company again and [it’s]going to remake the business. [It’s] beingmuch more combative and much morestrategically managed,” he said.

The situation at Sun is more dire,where the dot-com-era darling has fallenon hard times. As COO, Schwartz hasbeen instrumental in helping Sun shedbaggage and launch key initiatives, suchas the open source Solaris OS and low-end servers based on dual-core AMDOpteron processors. But Enderle arguesthe firm needs an axe-swinging turn-around specialist. “He’s a sustaining man-ager,” says Enderle. “He clearly sees whatSun has to do, and he has managementcapability. He just seems to be the wrongkind of manager for what needs to bedone right now.”

Also at issue is McNealy’s role goingforward. “Scott isn’t really stepping out,he’s stepping up,” Enderle says. “It’svery hard to stay out. The real danger isyou have two guys who are trying torun the company and are bumpingheads a lot. And that could be the worstof all worlds.”

— M.D.

Executive Shake ’n Bake The departures of stalwartslike Sun’s Scott McNealy and Microsoft’s Jim Allchin portend risky times.

Users Speak out on IE 7Long-awaited browser gets mixed reviews.

Clockwise from top right: Schwartz,McNealy, Sinofsky, Allchin.

0606red_RedReport11-12.v6 5/16/06 10:06 AM Page 12

Information lives at companies that run EMC software. As one of the world’s largest software providers, we help companies of all sizes

store, manage, protect, and share information. We can do the same for you—across applications, across platforms, across oceans.

To learn more about how the full range of EMC software can help you and your company move up in the world, visit software.EMC.com

EMC2, EMC, and where information lives are registered trademarks of EMC Corporation. All other trademarks used herein are the property of their respective owners. © copyright 2006 EMC Corporation. All rights reserved.

When information

comes together,

your software puts

you at the top

of the food chain.

Information lives at companies that run EMC® software. As one of the world’s largest software providers, we help companies of all

sizes store, manage, protect, and share information. We can do the same for you—across applications, across platforms, across oceans.

To learn more about how the full range of EMC software can help you and your company move up in the world, visit software.EMC.com.

EMC2, EMC, and where information lives are registered trademarks of EMC Corporation. © Copyright 2006 EMC Corporation. All rights reserved.

When information

comes together,

your software puts

you at the top

of the food chain.

Project5 4/12/06 1:15 PM Page 1

ProductReview

14 | June 2006 | Redmond | redmondmag.com |

Plug Those Portable HolesDeviceWall helps you control those portable storage deviceson your network.

BY RICK A. BUTLERCompanies spend millionsevery year to protect theirnetworks from intruders.They set up elaborate firewalland intrusion detection sys-tems to keep the bad guysout. But that’s only one sideof the problem.

It’s not just the bad guysoutside your network thatyou have to worry about.The ones inside your net-work pose an equal orgreater threat. Layoffs, out-sourcing or other changesin the corporate climate canquickly turn someone whohas always been a loyalemployee into a threat—andit’s hard to know for sure ifand when someone mayhave turned.

To make the situation evenmore interesting, almosteveryone now uses some sortof portable storage device,such as a USB drive, PDA oriPod. If you’re dealing withpotentially hostile employeesusing portable devices, all theexternal security in the worldwon’t help you. The threat isalready there. All it takes isone employee with a grudgeto download some sensitivedata and carry it over to acompetitor or jam a USBdrive into their desktop andupload a bunch of viruses.

Behind the WallSo how do you deal with thispernicious security threat?You have to manage theportable devices attached toyour network by lockingdown ports and preventingaccess to certain removabledevices. A tool called Device-Wall from Centennial Soft-ware can help you do this.DeviceWall creates a centralmanagement point anddeploys clients to machineson which it will controlaccess to removable storage.It also creates a policy-driven

architecture to help manageportable device access.

Installing DeviceWall isstraightforward. You’ll need aserver running IIS with Web-DAV and access to SQL Serv-er. During installation, you’llhave one major security poli-cy decision. You can start withan open policy that allows fullaccess to removable devices

and then close down as yougo—or you can lock downeverything hard and lateropen ports and access todevices at your discretion.

You can roll out the clientcomponents through a push install, which looks tothe server for changes inpolicy. Users will see a pop-up to let them know of the

DeviceWallPrice: $50 per seat, volume licensing also available

Centennial Software Ltd.

866-255-7455www.devicewall.com

Figure 1. The DeviceWall Control center lets you control access to flash drives, CD-ROM drives and all other peripherals and communication ports.

Documentation: 20% ____ 8Installation 20% _________ 8Feature Set: 20% ________ 7Performance: 20%_______ 7Management: 20% ______ 7

Overall Rating: 7.4__________________________

Key:1: Virtually inoperable or nonexistent5: Average, performs adequately10: Exceptional

REDMONDRATINGCentennial Softwarerecently released Device-Wall 4.0, which adds severalfeatures to increase dataprotection. By encryptingdata moved onto a USBflash drive, for example,DeviceWall 4.0 ensures thesecurity and integrity of datawhile it’s in transit.

The new version also hassome ease-of-use, manage-

ment and customizationimprovements, including:> Automatic AES & Blow-

fish 256-bit data encryption > White listing-approved

devices for more granularuser-permission control> First-time Policy Wizard

speeds deployment> Anti-tampering technol-

ogy for increased clientsecurity.

Up Next

0606red_ProdRev14-18.v6 5/16/06 4:26 PM Page 14

FREE Introductory Offer

ContinuousData Protectionfor Microsoft®

Exchange

Feeling Sick Yet?

����������� �������������������������������������� ��������������������������� ������������������������������������������� ��� ��������!��������������"�����������������������������������������������!!����������������

You Thought You Were Covered

#������ ��"������ ��� ������������������$"����!������� �!������� %���!������%������� ������� �!"�����$�&�������������������������������� �!"$�&����������%�"������ ��� ��������!����������������"��������'��������������������������������!��$!���������������(���!�)

���������� ���������������%�"������������������*�$����������!����

None of This Had to Happen

���+�� ���$!����%� �����(��(������������������������� �,��!��-'�������� .���������������/���������0.�/1����2�� !�����-�������"�����-�������3���� ��

4����� �,��!��"������5��&!"��������*����"�������� ������$��������!"������������������������������!���'������ �� �����!�������������� �����������6��$�&����"����������������������������������������%������!�����������!��$!��������4������������ ���"����������������������� ��!��������������'��������)

DigiVault is the Cure

7�2���%����������������!��$!������������8������ ������ ���������9�

7��$�!��"�������$!���:�($������"�������������������������� ����������������������� �

7�6��� ���"���!������������������!����������!��$!��$�&���

7�6��� ����������;<���� �'���!��������

���� ��������� ����������%���*���������������!������(�������.�/��� �,��!�������������(���!������������������!�$�&���������������������� ����� �����!�$�!��"����� ����!���������"�

Continuous Data Protection with

SingleTouch™ Recovery for Microsoft Exchange

He Lost Everything.

This is Your E-mail Loss

How Much is Your E-mail Worth?

Copyright © 2006 Lucid8. All rights reserved. Microsoft® Exchange Server is a registered trademark of Microsoft® Corporation. All other trademarks are the property of their respective owners. * Refers to 12/2005 Survey conducted by Lucid8. See press release for more details.

DigiVault - A NEW Best Practice

���� ������"���!!"�$�&����������"�=�������6��������������>?�6��"������:@@�����������������*�����@��(���!�������"�0�������"��� ������1%�"�����!!!�����9@%@@@��(���!��$�������$�&���)6���������%������� �,��!�%�"����� �!�����9���4�����!��"���������>

Find out more NOW!

Go to www.Lucid8.com/DV2Call 425.456.8478E-mail: Sales@Lucid8.com

• Free white paper on Exchangebest practices

• Free analysis software for your Exchange server!

• Limited Time – Introductory offerSee Web site for details

Project11 5/15/06 5:06 PM Page 1

ProductReview

access restrictions toremovable devices.

Through the managementconsole, you have controlover just about any type ofremovable device—PDAs,USB drives, disks and CDs.

Depending on which deviceyou’re securing, you canestablish read, write or fullcontrol. Deny permissionswork the same as in Win-dows, overriding any othergroup membership permis-

sion. You can easily assignpermissions to users orgroups. The policy is thensent out to the client systems.

The Good and theCould Be BetterDeviceWall is a useful toolthat serves a growing need. Ithas some refined featurescounter balanced by a fewrough edges. Three areaswhere DeviceWall is mostimpressive are its support forgranular permissions, auditingand temporary access.

Granular Permissions:DeviceWall’s granularity givesyou detailed control overportable devices. You can setup security groups for devicefamilies with read, write orfull control rights. For exam-ple, you could establish rightsto write to the memory of a

digital camera, but not a CD,PDA or a USB flash drive.

Auditing: DeviceWall sup-ports a good degree of audit-ing, including auditingchanges to policy. Managednodes will report on remov-able device usage and attemptsto use disallowed devices. Allauditing is centralized.

Temporary Access: Theremay be times when you needto provide one-time access toa removable device for a spe-cific reason. This is extremelyhelpful because you don’thave to go messing aroundwith established policies topermit one-time access. Auser needing one-time accessstarts by going to the Device-Wall client, then collecting acode. He calls that code intothe system administrator,who enters it into Device-

Figure 2. The Audit Log gives you a graphical representation ofaccess attempts, indicating which have been blocked or allowed.

0606red_ProdRev14-18.v6 5/16/06 4:26 PM Page 16

Project1 5/16/06 9:20 AM Page 1

ProductReview

18 | June 2006 | Redmond | redmondmag.com |

Wall and provides a counter-code togrant the user temporary access.

There are several areas where Device-Wall could use more work. Amongthem, Group Policy integration, clientstrength and device support:

Group Policy Integration: Device-Wall operates within its own policystructure, rather than integrating with Microsoft’s Group Policy infra-structure. While not a show-stoppingomission, the decision to use a self-

standing management stack willincrease complexity for organizationsthat stick to GPOs for management.

Client Strength: No surprise, thepeople who pose the greatest potentialthreat are those with the most technicalacumen, including IT admins and pro-grammers. They’re the ones who knowhow to find, copy and transport propri-etary data off your clients. A deter-mined hacker may be able to getaround DeviceWall at the client level

by first booting up a system with aKnoppix disk.

Devices Not Covered: DeviceWalldoesn’t protect serial or parallel ports.While most portable storage devicesnow rely on USB, FireWire, or SATAconnections, a savvy operator could usethis knowledge to move data onto aportable device via those connections.

Better Mousetraps or Smarter Mice?So, DeviceWall will protect you, aslong as your node is online and con-nected to the network. Don’t let yourguard down, however, because theinternal threat could still persist. Thereare ways that a disgruntled, yetresourceful system admin could copyfiles to a local hard drive. For exam-ple, he could boot offline and thenconnect a removable device. Device-Wall would no longer be between himand the precious data.

This brings up a key point in systemsecurity. Your data is only as safe as themachine on which it’s stored. There aremyriad tools that can bypass systemsecurity and compromise data, andthere is no silver bullet to secure yoursystems against them. Still, DeviceWallis good at what it does. IncorporatingDeviceWall into your network securityplan is a great step to help prevent onemethod of data loss.

As with any other security tool ortechnology, DeviceWall shouldn’t bethe only part of your plan. Your overallsecurity infrastructure should include avariety of technologies, tools and tac-tics, such as monitored auditing, accesscontrols, file encryption and restrictingworking files to the file server. Giventhese parameters, DeviceWall is agreat fit within a carefully consideredsecurity plan.—

Rick A. Butler, MCSE+I, is the directorof Information Services for the UnitedStates Hang Gliding Association.You can reach him when he lands at mcpmagrick@adelphia.net.����������������� �������������������� ������������������������� �����������������������

������������� ������������������������������� ��� ������������� �������

��!���"�#����$%&&�������'�����!�����������������������

�������������� ������������������������������������������� �������������������������������������������������������������������������������������������������������� ������ ���������!�"����� ��������������������� ����� �������������������������� ���������������#��������������������� ������$���������������������������������� ����������������������������� ��������������� ���������������������������%

"&'�( )������������������ ������������������������������������������*+ ,� �������������� ��)� ��-�������.��� �������+ �����������-������&���������������� ���-/������������ ��������������� �����+ )/0����������������������������� ����������������� �����+ 1���������� ������������ ����������������������

-�������������������������������������� �������������������*+ )���������������������������������� �2����� ������������ ��������������+ ������������������������� ��� ���������+ '������������������� �����������������������������������������������������������������#����������������������+ )�������������������� ���������������������3� ������������������������

"&'�( )�������������������

(!�#�)�*����*������+

������������������� ��������������������������� ������������

������ ����������� �������������������������� ������������ !�"�# ��������

0606red_ProdRev14-18.v6 5/16/06 4:26 PM Page 18

FREE• Free Software for analysis of your

Exchange server!

• Free White Paper—“Basic Feeding

of Your Exchange Server.”

• View the Gartner webcast:

“Protecting Microsoft Exchange…”

Go to www.Lucid8.com/GO2

Call 425.456.8477E-mail: Sales@Lucid8.com

Tired of Nursing

Your Exchange Server?

���������������� ��� ������� ��������� ������ ����� ���� ����� ������ ��� �� � � ���� ���� ���� ��������� ���������� ������ ������

������������������ �������������������������������������������������������������������������������������������������������������������������� �����!��"��������#�������������������$����������������%&��������������"��"������������������

'������������� ��������������������������������������"������������������������������������������������(�"��������������������� �������"��������������)���"���������&���*������������+��)�������,

Fix the Problem

+���������������������������������������������������-�������������"������������������������������������������������������"�������������� � �����������+��)����������������������������������.

Pamper Yourself with GOexchange

��)�������������/0��������������'����1�����23� ��4����������������������"���������������"����5�����������������6����������������7�7���888������889����������������������������������/0�����������"�"�����������������"���"�� �������"�����"�������������������������������������

Prevent Hiccups

/0������������������������������������������������������������ ��& �������*��������"������������������ ��������

������� ��������������� ���� ������ �����

:����(�����;���������<

Run, Don’t Crawl

����������������������������� ���/0���������������������������"�����"����������� ����4������������������������������� ������"�����������������������"����������������������<�����������������������"���������������� ����������������"������������������ ������)�93����77��������.� =�� ��������������������������������� ������"����>3�������&��������������?���������� ����"�

���������� ���������������������!� "#"$%��

;����@������A�����'���

Automated Babysitter

B�����/0��������������������"��������<������������&����)������������������������������"�������������C���������������������������.

<�������������������������������������������� ������������ ����"��������������"�������������������������������������������������������������������������������!��"#������&����������"������������������������� �����������������������"�������������������������������

+����������������������������������� �����������������������"�������������������������/0�������������������������&��������������������������������������� �������

�&���������������� ��'� � � ������������� ���� ����������������(���� ��������������

6�����/������=<0

Stop The Crying

-��������������������������������������������������������������������������������������"�����:�������������������������������5��"����������������"��������������������&������������������� ������� ��

Copyright © 2006 Lucid8. All rights reserved. Microsoft® Exchange Server is a registered trademark of Microsoft® Corporation. All other trademarks are the property of their respective owners. * Refers to 12/2005 Survey conducted by Lucid8. See press release for more details.

Project11 5/15/06 4:54 PM Page 1

Project3 3/9/06 10:46 AM Page 1

Automation for the Harried Administrator | by Don Jones

other shenanigans. Shortly after thecolumn ran, MACS dropped off theface of the earth. I suspect Microsoft isretooling it to be a commercial prod-uct, or maybe part of a commercialproduct like Microsoft OperationsManager (MOM) or Microsoft SystemCenter or something, but that’s pureconjecture. In the meantime, we’re stillleft without many tools to help manageall the event logs from all our servers.

