Lessons from the desk: working from home

working from homeI’m sitting at my desk this morning watching the snow fall, for what seems like the thousandth time over this very long winter. The reaction to the snow from friends on Facebook today is a mix of excitement and disappointment. Most are understandably anxious at the thought of having to head out to brave the icy northern New Jersey roads to get to work. I am one of the fortunate, tapping away from the warmth and comfort of my home office. Or as my family likes to call it, the living room. No loss of productivity for me today. And thanks to technology, no time wasted on a long, scary commute. This is true for me on a daily basis. But I also know that working from home is not without its challenges. A relative newbie to this remote-access world, I’ve learned some valuable lessons.

  1.  Work a schedule. Don’t let your schedule work you. Time can really get away from you when you work alone, if you’re not careful. I have created a regular, day-in-the-life-of-me, schedule to help me maintain productivity and ensure that I work a regular day. When I first started, and sometimes I can still do this, I just don’t stop. Now, sometimes that’s the benefit of a remote work opportunity. Take last night. I had an idea, so I worked on it for a few hours after dinner. In the past, that might have meant jotting down some notes and possibly losing the momentum of my awesome idea! A work/life balance is really important. Don’t let your workload determine your schedule.
  2. Distractions are a blessing and a curse. We’ve all been on both sides of co-worker distractions in the office. Pop your head into someone’s office to ask about the weekend. Chat about the game at the coffee maker. Hey, water cooler conversations are real and very necessary to help break up the day. At home, the cat isn’t really interested in my reaction to the mid-season premiere of Marvel’s Agents of Shield (she’s sort of stuck up anyway). Thanks to technology, conversations held over Microsoft Lync or Citrix GoToMeeting, can sometimes feel like we’re talking through cubicle walls. The difference is, in a remote situation I have greater control over these distractions. A story on the news yesterday, talked about how to politely avoid productivity-sapping distractions from co-workers. Never an issue when you work remotely. Simply change your Lync chat status and get to work.
  3. You’ve got to move it, move it. Seriously. I just got a fitness band and have it set to vibrate when I’ve been still too long. Well, if the ever rising number on the scale isn’t enough to tell you to get up, having your wrist vibrate every hour surely must be. Think about it. You’re not moving as much when you work remotely. You’re not walking to the car/train/bus. Or walking from the car to the office. Back to the car (more than one or twice a day if you leave the office for lunch or appointments). And then again from the car to the house. Now, you’re walking from room to room and probably not that often. Make time to move more. Hit the gym in the morning, take a walk at lunch, or schedule more play time with your family. I promise, when this snow finally melts, this fitness band will vibrate no more!

Of course, never stop learning and improving your situation. I could tell you about how quickly my kids learned to stop speaking when the office phone rings. Or how I always win the battle for the WiFi signal on a snow/vacation day. You could help me figure out how to keep the cat off my desk. Maybe another time. I will tell you that one more blessing/curse to working from home means that while I was able to get an early start this morning, I now have time to shovel once the snow finally stops. At least that fitness band can’t complain.

What have you learned working from home? Share your tips and lessons below. Also, if you’re interested in learning more about how to virtualize your workforce the way Custom Systems has, we’d love to hear from you!

 

Lynn

 

 

Lynn McGinnis
Marketing Specialist
lynn.mcginnis@customsystems.com

 

 

 

©Copyright Custom Systems Corporation 2015

 

It’s all about the data… And secure, remote access

shutterstock_NeyroIt always comes down to data. In order to function properly in their jobs, employees need access to data. Along with access to the data, they need a comprehensive method of utilizing the data. In the office, employees  have secure access to the data they are permitted and the means to utilize the data. However, the company office is not the only place users require access to data.

We now have users that work from home, mobile, and remote offices. We have many types of portable devices, Wi-Fi access, and the Internet at our disposal that we can be just about anywhere and be need access to company data. So, if employees are not in the office, how do we make it possible for them to securely access data and provide the means to utilize it?