While commercial tools exist (Objec-tive Software’s EventMaster,http://snipurl.com/pezd, or PrismMicrosystems’ EventTracker,http://snipurl.com/pezf, among others),I was really looking for something witha price tag of “free.” Maybe not asrobust as MACS promised to be, but atleast something that could archive myvarious security logs into a central loca-tion for long-term storage.

Windows Management Instrumenta-tion (WMI) provides pretty decentaccess to Event Logs, so surely there was some scriptable way to do what Iwanted—and there was. The result isArchiveLogs, a command-line tool writ-

ten in VBScript that grabs logs from oneor more computers, saves them to a stan-dard .EVT file, and then clears the log tomake room for new events. You need tobe a local Administrator on the targetedcomputers for this to work.

Run the tool with /? to see all theavailable options; the most common usewill be ArchiveLogs /list:computers.txt/ping /path:C:\Logs. Or something likethat; you’ll obviously provide a filename of your own that contains com-puter names (computers.txt in myexample), and your own path for thearchived logs to be dumped in (C:\Logsin my example). Figure 1 shows a sam-ple run: Notice that I added the /verbose switch to generate moredetailed output, and note also that thetool displays an error if it’s not able toback up the log (this is generally due toa lack of security permissions, but it can

also be the result of a failure to connectto WMI, perhaps because of a local fire-wall configuration). If the tool can’tback up the log, it doesn’t try to clear it,thus ensuring you don’t lose anything.

When it’s able to grab a backup, thetool uses the path you specify in the/path argument. Under that path, it cre-

ates one sub-folder for each com-puter you target, and names theevent log files based on the cur-rent date: YYYYMD (year,month, and day). That’ll help youkeep everything straight.

The big caveat with this tool issecurity, security, security: You’llneed to have appropriate permis-sions to back up the log file, andclear it, in order for it to do itsjob. When in doubt, target it toyour local computer first, as a test,and make sure you’re a localAdministrator. If it works on your

local computer, it should work on othercomputers, provided connectivity existsand permissions are correct.

If you’d like to customize this tool abit, you can have it grab logs other thanthe Security event log. Just look for thisline, at around line 179 of the file:

Set cLogFiles = oWMIService.ExecQuery("Select * from Win32_NTEventLogFile where LogFileName='Security'")

Changing the log file name from“Security” to “Application” or “System”will back up the appropriate log. Thoseother logs often have less-strict securityrequirements too, because they’re notconsidered as sensitive.—

Don Jones is a columnist and contributingeditor for Redmond, and the founder ofScriptingAnswers.com. His latest book isAdvanced VBScript for WindowsAdministrators (Microsoft Press). ReachDon at djones@redmondmag.com.

Hoarding Logs

ges and ages ago, I wrote a column on Microsoft AuditCollection Server (MACS), a (then) free tool thatwould consolidate Security event log events into a

central SQL Server database, using all kinds of cool securitytechniques to prevent spoofing, administrator bypassing and

A

Mr. Roboto

Download this month’s tool fromwww.ScriptingAnswers.com/roboto/col5.zip.

Please keep this URL: That way if problems

occur I can update the posted file more easily.

DownLoad

| redmondmag.com | Redmond | June 2006 | 21

Figure 1. The output from running thismonth’s script with the “verbose” switch.

0606red_Roboto19.v5 5/16/06 9:55 AM Page 21

“I would love to be able to putExchange on its own server, but youdefinitely cannot move it [under SBSlicensing],” says Chris Johnson, ITmanager for the Carolina YouthDevelopment Center (CYDC) basedin Charleston, S.C. The lone IT stafferat the 100-person nonprofit agency,Johnson says he was glad SBS 2003increased the number of supportedusers from 50 to 75. Averaging 60 con-current users, his organization wasrunning up against the limit.

Martin Straub, IT director at 30-person accounting firm Cordell, Neher& Co. in Wenatche, Wash., has faced thesame limitations. “If you have an officeof 50-plus people, you don’t want oneserver,” he says. “You’re taxing that servera lot, especially if you’re using the Pre-mium Edition and you have SQL apps.”

Straub says he doesn’t use the ISAfeatures because it goes against bestpractices to run security software onthe same box as production services.

Overall, though, the pros outweigh thecons—especially for organizations with

ReaderReview

BY JOANNE CUMMINGS

You can’t get much more bang for your buck than with Microsoft’s Small Busi-ness Server (SBS) 2003. Most users are quite pleased with what it does, butthere’s always room for improvement.

Aimed at organizations with 75 users or less and a limited IT support staff, theStandard Edition of SBS provides file and print services, Internet and intranetaccess, fax services and Exchange e-mail—all bundled in an easy-to-deploy,wizard-driven package. The Premium Edition adds a SQL Server database, ISAWeb proxy and firewall functionality. There’s not much more a small businessshould need to keep itself up and running.

The best part of SBS is that it’s about half the price of Windows Server 2003Standard Edition. This makes SBS a no-brainer for smaller companies looking tosupport their business on a tight IT budget.

Microsoft significantly improved the product with the 2003 version, according toreaders who cite its improved wizard-driven approach, easy setup and maintenanceand unparalleled stability. The remote access features boost productivity, they say,especially the new Outlook Web Access (OWA) for Exchange. This is particularlyhelpful for small businesses needing to communicate with employees workingfrom home or on the road.

SBS 2003 isn’t perfect, however. Even with all that added functionality, userssay it could still use an integrated anti-virus and anti-spam tool, more full-featured backup and the ability to monitor network usage in real time. Plus, itsmajor benefit—all that functionality packed onto one server—can quicklybecome a hindrance depending on usage patterns.

In fact, the one improvement all users would like to see is an option to break outone or two services to a separate box. Separating Exchange or ISA, for example,could improve performance and tighten security—especially by keeping ISA sepa-rate from production services.

SBS 2003: Roomfor ImprovementSmall Business Server 2003 is stable and easy to maintain, but readers say it could use a few more tools and options.

Microsoft Small BusinessServer 2003Standard Edition: $599 with 5 clientaccess licenses (CALs)Premium Edition: $1,499 with 5 CALs

Microsoft Corp.

800-426-9400

www.microsoft.com

Your turn to sound off on thelatest Microsoft products

REA

DER DR

IVEN

Redmond

For what (SBS) costs, it’s way cheaper than itwould be to buy those components individually,so it’s worth it. Martin Straub, IT director, Cordell, Neher & Co.

22 | June 2006 | Redmond | redmondmag.com |

0606red_ReaderRev22-24.v4 5/16/06 10:04 AM Page 22

Project3 4/4/06 1:24 PM Page 1

barebones IT expertise, staff or budget.Straub says you can’t beat the value ofSBS, despite its shortcomings. “For whatit costs and for the user licenses, it is waycheaper than it would be to buy thosecomponents individually, so it’s worth it.”

Get Installation HelpAlthough SBS is easy to manage andmaintain, most readers say it would bewise to hire a consultant to help withthe initial installation. “You might luckout and get it to work, but what youdon’t know might hurt you,” Straubsays. “You might not get it securedproperly or you might not have it setup so that it’s easy to maintain.”

Michael Hall, network administratorat Warm Beach Christian Camps andConference Center in Stanwood,Wash., upgraded from SBS 4.5 to SBS2003 about 18 months ago. As the one-man IT department for his company,he did it on his own without a consult-ant. He upgraded 62 users and 52 PCsover the course of a weekend, but hehas run into problems. “I couldn’t getISA to work exactly the way I wantedand it just didn’t seem very intuitive,”he says. “I think someone starting fromscratch should definitely have a con-sultant to help.”

Once it’s installed, SBS operation isstraightforward and maintenance is abreeze, readers say.For example,Straub savedcountless hoursand support dollarswhen he switchedfrom Novell NetWare and Groupwise toSBS 2003. “I was never very comfortableon the Novell platform because it was allcommand-line driven,” Straub says.

Remote ControlThe remote access features added to SBS2003 are also a big plus. CYDC’s John-son upgraded from SBS 2000 to SBS2003 18 months ago. He quickly foundthat the new remote access featureshelped reduce his overall admin time.

“I can get access from anywhere if Ineed to set up or change a user account,”Johnson says, noting that he is usingSBS to support several CYDC locationsacross two towns. “It really saves me alot of time, and I can even do it fromhome if I want.”

Straub says the new Outlook WebAccess (OWA) feature was a key factorfor his company. “We use OWAextensively when our employees areoutside the office, during tax season oraudit season,” he says. “It comesinstalled as part of the server and you

don’t have to do anything other thancheck a box to enable it.” The inter-face mimics Outlook on the desktop,he says, which also makes it easier forhis users.

OWA does have some shortcomings,though, Johnson says. “It’s great tocheck e-mail, but if you have to goback and look for something or if youhave to send out a lot of e-mail to a lot

of people and you don’thave their addresses, it getscumbersome,” he says. “Itdoesn’t pull up the addressbook the right way.”

Missing PiecesSBS clearly fits most users’ needs,but there are still a few missingpieces—especially when it comes toanti-spam, anti-virus and backup.“That’s on my wish list,” Hall says. “Itwould be great if SBS had some spe-cial tie-in with one of the anti-virus oranti-spam vendors or with a goodbackup vendor.”

Monitoring network usage is anothermissing piece, users say. In SBS 4.5,

administrators could see who waslogged into the network in real timeand what they were doing. In SBS2003, that utility is curiously absent.“I like to be able to see what [Internet]sites are being run through in realtime,” Hall says. “We don’t have toomuch of a problem, but occasionallythere is. We used to see it in 4.5, so it’s disappointing that it’s not there in 2003.”

Better documentation and online helpwould also be welcome, although mostattribute this to the small installed base

and a lack of SBS awareness within thelarger Windows and Microsoft commu-nities. “SBS is almost like a second classcitizen,” Hall says. “You’re alwaysexplaining it to people because theydon’t know what it is. People that justhave a peer-to-peer net or a small serversetup don’t understand it and biggerorganizations don’t understand it. It’sstuck in the middle.”

That can be a problem when itcomes to getting help. “You might findWindows-type things on the Internet,”Johnson says, “but finding anythingabout Small Business Server is just acrap shoot.”

Still, readers feel SBS 2003 is a greatvalue, especially for organizations withminimal IT support. “It’s absolutely theonly way I can do what I’m doing—supporting three databases, 50 usersand the SBS box,” Hall says. “SBS is soeasy to run and maintain—it’s really theonly way I can survive.”—

Joanne Cummings is a freelance technologyjournalist based in Andover, Mass. You canreach her at jocummings@comcast.net.

ReaderReviewReaderReview

24 | June 2006 | Redmond | redmondmag.com |

SBS is so easy to run and maintain—it’s reallythe only way I can survive. Michael Hall, Network Administrator, Warm Beach Christian Camps and Conference Center

Go to Redmondmag.comfor a longer version of thisarticle, including an SBS

2003 Wish List. FindIT code: SBSWishList

0606red_ReaderRev22-24.v4 5/16/06 10:04 AM Page 24

Project5 5/17/06 12:35 PM Page 1

Quest Software Extends the Power of Microsoft to Manage Your Complex IT Environment:

Active Directory: Automate provisioning, secure and audit user access, andleverage AD to simplify identity management.

SQL Server: Deliver, manage and control high performance databases andmigrate to SQL Server 2005.

Exchange Server: Manage and archive your Exchange environment and prepare for migration to Exchange 2007.

MOM and SMS: Monitor AD and .NET, enhance Exchange reporting andextend management to Unix, Linux and Java.

SharePoint: Track, understand and control your growing Microsoft SharePointenvironment.

Visual Studio.NET: Manage .NET applications with MOM and build yourbackend SQL Server database faster.

Windows Server: Enhance security, optimize storage and streamline administration.

And …

Leverage native Microsoft technologies to manage and secure your Unix, Linuxand Java environments.

Download white papers and free trials of Quest’s solutions for WindowsManagement at www.quest.com/power

Project8 5/17/06 11:11 AM Page 2

Project1 1/9/06 10:32 AM Page 1

BY CHAD TODDI admit it—I have a serious book prob-lem. It’s nearly impossible for me to walkinto a bookstore and leave without pick-ing up at least one new book.

My students frequently ask me forrecommendations on good books tobeef up their knowledge on a particularsubject. Exchange management andadministration is always a hot topic, so Ipulled several Exchange books off theshelf—some new, some old stalwarts,some thorough references and somequick handbooks—and read them all.Here’s the inside line on each book andhow they stack up in the world ofExchange references.

As I read each of these Exchangetitles, I ranked them on four factors:

• Readability: How easy is it to read? Is it overly dry or fun to read?

• Technical Depth: Does the bookcover superficial concepts or dig intothe nuts and bolts?

• Technical Accuracy: Is the booktechnically accurate and comprehensive?

• Focus: Does the book cover thecontent expected? Is it on target?

With those criteria in mind, let’s seewhat’s out there.

Microsoft Exchange Server 2003 Delta GuideThe Microsoft Exchange Server 2003Delta Guide (MESDG) is not for new-bies. This title is for the seasonedExchange 2000 administrator movingto Exchange 2003.

If you’re an efficient administratorwith loads of Exchange 2000 experi-ence, you’ll probably be bored withmost of the Exchange books currentlyon the market. Most are written forsomeone new to Exchange. This bookcuts out all of the fluff and getsstraight to the differences.

The short chapters makeMESDG easy to read—thelongest is only 19 pages.This book flows wellenough so that you can readit straight through. All ofthe interface changes areillustrated with screen shots,so there will be no surpriseswhen you take what you’ve learned fromthis book into the real world.

If you’re looking for a book that cov-ers a lot of theory, then this book isn’tfor you. However, if you want a bookthat will quickly help you cross overfrom Exchange 2000 to Exchange2003, this is your guide.

Mission-Critical Microsoft Exchange 2003Mission-Critical Microsoft Exchange2003 (MCME) isn’t like most books inthis category, in that it doesn’t coverevery aspect of Exchange. It focuses onthe factors that relate specifically tomaximizing Exchange server uptime,such as clustering, data recovery andsecuring Exchange.

MCME has high-level technical con-tent and, as such, isn’t for beginners.

I’ve been using and teaching Exchangesince the days of Exchange 5.5, andfound myself having to reread portionsof the book to make sure I fully under-stood. If you’re new to Exchange thisbook may initially be over your head.

If you’re familiar with the fundamen-tals of Exchange, but are looking for a

deeper understanding of thestorage technologiesExchange uses or if you needto deploy an Exchange 2003cluster, then you should buythis book. MCME explainsthe database technologiesbetter than any Exchangebook I’ve read. These chap-

ters alone were worth the price. This isa very technical book, but the topics areexplained in a way that makes sense.

Microsoft Exchange Server 2003Administrator’s CompanionThe Microsoft Exchange Server 2003Administrator’s Companion earns bigpoints for the manner in which thecontent is presented. Each chapter isfairly short and gets straight to thepoint. You can also read any chapterindependent of the others. This makesfor a great reference book as you canopen it, read the chapter you want andhave everything you need right there.The text is easy to read and screenshots illustrate almost all the tabs.

There’s a good mix of theory andhands-on “how to” content. It doesn’tgo overboard on the technical side, but

26 | June 2006 | Redmond | redmondmag.com |

Exchange Server 2003—Read All About ItSee how these Exchange books stack up anddecide which ones you should add to your library.

RedmondRoundup

Log on to Redmondmag.comand check out the

full Exchange Server 2003

bookshelf with threeadditional reviews.

FindIT code:BookRoundup

0606red_Roundup26-28.v7 5/16/06 10:11 AM Page 26

Project3 5/3/06 12:05 PM Page 1

RedmondRoundup

28 | June 2006 | Redmond | redmondmag.com |

there are good explanations of howthings work behind the scenes. Forexample, it shows you some of the Reg-istry keys you can use to tweak Exchange2003 and segment Outlook Web Access(OWA) to limit the available features.

The two things I would change aboutthis book: First, I’d add a detailed sec-tion on Exchange clustering. Second,I’d reorder some of the chapters to putsome of the deeper, more technicalcontent toward the back. I’ve had stu-dents tell me they got bogged down inthe first few chapters and couldn’t getgoing. This is because it covers storageand routing architecture in chapterstwo and three. This is heavy-dutymaterial, and to the beginner, it canmake for dry reading.

Microsoft Exchange Server2003 Resource KitThe Microsoft Exchange Server 2003Resource Kit (MES2RK) is a beast of abook. It is truly the bible of Exchangebooks. MES2RK walks you through allphases of an Exchange deployment. Itcovers planning, designing, implement-ing and troubleshooting, and includeslots of high-end theoretical content foreach section. Each chapter is so detailedthat you could purchase the book, useonly one chapter and still get yourmoney’s worth.

I’ve always been a fan of Microsoft’sResource Kits, and that certainly holdstrue for this one. I especially like thedetail on migrating to Exchange 2003.One of the best things about theMES2RK is the accompanying CD. Itincludes tools and whitepapers for eachchapter. Just for Chapter 1 alone, thereare 20 white papers and seven scripts forlisting objects and managing quotas.

This isn’t the type of book I’d recom-mend you try to read straight through.Its size can be overwhelming. However,for a comprehensive reference, youwon’t find a better book. EveryExchange administrator needs to have acopy of this book on the shelf (just besure it’s a sturdy shelf).

The Reviews Are In …The Microsoft Exchange Server 2003Administrator’s Companion is my favoriteout of this batch of Exchange books.There’s enough high-level content tokeep the experienced administratorhappy and plenty of screen shots toguide the new Exchange administratorthrough all aspects of the product.

My second favorite is the MicrosoftExchange Server 2003 Resource Kit. Itgoes deeper into technical content thanmost of the other books here and cov-ers a wide variety of topics.

The unique format of the MicrosoftExchange Server 2003 Delta Guide sets itapart. If you just want a book to explainthe features gap between Exchange

2000 and 2003, then pick up a copy ofthe Delta Guide.

Not surprisingly, Microsoft Press is the winner for the best Exchangebooks. Start with the Administrator’sCompanion to begin learningExchange. Then pick up a copy of the Resource Kit to kick your Exchangeknowledge up to the next level. You’llbe well on your way.—

Chad Todd, MCSE: Security, MCSE:Messaging, MCT, CNE, is the author ofHack Proofing Windows 2000 Serverby Syngress Publishing. He is the co-ownerof Training Concepts, which specializes inWindows 2000 and Cisco training. Reachhim at chad@trainingconcepts.org.

Microsoft Exchange Server 2003Delta Guide

$29.99; 317 pages; ISBN: 0672326639

Sams Publishing

800-382-3419; www.samspublishing.com

Mission-Critical Microsoft Exchange 2003

$54.95; 409 pages; ISBN: 1-55558-294-X

Elsevier Digital Press

781-313-4700; http://books.elsevier.com

Microsoft Exchange Server 2003Administrator’s Companion

$59.99; 722 pages; ISBN: 0735619794

Microsoft Press

800-677-7377; www.microsoft.com/mspress

Microsoft Exchange Server 2003Resource Kit

$69.99; 1,372 pages; ISBN: 0735620725

Microsoft Press

800-677-7377; www.microsoft.com/mspress

RoundupIn this

Technical Accuracy [25%]Technical Depth [25%]

Focus [25%]OVERALL RATING

9 10 4 10 8.3

Readability [25%]

REDMONDRATING

1 = Virtually inoperable or nonexistent

5 = Average, performs adequately

10 = Exceptional

5 10 9 10 8.5

9 9 7.5 10 9

7 10 9 9 8.8

0606red_Roundup26-28.v7 5/16/06 10:11 AM Page 28

Project1 5/17/06 9:35 AM Page 1

30 | June 2006 | Redmond | redmondmag.com | PHOTO BY JIM REED/GETTY IMAGES

0606red_F1Katrina30-44.v5 5/16/06 10:59 AM Page 30

| redmondmag.com | Redmond | June 2006 | 31

How Jefferson Parish planned for and responded to the worst disaster in U.S. history, and the lessons ITprofessionals can learn from it.

St rmWarning

The Jefferson Parish Emergency OperatingCenter (EOC) squats over the low, grassyplain south of the Mississippi River. It’s a

brutish, four-story block of a building that sitsin the shadow of a massive radio tower. If theEOC building looks like a bomb shelter, it’sbecause it once was.

On Aug. 29, 2005, that structure survived thegreatest bomb ever dropped on the UnitedStates: Hurricane Katrina.

Nearly 100 souls had crammed into the fortifiedstructure on the morning of Katrina’s landfall.Most came from across Jefferson Parish. With apopulation of more than 450,000, the parish cra-dles the city of New Orleans in a great crescent,

from the shores of Lake Pontchartrain in thenorthwest to the Mississippi River-boundingcommunities of Marrero and Gretna to thesouth and southeast. Inside the EOC building,emergency personnel worked to evacuate, assistand rescue citizens across this expansive swathof earth.

The Jefferson Parish EOC was well-equippedfor the task. There were hardened landlines,800MHz radios, and cell and satellite phones tap-ping multiple networks. There was a fully redun-dant computer network, a fleet of remote sensorsand cameras and a detailed disaster plan promis-ing a multi-layered government response. And, ofcourse, there was a system of canals, levees and

STORY AND PHOTOS BY MICHAEL DESMOND

0606red_F1Katrina30-44.v5 5/16/06 10:59 AM Page 31

32 | June 2006 | Redmond | redmondmag.com |

pumping stations designed to channel flood waters out ofthe area.

Within hours of Katrina coming ashore, every one ofthose systems would fail catastrophically.

Cascading FailureDr. Walter S. Maestri has been director of the JeffersonParish Emergency Management Department since 1996.The Sunday before landfall, he watched as Katrina boiled toa frightening crescendo. Now a Category 5 storm, amongthe most powerful ever recorded, it steamed directly towardNew Orleans.

But when the storm weakened and turned unexpectedly tothe east just hours before landfall, Maestri was confident.More than 90 percent of parish residents had evacuated.Those unable to leave were housed at hospitals and shelterswith supplies and backup power. His team was in place atthe EOC. Key personnel stood by in neighboring parishesto provide Day 1 communications and recovery.

“Up to the breaching of the levees, this was a perfectmodel,” Maestri says from his office on the fourth floor.“We knew what we thought could happen. We knew whatwe had to deal with. We had prepared the plans, spread themessage. Everything was according to plan. No surprises,no surprises,” Maestri’s voice trails off. He sounds almostreluctant to go on. “Then of course the storm comes in—and things happen.”

The power failed first, victim of the thrashing winds thattoppled poles, tangled lines, and threw down transformersand other gear. The EOC, like the Parish’s two data cen-ters, are supported by diesel generators. In the EOC and atlocal hospitals and other critical facilities, the lights stayedon and the computers kept humming.

Out in the field, the parish’s network of nearly 200 radio-based remote sensor stations switched to battery backuppower. Jason Phillips, supervisory control and data acquisi-tion manager for the parish, watched as the real-time feedsdisplayed on his twin monitors began to drop off one byone. Most batteries lasted from 45 to 120 minutes beforegoing dark. Wind meters, shorn of their directional vanes,stopped transmitting telemetry on wind speeds, while manylakeside sensors kept working until the waters swallowedthem. The last sensor quit with a reading of 29.6 feet.

“The ones we lost went underwater. Where we had themmounted we never would think the water on the lakewould get that high,” Phillips says. “But it did.”

Voice and data communications failed next. When thepower quit, general Internet access went with it. Phone serv-ice throughout the area faltered or failed entirely withinhours of landfall. At the EOC, staff members could receivecalls throughout the storm, but were unable to dial out. Itwould take five days for BellSouth to restore service to theEOC, one of the highest-priority service points in the parish.

Communications CollapseOf course, the parish disaster plan anticipated these outages.Staffers had been issued cell phones from a diverse set ofservice providers to help ensure voice communications. Infact, most service failed as cellular towers sustained damage,switching stations lost power and call volume swamped thenetworks. Even the dozen or so EOC-operated Motorolasatellite phones faltered during the storm, their signals

St rm Warning

Jason Phillips monitors water-level and pump-station statusfrom his workstations at the Jefferson Parish EOC in Marrero.

Nearly 100 people crammed into the bunker-like EOC building

during Hurricane Katrina.

0606red_F1Katrina30-44.v5 5/16/06 9:46 AM Page 32

Seamless failover.

Always connected.

Keeping Users Connected.

Keep your application servers zipped up and func-tional all of the time. Whether a single server or anentire site fails, availability to critical business appli-cations fails, along with the productivity of userscompany-wide. No matter if you’re a start-up or aGlobal 100, server downtime will kill your business.With Neverfail, users are kept continuouslyconnected to their applications no matterwhen, where, or why a failure occurs in theserver environment. Neverfail delivers cluster-classdisaster recovery, data protection and high availabilitysoftware solutions to every size company, and at asignificantly lower total cost and complexity. Withautomatic failover response measured in mereseconds rather than minutes, and no user or IT

management intervention needed, no one coversyour back better than Neverfail. Anything less isa lesser solution. Designed for Windows-basedapplications, Neverfail’s comprehensive suite ofaward-winning software solutions will help ensurethat your productivity is never interrupted.

To make your business a more productive — andprofitable — enterprise, visit neverfailgroup.comfor your FREE server analysis and take the firststep to achieving true high availability. Or betteryet, call or email us today to join companies all overthe world who have chosen Neverfail for the mosteffective disaster recovery, data protection and highavailability solutions in the industry.

www.neverfailgroup.cominfo@neverfailgroup.com

Keeping Users Connected.

EXCHANGE • SQL SERVER • FILE SERVER • IIS • SHAREPOINT • BLACKBERRY • ORACLE • LOTUS DOMINO

Project4 5/4/06 11:13 AM Page 1

34 | June 2006 | Redmond | redmondmag.com |

blocked by thick cloud cover and heavy rain—though theywould prove invaluable in the days that followed.

The one system that worked—the parish’s nearly 2,000radios—suffered a crippling blow when the repeaterantenna on the 21-story Galleria building blew away. Thatsevered links to police, fire, hospital and key emergencypersonnel situated on the north side of the Huey P.Long Bridge. When crews rushed to fix the damage afterthe storm, they discovered that T1 service between theGalleria and the EOC was dead as well.

Like an army slicing through the weakened flank of anenemy, Katrina had cut off the EOC from the East Bankcommunities pinned between Lake Pontchartrain and theMississippi River.

These were some of the hardest hit areas in JeffersonParish. Flooding devastated portions of Metairie, particu-larly in the south, where floodwaters from New Orleansfollowed Airline Highway into the parish. Powerful windsbattered lakeside communities. Vital resources like theNew Orleans airport and the I-10 highway linking the areato Baton Rouge were a top priority.

Technicians rushed to replace the antenna and set up apoint-to-point microwave link between the EOC in Mar-

rero and the Galleria building. That enabled 800MHzradio communication parish-wide for first responders, butless than two days later the link failed again.

As emergency coordinator for Jefferson Parish, TomRodrigue was ready to battle wind, water and line damage.But he was stunned when he learned that FEMA personnelhad disconnected the freshly mounted antenna.

Tulane’s EducationSix months after a glancing blow from Hurricane Katrinaflooded New Orleans, the city’s downtown is a work inprogress. Street lights remain dark and power in officebuildings fails regularly. A half block from the Superdomestands the dark monolith of the Hyatt Hotel. The building’sfaçade is an ugly patchwork of blown out windows andwhite plastic sheeting, a caustic visual reminder of justhow much work remains to be done.

Paul Barron, interim CIO of Tulane University, has a birds’eye view of it all from his 14th floor office on PoydrasStreet, right across from the Superdome. Like New Orleansitself, Hurricane Katrina nearly finished off the 172-year-old university, Barron says. “During the first 60 days, it wasunclear if Tulane was going to survive or not.”

Calamity struck quickly. “That Friday night I was at a pre-season Saints game, and people were talking a little bit aboutthe hurricane. But nobody was talking about evacuating,”Barron says.

Certainly not Tulane’s IT department. Tim Deeves, directorof network services, recalls kicking off full system backupsFriday evening. Because the storm struck on a Monday, theIT staff had all weekend to work. Deeves himself shut downthe school e-mail system on Sunday, at 2 p.m.

“I was a little bit worried,” Deeves says. “At one point Iwas the only person in the building, I was worried about theelevator losing power. I said, ‘Chris, if you don’t hear about

me by 1 o’clock, call pub-lic safety and tell them tocome get me out of theelevator.’”

The plan called for acourier from the Tulanesecurity center to acceptthe tapes from Deeves andtransfer them to a nearbysite. But the courier failedto show up. Deeves wastold to leave the tapes outin the 14th floor hallwayfor pickup. When the couri-er finally arrived, he foundthe doors locked—thebuilding staff had fled.

Those tapes would spend more than a week stewing in thelate-summer Louisiana heat. As it turned out, it was a goodthing the process broke down.

“The interesting thing is the security center is four andone-half blocks from here. That was not very smart,” Barronsays. “We lucked out in terms of getting our tapes, becausethe security center is much lower than we are, and therewas water. We got lucky.”

St rm Warning

Rick McGinity led a team intodowntown New Orleans torecover gear from the disabledPoydras Building.

The gutted interior of Casual Home Furniture, whichtook on five feet of water when New Orleans floodwaters flowed down Airline Highway. The store todaydoes business from a large tent in the parking lot.

Continued on page 38

0606red_F1Katrina30-44.v5 5/16/06 9:46 AM Page 34

Redmond’s TECH•ED Partner ShowcaseGOING TO TECH•ED? MEET WITH YOUR FAVORITE VENDORS ONE-ON-ONE

Palm, Inc. is a leader in mobile computing and strives toput the power of computing in people’s hands so theycan access and share their most important information.Palm’s world-class ease of use is now available on theWindows Mobile® platform, delivering the hallmark Palmexperience and the world’s most innovative smartphonesolutions to an even larger market. Treo smartphonesnow offer greater choice for consumers, mobile profes-sionals and businesses who want to stay on the cuttingedge of competitiveness with mobile voice, e-mail, web,and applications.

Tech•Ed Booth #608

palm.com/business

| redmondmag.com | Redmond | June 2006 | 35

When it comes to disaster recovery, it’s the recoverythat’s critical. Acronis True Image provides a comprehen-sive protection and recovery solution that gets yourservers and workstations back to business in minutes,not hours or days, minimizing downtime and keepingyour employees productive. With versions for enterpriseservers, networked workstations, and stand-aloneWindows and Linux servers, Acronis restores backupimages to dissimilar hardware, supports virtual and physi-cal machines, future-proofs your infrastructure with sup-port for 64-bit software, and never miss a deadline withSnap Restore, a patent-pending technology that lets yourstaff keep working even while the image is being restored.

Tech•Ed Booth #937

www.acronis.com

SAPIEN Technologies’ PrimalScript is the world’s mostpopular and feature-filled script environment, with all thefeatures you need in a script editor and much, muchmore. Whether you’re editing VBScript, ASP,ActionScript, JScript, Java, JavaScript, HTML, XML,SQL, or any of more than thirty other languages, you'llfind that PrimalScript offers rich, detailed tools to makeyour job faster, easier, and more efficient. With threeeditions to choose from, download a trial to find outwhich one is best suited for you.