There are many solutions we could implement to offer our users secure remote access to data. Each one has its pros and cons involving ease of use, security, performance, and comprehensiveness. All the methods have the ability to be secure (some more secure than others). All solutions have the ability to require users authenticate/logon. In fact, depending on how each access solution is implemented, they all have the ability to make use of two-factor authentication. All methods have a varying level of complexity to implement. Here are some of the most common solutions:

  • Public Facing Websites – a website that is accessible to the Internet to provide users access to data in the company’s private data center. Security can be provided by SSL encryption and user authentication (logon). The webpage provides the GUI for users to comprehensively utilize data. The application being used can determine how viable a website solution is. Many third-party applications already provide web based access. For instance, almost every third-party e-mail solution of today has the ability to provide access through a webpage. In-house developed applications may or may not have been created with web access and may not be viable for straight access through the Internet. The biggest con to a web-based solution is security. You are providing a public doorway to your data with a webpage. If you do everything correct in securing the page you should be fine, but there is always risk.
  • Cloud Services – in essence, another form of web based access to data with differences. For instance, one difference may be where the data resides. Cloud based solutions do not always keep the data in the companies private data center. The data could reside at the data center of the cloud solutions provider instead. Required hardware and security are then provided by the cloud provider. Enterprise organizations may have the means to offer their own cloud based solutions, but most small to medium companies will need to lease a cloud-based solution. Cloud services is a subject in itself.
  • VPN – a Virtual Private Network solution offers a user remote connections directly to the company network and behave as if the user is on the local network. Using features like split-tunneling, communications meant for the company network can be segregated from other communications the user may be utilizing (i.e. Internet browsing). The most common form of VPN today is an SSL VPN. As the name implies, it utilizes SSL encryption for security. Almost all VPNs in use today utilize Internet access. However (believe it or not) some organizations still require the higher security of dial-in access. The problem with a VPN is that though it does a great job of getting you connected to the company network, you still need a method of utilizing the data. Once connected through a VPN, a user can access an internal web site, run an application that is on their device that knows to connect to data through the VPN, or access something on the network that will enable the user. This solution is probably the easiest to implement for an administrator, but it can also be the one with the highest learning curve for the user. Many times, the users will have to take extra steps in order to enable proper data access.
  • Remote Desktop Services (RDS) or Citrix XenApp – RDS comes with Windows Server (2008 or 2012). It allows users to access server based desktops or applications. The user is given access to either a full desktop or just specific applications. The desktops or applications are all running on a server back in the data center. The data and the applications are never on the remote user’s device. Only keyboard presses, mouse movement, and changes in video are transmitted between remote device and data center. The data remains safely in the datacenter. In this solution, users are sharing server resources, but do not interact with each other. RDS requires Client Access Licenses for each accessing user. Citrix XenApp installs on top of RDS and enhances RDS abilities (think of it as RDS on steroids). RDS was designed by a combined team of Microsoft and Citrix specialists, so Citrix knows how to enhance RDS. XenApp is faster, more secure, easier to administer, and has more features than RDS. I have been working with Citrix XenApp and its predecessors since the late 90s and love it, so I am a little biased when I say that this is my preferred solution.
  • Virtual Desktop Infrastructure (VDI) – refers to Citrix XenDesktop, VDI-in-a-Box, VMWare View, and similar products. In this case, users connect remotely to a virtual machine that is running a desktop OS (Windows XP, 7, or 8). Like RDS and XenApp, the data stays in the datacenter. Only keyboard presses, mouse movements, and screen changes are transmitted. The difference is that the user is accessing a desktop with its own resources instead of sharing resources with other users. Applications installed on the desktop provide users with the comprehensive access to data with a high level of compatibility for applications. This solution is generally more expensive to implement, but it can also be one of the most secure and comprehensive ways to enable users both locally and remotely.
  • Remote PC – this refers to services like VNC, LogMeIn, and even Citrix XenDesktop. In this case, the user is taking remote control of a physical PC/workstation in the company office. For instance, a user has a desktop that they work on in the company office. When the go external to the company office, they can connect back to their company office desktop and control it remotely. This provides the user with the same working environment internally and externally. However, this method tends to be a little slower and is affected more by bandwidth and slowness issues. I mention Citrix XenDesktop again because XenDesktop has a feature where it can have an agent on a physical desktop and provide that desktop to a user instead of a virtual machine. Because it uses Citrix’s ICA protocol and access methods, Citrix’s Remote PC solution tends to provide higher performance than others.