Tech•Ed Booth #539

http://redmondmag.sapien.com

0606TechEdShowcase_35-37.qxd 5/16/06 12:58 PM Page 35

Organizations aroundthe world rely on 24x7 Automation Suite

24x7 Automation Suite offers aquick, effective way to buildrobust automation solutions in

minutes. It supports distributed remote jobs, event logging, centralized real-time job monitoring and reporting, and automatic fail-over. Its powerful scriptingenvironment delivers extensive support for SQL, HTTP,FTP, DDE, RAS, TELNET, SSH, ZIP, E-mail functions(MAPI, SMTP, Lotus Notes), File Replication, Bulk-fileOperations, Database Replication, and much more.

“24x7 has helped us to quickly automate many of our rou-tine processes; we're integrating is more and more into ourdaily production activities. Good product, very easy to use,we save a lot of time and money using this software.”

— Brian Baird, NYS Teachers’ Retirement System

SoftTree Technologies

www.softtree.com800-289-9256

Redmond’s TECH•ED Partner ShowcaseGOING TO TECH•ED? MEET WITH YOUR FAVORITE VENDORS ONE-ON-ONE

36 | June 2006 | Redmond | redmondmag.com |

Touch base with EMC! Optimize your InformationInfrastructure with Winning Solutions. We’re covering allthe bases with: • 10 demonstrations featuring our latestinnovative solutions for Exchange and SQL • 5 alternatingTheatre presentations throughout the day on the hottestMicrosoft technology topics. Listen to one of our experts,and take a chance to win a 20” Samsung plasma TV. A 4-port USB giveaway will also be awarded to one thou-sand and Eight hundred visitors to the booth. MONDAYEVENING, 6/12, IS MYSTERY GUEST NIGHT IN THEEMC BOOTH. STOP BY. YOU’LL BE GLAD YOU DID.

Visit our online Microsoft Solution sites at

www.emc.com/solutions/microsoft/sql_server/index.jsp

Tech•Ed Booth #101

WinRadarTM v2• Centralized AD Management• Remote Process Termination• Hot Fix & Service Pack Viewer• Bulk User Updating• Advanced Export Features• Client Software Removal• No Scripting Needed

Increase administrator efficiency with WinRadarTM.WinRadarTM is an Active Directory administration tool thatallows you to remotely manage client systems through aneasy to use interface. WinRadarTM comes with a widerange of built-in features that will eliminate the need forwriting scripts, creating tools or duplicating actionsthroughout your day.

www.cns-software.com

CNSSoftwareTools by Administrators for AdministratorsTM

0606TechEdShowcase_35-37.qxd 5/16/06 12:59 PM Page 36

Neverfail is a leading global software company providingaffordable cluster-class high availability and disasterrecovery solutions for Windows-based applicationsincluding Exchange, SQL Server, File Server, IIS,SharePoint, RIM BlackBerry, Oracle database and IBMLotus Domino. With failover measured in seconds ratherthan minutes, Neverfail’s solutions enable users toremain continuously connected to the live software appli-cation irrespective of hardware, software, operating sys-tem, or network failures. Neverfail’s mission of eliminatingapplication downtime delivers the assurance of businesscontinuity, removes the commercial and IT managementcosts associated with system downtime and enables themore productive use of IT resources.

Tech•Ed Booth #440

www.neverfailgroup.com

GOING TO TECH•ED? MEET WITH YOUR FAVORITE VENDORS ONE-ON-ONERedmond’s TECH•ED Partner Showcase

| redmondmag.com | Redmond | June 2006 | 37

Affordable Thin Client Terminals

From Devon IT

Secure thin client access to any application. NTA thinclient terminals are ICA, RDP and PXE capable and support server-centric computing in any enterprise environment. Access Windows, Linux, Unix and main-frame applications. No Client applications to load and nohard drive to fail. More options at lower costs than competing products. Starting at $149. From Devon IT.

www.devonit.com1.888.524.9382 info@ntavo.com

GFI MailSecurity for Exchange/SMTP is an email contentchecking, exploit detection, threats analysis and anti-virussolution that removes all types of email-borne threatsbefore they can affect an organization’s email users. GFI MailSecurity's key features include five multiple virusengines, to guarantee higher detection rate and fasterresponse to new viruses; email content and attachmentchecking, to quarantine dangerous attachments and content; an exploit shield, to protect against present andfuture viruses based on exploits; an HTML threatsengine, to disable HTML scripts; and a Trojan &Executable Scanner, to detect malicious executables.

Visit us at booth #331!

http://www.gfi.com/msed

0606TechEdShowcase_35-37r.qxd 5/17/06 9:28 AM Page 37

“We had an instance where we got our antenna back upand someone at FEMA came in and put their communica-tions up, because of the operation that was going on [nearthe Galleria site]. At which time the sheriff went back upthere and put [on] armed guards, took their antenna down,put ours back up and says, ‘Anybody tries to take it down ...’”Rodrigue pauses as a co-worker finishes the thought, “…they’re going to shoot you.”

Even with its radio service restored to the East Bank, theEOC struggled to communicate with state, federal and otherparish agencies. Jammed frequencies and incompatible radionetworks stymied cooperation—Rodrigue describes the sys-tem at the time as “inoperable.” Those difficulties enhancedthe isolation created by rising floodwaters and broken roads.

“We had to resort to runners,” says Carolyn Capdeville,Jefferson Parish coordinator for emergency management.“It was the pony express—people going from place toplace carrying messages.”

‘We Couldn’t Find Them’Jefferson Parish was fortunate. Unlike surrounding com-munities, it could radio state agencies.

“St. Bernard Parish, for whatever reason, couldn’t reachthe state,” Maestri says of the neighboring parish to theeast, which was utterly devastated by flooding. “So whathappened was St. Bernard Parish could reach us and wecould relay messages to the state. We were relaying mes-sages for multiple parishes.

“Communication interoperability is a tremendous prob-lem, and nobody learned the lesson from 9/11. That prob-lem, through Katrina, still exists,” Maestri warns. “Ourchallenge is not interoperability, it’s operability. The com-

mitment has been made that everybody will share thesame system.”

The city of New Orleans, however, simply dropped off themap. “They abandoned their EOC and set up their tempo-rary operating facilities in different buildings downtown, andwe couldn’t find them. Their towers went down, their radiosystems went down, or whatever, and we couldn’t find them.”

One pleasant surprise: cellular text messaging servicestayed up. For several days after the storm, text messagingwas the only reliable way to communicate with peoplebeyond the parish radio network.

Staffers also found after the storm that cell phones without-of-state area codes often worked when local cellularnumbers would not. Even today, staffers like Capdevillecarry a second cell phone with them. Still, not everyonewas quick to adapt.

“The state office of Emergency Preparedness, they havea program called E Team that works on the Internet, andthey wanted us to go over that,” Capdeville says of requestsher team tried to place with the state. “And we kept holler-ing at them on an 800MHz radio that we don’t have Inter-net. You’ve got to take it this way or you are going to loseus. There was no way to get to E Team.”

The EOC team finally convinced the state to acceptrequests by phone, but even that was dicey. “Eventually theonly communications system to stay up during the entireordeal was satellite telephones,” says Rodrigue. “Had it notbeen for that we would not have been able to make anyrequests to the state.”

“It’s not the technology that saves anybody, it’s the peoplewho use the technology,” Capdeville says. “That is missed alot of times, the human part of this.”

38 | June 2006 | Redmond | redmondmag.com |

St rm Warning

Planes, Trains & AutomobilesWith electronic transactions unavailable after the storm,Tulane President Scott Cowen decided that paying staffwas the top priority. To do so, the university needed torecover the tapes Deeves had left on the 14th floor. It fellto Rick McGinity, director of operating system and data-base services, to get them.

What follows reads like something from the script of themovie “Trains, Planes & Automobiles.” McGinity and his teamcouldn’t fly into New Orleans Airport—that was under militarycontrol—so they landed in Baton Rouge, picked up two staffmembers and drove to one of their homes. There they pickedup a second car and followed what McGinity describes as “awhole stream of ambulances going about 100 miles per hour.”They talked their way past several roadblocks.

At the Jefferson Parish operations center set up by theWest Bank Expressway, the team climbed into a deuce-and-

a-half troop truck with a contingent of heavily armedpolice. They rumbled past the nearly-empty Superdome andcircled the Tulane building on Poydras Street, seeking shal-low water. National guardsmen, patrolling the streets onSea-Doos, looked on as McGinity waded to the entrance,reached into the murky waters, and keyed the lock at thebottom of the door.

The walk up to the 14th floor was uneventful, and theteam was soon tearing open disk arrays and servers in thesweltering heat. “We pulled disk drives and the tapes, upuntil the point where we just couldn’t pull anymore stuffbecause time had run out,” McGinity says.

By nine that night, the team was on a plane out of BatonRouge on its way to Houston. McGinity, his team, andthose tapes would eventually land in Vorhees, N.J., wherePaul Barron had set up Tulane with a logical partition on anIBM mainframe at Sungard. Tulane was back in business. Itsemployees—at least, the ones on direct deposit—wouldget paid on time. — M.D.

Continued from page 34

0606red_F1Katrina30-44.v5 5/16/06 9:46 AM Page 38

Project1 4/5/06 11:51 AM Page 1

Data Center Two-StepJefferson Parish maintains two discreet data centers,located more than 10 miles apart. Identically configured,each includes a single IBM AS/400 iSeries midframeserver connecting to a 2TB SAN and linked to eachother and the EOC via frame relay. While the two cen-ters house the same equipment, they serve differentapplication sets.

A mile north of the Huey P. Long Bridge, the EastBank data center in the ninth floor of the Joseph S.Yenni Building houses utility billing operations, as wellas a Linux server running an Oracle GIS database formapping services. Critical financial and payroll applica-tions are housed in the West Bank data center, on aparish campus in Gretna. There are also 35 Windowsservers hosting Exchange, Internet Information Server,DNS and application for several departments. Theparish operates about 1,400 total Windows clients.

“Ever since the early ’90s the plan was to have two datacenters with redundant capabilities,” explains RidleyBoudreaux, director of Electronic Information Systemsfor the parish. “Now we didn’t set them up redundantly,it’s not like a hot situation where I can instantly say nowwe’re doing our payroll on the East Bank. But we always

bought identical iSeriesmachines—or AS/400s—with enough capacity torun all of the applicationson one of them.”

That decision, whichhelped the parish shavecosts, got a severe testwhen Katrina washedashore. High winds rippedthe large air conditioningunits off the top of theYenni Building, tearingopen the roof. Water fromthe storm and rupturedpipes poured through theupper floors of the build-ing. “Even if you havegenerator power—with noair conditioning, forget it,”Boudreaux says. “Whenyou have something as catastrophic as the roofcoming off and water cas-cading through the build-ing, a whole lot isn’t goingto stay operational.”

Even with the East Banksite disabled, Boudreauxfelt lucky. The storm had

largely spared the West Bank facility and its critical finan-cial applications. “We were extremely fortunate that thebuilding on the West Bank came through with flying col-ors. The generator worked. Power remained to that build-ing so that system stayed up,” he says.

Daily procedure calls for the backup tapes produced ateach data center to be transported to the other site—ensuring that data will survive a fire or catastrophic

40 | June 2006 | Redmond | redmondmag.com |

St rm Warning

Katrina tore open the Yenni Building roof, disabling the datacenter and damaging the upper floors.

Canal breaches in the Lower 9thWard and at the 17th StreetCanal (shown) devastated largesections of New Orleans. Manyareas remain uninhabitable.

0606red_F1Katrina30-44.v5 5/16/06 9:46 AM Page 40

Project1 1/13/06 11:24 AM Page 1

event. With Katrina’s approach, the disaster plan calledfor up-to-date backup tapes to be transported from thetwo data centers to the hardened EOC site in Marrero.But the tech responsible for the transfer was running late,trying to get his family out of the area. The tapes ended upin Houston.

“It probably worked out better that way,” says Boudreaux,who had the tapes shipped to a temporary location inBaton Rouge. When it became clear the Gretna site hadridden out the storm, Boudreaux’s team got to work.

“We got one of my people and somebody from payrolloperations in that building by Thursday after the stormand immediately started working on payroll, which wasdue the following Friday.”

Boudreaux says that the AS/400-based iSeries platformeased migration of East Bank data center applications tothe sibling midframe in Gretna. In just a few hours histeam had dumped the bits onto the working AS/400 andwas up and running. “You take a backup of Exchange andtry to put it on a box that’s not identical to the one youtook it off of,” he says with a laugh.

Boudreaux himself was on the north shore of LakePontchartrain when the storm hit. Rather than return tothe stricken parish, he headed west “through downed trees

and power lines” to Baton Rouge, where the parish wasestablishing an emergency seat of government. ThereBoudreaux could find what he needed to recover his IToperation: Power, communications and access to systems,partners and vendors.

“When I left I took all of my contact lists in hard copy—Iprinted it all out,” he says. “I had phone numbers for all ofour vendors, I had passwords with me.”

Even as Boudreaux got busy in Baton Rouge, one of hiscontractors, Walt Barowka, struck out from the northshore, heading south toward the stricken Yenni Building.His mission: To recover as much equipment and data fromthe disabled data center as he could.

“On his way down, I think it was the Thursday after, com-ing down from the north shore, he saw some young buckscutting trees along the side of the road. He said, ‘Come on,I’m gonna pay you,’ threw them into the back of his truck,and brought four guys down, plus a couple of his own peopleand a couple of my people. They just hauled equipmentdown all day long, hauled it over to the Gretna building.”

By the end of the day, the impromptu IT rescue team haddelivered to the surviving data center everything but theAS/400 midframe system—which was too heavy to carrydown the nine flights of stairs.

42 | June 2006 | Redmond | redmondmag.com |

St rm Warning

Lessons in the WindInteroperate: In a macabre repeat of the snarled com-munications that hampered response during 9/11, parishofficials struggled to reach local, state and federal agen-cies. Area parishes are now working with the state toimplement a unified standard for radio communications.

Local backup is not enough: Organizations dutifullybacked up data ahead of the storm, then housed the medialess than 10 miles away. Likewise, Jefferson Parish locallyhosted both its e-mail and Web servers. It took heroicmeasures to recover these systems.

Seek alternatives: When all communication systemsfailed, one stayed up—text messaging. Also, cell phoneswith out-of-state area codes proved more reliable thanlocal accounts. Both are now cooked into the emergencyplan for the parish.

Forge-trusted partnerships: Ridley Boudreaux restoredWeb and e-mail service within two days of the hurricane byturning to the VAR that set up his IBM iSeries systems. Thecompany provided server resources, office space in BatonRouge and a skilled programmer.

Don’t overvalue technology: Katrina pulled down theentire working infrastructure of the New Orleans area.And yet, the state urged Jefferson Parish to submitrequests via the E Team Web-based logistics application.

It took creative and dedicated people to work aroundproblems. Non-digital backup procedures should be con-sidered and developed.

Stay or Go: The best place for many managers was out-side of the stricken area, where they had access to com-munications, Internet, power and transportation. Still, ittakes boots on the ground—like Walt Barowka carryinghardware out of the Yenni Building—to get things done.

Challenge assumptions: Jason Phillips learned thatwooden sensor station poles ably weathered the highwinds, while galvanized steel poles often bent at 90degrees or snapped entirely. The parish is switching towood poles.

Produce hard copy: Critical data such as contact lists,emergency documentation and authentication data shouldbe printed and distributed, for access during extensivepower or network outages. Also consider distributing docu-mentation on compact USB keys, so remote staffers haveeasy and portable access.

Reject wishful thinking: Many IT plans worked with-in the framework of a three-day evacuation and failed toaccount for the effects of a direct hit by a hurricane.

— M.D.

0606red_F1Katrina30-44.v5 5/16/06 9:46 AM Page 42

Whether you choose Training or Certification, Citrix Education offers you

peace of mind by providing you with the knowledge and skills to achieve the

following benefits:

• Ensures skills and knowledge are current and can be applied on the job

• Increases value and productivity of IT professionals

• Improves reliability and efficiency of the Citrix environment

• Exposes IT professionals to new products and functionality

• Helps IT professionals troubleshoot problems without the help of

technical support

Visit www.citrix.com/edu/redmond to find out which training courses and

certifications are right for you!

©2005 Citrix Systems, Inc. All rights reserved. Citrix® is a registered trademark of Citrix Systems, Inc. in the United

States and other countries. All other trademarks and registered trademarks are the property of their respective owners.

Peace of Mind...

Offered by Citrix Education

Project3 8/2/05 10:58 AM Page 1

“It was heroic,” Boudreaux says. “That’s the word I usedover and over again—absolutely heroic. Everything worked.”

‘You Learn Lessons’Well, not quite everything. Boudreaux says the parish gotcaught flat-footed when its Web site went dark during thestorm. The local hosting firm suffered damage in thestorm—it took more than a week for it to restore service.In retrospect, Boudreaux says locally hosting the Web sitewas a mistake.

“In the parish we try our best to support local businesses,”he says. “You learn lessons. Fortunately, we were regis-tered with Network Solutions—it took a matter of min-utes to switch it over.”

The switch over was made possible by CMA TechnologySolutions, the value-added reseller in Baton Rouge thathad helped set up the parish’s two iSeries systems.

“I showed up at their door 1 o’clock on Tuesday and said ‘Ineed some help.’ They gave me an office, they gave me spaceon their iSeries, they gave me a brilliant programmer, whohelped me set up a one-page Web site that afternoon and getour address changed with Network Solutions.”

The site hosted a registration page to confirm the where-abouts of parish personnel. Boudreaux also pointed staffersto a private page containing his latest contact informationand location, helping him stay in constant touch.

He also funneled all e-mail—which was completelyunavailable in Jefferson Parish—to his site in Baton Rouge.Boudreaux couldn’t e-mail staffers in the afflicted area, buthe could review correspondence and pass on urgent itemsby cell phone or text message.

As for the AS/400 iSeries midframe left in the YenniBuilding, Boudreaux’s team reached it four weeks later,once electricity and air conditioninghad been restored. For nearly amonth, the system sat in broiling tem-peratures and high humidity—still, itbooted up normally, even with onehard drive failed and another showingfailure indications.

“So, the system worked. It came upand worked,” Boudreaux says.

The Gathering StormBy the time you receive this issue, theofficial start of the 2006 hurricane season will be daysaway. Yet, the entire region remains fragile. Maestri saysabout a third of Jefferson Parish lives in temporary FEMAtrailers, secured with nylon tie-down straps. Many willalmost certainly topple in Category 1 hurricane winds,meaning that an approaching tropical storm may require afull evacuation. Yet the storm-related financial struggles offamilies in the area makes evacuation—with its steep costsin fuel, hotel bills and lost work—prohibitively expensive.

And then there’s the infrastructure. Maestri describeslocal electrical service as being held together “with spit,bailing wire and scotch tape.” He warns that many electricutilities in the area are now operating under bankruptcy.The health-care system is in even more dire shape.

“We have gone from 11 major hospitals functioning tothree. A million two hundred thousand people are nowdependent on three hospitals, in essence,” Maestri warns.“We had a level 1 trauma center—it’s gone. We had twomajor medical schools functioning—Tulane and LSU.Those doctors, those students are now no longer here.They’ve moved out.”

The grim calculus of evacuation demands that Maestri,Capdeville and other managers at the Jefferson Parish EOCshuffle the deck and re-tune their models. Capdeville hasbeen tweaking the computer-based evacuation models, low-

ering her assumptions about roadcapacities and taking into accountissues like a higher percentage of vehi-cles becoming disabled on roadways.

At the end of the day, there’s only somuch technology can do. “I think oneof the problems is that we, 21st centuryAmericans, are totally dependent, inways they don’t even think about, ontechnology,” Maestri says.

“There’s a picture that we have thatsomebody snapped, one of our own

photographers, of the CEO and chairman of the board of aFortune 50 corporation who lives here, sitting on the curbeating an MRE [meal ready to eat],” Maestri says. “I mean,he has planes at his disposal and God knows what. And he’ssitting at a curb eating an MRE, because all of his money,he couldn’t get to it.”—

Michael Desmond is Redmond’s Editor-at-large. Reach him atmdesmond@redmondmag.com.

44 | June 2006 | Redmond | redmondmag.com |

St rm Warning

Read an extended PDF version of thisstory, check out ongoing coverage andregister for a Web chat with JeffersonParish IT executives.

FindIT code: Storm

GetMoreOnline

redmondmag.com

Jefferson Parish EOC Director Walter Maestri warns that damage fromKatrina could make the next major stormmuch harder to cope with.

0606red_F1Katrina30-44.v5 5/16/06 9:46 AM Page 44

Knowledge isbeing the person themeeting can’t startwithout.

Move forward with an IT degree online from Capella University. Capella is an accredited university offering hands-on,

real-world experience. And you can apply to earn credit for real-world experience, training, certifications (such as CCNP®,

MCSE, CISSP®, and PMP®), and previous education. To learn more, call 1-888-CAPELLA or visit www.capella.edu.

Capella University is accredited by The Higher Learning Commission and a member of the North Central Association of Colleges and Schools, 30 N. LaSalle Street, Suite 2400, Chicago, IL 60602-2504, (312) 263-0456; www.ncahigherlearningcommission.org. Capella University, 225 South 6th Street, 9th Floor, Minneapolis, MN 55402. © 2006 Capella University

Project8 5/16/06 1:55 PM Page 1

Project2 1/4/06 11:14 AM Page 1

he riders in the Tour de France are probably themost monitored athletes in the world. In preparation

for the race, every ounce of food a rider consumes isspecially formulated to give him maximum performance.They spend hours in wind tunnels, constantly tweakingbikes, helmets and other gear to make sure they’re as aero-dynamic as possible. Heart rate, oxygen intake and dozensof other bodily functions are closely watched to ensure topperformance during the most grueling race on the planet.

Performance tuning like that wasn’t available on past ver-sions of Microsoft’s SQL Server, when tuning was regardedas a black art. An index here, a few design changes there,toss in some query hints, do a quick SQL dance and voilà!You had a tuned database. However, like so many otheraspects of SQL Server 2005, the ability to adjust perform-ance has been mightily enhanced (but not with steroids).

On the third leg of our Tour de SQL, we’ll show youhow to pump up the performance of Microsoft’s best-everdatabase, giving you the edge you need to stand on thepodium and kiss supermodels, like the winners of each legof the Tour.

A Sharper ProfileAn old SQL tool you probably won’t recognize in its SQL2005 incarnation is the SQL Server Profiler, shown in Figure1 on p. 48. Profiler still has the same goal as before—tracingyour SQL Server so that you can tune or troubleshoot—butthe look, feel, and capabilities have come a long way.

You can now trace Analysis Services and Integration Ser-vices packages, and almost everything is XML based. Traceresults can be saved as .XML files, and trace definitions arein XML, expanding Profiler’s capabilities to other pro-gramming interfaces. While tracing to files, Profiler willroll over to additional files when the specified maximumfile size is reached. While this isn’t new, the ability toreplay all rolled over files in order is new to Profiler.

But that’s not even the best thing Profiler can do: It cannow build correlations to performance monitor counterstaken at the same time as the trace. Once you have a traceand a performance monitor log saved to a file, you simplyopen the trace and import the performance data. Theresult is a split screen with your trace results on top andperformance counter on the bottom.

| redmondmag.com | Redmond | June 2006 | 47

Tour deSQL

SQL Server 2005 gives you new tools to help your database performance stay ahead of the pack.

SQL

BY ERIC JOHNSON

TT

PHOTO BY GRAHAM WATSON

Part III:Performance

Tuning

Part III:Performance

Tuning

0606red_F2TourSQL3_47-50.v7 5/16/06 9:48 AM Page 47

Now clicking on the trace takes you to the correspondingsection of your performance graph, and vice versa. Thisallows DBAs to get a quick picture of what was runningwhen the CPU spiked to 100 percent.

A More Capable AdvisorAnother performance tool that has long needed a makeoveris the Index Tuning Wizard. SQL Server 2005 introduces anew tool, the Database Engine Tuning Advisor, whichreplaces the functionality of the Index Tuning Wizard andprovides even more information than its predecessor.

In a nutshell, the Advisor (Figure 2, p. 50) examines work-loads (T-SQL scripts or SQL Profiler results) and providesrecommendations to add, remove or modify physical struc-tures. The recommendations are made regarding clusteredindexes, non-clustered indexes, indexed views and partition-ing schemes. In addition, the Advisor examines more eventsand physical structures than its predecessor, allowing it tomake better, more complete recommendations.

It goes even further, with the ability to analyze workloadsrun against multiple databases. An adage of the tuning trade is that too many indexes can be just as bad as too few.The old Index Tuning Wizard didn’t apply this principle very well, and would often recommend adding index after index until the performance started to suffer. The Advisor,however, is designed to take into account multiple structuresand can analyze the interaction of these structures. After the

advisor is run, the user is given T-SQL scripts that can beused to implement all, or a subset of, the recommendations.

Indexing: Bigger and BetterAssuming you have a decent database design and the queriesrunning against your database weren’t written by monkeys,most of your tuning will be done with indexing. Manyimprovements to the indexing process in SQL 2005 not onlyallow for better performance, but also greater availability.

First off, the syntax for working with indexes has changed alittle. There’s now an ALTER INDEX command that canrebuild, reorganize, disable or change indexes. This has effec-tively replaced the old DBCC index commands. Now,instead of using DBCC DBREINDEX, you use ALTERINDEX REBUILD. Likewise, DBCC INDEXDEFRAGhas been replaced by ALTER INDEX REORGANIZE.

The most widely anticipated change to indexing is theaddition of online indexing (available only in EnterpriseEdition). Using the REBUILD WITH ONLINE optionof the index command, users aren’t blocked by most index-ing operations and the object of the index can stay onlineand accessible. This can greatly reduce the amount ofdowntime for your SQL environment.

But be aware that the performance of online indexesinvolves tradeoffs. During an online indexing operationperformance is degraded—how much depends on the user load and the object and index size. Online indexing is recommended by Microsoft in most cases, but everyenvironment is different; I urge you to carefully test thisfeature before implementation.

Index operations on SQL 2005 Enterprise Edition canalso take advantage of multiprocessor servers. Utilizingthis parallelism can improve the overall performance ofyour indexing operations and minimize the aforemen-tioned period of degraded performance.

Indexed views are still around in SQL 2005, and they,too, have been improved:

• The query optimizer can make better decisions, provid-ing better performance than before.

• Two new index options allow for more granular lockingcontrol. By using ALLOW_ROW_LOCKS orALLOW_PAGE_LOCKS you can control at what levellocking will occur for your index.

• The XML datatype has been introduced, allowing XMLdocuments to be stored in columns. XML documents can bevery large, since they themselves usually represent entire dataentities. Leaving no stone unturned, SQL Server 2005 pro-vides the ability to create indexes on your XML columns.

While indexing has changed, it shouldn’t seem completelyforeign. In the short term, all the old commands are still inplace for index maintenance and operation, allowing you toease into the new syntax.

Table and Index PartitioningPreviously, data stored in SQL Server could only be splitinto different physical files at the table level. In otherwords, each table could be placed on a different filegroup,but the table in its entirety had to be in that one filegroup.The only exception was that you could put non-clusteredindexes on a different file from the data, but the same heldtrue for an index—it could exist on only one filegroup.SQL 2005 introduces table and index partitioning, allow-ing you to horizontally split rows in tables or indexesacross multiple filegroups.

48 | June 2006 | Redmond | redmondmag.com |

Tour de SQL Part III: Performance Tuning

Figure 1. The SQL Profiler now integrates with Windows PerformanceMonitor to provide a more complete picture of server activity.

0606red_F2TourSQL3_47-50.v7 5/16/06 9:48 AM Page 48

Project10 5/10/06 2:38 PM Page 1

50 | June 2006 | Redmond | redmondmag.com |

This provides several benefits, the first of which is man-ageability. When your data is divided into logical parti-tions, data loading can be faster and maintenance tasks canbe performed in a more timely fashion.

In order to realize this gain, you need to know how a tableis being used and, most importantly, the size of that table.Partitioning will bear the most fruit on very large tables inwhich subsets of data in that table are used differently.

Take, for example, a table that stores order information fora large e-commerce firm at a rate of 100,000 records per day.That works out to approximately 3 million records permonth. Once an order is taken, it’s inserted once and updatedseveral times over the first few weeks, as it goes throughwarehouse fulfillment and ships to the customer. After that,the record will typically only be read for reporting or histori-cal purposes, and only a few records will be updated in theevent of an exception, such as an order return.

If you partition this table by month, the indexes built canbe geared toward the record operations used for that data.The current month can be optimized for insert and updateoperation, while previous months are optimized for select.So you can rebuild indexes on the current month’s data andnot the entire table, saving valuable time and resources.

Using table partitioning can also result in increased per-formance, but it’s a tricky matter that requires an in-depthknowledge of how your objects are being queried.

Partitions should be configured in such a way that datajoined from two tables be on similar partitions, in most casesusing the same partition criteria. If two tables are dissimilarin their partition scheme, query performance can degrade.

Snapshot Isolation LevelSQL 2005 introduces a new transaction isolation levelcalled Snapshot Isolation (not to be confused with a data-

base snapshot). Whenever a transaction updates a row,SQL 2005 copies an image of that row into a “versionstore” in TempDB before the update happens. If any otherprocess tries to read the row being updated, it pulls thelatest copy of the row from the image store. This preventsusers attempting to read data from being blocked by theupdate. In addition, Read transactions using Snapshot Iso-lation will not take shared locks on the data, again reduc-ing locking contention. If two transactions attempt toupdate the same row at the same time, the old standardapplies: The first transaction gets to make the update andthe second one is blocked until the first update completes.

Keep a few things in the back of your mind if you plan toenable Snapshot isolation. First, TempDB has to haveenough space to maintain the version store; if it fills up,updates can continue but version images will stop beingupdated. The image is only kept in the store long enoughfor the transaction to complete. While this is not a dirtyRead, you are reading data about to be changed. The selectstatement will return the data as it existed after the lastcommitted transaction; but assuming the update inprogress commits, the data will be changed.

Closing in on the Finish LineWe’re nearing the end of our Tour de SQL, and like thecyclists heading into Paris for the final lap, we’ll be tack-ling replication for our closing chapter. We’ll be discussingthe new Replication Monitor, tracer tokens, replicationagents and more. Our final installment also arrives close tothe start of the real Tour de France, which I hope you’ll bewatching on the Outdoor Life Network!—

Eric Johnson, MCSE, MCDBA, MCSD, is a database adminis-trator and data architect working in Colorado Springs, Colo., and isthe VP of Marketing for the Colorado Springs SQL Server User’sGroup. When he’s not designing databases, he enjoys spending timewith his wife and son. Reach him at ejohnson2010@yahoo.com.

Figure 2. The all-new Database Engine Tuning Advisor boasts many more options for performance enhancement than its predecessor.