There are many other solutions for accessing data from the outside world, but not enough time to explain each here. I have instead listed the ones I consider the most prevalent. There is one consideration in the securing of data that I did not stress and I am going to do so now. The safest place for your data is in the datacenter. If data is stored on or copied to a remote device, it is harder to keep the data safe. If data is stored only on a remote device and not on the network, loss of that device through hardware failure or theft will most likely be irreplaceable loss of that data. Solutions like RDS, VDI, Citrix, and remote PC keep the data in the datacenter and still allow the users adequate access to it. VPN solutions allow for and sometimes need to have data on a remote device. When deciding on a method of access, keep in mind where you want the data to be stored and how you want it accessed. That should be one of the primary deciding factors.

Questions? As always, please post your questions or comments below.

 

AZS-3

 

Craig R. Kalty (CCIA, CCEE, CCA, MCITP:EA, MCITP:SA, VCP)|
Sr. Network Consultant
Craig.Kalty@CustomSystems.com

 

 

 

© 2014 Custom Systems Corporation

XenServer Backup Options – Part II

In this second of a two part series, we’ll discuss available options for XenServer Backup.

Citrix Xen ServerIn Part I of this blog post , I began discussing backup options for XenServer.  I touched on the tools that come with XenServer and cruelly ended it without getting into the topic of third party backups.  In this second part, I am going to completely skip over that subject and make you wait for Part IV.  Don’t ask what happened to Part III.  OK, I am done kidding around (for now).  Third party backup solutions generally fall into one of three categories: backups done through storage replication, backups performed at an OS level, and backups performed using snapshots through the XenAPI.

Storage Replication

Backups done through storage replication utilize the replication abilities built into your backend storage (SAN or NAS).  The VMs stored on your SAN or NAS get replicated to another site by the storage device.  This is both a backup and disaster recovery option.  However, it is probably the most expensive option because it requires two or more storage devices in different geographical locations with a pipe between them big enough to support the replication traffic.  File level restoration becomes a problem because the VM as a whole is replicated without a way to parse data inside the VM.

OS Level

Backups done utilizing at the OS level is the traditional method of backing up a server.  Even though these are virtual machines, they are still fully functional servers.  The hardware they run on is different, but in essence to the OS, that is a difference in drivers used.  The OS is still the same.  You can use your traditional backup software which usually (not always) places an agent in the OS to perform backups of the server system state, data, and files.  This could be solutions from Symantec, Carbonite, Acronis, ComVault, and hundreds of other backup vendors.  For those of you with smaller Windows server VMs and wanting to save money, you can even employ Windows Backup which comes with Windows.  OS level backups is a method in which you can keep from using multiple solutions providers and will provide the most granular level restore options for the OS, applications, and services.  One solution will probably handle it all.  However, you will be restoring a server the same way you would a physical server.  Fix the hardware, install the OS, install the backup agents as needed, and then restore.  This is a big differentiation from solutions geared towards backing up virtual machines as a whole image because they enable you to restore a VM back to its state at the time of backup without rebuilding the server.

Snapshots with XenAPI

Backups done through snapshots utilizing the XenAPI is a very common form of backup for a XenServer.  This method backs up the server as a whole image.  Many solutions utilize this method.  In fact, you can find free premade scripts people have posted that will perform this function for you.  You just won’t get any bells and whistles with a script.  And that is what differentiates the 3rd party backup solutions over just getting a script.  The bells and whistles 3rd party vendors include catalog and sort options, give broader control over the storage being used, and other features.  Some of these solutions have features that will mount the snapshot to allow you to perform granular recovery.  PHD Virtual (acquired by Unitrends last year) was one of the first well rounded support offerings for XenServer.  Over the last few years, it has grown to allow you to do granular level restores even for Exchange and SharePoint.  Quadric Alike is a well-rounded solution.  Its product trial is a free version for one XenServer that does not expire.  So, if you are a small shop with only one XenServer, here is a good free solution.
Ideally, a solution that provides both physical and virtual server backup solutions with granular level restore would be what a lot of administrators are looking for.  It would be your single backup product that covers both physical and virtual worlds.  SEP Software Corp offers such a solution as well as Symantec NetBackup.  Many of these solutions started out as a standalone products which were incorporated into a package or integrated into another solution.