It’s a well-known mantra of disk manage-ment: “The more spindles, the better.”Because of this, it might be tempting tosimply partition large tables so they end upon multiple hard drives; here, however, thatcould degrade performance. The problemis that during sorting operations, SQL sortspartitions one at a time, leaving all the otherpartitions, as in this case, idle. A bettersolution is to stripe partitions onto multipledisks, allowing SQL to take advantage ofthe extra spindles, even though it’s stillworking one partition at a time.

— E.J.

Performance Tip

Tour de SQL Part III: Performance Tuning

0606red_F2TourSQL3_47-50.v7 5/16/06 9:48 AM Page 50

Project4 5/4/06 11:37 AM Page 1

Project7 3/13/06 1:07 PM Page 1

| redmondmag.com | Redmond | June 2006 | 53

ReachOut &

HackSomeone

Provide your users with the right

common knowledgeso they can practice

common sense.

One day a few years ago, I was in the process of per-forming a remote audit of a bank’s firewall. In themiddle of the test, I received a call from the bank’shelp desk. I picked up the phone, and was told some-

thing to the effect of—minus the cursing—“Stop your social engi-neering garbage!”

I informed the person that I was doing a straight firewall assess-ment and that there was no social engineering. They loudlyimplied, again with lots of colorful language, that I was lying. Ithen asked them why they thought I was social engineering them.Their response: “Because you do that social engineering stuff!”BY IRA WINKLER

0606red_F2Hacker53-58.v6 5/16/06 11:08 AM Page 53

54 | June 2006 | Redmond | redmondmag.com |

I asked them what they were specifically talking about.They told me that someone called up their help desk ask-ing what type of software they were using for a few criticalapplications. I asked, “What did you do in response?”

They told the caller that they would find out the informa-tion and give them a call back. I asked them again as to whythey thought it was me. They told me that the number thatthe caller gave was a fake, and that it must have been medoing social engineering. I again told them that it wasn’tme. Luckily, someone from the bank was at my location tooversee the test. I put that person on the phone, whoassured them I was not doing any social engineering.

When I was back on the phone, they asked if the othercall was a real attack. I told them that it probably was, andcongratulated them for doing the right thing. I wondered,though, what would have happened if they didn’t know afirewall assessment was in process and that I was personallyinvolved; they were clearly on heightened alert for anypotential attacks.

Con GameSocial engineering is an overly sophisticated term used bypeople to describe lying on the part of a hacker. Basically,hackers are looking for a way to obtain access to computersystems when technical efforts alone won’t succeed. It’smost often used to con users out of their passwords, gethelp desks to manipulate accounts on their behalf to facili-tate access or to obtain information about technical archi-tecture that would facilitate an attack.

The deed is most often done through telephone calls toobtain information. Depending on the circumstances, how-ever, it can be more broadly defined to include any non-technical attacks, including on-site visits where the hackertries to physically collect information. While this usuallyinvolves dumpster diving, where the attacker goes throughthe trash to look for information, an attacker may try to getinto facilities. If that happens, they can do anything fromlooking for passwords taped to PC monitors to accessingunattended computers and planting spyware on systems.

Whether the attacks are physical or over the phone,they’re possible because of failings in an organization’sbehaviors. Your security policies might be adequate tothwart such attacks, but the reality of how they’re imple-

mented could leave you exposed.Remember, no matter how good your technical securi-

ty posture is, your organization can be compromisedthrough human failings. That could mean a specific per-son failing to comply with practices, or managementexecuting flawed processes.

In my previous article (“Dumb and Dumber,” May 2005),I described some of the most egregious security lapses I’veseen in my years as a penetration tester. Many readersrecounted similar failings in their own organizations, situa-tions that defy common sense. Clearly, everyone shouldknow that you just don’t give out a password to a strangeron the phone, or tape a password to a monitor. A basicprinciple, however, holds that you can’t have commonsense without common knowledge. The average user justdoesn’t have a base of common knowledge to exercise thatcommon sense.

Basic Common KnowledgeTo prevent users from falling prey to social engineeringattacks, you need to make sure they have a firm base ofcommon knowledge—then they can exercise commonsense. What seems obvious to someone in the industrymay not be obvious at all to a layperson. And, frankly, evenmost people in the industry don’t have an acceptable levelof common knowledge.

A Common-Knowledge PrimerWith that in mind, here are some foundational commonknowledge concepts to get across to your users:

NNoo.. 11:: TThhee BBaadd PPeeooppllee WWiillll TTaarrggeett YYoouuPeople know about hackers, and most are aware thatsome inside their own organization might not be trust-worthy. Where they fail is in their belief that it will neverhappen to them.

An individual’s position within a company is almost irrele-vant. Some people are in positions where they have a lot ofaccess, and they will be targeted. Other people just providea random access point for an attacker; if the hacker cancompromise a low-level account, he can then use that as afoothold for crimes or other attacks. This may sound obvi-ous, but few people realize—or at least acknowledge—this.

NNoo.. 22:: PPeeooppllee LLiieeAgain, this seems obvious, but many people just accept thevoice on the other side of a telephone and give them whatthey ask for. I have yet to be turned down when I’verequested a password over the phone. On average, myteam and I find that maybe one person in 100 actuallychallenges a request for sensitive information during one

I have yet to be turned down when I’ve requested apassword over the phone.

Reach Out & Hack Someone

0606red_F2Hacker53-58.v6 5/16/06 11:08 AM Page 54

“Anyone?”

© 2006 Devon IT, Inc.

N T A V O . C O M1 . 8 8 8 . 5 2 4 . 9 3 8 2i n f o @ d evo n i t . c o m

NTA Thin Client Terminals. Forward-Thinking IT Transformation.

Still paying for PCs? NTA Thin Client Terminalsfor server-based computing are far more affordable,functional, and secure. And easier to maintain withno client applications to load or hard drives to fail.These Terminals—ICA, RDP, and PXE capable; plug-and-play—run Windows®, UNIX®, Linux, and mainframeapplications directly from data center servers. Use asis or with the NTAVO Secure Access Appliance tointegrate your IT systems. Contact Devon IT today.

D E V O N I T

Project1 4/18/06 11:31 AM Page 1

of our penetration tests. Anyone can call up claiming to beanyone. They can ask for anything, and even the mostinnocuous call can be part of a major attack.

NNoo.. 33:: TThhee BBaadd GGuuyyss AArreenn’’tt GGeenniiuusseessWhile the overall attacks seem sophisticated, they’re notthe result of some sort of criminal mastermind. Theattacks are successful because the victims leave them-selves vulnerable. The success is dependent on the luck ortenacity of the criminal, not his genius. They either stum-ble on a vulnerability or they keep trying until they findone. Either way, it’s usually a vulnerability or the user’snaiveté—using something as simple as “password” for theirpassword—that enables the attacks.

NNoo.. 44:: SSwweeaatt tthhee SSmmaallll SSttuuffffBecause it’s often the small problems that enable attacks,it makes sense to address those small problems. Takeaway the low-hanging fruit for attackers to target, andthey’ll have to move onto other targets. This, in turn,forces them to look for more difficult-to-exploit vulnera-bilities. That means that they put themselves at more riskof being detected.

Instilling Common KnowledgeWhile the list above isn’t comprehensive, it’s enough to getyou started. If your organization can grasp and act on theseissues, security will improve almost immediately. Here’show to do it.

KKeeeepp IItt SSiimmpplleeThe reason cars are relatively safe is that people know thebasic rules of the road. Red means stop. Green means go.Speed limit signs have a number and say “Speed Limit.”Pretty easy to understand … it’s when the signs get com-plicated that problems occur.

In the same way, you need to offer simple guidance. Overthe years, I’ve come to believe that sometimes you have tostop trying to say “why” and just say “what.” Limit your

guidance to what people must and must not do. Sure, youcan try to tell people that there are bad guys out there, butthe truth is that it doesn’t matter.You have to let them knowwhat behaviors are acceptable, and make it clear that therecould be a penalty for not following procedures.

I recommend creating bulleted lists of up to eight differentbehaviors that people should or shouldn’t do. The bulletsmust be simple and clear: “Never give out your passwords

over the phone.” “Lock your desk at the end of the day.” Letthere be no chance of misunderstanding the requirement.Consider a statement that says, “As appropriate, your super-visor will be responsible for verifying that you adhere tosecurity procedures.” Workers are much more likely to learnthe rules if they believe they’ll be tested on them.

You should also acknowledge that people make mistakes.Have a policy stating that if there’s a security incident, andit’s properly reported, there will be amnesty, while a cover-up will result in harsher penalties. Don’t go into the“Why.” Even if people understand the why, they don’tthink it will happen to them.

GGeett EExxeeccuuttiivvee SSuuppppoorrttA great many things that administrators and general secu-rity staffs need to do require funding and managementsupport. Remember that you’re trying to change the cul-

Success is dependent on the luck or tenacity of the criminal. They eitherstumble on a vulnerability orthey keep trying until theyfind one.

56 | June 2006 | Redmond | redmondmag.com |

Reach Out & Hack Someone

0606red_F2Hacker53-58.v6 5/16/06 11:08 AM Page 56

Western Governors University

Microsoft, Sun, Comptia, Cisco

Let’s face it, IT certification earns you a job.But you need a degree to advance your career.At Western Governors University (WGU), you can earn the only accredited, online competency-based IT degree in the country, including up to eleven respected IT certifications. If you already hold major IT certifications, you may be able to waive some of your degree requirements and graduate faster—and for a lot less money. WGU is ideal for working IT professionals because you can study when it’s convenient for you, under the guidance of faculty mentors dedicated to your success.

Call us today at1.800.219.6689or visit us online atwww.wgu.edu/rdm

Bachelor of Science in Information Technology

Emphasis Areas Offered: Networks, Databases, Security, and Software

Do you have acertification from one of

these organizations?

Then you may

have completed

up to 25%of your bachelor’s

degree at WGU.

Project1 3/14/06 10:38 AM Page 1

58 | June 2006 | Redmond | redmondmag.com |

ture of the organization. Getting people to prominentlywear their ID badges can be a challenge, and you may needa jumpstart to get it going.

For this, consider a company-wide letter from the CEO.It gives you authority to take the necessary actions, anddeal with complaints from end users reluctant to changetheir work habits.

MMaakkee IItt EEaassyy ttoo DDoo tthhee RRiigghhtt TThhiinnggWhen possible, ease the burden on users. This means, forexample, buying and putting in lots of shredders—even byevery desk if possible. It means including a screensaver pass-word lock on the default configurations of organizationalcomputers, so users don’t have to figure it out for themselves.It means considering single sign-on and multifactor authen-tication, or other similar technologies. This can eliminate theneed for passwords and drastically reduce the effectiveness of

social engineering attacks. It means something as simple asproviding enough cabinet space so that people have enoughroom to lock up their materials at the end of the day.

I firmly believe that most people want to do the rightthing. Unfortunately, even when they have the right com-mon knowledge, there are many cases where it’s logisticallyimpossible to do the right thing.

RReeppeeaatt AAfftteerr MMee:: RReeppeettiittiioonn While a listing of specific behaviors is crucial, it’s impor-tant to reinforce the message as often as you can. In theintelligence world, there are stickers on the phonesreminding people not to disclose classified information tooutside phones. In one large company, I saw posters in anelevator reminding people to take off their badges as theyleave the building. AOL constantly tells users that AOLwill never ask for their password. These simple remindersare generally placed where they’ll be seen, and wherethey’re most relevant. Your organizations should look forsimilar opportunities to instill this common knowledge.

TTeecchhnnoollooggyy IIss YYoouurr FFrriieennddWhile social engineering attacks target human weaknessesin one form or another, there are a lot of technologies that

can limit or possibly prevent damage after a successfulsocial engineering attack, including:

• If a user discloses their password, wouldn’t it be greatif your system looked at where a logon was coming from,and alerted you that a user was coming from an outsidelocation, or was possibly logged on twice? Some intru-sion detection software can do that, as well as looking forabnormal behavior.

• Multifactor authentication renders a compromisedpassword mostly useless.

• Internal network segmentation can limit the damage acompromised account can do, as can assigning useraccounts only the access privileges they need.

As you can see from just a few examples, there are manyopportunities for technology to contain social engineering.

PPrraaccttiiccee CCoommmmoonn SSeennsseeSecuring the enterprise is an endless task, but it’s clear thatbetter education will help users limit the danger created bysocial engineering attacks. Every organization is different,and you need to tailor your security awareness strategies toyour own environment. Of course, in enterprise settingsthere are usually multiple environments within an environ-ment, and you may need different strategies to addresseach of them.

When I began working at the NSA, my security aware-ness indoctrination was several days long. But it may surprise you to learn that even there—a highly secretivenational intelligence agency—there was nothing specialabout the training we received. It was just very detailedabout very basic security precautions, like taking off your badge when you leave the facilities, not taking out classified materials, not discussing work outside ofwork and so on. We weren’t personally taught how toperform bug sweeps; we were just reminded what wewere expected to do.

In that setting, of course, you could go to jail for security compromises. But using the same tactics withyour own user awareness programs can have a greateffect. It’s unlikely that your organization is going toinstitute three days of security awareness training, butyou can put the other elements in place. Just make surethat those elements are very basic, and focus on theexpected behaviors. And teach them to answer the phonewithout swearing at people who they think are tryingsocial engineering attacks!—

Ira Winkler, CISSP, CISM, has more than 20 years of experience in the intelligence and security fields. His latestbook, Spies Among Us, recounts many of his espionage simulations. You can contact him at ira@isag.com.

While you can try to tellpeople that there are badguys out there, the fact isthat it doesn’t matter.

Reach Out & Hack Someone

0606red_F2Hacker53-58.v6 5/16/06 11:08 AM Page 58

Project2 4/6/06 4:54 PM Page 1

After all, you certainly deserve it. And with Transcender, reaching new

certification heights is guaranteed 100%. In fact, with our industry

leading approach to certification exam preparation, there’s no telling

what you can achieve. Visit www.transcender.com or call 1-866-639-8765.

© 2006 Kaplan IT, Inc. Al l r ights reserved. TRANSCENDER® Kaplan IT, Inc. Al l r ights reserved.

Project4 5/5/06 12:31 PM Page 1

There was nothing abnormal aboutdoing this, except for one fateful day.This day someone was working on aserver, went back to the rack, pressedthe power button andimmediately real-ized—while his fin-ger was stillholding in thebutton—thathe was press-ing the powerbutton on thewrong server.

He intendedto cycle aMetaFrameserver with nousers; instead, theCompaq Proliant7000 file server that helduser profiles and home directories forabout 800 users was hanging in thebalance by one person’s finger. He alsorealized that as long as he was holdingin the power button, the systemwouldn’t come crashing down.

The design of the power button savedhim, in more ways than one. Whilestanding there holding the button, hewas calling through the data center tohave someone come to his aid.

A fellow server sys admin heard hiscries for help over the machine noise;

they then started brainstorming toresolve this critical problem. They deter-mined that they could install the Com-paq utilities on the system and thendisable the power button entirely. After

this was done, he finally let go. Theserver—and the 800 users—

continued to work andno one ever knew the

difference. Fortunately(or maybe unfortu-

nately), this storydidn’t make it tomanagementuntil several years later.After that, we

began stressing theimportance of a

good label maker for theserver team!—

Chris Grant works for Enterprise Information Security in Fargo, N.D.

Education in VirusesThe Blaster and Welchia viruses hit ourcommunity college campus in August2003. Naturally, about this time, campusregistration was in full swing. Quite mys-teriously, the network started to slowdown. Network segments began to dropoff altogether. Failures in a network aslarge as this were common, but the situa-

tion quickly became worse, and withinhours the entire campus was crippled.Just before we completely lost Internetaccess we downloaded the latest Syman-tec virus definitions and ran them on afew workstations to see if, by chance, avirus had infected our network. We foundminimal traces of the Blaster worm and amassive infection of Welchia.