As I stated, I am not covering anything in-depth and my purpose was not to review solutions in this article.  It is more about awareness.  If you would like to offer a suggestion I did not mention, please do so in the comments below.

AZS-3

 

 

 

Craig R. Kalty (CCIA, CCEE, CCA, MCITP:EA, MCITP:SA, VCP)
Sr. Network Consultant
Craig.Kalty@CustomSystems.com

 

© 2014 Custom Systems Corporation

Secure Data and Application Access From Any Device: Citrix Workspace Suite

What is Citrix Workspace Suite?

citrix-logo-webIn essence, Citrix Workspace Suite is the branding for multiple Citrix products in one. The primary ingredients are XenDesktop Platinum and XenMobile Enterprise. Basically, you’ll receive licensing for XenDesktop, XenApp, Mobile Device Management, ShareFile, Cloud Bridge and Smart Access licensing for the NetScaler, AppDNA, technical support, and more. The concept of this packaging is to provide secure access to all of a user’s data and applications with the highest level of mobility.

For a limited time, Citrix’s Workspace Suite is being launched with the opportunity for some major discounts. At the time this article is being posted, Citrix is offering up to 70 percent off of Workspace Suite. The savings all depend on what you are trading up from and other variables. The discount varies based on currently owned products, license level (Advance, Enterprise, or Platinum), subscription advantage state (active or not), and other factors. I have found that if the wind is blowing from the East, it is a Tuesday morning, and three Major League Baseball games were won by only one run the day before, you can get the most significant discounts. Okay, all kidding aside, my point is that the discount is variable based upon multiple factors. It seems that the ones who will see the most significant discount in the trade-up program are those that currently own XenApp or XenDesktop concurrent licensing. There are other factors to consider like you may be required to trade-up all your existing product license pool and purchase extra licenses. Also, Software Maintenance for the first year is required in the purchase.

To help you evaluate this offering for yourself, here are the links to some helpful resources with more details:
Citrix homepage for Workspace Suite.

FAQ for the trade-up program

Visit our site to learn more. Our account executives are available to speak with you, with further details at no obligation. As always, if you have any questions, I would be more than happy to help. You can leave your comments below or email me directly.

AZS-3

 

 

 

Craig R. Kalty (CCIA, CCEE, CCA, MCITP:EA, MCITP:SA, VCP)
Sr. Network Consultant
Craig.Kalty@CustomSystems.com

 

 

 

© 2014 Custom Systems Corporation

Time to Upgrade to XenDesktop and XenApp 7.5?

Part 1: XenApp

In this two-part series, I will be discussing the options necessary in making a decision to upgrade XenDesktop and XenApp 7.5. In this first part, we’ll discuss the features and benefits of XenApp.

XenApp CitrixA few of my clients have asked whether they should upgrade to the latest versions of XenApp and XenDesktop. In fact, this is a quandary that comes up every time there is a new release of a product.  Every environment is different; therefore there is no one-size-fits-all answer.  What works for one client does not always work for another.  So, we need to look at some of the factors that go into this decision.  Since both products serve different purposes, I am going to discuss each product separately.  If you are looking to upgrade your XenApp environment or your XenDesktop environment separate from the other, you are not required to upgrade both of them at the same time.  Let’s look at XenApp today. I’ll try to touch on what seem to be the major factors I have dealt with. Please feel free to post any questions you might have below.

At the time of this article, the latest version number for both XenApp and XenDesktop is 7.5.  In version 7.0, both technologies were included under the XenDesktop title and were both integrated into one console.  XenApp was referred to as ‘XenDesktop App Edition’.  XenApp has been given its own licensing from XenDesktop again due to a number of factors, but they are still both integrated into the same console.  XenDesktop still integrates XenApp as a feature in the licensing.  The reverse is not true though.  If you purchase XenApp only licenses, you do not get XenDesktop included.  For the sake of simplicity, I am just going to refer to it as XenApp even if I am referring to version 7.0.

So, what are some of the major decision points for XenApp?

Upgrade or migration

Can you do an in-place upgrade or do you have to build a new farm and migrate to it?  If you have XenApp 7.0 or 7.1, you can perform an in-place upgrade to XenApp 7.5.  If you have XenApp 6.5 or lower, you will need to migrate to a new environment.  There are some tools to help with this, but it is still a migration.

Deciding factors:

  • Is an in-place upgrade possible for you?
  • Do you have the resources (time, hardware, software, licenses, money, etc…) to perform a migration?

Operating System

What operating systems are supported by each version?  XenApp 7.x is only available for Windows Server 2008 R2 and Windows Server 2012.  Both are only 64-bit.  XenApp 6.5 and lower support Windows Server 2008 R2 and earlier (including both 64-bit and 32-bit versions).

Deciding factors:

  • Software compatibility – will my software operate on Windows 2008 R2 and/or Server 2012?  If not, I will need separate environments to host updated software and legacy software.  If you have software that needs to run on Server 2012, then you must utilize XenApp 7.x.
  • Do I have licensing for the newer operating systems?  Just because you have licenses for Server 2003 and 2008, does not mean you have licenses for Server 2012.
  • Do I have the expertise on the newer operating system?  Windows Server 2012 has a significantly different interface from previous server operating systems.  Applications and utilities are not where they used to be and are likely to be configured in a completely new fashion.  Remote Desktop Services is significantly different.

Architecture

XenApp 7.x utilizes the latest Citrix architecture called FlexCast Management Architecture (FMA).  XenApp 6.5 and lower utilize Independent Management Architecture (IMA).

Deciding factors:

  • FMA enhances security and resource utilization/performance.  Pair that with the greater performance of Remote Desktop Services on the latest 64-bit operating systems and you are going to get better utilization of your resources.
  • IMA is a more mature product.  IMA has had the major kinks knocked out of it over time.  FMA is still relatively new and is still getting some major issues resolved.
  • FMA does not offer all the features we are used to from IMA.  Features we are used to with IMA either do not exist in FMA, are still in development, or require new methods to perform the same task.  For instance, SmartAuditor is gone and you will need an alternative.  Shadowing is gone, but MS Remote Assistance is utilized instead.  Single farm, multi-site support is relatively non-existent.  Session pre-launch and session lingering are still in development for FMA.
  • FMA does not use a local host cache.  If the database goes off-line, then so does the XenApp farm.  Existing connections will still operate, but there will be no new connections.  This means that XenApp HA (High Availability) is now dependent on the HA features you incorporated into your SQL server farm.  If HA of your SQL farm is not where you need it, then that also plays into your upgrade decision.

Other factors that may affect your decision:

  • Do you have the technical knowledge on the latest version of XenApp or will you need help?  XenApp 7.x is very different from previous versions of XenApp in implementation, configuration, and administration.
  • Is there a corporate policy/requirement forcing you to upgrade/migrate?
  • Web Interface support has been reinstated for XenApp 7.x, so that can still be utilized if StoreFront is not an option.  This is significant for many reasons.  One important reason is that StoreFront requires a NetScaler for secure external connections.  If you do not have a NetScaler configuration in your environment, you will need another solution for external access besides StoreFront.

As you can see, this is one of those times when an upgrade decision isn’t that simple. Can the same be said for XenDesktop 7.5?  I’ll let you know what I think in part 2 of this post. As always, please post any questions you might have below. Thanks!

AZS-3

 

 

Craig R. Kalty (CCIA, CCEE, CCA, MCITP:EA, MCITP:SA, VCP)
Sr. Network Consultant
Craig.Kalty@CustomSystems.com

 

 

 

© 2014 Custom Systems Corporation

The 10 Commandments of Hyper-V

1. Thou shalt NOT use a dynamic disk with ANY database.  This includes, but is not limited to:  Active Directory, SQL Server and Microsoft Exchange.