Suddenly, dial-up and DSL connec-tions on campus became priceless. Wequickly got into the hands of every tech-nical support staff member on campusprintouts detailing the virus removalinstructions, a procedure list and CDsincluding the latest removal tools, theSymantec virus definitions and theMicrosoft patches necessary to prevent are-infection. It took the support staffabout three days to clean andpatch themajority of the workstations on campus.

All the while registration was next toimpossible to carry out, and the func-tions of all faculty, staff and administra-tion were hampered. Total cost to thecollege for technical support personnelwas estimated to be several thousanddollars. This excluded the lost time forthe entire workforce of the college, andlost tuition and fees from students whogave up trying to register for classes.

In the end, while no one enjoys per-forming updates on computers, it had tobe done. The administration didn’timmediately jump at purchasing a patchmanagement solution, but fortunately,Microsoft’s SUS server was a viableoption. I no longer work at the college,but at my new job, it’s been my responsi-bility to oversee patch management andSymantec updates, both of which arefaithfully kept up-to-date.—

Adrian Dickreiter is a network systemsanalyst.

It was a standard day in IT: in and out of the data center,maintaining, restarting and rebooting Windows NT4.0-based Citrix MetaFrame servers. Because the systemsdidn’t have the ability under NT to automatically shut off

their power supplies, we’d have to manually press the powerbutton when a server was ready to be shut off.

I’ve Put My Finger on the Problem …

NEVERAGAIN By Chris Grant &

Adrian Dickreiter

ILLUSTRATION BY MARK COLLINS

Powering down the wrong server makes for a sticky situation.

| redmondmag.com | Redmond | June 2006 | 61

0606red_Never_61.v6 5/16/06 9:55 AM Page 61

WindowsInsiderGreg Shields

Speed up Terminal Server

Terminal Services changed all that,bringing the office to any location with areasonable Internet connection. Termi-nal Server has become a critical compo-nent of many networks, and keeping itrunning at peak performance is crucial.

Doug Brown is President and CTO ofDABCC Inc., a company that specializesin consulting and services for Citrix andTerminal Services implementations. Healso wrote the popular “Methodology ina Box” (MIAB), a free document thatguides the neophyte from project plan-ning all the way through to the finalconfiguration tweaks of a TerminalServer or Citrix deployment.

Doug was willing to share some of themost useful optimization tips. Some ofthese Registry tweaks havebeen around for a while,but others are new to Win-dows Server 2003. All aredesigned to streamline yourTerminal Server resources.

Here are a few that specif-ically improve the perform-ance of Terminal Serviceson Windows 2003. Remember that aswith any modifications to your system’sRegistry, test everything thoroughlybefore you implement.

Eliminate IE Flickering: Configurethis setting to force off-screen compo-sition of Internet Explorer, which elim-inates the flickering effect. In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main, set theDWORD value for Force OffscreenComposition to 1.

Disable Office 2003 CustomerExperience Improvement Program:Configure this setting to prevent Officefrom prompting the user to participatein this program. To enable, in HKEY_CURRENT_USER\Software\Microsoft\Office\Common, set the DWORDvalue for QMEnable to 1.

Disable File Locking: Configure thissetting to modify the file locking behav-ior on the server. This will enhance per-formance, but it’s known to have issueswith some database applications. Toenable, in HKEY_LOCAL_MACHINE\System\CurrentCon-trolSet\Services\LanmanWorksta-tion\Parameters, set the DWORD value

for UseLockReadUnlock to 1.

Disable NTFS Last-Accessed Time Stamping:Configure this setting to pre-vent the system from updatingthe last accessed time stamp onfiles, which can enhance per-formance. Some applications

require this to be accurate, so test priorto implementing. To enable, inHKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\FileSystem, set the DWORD value for NtfsDisableLastAccessUpdate to 1.

Turn off Lazy Writes: This settingprevents the system from caching writeoperations before writing them to disk.This can speed operation over the net-work. Configure the following two keys:

In HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters, set theDWORD value for IRPStackSize to 15.Also, in HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters,set the DWORD value for UtilizeNTCaching to 0.

Improve Windows Kernel Perfor-mance: Prevents the system from pagingkernel mode drivers and system code todisk, which can decrease performance.To configure: In HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management, set the DWORDvalue for DisablePagingExecutive to 1.

Increase the Network RequestBuffer: This setting boosts performanceby increasing the size of the networkrequest buffer, which determines howmuch data is stored before it is sent tothe client. This setting can also improveLAN Manager file writing perform-ance. Increasing the size of this bufferwill consume RAM, so adjust and moni-tor carefully. To enable, in HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters, increase the DWORD valuefor SizReqBuf to a value between 1024and 65535.

Eliminate Session Hangs DuringLogoff: Terminal Server sessions cansometimes hang when the userattempts to log off. One solution: Mod-ify available network buffers and openconnections. Configure the followingkeys: In HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters, set theDWORD value for MaxWorkItems to 8196, MaxMpxCt to 2048, MaxRawWorkItems to 512, MaxFreeConnec-tions to 100, and MinFreeConnections

ver yearn for the good old days, back before TerminalServices? When managing a server meant a trip to thedata center—and occasionally catching a quick nap in its

dark recesses? Back when traveling to a remote job site or con-ference guaranteed a few days of hiding from your real job?

E

62 | June 2006 | Redmond | redmondmag.com |

Check out theonline version ofthis article for asample .REG file

that’ll allow you toconfigure all these

tweaks at once.FindIT code:

SpeedUp

0606red_Winsider62-64.v5 5/16/06 9:52 AM Page 62

Project1 5/16/06 9:15 AM Page 1

WindowsInsider

to 32. In KEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters,set the DWORD value for MaxCmdsto 2048. Also, in HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SessionManager\ConfigurationManager, set the value for RegistryLazyFlushInterval to 60.Lastly, ensure that the EnableAdvanced Performance feature isenabled when viewing device propertiesof all disk drives on the system.

Speed up Application Load Times:Increase the perceived performance ofyour Terminal Server by pre-loadingcommonly used files into memory. Thisworks well on systems with plenty ofavailable RAM. To enable, in HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SessionManager\Memory Management\PrefetchParameters, set the DWORDvalue for EnablePrefetcher to 3.

Disable Caching of Roaming Profiles: Excess roaming profiles on aTerminal Server can consume disk andRegistry quota space. Configuring thissetting can eliminate waste but increaseuser’s login time. To enable, in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon, set the DWORDvalue for DeleteRoamingCache to 1.

Disable Unused Subsystems: Notusing the POSIX subsystem on your Ter-minal Server? Disable it and navigate tothe registry location HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Subsystems and delete the Posix key.

Disable the File Indexing Service:File Indexing Service is great for quicklysearching for files, but your TerminalServer arguably shouldn’t have thatmany user files on it and the indexingprocess can consume huge system

resources. To disable it, navigate to theproperties menu of each drive on yoursystem and deselect the box for AllowIndexing Service to index this disk forfast file searching.

There’s more where these tips camefrom at www.dabcc.com.

Of course, all Terminal Services hasbrought me is fewer trips to the serverroom, more opportunities to work fromhome and on the road, and more hoursper week on my time card. On secondthought, let’s not speed up TerminalServer. Keep it weak and feeble. Starveit and it’ll go away! Back to the glorydays of 1994! —

Greg Shields, MCSE: Security, CCEA, isa senior systems engineer for Raytheon Co.in Aurora, Col. A contributing editor toRedmond, Greg provides engineeringsupport and technical consulting inMicrosoft and Citrix technologies. Reachhim at gshields@redmondmag.com.

0606red_Winsider62-64.v5 5/16/06 9:52 AM Page 64

When it comes to disaster, it’s not IF, but WHEN. And too often, it’s when you least expect it.

Download Your Free Eval Copy Today

Get High-Availabilty and Disaster Recovery “In-One”

With Double-Take ®

It is your job to keep servers up, data available and prevent

downtime. Failure to protect mission critical data and

applications can set your business back by weeks, months or

worse. Disaster recovery is now one

of the highest IT priorities.

In today’s business climate, you

have to have a tested plan and reliable tools in place for

the moment your server (or site) goes down. Double-Take

is that tool.

Sold more than all other High-Availability tools combined, it is

even certified for W2K Datacenter. No other HA tool is. A whole

department sitting on their hands can cost thousands of dollars

per minute. The ROI of Double-Take is a no-brainer.

Double-Take delivers real-time data replication combined

with fail-over so you have high-availability and disaster

recovery for your Windows Servers -- safely and securely.

This is the reason that hundreds of Fortune 500 companies

worldwide use Double-Take to ensure their business continuity.

Three levels of data compression allow

more data to be replicated and

increase performance and scalability.

Double-Take gives you the peace of mind your data is safe

and your job secure.

Don’t wait. Download a free

30-day eval copy right now

and start protecting your

data and applications.

www.sunbelt-software.com Tel: 1-888-NTUTILS (688-8457) or 1-727-562-0101Fax: 1-727-562-5199 Email: sales@sunbelt-software.com

Project3 3/9/06 11:47 AM Page 1

SecurityAdvisorRoberta Bragg

The Problem with SharingMost corporate computers are config-ured to make knowledge workers moreproductive, and each of these comput-ers is typically configured for use by asingle person. However, most organiza-tions also have some computers thatneed to be shared by several users.Examples include kiosks in public areasor Internet access terminals foremployees who don’t have a computeron their desks.

And if that sounds challenging, youshould try administering computers in aschool. Imagine being responsible fordozens, hundreds or more computersregularly used by young tykes who thinka keyboard’s a toy, to aspiring teenagehackers who see your security measuresas an opportunity to hone their skills.

Securing public computers involvesmultiple steps. In addition to the usualvirus protection and hardening proce-dures, IT managers must limit user activ-ities and access on these PCs. Protectinguser privacy becomes a priority as well.Systems must erase all traceof each user—includingconfidential data such ascached passwords—beforethe next person logs on. Itcan be a real challenge.

Windows 95 introducedSystem Policies to per-form this work. Windows 2000replaced these with Group Policy set-tings, and these have been an importanttool for locking down access to publiccomputers ever since.

But if you’ve ever tried to configure ashared computer using these policies,you learned quickly that finding all the

required settings is a difficult task.What’s worse, many of these securitymeasures can be bypassed by any userpossessing sufficient knowledge to doso. Many administrators have thrownup their hands in desperation and askedwhy Microsoft couldn’t just give themeverything needed to lock down ashared computer.

If you’re one of those admins, it’s timeto rejoice, because the Shared Comput-er Toolkit is effective at locking down acomputer running Windows XP. Readon to learn how to use this ingeniousset of tools to your advantage.

Getting StartedStart by downloading the Toolkit andprinting out the documentation. Youcan continue without reading the docu-mentation, but you’ll want to review itbefore configuring the computer withanything but standard applications.While you’re at the download site, alsoget the User Hive Cleanup Tool. Thisis a service that ensures that logoff and

shutdown actions complete,even when some peskyapplication or driver refusesto unload. Using this tool iscrucial in an unattendedenvironment where youneed to ensure that logoffswork every time.

Once you’ve downloaded the Toolkit,install Windows XP SP2, all requiredupdates and the User Hive CleanupTool. (While you could install the Toolk-it on a computer already running Win-dows XP, a clean installation ensures thatthe computer only holds the programsand data you want to be accessible for

public use.) During the setup, selectNTFS as the file system for the Win-dows partition (using FAT as the file sys-tem for your Windows partition is a badidea in any case, and would disable muchof the functionality provided by thetoolkit). Leave at least 10 percent of thehard disk unpartitioned, which saves youthe trouble of later having to use a third-party partitioning tool to create spacethat will save non-persistent user data.Once you’ve installed the operating sys-tem, disable unneeded services, installanti-virus software and perform anyother hardening steps that are standardin your organization. You should alsoinstall all programs that need to be avail-able to users, but if this is your first testrun you can immediately proceed to theinstallation of the Toolkit.

8 Easy StepsAs soon as the installation is finished,you’ll see the Getting Started window(shown in Figure 1), which takes youthrough the following eight steps. Youshould start the configuration whilelogged on as an administrator:

• Step 1: Prepare the Disk for Win-dows Disk Protection. Windows DiskProtection erases any changes made to a

Share and Share Alikeonfiguring security for a shared computer can create a lotof headaches. Fortunately, Microsoft provides the SharedComputer Toolkit, which simplifies this task. Read on

to learn how you can use this set of tools to your advantage.C

SecurityAdvisorJoern Wettern

Figure 1. The eight simple rules for settingup the Shared Computer Toolkit.

Log on toRedmondmag.com

and access the download locations

mentioned here. FindIT code: ShareAlike

66 | June 2006 | Redmond | redmondmag.com |

0606red_SecAdvisor66-68.v5 5/16/06 10:12 AM Page 66

Project4 5/4/06 11:09 AM Page 1

68 | June 2006 | Redmond | redmondmag.com |

SecurityAdvisor

system disk during usage. Instead of sav-ing any changes made by users, they’retemporarily saved on a different parti-tion and erased the next time the com-puter restarts. If you left enoughunpartitioned space on your disk, thetoolkit will create a new partition.

• Step 2: Select Computer SecuritySettings. This is where you choosesome fairly common security settings,such as preventing Windows fromcaching credentials, and removing theShut Down option from the Start menu.Unless you have some unusual require-ments you should select all options. Aspart of this step, you can also let theToolkit test whether the account pass-word you’re logged on with meets somesimple complexity requirements.

• Step 3: Create a Public Accountfor Shared Access. The account youcreate will be locked down in the follow-ing steps. At this point you only have todecide what to name the account.

• Step 4: Configure the PublicUser Profile. At this point you have toput on your non-admin hat. Log offand then log on as the public user youcreated in Step 3 to configure all oper-ating system and application settings.This may be as simple as setting a wall-paper and choosing a printer, but it mayalso involve starting available applica-tions to accept any license agreementsthat appear during the first use andconfiguring program preferences.When everything looks the way youwant it to appear for the public useraccount, log off and then log on againwith your administrative account.

• Step 5. Restrict and Lock thePublic User Profile. Step 5 is wherethe fun really begins. The User Restric-tions tool presents a long list of settingsthat restrict which Windows, InternetExplorer and Microsoft Office elementsare available to public users, and whichprograms can be run by the user. Therecommended restrictions for sharedaccounts are fairly comprehensive, buttake a close look at each of the standard

and optional restrictions to make sureyou’re sufficiently locking down accesswithout disabling a needed feature.

• Step 6: Test the Public User Profile. The restrictions you set maydisable needed functionality, so it’s agood idea to ensure that the public user can still perform all needed tasks.Do the “log off as admin, log on as regular user” dance and test all applica-tions that need to work. While you’reat it, use all the hacking skills you haveand try to do things the public user isn’t allowed to. If you configuredeverything correctly, you should feellike you’re playing in a sandbox with no exit. If you like what you see, log off and then log on again with youradministrative account.

• Step 7. Turn on Windows DiskProtection. In Step 1 you prepared thedisk for Windows Disk Protection.Now you’re ready to turn this featureon. Because Windows Disk Protectionerases all changes to files and settingseach time the computer restarts, it couldalso remove any Windows updates orvirus signature downloads. To getaround this you can configure WindowsDisk Protection to store some settingspermanently, and even schedule Win-dows and anti-virus software updates.Also, if you make changes like installinga new application, tell it to save thesechanges with the next restart, giving youcontrol over what gets stored on diskand what gets automatically removed.