2. Thou shalt always provide at least 4G of RAM minimum for the host operating system, and always provide the host operating system with its own NIC and disk partition.  Hyper-V is a jealous host, and will not share with any VM.

3. Thou shalt NOT join the host OS to the domain. Join it to a Workgroup by the same name.

4. Thou shalt always disable time synchronization and disable Automatic Updates on your host server.

5. Thou shalt always set the Hyper-V host to properly shutdown/restart the guest VM’s.

6. Thou shalt NOT use pass-through disks nor use SCSI virtual disks for your VM’s.  IDE is plenty good enough.

7. Thou shalt always use RAID controllers with at least 512MB of RAM on the board.

8. Thou shalt NOT use snapshots. Seriously. Stop doing that.

9. Thou shalt use Hyper-V as the ONLY role on your host OS.  Install no other roles nor features on your host server OS.  Except backup software.

10. Thou shalt never walk away from your host machine logged on. Once you are done with the console, log off.

 

ChaseChase Reitter
Network Consultant
Chase.Reitter@CustomSystemsCorp.com

 

 

 

© Copyright 2014 Custom Systems Corporation 

Cloud vs. hard drive storage and security

Cloud storage allows users to save pictures, music, files, and other data to a server on the Internet that can then be easily retrieved from any device such as another PC/Mac, Smartphone or Tablet.

Hard drive storage is primarily used to store data from a single PC or Mac to the local computer that can only be retrieved on the PC/Mac it was saved to.

The growing trend in Cloud Storage is due primarily to today’s mobile lifestyle.  We want to be able to access our pictures, music, and files from any device at any time, in any location.  Sharing our data with others is also important as we rely upon social media as a primary means of personal and business communication.  Take a picture or video on your Smartphone, upload it to Facebook, post it to Instagram, save it to the cloud server, and then later open it on your Mac to do some Photoshop.  It is all easily accomplished with Cloud Storage.

In contrast, with local or hard drive storage you must take a photo with your phone, email it to yourself and save to your PC.  Put it on a flash drive and email or upload it to social media.  Back it up because it is your only copy, and hope you never lose the hard drive on your PC.

The mobile lifestyle requires easy transfer of data through a ubiquitous partner we call the Cloud.  Any app on any device can share, save, and edit the data easily.  Oh, and did I mention the Cloud provider promises to back up your data so you don’t have to worry about losing it?  Say goodbye to a USB hard drive connected to your PC/Mac and the frequent task of making local backups that we never seem to have the time to do.   You say your local backup is automatic… did you ever check it?  I don’t but I am also too mobile to be at home to check it.  Put another check mark in the “Cloud” column for me.

How safe is my data?  Well, how safe is your house? If a thief steals your PC and USB hard drive, your data  is gone.  Be unfortunate enough to be driven from your home due to a local disaster and the data is just as gone should there be a flood, hurricane, tornado, or other all too frequent event that interrupts our lives.

How safe is the cloud? Well that depends too since anyone can access the cloud from any device at any time with only a username and a password. Maybe the small inconvenience of creating a secure password is not too high of a threshold to cross. Yes, I’m talking to you who thinks having a capital “P” on Password will keep you secure, or maybe adding a “1”, as in Password1.  Your data is as good as gone, or worse copied by someone without your knowledge with an insufficient password.

If you can get serious about a password – nothing in the dictionary, no names, significant dates, or easily guessed family and pet names – then you are safe.

Local storage provides high capacity, fast retrieval, and the security to know where your data actually resides.  Cloud storage provides on-demand access anytime from any device  provided you can use a secure password.  I don’t see myself becoming any less mobile with the current trends in storage, so I vote for the cloud.  A good password is a small price to pay!

Paul R. CookPaul R. Cook
Vice President, Network Services
Paul.Cook@CustomSystemsCorp.com

 

 

 

© Copyright 2014 Custom Systems Corporation