• Step 8: You’re Done! Learn MoreAbout The Toolkit. If you need toconfigure additional applications foruse on that computer, or are looking forways to keep the installation up-to-date, work through the documentation.It will teach you about other configura-tion options such as the length of a user

session—a great solution when youassign time slots for Internet surfing.

Know What It Can—and Can’t—DoAs always, the devil is in the details.Keep in mind that physical access tothe computer can negate all securityrestrictions, so make sure that publicusers don’t have the ability to boot thecomputer into a different operating sys-tem from a CD-ROM or USB storagedevice. A bigger problem is that someapplications give you access to parts ofthe computer’s disk that may bypass therestrictions you set using the Toolkit.Because of this, make sure that youthoroughly test any programs youinstall on the shared computer andmake sure that they don’t give the pub-lic user a convenient back door.

Windows Disk Protection is a powerfultool for keeping your computer runningand preserving user’s privacy. It erases all traces of computer use between ses-sions, but it also prevents users from saving work that needs to be preserved,such as school projects. If your usersshould be allowed to save some docu-ments, you must set up a different loca-tion for these files. The Toolkit gives you some flexibility for this, but it’s bet-ter suited for a public environmentwhere no data needs to be saved.

The Toolkit solves many commonproblems in setting up a shared com-puter, it’s easy to configure and theprice—free—can’t be beat. If you needto provide any type of public computeraccess, learn to use the Toolkit—you’lllikely decide it’s exactly what you’vebeen looking for. —

Joern Wettern, Ph.D., MCSE, MCT,Security+, is the owner of Wettern NetworkSolutions. He’s written books and developedtraining courses on a number of networkingand security topics. In addition to helpingcompanies implement network securitysolutions, he regularly teaches seminars andspeaks at conferences worldwide. Reach himat jwettern@redmondmag.com.

The Toolkit is easy to configure and the price—free—can’t be beat.

0606red_SecAdvisor66-68.v5 5/16/06 10:12 AM Page 68

Project6 12/8/05 1:44 PM Page 1

Project7 4/12/06 3:07 PM Page 1

This index is provided as a service. The publisher assumes no liability for errors or omissions.

| redmondmag.com | Redmond | June 2006 | 71

RedmondResources

EDITORIAL INDEXCompany Page URLAdvanced Microsystems Inc. 12 www.amd.comApple Computer Inc. 72 www.apple.comCEM Corp. 12 www.cem.comCentennial Software Ltd. 14 www.devicewall.comCisco Systems Inc. 39 www.cisco.comCitrix Systems Inc. 61 www.citrix.comCMA Technology Solutions 44 www.cmaontheweb.comElsevier Digital Press 28 http://books.elsevier.comGoogle 12 www.google.comHewlett-Packard Development Co. LP 61 www.hp.comIBM Corp. 12, 38, 40, www.ibm.com

42, 44Motorola Inc. 32 www.motorola.comMozilla Foundation, The 12 www.mozilla.orgNetwork Solutions 44 www.networksolutions.comNovell Inc. 24 www.novell.comObjective Software Inc. 21 http://objsoftinc.comOracle Corp. 40 www.oracle.comPrism Microsystems Inc. 21 www.prismmicrosys.comSams Publishing 28 www.samspublishing.comSun Microsystems Inc. 12 www.sun.com

ADVERTISING SALESMatt Morollo Associate Publisher508-532-1418 phone508-875-6622 faxmmorollo@1105media.com

Corporate Headquarters:9121 Oakdale Ave., Suite 101, Chatsworth, CA91311 www.1105media.com

Media Kits: Direct requests to Matt Morollo,associate publisher, 508-532-1418 (phone), 508-875-6622 (fax), morollo@1105media.com

Reprints: For all editorial and advertisingreprints, contact PARS International at 212-221-9595 (phone), 212-221-9195 (fax); e-mail:101reprints@parsintl.com; online:www.magreprints.com/QuickQuote.asp

List Rentals: To rent REDMOND’s or other1105 Media Inc.’s publications postal, telemarketing or e-mail lists, please contact ourlist manager: Worldata, 3000 N. Military Trail,Boca Raton, FL 33431-6375, 800-331-8102,www.worldata.com

CONFERENCESTechMentor Conferences: Contact Al Tiano,Sales Manager, 818-734-1520 ext. 190,atiano@101com.com

The Data Warehousing Institute:Contact Steve Cissell, exhibit sales, 206-246-5059 ext.114, Denelle Hanlon, publication and sponsorship sales, 206-246-5059 ext.102, dhanlon@tdwi.org

FCW Events and Conferences:Contact Lucy Cooley, events director, 703-876-5081, lcooley@1105media.com

Campus Technology Conference:Contact Karyn O’Dell for exhibit space or sponsorship, 949-265-1512 (phone),kodell@1105media.com

© 2006 by 1105 Media Inc. All rights reserved.Reproductions in whole or part prohibitedexcept by written permission. Mail requests to“Permissions Editor,” c/o REDMOND, 16261Laguna Canyon Road, Ste. 130, Irvine, CA92618. The information in this magazine hasnot undergone any formal testing by 1105Media Inc. and is distributed without any war-ranty expressed or implied. Implementation oruse of any information contained herein is thereader’s sole responsibility. While the informa-tion has been reviewed for accuracy, there isno guarantee that the same or similar resultsmay be achieved in all environments. Technicalinaccuracies may result from printing errors,new developments in the industry and/orchanges or enhancements to either hardwareor software components. REDMOND magazine (ISSN: 1553-7560,USPS: 0015-657) is published monthly by 1105Media Inc., 9121 Oakdale Avenue, Ste. 101,Chatsworth, CA 91311. Periodicals postagepaid at Chatsworth, CA 91311-9998, and atadditional mailing offices. Annual subscriptionrates for U.S. $39.95 (U.S. funds); Canada/Mexico $54.95; outside North America $64.95.Subscription inquiries, back issue requests, andaddress changes: Mail to: REDMOND, P.O.Box 2063, Skokie, IL 60076-9699, emailRED@lists.101com.com or call (866) 293-3194for U.S. & Canada; (847) 763-9560 for Interna-tional, fax (847) 763-9564. POSTMASTER: Send address changes toREDMOND, P.O. Box 2063, Skokie, IL 60076-9699. Canada Publications Mail Agreement No:40039410. Return Undeliverable CanadianAddresses to Circulation Dept. or DHL Smart &Global Mail, 2-7496 Bath Rd, Mississauga, ON,L4T 1L2, Canada. Copyright 2006 by 1105Media Inc. All rights reserved. Printed in U.S.A.

Northwest

No. CA, OR, WA, Alberta, BritishColumbia, Saskatchewan

Bruce Halldorson Northwestern Regional SalesManager209-473-2202 phone 209-473-2212 fax bhalldorson@1105media.com

West/Mid West

AK, AR, AZ, So. CA, CO, HI, ID, IA, IL,IN, KS, MI, MN, MO, MT, ND, NE,NM, NV, OH, OK, SD, TX, UT, WI, WY,Manitoba, Pacific Rim, Australia, NewZealand, India, Pakistan

Dan LaBianca Western Regional Sales Manager 818-674-3417 phone 818-734-1528 fax dlabianca@1105media.com

ProductionKelly Ann SmithProduction Coordinator818-734-1520 ext.164 phone818-734-1528 faxredmondadproduction@1105media.com

East

AL, CT, DE, FL, GA, KY, LA, MA, MD,ME, MS, NC, NH, NJ, NY, PA, RI, SC,TN, VA, VT, WV, Quebec, Ontario, Europe

JD Holzgrefe Eastern Regional Sales Manager804-752-7800 phone253-595-1976 faxjdholzgrefe@1105media.com

IT Certification & Training—USA, EuropeAl TianoAdvertising Sales Manager, ITCertification & Training818-734-1520 ext.190 phone818-734-1529 faxatiano@1105media.com

ENTmag.com &TCPmag.comTanya EgenolfAccount Executive760-722-5494 phone760-722-5495 faxtegenolf@1105media.com

AD INDEXAdvertiser Page URL2X Software 46 www.2x.comAcronis Inc. 10,35 www.acronis.comCapella University 45 www.capella.eduCitrix 43 www.citrix.comCNS Software 36 www.cns-software.comCrossTec Corporation 69 www.crossteccorp.comDesktopStandard C3 www.desktopstandard.comDevon IT 37,55 www.ntavo.comDigiVault by Lucid8 LLC 15 www.digivault.comDiskeeper Corporation 9 www.diskeeper.comDorian Software 67 www.doriansoft.comEMC 13,36 www.emc.comEmbarcadero Technologies 51 www.embarcadero.comGFI Software 18,37 www.gfi.comGRISOFT Inc. 17 www.grisoft.comIBM 27 www.ibm.comiTripoli 20 www.AdminScriptEditor.com/

redmondLucid8 19 www.lucid8.comNetSupport Software 16 www.netsupport-inc.comNetwork Engines, Inc. C2,1 www.networkengines.comThe Neverfail Group 33,37 www.neverfailgroup.comNSI Software, Inc. 52 www.nsisoftware.comPalm, Inc. 7,35 www.palm.comPrivacyware 35 www.privacyware.comQuest Software C4 www.quest.comRaxco Software, Inc. 37 www.raxco.comRedHat 41 www.Redhat.comSAPIEN Technologies, Inc. 23,35 www.sapien.comSofttree Technologies 36,64 www.softtreetech.comSpecial Operations Software 29 www.specopssoft.comSunbelt Software 2,59,65 www.sunbelt-software.comTNT Software 25 www.tntsoftware.comThe Training Camp 70 www.trainingcamp.comTranscender 60 www.transcender.comWebsense, Inc. C2,1,5,36 www.websense.comWestern Governors University 57 www.wgu.edu/rdmWiley Publishing 63 www.wiley.comWinternals Software 49 www.winternals.comXOsoft 39 www.xosoft.com

0606red_Index_71.v2 5/16/06 5:25 PM Page 71

72 | June 2006 | Redmond | redmondmag.com |

As regular Microsoft Watch readersknow, I am a Luddite who just happensto cover technology for a living. I don’town a TV. I don’t have a VCR. I don’tcarry an iPod. I don’t have a car. I am avery reluctant cell-phone user. (And no,I’m not a member of the Society forCreative Anachronism.)

Being constantly connected is one ofthe worst ideas of this century. I don’twant my colleagues (whether they’re“buddies” or not) to know where I amor when I am free or busy. I loathe theidea of “presence.” I shun audio andvideo conferencing. I still take notesusing a pen and an old-fashionedreporter’s notebook.

The Web, e-mail and instant mes-saging are immensely valuable. Theyhave greatly improved my work lifeand the process of gathering, synthe-sizing and making sense of technologynews. However, most of the “produc-tivity” technologies Microsoft is push-ing as part of its “Office System”strategy are anything but productive,in my book. They are solutions insearch of problems—if not the out-right causes of problems.

Microsoft “Businessaurus”The Microsoft Business Division—which oversees Microsoft’s Office desk-

top and server products—has beendesperately trying to maintain itsOffice revenues for several years.When it was obvious that older ver-sions of Office were holding back newOffice sales (the older versions workedjust fine, thank you very much),Microsoft realized it should expand

that business with a family of productsthat automate users’ work lives.

Now, I don’t claim that there aren’tany customers who find products likeBusiness Scorecard Manager, Grooveand OneNote appealing. These usersexist. I’ve talked to some. I’ve readtheir blogs.

“Collaborative workspaces” just don’tdo it for me. We have collaborativeworkspaces here at work—includinginstant-messaging chats, e-mail threadsand face-to-face meetings. Still, I avoidcollaboration—a luxury only writers

and a few other information workerscan afford. From what I can see, morecollaboration seldom yields greaterproductivity and creativity.

That’s not stopping Microsoft,though. Microsoft is tying more of itsproducts into SharePoint. It is alsoencouraging partners and customers totie into SharePoint as well.

Live Meeting? Microsoft’s confer-encing software and service is brokenmore often than not. When it doeswork, its lameness shows through.Have you ever tried to sit through aone- or two-hour Live Meeting web-cast? I can pay attention for about five minutes.

Sure, I didn’t have to waste time fly-ing to some far-flung conference. I alsodidn’t get to schmooze with colleaguesand attendees, which is the only reasonto participate in conferences (or“unconferences”) these days.

What about Office 2007 itself?Microsoft’s continued refusal to providea “classic” user interface option withOffice 2007 seems crazy. The ribboninterface is going to require retraining.Even if it only takes a little while to getused to it, I probably won’t find thetime to do so.

After all this, I hope you don’t writeme off as another Dvorakian alarmist.Instead, tell me why I should rethinkmy curmudgeonly ways and give thesoon-to-be-launched Microsoft Office2007 another chance. How will itimprove your work life? Write to me atmjfoley@redmondmag.com.—

Mary Jo Foley is editor of Microsoft Watch,a Web site and newsletter (Microsoft-Watch.com) and has been covering Microsoftfor about two decades. You can reach her atmjfoley@redmondmag.com.

Foley on Microsoft

re you working in a bygone era?” asks Microsoft in itsmuch maligned “dinosaur” ad campaign for Office. Iwish I were, especially when I see how Microsoft’s

idea of the “digital work style” is evolving.

By Mary Jo Foley

Office Dinosaurs Unite

Read more about Microsoft’s digitalwork style, including the classicMicrosoft white paper, “New World of Work.”FindIT code: Foley0606

GetMoreOnline

redmondmag.com

“A

Most of the “productivity” technologies Microsoft is pushing as part of its “Office System” strategy are anything but productive, in my book.

0606red_Foley_72.v4 5/16/06 9:49 AM Page 72

desktopstandard™

manage with standards.© 2005 DesktopStandard Corporation. All rights reserved.

LEAST PRIVILEGE COMPLIANCEIS NOW IN YOUR HANDS

In today’s corporate environment, it’s not an option. DesktopStandard’s Group Policy extensions

take you beyond built-in Windows security management, giving you the power to limit rights and privileges to

the least required for authorized tasks. Reduce the complexity of managing your distributed desktop environ-

ment while increasing security and compliance. Find out how at www.desktopstandard.com.

Project4 9/13/05 11:23 AM Page 1

Application Management | Database Management | Windows Management

©20

05 Q

uest

Sof

twar

e,In

c.A

ll ri

ghts

res

erve

d.Q

uest

and

Que

st S

oftw

are

are

trad

emar

ks o

r re

gist

ered

tra

dem

arks

of Q

uest

Sof

twar

e .A

ll ot

her

bran

d or

pro

duct

nam

es a

re t

rade

mar

ks o

r re

gist

ered

tra

dem

arks

of t

heir

res

pect

ive

hold

ers.06

/200

6/IR

edmond

Smart E-mail.Get top marks in e-mail management.With intelligent archiving from Quest Software.

Pop quiz: how do you meet e-mail compliance requirements while

reducing the cost of messaging data storage and increasing productivity?

The correct answer: with e-mail archiving solutions from Quest Software.

Quest® Archive Manager is the versatile solution that helps your organization

address e-mail compliance requirements and much more. Discover and retrieve

data easily with powerful searching tools. Access and leverage the knowledge

locked up in e-mail with secure information sharing. And reduce ongoing

operational costs through efficient storage management capabilities.

Go to the head of the class with the smart choice in e-mail archiving —

Archive Manager from Quest Software.

—————————————————————————————————————

To learn more, read our new white paper “E-mail Controls andRegulatory Compliance — What You Need to Know,”at:

www.quest.com/intelligent—————————————————————————————————————

Stop by booth #701 at Tech Ed Bostonfor a chance to win up to $10,000

Project35 5/16/06 3:58 PM Page 1